id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
33513	Custom authentication class: raising AuthenticationFailed leads to 403	Aurel	nobody	"Hi,
I am writing a custom authentication class. I overwrite:

**def authenticate(self, request):**

If a user is not authenticated I do:
**raise exceptions.AuthenticationFailed(_('Invalid token.'))**
I expect that djano returns a 401. But django returns 403 like if I were in has_permission(). But I am in authenticate() for sure. And if in this methoid this exception is raised Django, sholuld return a 401!

My custom auth class inherits from BaseAuthentication:
from rest_framework.authentication import BaseAuthentication"	Bug	closed	contrib.auth	3.2	Normal	invalid	authentication		Unreviewed	0	0	0	0	0	0