Django - redirect to login page vs. 403
Why does Django redirects user to login page when trying to access pages protected by permissions? Wouldn't it make more sense to raise 403? Then I could display meaningful message in 403.html (using custom middleware) to user saying they don't have permissions to perform the action. Also I would be able to identify links to views that user shouldn't even be presented with at first place or users trying to access forbidden resources.
If you're talking about the login_required decorator, there's no reason you have to use that. You could write a similar decorator that did the very thing you're looking for (return a 403 response).
Unfortunately, the login_required decorator code is actually somewhat complex so it wouldn't be trivial to just copy/modify for your needs, as the redirect portion is actually within the user_passes_test function that they use.