diff options
| author | Tom Christie | 2014-12-17 13:22:52 +0000 |
|---|---|---|
| committer | Tom Christie | 2014-12-17 13:22:52 +0000 |
| commit | 65fc0d0f77c8882481ef37a68294f98879d3f8d5 (patch) | |
| tree | d5bfcf3003a249e5c5517b45d5a23592f2e2787b /rest_framework/request.py | |
| parent | 7fbf5b0e6bf49a7f2761229b1576027d39e56be4 (diff) | |
| download | django-rest-framework-65fc0d0f77c8882481ef37a68294f98879d3f8d5.tar.bz2 | |
Ensure request.auth is available to response middleware.
Diffstat (limited to 'rest_framework/request.py')
| -rw-r--r-- | rest_framework/request.py | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/rest_framework/request.py b/rest_framework/request.py index 8248cbd4..cfbbdecc 100644 --- a/rest_framework/request.py +++ b/rest_framework/request.py @@ -278,7 +278,8 @@ class Request(object): compatibility with django.contrib.auth where the user property is set in the login and logout functions. - Sets the user on the wrapped original request as well. + Note that we also set the user on Django's underlying `HttpRequest` + instance, ensuring that it is available to any middleware in the stack. """ self._user = value self._request.user = value @@ -300,6 +301,7 @@ class Request(object): request, such as an authentication token. """ self._auth = value + self._request.auth = value @property def successful_authenticator(self): @@ -459,7 +461,7 @@ class Request(object): if user_auth_tuple is not None: self._authenticator = authenticator - self.user, self._auth = user_auth_tuple + self.user, self.auth = user_auth_tuple return self._not_authenticated() @@ -479,9 +481,9 @@ class Request(object): self.user = None if api_settings.UNAUTHENTICATED_TOKEN: - self._auth = api_settings.UNAUTHENTICATED_TOKEN() + self.auth = api_settings.UNAUTHENTICATED_TOKEN() else: - self._auth = None + self.auth = None def __getattr__(self, attr): """ |