diff --git a/api/views.py b/api/views.py
index 31a6e7f..766fcba 100644
--- a/api/views.py
+++ b/api/views.py
@@ -53,8 +53,18 @@ class UpdateUserWalletView(generics.UpdateAPIView):
     serializer_class = CustomUserByWalletBalanceSerializer
     permission_classes = (permissions.IsAuthenticated,)
     queryset = User.objects.all()
+    lookup_field = "pk"
 
     def update(self, request, *args, **kwargs):
+        id_to_update = kwargs.get("pk")
+        user_id = request.user.id
+        print(f"User ID: {user_id}")
+        print(f"ID to update: {id_to_update}")
+        if user_id != id_to_update:
+            return Response(
+                {"message": "You are not authorized to update this user."},
+                status=status.HTTP_403_FORBIDDEN,
+            )
         wallet_balance = request.data.get("wallet_balance")
         if not wallet_balance:
             return Response(