From 873a142af2f63084fd10bf35c13e79131837da07 Mon Sep 17 00:00:00 2001
From: Tom Christie
Date: Tue, 13 Nov 2012 11:27:09 +0000
Subject: Implementing 401 vs 403 responses

---
 rest_framework/request.py | 29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

(limited to 'rest_framework/request.py')

diff --git a/rest_framework/request.py b/rest_framework/request.py
index a1827ba4..38ee36dd 100644
--- a/rest_framework/request.py
+++ b/rest_framework/request.py
@@ -86,6 +86,7 @@ class Request(object):
         self._method = Empty
         self._content_type = Empty
         self._stream = Empty
+        self._authenticator = None
 
         if self.parser_context is None:
             self.parser_context = {}
@@ -166,7 +167,7 @@ class Request(object):
         by the authentication classes provided to the request.
         """
         if not hasattr(self, '_user'):
-            self._user, self._auth = self._authenticate()
+            self._authenticator, self._user, self._auth = self._authenticate()
         return self._user
 
     @property
@@ -176,9 +177,17 @@ class Request(object):
         request, such as an authentication token.
         """
         if not hasattr(self, '_auth'):
-            self._user, self._auth = self._authenticate()
+            self._authenticator, self._user, self._auth = self._authenticate()
         return self._auth
 
+    @property
+    def successful_authenticator(self):
+        """
+        Return the instance of the authentication instance class that was used
+        to authenticate the request, or `None`.
+        """
+        return self._authenticator
+
     def _load_data_and_files(self):
         """
         Parses the request content into self.DATA and self.FILES.
@@ -282,21 +291,23 @@ class Request(object):
 
     def _authenticate(self):
         """
-        Attempt to authenticate the request using each authentication instance in turn.
-        Returns a two-tuple of (user, authtoken).
+        Attempt to authenticate the request using each authentication instance
+        in turn.
+        Returns a three-tuple of (authenticator, user, authtoken).
         """
         for authenticator in self.authenticators:
             user_auth_tuple = authenticator.authenticate(self)
             if not user_auth_tuple is None:
-                return user_auth_tuple
+                user, auth = user_auth_tuple
+                return (authenticator, user, auth)
         return self._not_authenticated()
 
     def _not_authenticated(self):
         """
-        Return a two-tuple of (user, authtoken), representing an
-        unauthenticated request.
+        Return a three-tuple of (authenticator, user, authtoken), representing
+        an unauthenticated request.
 
-        By default this will be (AnonymousUser, None).
+        By default this will be (None, AnonymousUser, None).
         """
         if api_settings.UNAUTHENTICATED_USER:
             user = api_settings.UNAUTHENTICATED_USER()
@@ -308,7 +319,7 @@ class Request(object):
         else:
             auth = None
 
-        return (user, auth)
+        return (None, user, auth)
 
     def __getattr__(self, attr):
         """
-- 
cgit v1.2.3