sorry, I mistake it. On Wednesday, December 21, 2016 at 6:00:15 PM UTC+8, Peng Dai wrote: > > the drf permission.py has a IsAuthencatied class which check if the user > is loged. the code works like below: > class IsAuthenticated(BasePermission): > """ > Allows access only to authenticated users. > """ > > def has_permission(self, request, view): > return request.user and request.user.is_authenticated() > > > this works ok with django. But when I add django-guardian for object-level > permission checker, it not work any more. > cause the django-guardian return a AnonyousUser in the DB, which have > is_authenticated() return True. > > I really donot understand why the AnonyousUser.is_authenticated() return > True and even the AnonyousUser.is_anonyous() return False. > which make the drf permission-checker not works. and it seems cannot > distinct the normal user with the anonyoususer. > > And Is there any ways to get out of this, cause I search through the > google without any answer or simply question. Are there nobody face suck > problem? >
-- You received this message because you are subscribed to the Google Groups "Django REST framework" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
