-
-
Notifications
You must be signed in to change notification settings - Fork 420
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Distinguish between AuthenticationError and AuthorizationError #1218
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Right now, when a user is authenticated but lacks permissions, I raise
AuthenticationError
. This is not totally correct, because it returns 401, but for authorization failures I expect 403 (Forbidden).Describe the solution you'd like
I suggest to add another exception to
ninja.errors
that specifically denotes an Authorization error and results in a 403 response.The text was updated successfully, but these errors were encountered: