Do not insert WebtestAuthentication to the head of DEFAULT_AUTHENTICATION_CLASSES. #128
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello. authors. Thanks for awsome tool.
I have found a problem using restframwork and django-webtest together.
The following code expects to return an
HTTP 401
on an authentication error.But django-webtest returns
HTTP 403
.The reason for this is described in the restframework documentation.
In other words, restframework determines whether to return HTTP 401 or HTTP 403 depending on the head of the DEFAULT_AUTHENTICATION_CLASSES.
Since django-webtest adds WebtestAuthentication to the head of DEFAULT_AUTHENTICATION_CLASSES, it may return an HTTP status code that is not what the user expects.
To avoid breaking the user's expected results, i fix codes.
Please feel free to merge it.
Thanks.