I have a view derived from viewsets.ModelViewSet. When I call it with Authorization header, request is checked for authentication. But if I call it without the header, the access is granted.
I found this line of code. It seems to me if the header is not valid it simply returns None instead of raise exception.
I have a view derived from viewsets.ModelViewSet. When I call it with
Authorization
header, request is checked for authentication. But if I call it without the header, the access is granted.I found this line of code. It seems to me if the header is not valid it simply returns None instead of raise exception.
Have I correctly read the code?