<p>REST framework's <code>Request</code> class extends the standard <code>HttpRequest</code>, adding support for parsing multiple content types, allowing browser-based <code>PUT</code>, <code>DELETE</code> and other methods, and adding flexible per-request authentication.</p>
<h2id="method">.method</h2>
<p><code>request.method</code> returns the uppercased string representation of the request's HTTP method.</p>
<p>Browser-based <code>PUT</code>, <code>DELETE</code> and other requests are supported, and can be made by using a hidden form field named <code>_method</code> in a regular <code>POST</code> form.</p>
<h2id="content_type">.content_type</h2>
<p><code>request.content</code>, returns a string object representing the mimetype of the HTTP request's body, if one exists.</p>
<h2id="data">.DATA</h2>
<p><code>request.DATA</code> returns the parsed content of the request body. This is similar to the standard <code>HttpRequest.POST</code> attribute except that:</p>
<ol>
<li>It supports parsing the content of HTTP methods other than <code>POST</code>, meaning that you can access the content of <code>PUT</code> and <code>PATCH</code> requests.</li>
<li>It supports parsing multiple content types, rather than just form data. For example you can handle incoming json data in the same way that you handle incoming form data.</li>
</ol>
<h2id="files">.FILES</h2>
<p><code>request.FILES</code> returns any uploaded files that may be present in the content of the request body. This is the same as the standard <code>HttpRequest</code> behavior, except that the same flexible request parsing that is used for <code>request.DATA</code>.</p>
<p>This allows you to support file uploads from multiple content-types. For example you can write a parser that supports <code>POST</code>ing the raw content of a file, instead of using form-encoded file uploads.</p>
<h2id="user">.user</h2>
<p><code>request.user</code> returns a <code>django.contrib.auth.models.User</code> instance. </p>
<h2id="auth">.auth</h2>
<p><code>request.auth</code> returns any additional authentication context that may not be contained in <code>request.user</code>. The exact behavior of <code>request.auth</code> depends on what authentication has been set in <code>request.authentication</code>. For many types of authentication this will simply be <code>None</code>, but it may also be an object representing a permission scope, an expiry time, or any other information that might be contained in a token-based authentication scheme.</p>
<h2id="parsers">.parsers</h2>
<p><code>request.parsers</code> should be set to a list of <code>Parser</code> instances that can be used to parse the content of the request body.</p>
<p><code>request.parsers</code> may no longer be altered once <code>request.DATA</code>, <code>request.FILES</code> or <code>request.POST</code> have been accessed.</p>
<p><code>request.stream</code> returns a stream representing the content of the request body.</p>
<p>You will not typically need to access <code>request.stream</code>, unless you're writing a <code>Parser</code> class.</p>
<h2id="authentication">.authentication</h2>
<p><code>request.authentication</code> should be set to a list of <code>Authentication</code> instances that can be used to authenticate the request.</p>
<p><code>request.authentication</code> may no longer be altered once <code>request.user</code> or <code>request.auth</code> have been accessed.</p>