Turn streaming request parsing back on for 1.3. Fix CSRF which was breaking it. It's really not at all obvious if we need to byte limit the stream that we hand over or not.

1 files changed, 4 insertions, 1 deletions

diff --git a/djangorestframework/authenticators.py b/djangorestframework/authenticators.py
index 29875c64..ce7abd10 100644
--- a/djangorestframework/authenticators.py
+++ b/djangorestframework/authenticators.py
@@ -71,8 +71,11 @@ class BasicAuthenticator(BaseAuthenticator):
 class UserLoggedInAuthenticator(BaseAuthenticator):
     """Use Djagno's built-in request session for authentication."""
     def authenticate(self, request):
-        if getattr(request, 'user', None) and request.user.is_active:                
+        if getattr(request, 'user', None) and request.user.is_active:
+            # Temporarily request.POST with .RAW_CONTENT, so that we use our more generic request parsing
+            request._post = self.mixin.RAW_CONTENT
             resp = CsrfViewMiddleware().process_view(request, None, (), {})
+            del(request._post)
             if resp is None:  # csrf passed
                 return request.user
         return None