diff --git a/README.md b/README.md
index 9dff3372a627185382da3358f5dfb9c702857662..d26a1a402cd7f5252eb70a01696c504bb5cbb294 100644
--- a/README.md
+++ b/README.md
@@ -56,7 +56,7 @@ Here are some examples:
 
 - Retrieve a specific rule:
 
-            curl -X GET https:/fod.example.com/api/routes/<rule_id>/ -H 'Authorization: Token <Your users token>'
+            curl -X GET https://fod.example.com/api/routes/<rule_id>/ -H 'Authorization: Token <Your users token>'
 
 - In order to create or modify a rule you have to use POST/PUT methods.
 
diff --git a/flowspec/viewsets.py b/flowspec/viewsets.py
index 862f9331fea401bf7d9f8e99e6e9c7155c828bb6..88ca440b59e7b1abca86107feed083ba3ace11ff 100644
--- a/flowspec/viewsets.py
+++ b/flowspec/viewsets.py
@@ -20,15 +20,13 @@ from flowspec.serializers import (
 
 from rest_framework.response import Response
 
-from django.contrib.auth.models import User
-
 
 class RouteViewSet(viewsets.ModelViewSet):
     queryset = Route.objects.all()
     serializer_class = RouteSerializer
 
     def get_queryset(self):
-        if self.request.user.is_anonymous or self.request.user.is_superuser:
+        if self.request.user.is_superuser:
             return Route.objects.all()
         else:
             return Route.objects.filter(applier=self.request.user)
@@ -43,10 +41,7 @@ class RouteViewSet(viewsets.ModelViewSet):
         return Response(serializer.data)
 
     def pre_save(self, obj):
-        if self.request.user.is_anonymous:
-            obj.applier = User.objects.all()[0]
-        else:
-            obj.applier = self.request.user
+        obj.applier = self.request.user
 
 
 class PortViewSet(viewsets.ModelViewSet):
diff --git a/static/js/accounts.js b/static/js/accounts.js
index f0150586f3e3c95bb76cd6281740f62dc7cfeea0..ab8e154dd26d59154791f15e9bcb0e0fad35c85b 100644
--- a/static/js/accounts.js
+++ b/static/js/accounts.js
@@ -1,3 +1,7 @@
+// If the user clicks on Generate token,
+// then the following function will ask django
+// for a token and then present it
+
 $(document).ready(function() {
   	$('a#generate_token').one('click', function (ev) {
   		ev.preventDefault();