1👍
✅
You already get that user from request.user as explained by the documentation:
The authentication schemes are always defined as a list of classes. REST framework will attempt to authenticate with each class in the list, and will set request.user and request.auth using the return value of the first class that successfully authenticates.
Source:stackexchange.com