'WSGIRequest' object has no attribute 'successful_authenticator'
798 views
Skip to first unread message
Grant Patterson
Nov 18, 2014, 8:13:39 PM11/18/14
to django-res...@googlegroups.com
Here's another thing this newbie has noticed. Our site doesn't use Django's built-in authentication (which is bad, and we know it, and we want to fix it), so for now I'm using custom request.session stuff to know if a user has permissions to do various things. I'm trying to write a custom Permission class, something as simple as:
This breaks with:
Because we aren't using the proper authentication middleware, this expected attribute is missing from the base request object. Now, it looks like there's an @property-decorated successful_authenticator method on Request, but for some reason that isn't being invoked, and the fallback to __getattr__ fails.
from rest_framework.permissions import BasePermission, SAFE_METHODS
class ReadOnly(BasePermission): def has_permission(self, request, view): return request.method in SAFE_METHODSThis breaks with:
File "/Users/grant/br/Comfy/venv/lib/python2.7/site-packages/rest_framework/views.py", line 137, in permission_denied if not request.successful_authenticator: File "/Users/grant/br/Comfy/venv/lib/python2.7/site-packages/rest_framework/request.py", line 436, in __getattr__ return getattr(self._request, attr)AttributeError: 'WSGIRequest' object has no attribute 'successful_authenticator'Because we aren't using the proper authentication middleware, this expected attribute is missing from the base request object. Now, it looks like there's an @property-decorated successful_authenticator method on Request, but for some reason that isn't being invoked, and the fallback to __getattr__ fails.
Any idea how we can work around this, without something gross like setting request.successful_authenticator manually?
Thanks,
Grant
Grant Patterson
Nov 18, 2014, 8:32:14 PM11/18/14
to django-res...@googlegroups.com
Yeah, the more I look at this, the more I'm concerned by the fact that __getattr__ gets called instead of successful_authenticator(). How is that happening? dir(request) shows successful_authenticator, but trying to print request.successful_authenticator throws the same exception as above. That's weird.
--
You received this message because you are subscribed to a topic in the Google Groups "Django REST framework" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/django-rest-framework/emldSe_gxfI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to django-rest-fram...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Tom Christie
Nov 19, 2014, 5:00:33 AM11/19/14
to django-res...@googlegroups.com
Hi Grant, looks like you're seeing this error...
Which if I remember correctly, is caused when one of the authenticator classes raises an AttributeError during authentication.
There's a fix in the works for it, it'd be tremendous if you'd be able to confirm on the ticket if it works for you too?
There's a fix in the works for it, it'd be tremendous if you'd be able to confirm on the ticket if it works for you too?
Grant Patterson
Nov 19, 2014, 3:06:48 PM11/19/14
to django-res...@googlegroups.com
Yes, that revealed the true issue. Thanks!
(We set request.user to our own special user object, which doesn't have is_active, so this line fails. I can't comment on the appropriateness of assuming request.user is the Django object; probably fair. It's easy enough to hackily add an is_user attr on our custom object, or give it a special name in the future.)
--
Reply all
Reply to author
Forward
0 new messages