Set request user as well as auth information
Description
Set request.user
as well as request.auth
when authenticating a user.
Further details
In development the DRF shows the current authenticated user in the top-right. This is a convenient feature which doesn't happen when we're using API Gateway authentication. This is because the request.user
attribute is kept None
.
We do not need to auto-create a user in the database; we don't actually ever use the user in practice, but it would be nice to see it in request logs, etc.
Task list
-
Create a class derived from django.contrib.auth.models.AnonymousUser
which is a non-anonymous user who has only an id. TheAnonymousUser
base class is suitable in other respects since it raises exceptions if one tries to use it as a Database user. The class can simply return the principal identifier as the.id
attribute. -
Update the authentication function to return an instance of this derived class.