Ok, yeah i checked that now. But now another issue is, if i try to send any request other than post to create_user, why is the action variable set as none. But if i send the authentication headers that time the action variables is properly set.
On Thursday, October 24, 2019 at 7:56:34 PM UTC+5:30, Jason wrote: > > Good question! > > the answer lies in dispatch > <https://github.com/encode/django-rest-framework/blob/master/rest_framework/views.py#L481-L508> > , > > try: > self.initial(request, *args, **kwargs) > > # Get the appropriate handler method > if request.method.lower() in self.http_method_names: > handler = getattr(self, request.method.lower(), > self.http_method_not_allowed) > else: > handler = self.http_method_not_allowed > > > which checks permissions and auth > <https://github.com/encode/django-rest-framework/blob/master/rest_framework/views.py#L409-L411> > > So, due to this, the permission check occurs before the request method > handler is resolved > -- You received this message because you are subscribed to the Google Groups "Django REST framework" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-rest-framework/943c4f37-5192-45c7-88da-b4b2acc92d1a%40googlegroups.com.