diff --git a/app/controllers/api/batch_line_items_controller.rb b/app/controllers/api/batch_line_items_controller.rb
index 4d0a84f..e537457 100644
--- a/app/controllers/api/batch_line_items_controller.rb
+++ b/app/controllers/api/batch_line_items_controller.rb
@@ -142,8 +142,10 @@ class Api::BatchLineItemsController < ApplicationController
         # account_no = params[:account_no]
         barcode = params[:barcode]
         manufacture_uid = params[:manufacture_uid]
+        session_token = params[:session_token]
         batch_line_item = BatchLineItem.find_by_barcode(barcode)
-
+        find_user = Member.find_by_session_token(session_token)
+        if !find_user.nil? 
             if !batch_line_item.nil?
                 if batch_line_item.manufacture_uid.nil?
                     batch_line_item.manufacture_uid = manufacture_uid
@@ -165,6 +167,9 @@ class Api::BatchLineItemsController < ApplicationController
             else
                 @out = false,"error"
             end
+        else
+            @out = false,"Not Authorized"
+        end
     end 
 
     def get_item_by_batch