django restful framework's request.user has two different type and different value?

Question

i'm a newbie of django-rest-framework, i try a very simple web app

one programe

url.py

urlpatterns = [
    url(r'^admin/$', "app.views.admin_index"),
]

views.py

def admin_index(request):
    print request
    print type(request.user)    
    return render(request, "admin/index.html")

output is

AnonymousUser
<class 'django.utils.functional.SimpleLazyObject'>

anthoner programe

url.py

urlpatterns = [
    url(r'^admin/$', AdminViewSet.as_view({'get':'list'})),
]

views.py

class AdminViewSet(viewsets.ViewSet):
    permission_classes = (permissions.IsAdminUser,)
    renderer_classes = (renderers.TemplateHTMLRenderer,)    
    def list(self, request):
        print request
        print type(request.user)
        return Response(template_name='admin/index.html')

output is

admin
<class 'django.contrib.auth.models.User'>

so, request.user has two different output, most important is one is AnonymousUser another one is admin, why? something wrong?

=========solution========================

settings.py

REST_FRAMEWORK = {
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.AllowAny'
    ),

    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    )    
}

it has 'rest_framework.authentication.BasicAuthentication', so it make request.user store in http header, but not in session, so django.contrib.auth's logout failed.

solution is only use 'rest_framework.authentication.SessionAuthentication'

Answer 1

class 'django.utils.functional.SimpleLazyObject' is a type of promise. When evaluated, it will act as a proxy to the delayed object. There's nothing wrong here; django uses this type in a lot of places to implement laziness.