So I have a very simple API endpoint that is supposed to determine if a user is logged in. I did decide to make it a POST request for the sake of hiding the response from being accessed in the browser
class Check(APIView):
def post(self, request):
print request.user
if request.user.is_authenticated():
# a successful response for logged in
return Response(status = HTTP_200_OK)
# return an error status code for not logged in
return Response(status = HTTP_401_UNAUTHORIZED)
When logged out, I get AnonymousUser in the console and a 401 status code as expected. However when logged in as a superuser or any other user, I get no print output and a 403 status code. This indicates that for some reason the entire callback is never entered. I've been told that it is an issue of permissions but I have AllowAny enabled. Do you guys have any ideas?
REST_FRAMEWORK = {
'DEFAULT_RENDERER_CLASSES': [
'rest_framework.renderers.JSONRenderer'
],
'DEFAULT_PARSER_CLASSES': [
'rest_framework.parsers.JSONParser'
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication'
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.AllowAny',
]
}
