From 953c29c12dc19daef6fcdba2bd5b902680f3bd16 Mon Sep 17 00:00:00 2001
From: mkdk <eugen_k69@yahoo.com>
Date: Wed, 19 Sep 2018 23:08:40 +0300
Subject: [PATCH] added request.method == 'options'

---
 rest_framework/permissions.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/rest_framework/permissions.py b/rest_framework/permissions.py
index a48058e66..898bd0e95 100644
--- a/rest_framework/permissions.py
+++ b/rest_framework/permissions.py
@@ -44,8 +44,10 @@ class IsAuthenticated(BasePermission):
     """
     Allows access only to authenticated users.
     """
-
+    # DRF should authorize all OPTIONS requests by default #5616
     def has_permission(self, request, view):
+        if request.method == 'OPTIONS':
+            return True
         return request.user and request.user.is_authenticated