Django-authorization, or dauthz is an authorization library for Django framework.
pip install -r requirements.txt
python manage.py makemigrations
python manage.py migrate
python manage.py runserver
INSTALLED_APPS = [
...
# STEP1: setup adapter(django-orm-adapter here)
'casbin_adapter.apps.CasbinAdapterConfig',
# STEP2: setup django-authorization
'dauthz.apps.DauthzConfig',
# STEP3: setup the app of your app
'user_management.apps.UserManagementConfig',
...
]
MIDDLEWARE = [
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
# STEP2: setup django-authorization
# be aware: should after AuthenticationMiddleware
"dauthz.middlewares.request_middleware.RequestMiddleware",
...
]
# STEP1: setup adapter(django-orm-adapter here)
CASBIN_MODEL = os.path.join(BASE_DIR, 'dauthz_model.conf')
# STEP2: setup django-authorization
DAUTHZ = {
# DEFAULT Dauthz enforcer
"DEFAULT": {
# Casbin model setting.
"MODEL": {
# Available Settings: "file", "text"
"CONFIG_TYPE": "file",
"CONFIG_FILE_PATH": CASBIN_MODEL,
"CONFIG_TEXT": "",
},
# Casbin adapter.
"ADAPTER": {
"NAME": "casbin_adapter.adapter.Adapter",
},
"LOG": {
# Changes whether Dauthz will log messages to the Logger.
"ENABLED": False,
},
},
}
p_rules = [
["anonymous", "/", "(GET)|(POST)"],
["anonymous", "/login", "(GET)|(POST)"],
["anonymous", "/register", "(GET)|(POST)"],
["normal_user", "/logout", "(GET)|(POST)"],
["admin", "/all_users_profile", "(GET)|(POST)"],
]
g_rules = [
["normal_user", "anonymous"],
["admin", "normal_user"]
]
enforcer.add_policies(p_rules)
enforcer.add_grouping_policies(g_rules)
enforcer.save_policy()
This project is licensed under the Apache 2.0 license.