Aman c355f6b8d8 exceptions: Extract json_unauths into MissingAuthenticationError. ...

We raise two types of json_unauthorized when
MissingAuthenticationError is raised. Raising the one
with www_authenticate let's the client know that user needs
to be logged in to access the requested content.

Sending `www_authenticate='session'` header with the response
also stops modern web-browsers from showing a login form to the
user and let's the client handle it completely.

Structurally, this moves the handling of common authentication errors
to a single shared middleware exception handler.

2020-08-25 16:52:21 -07:00

8.5 KiB

Raw Blame History

View Raw