6 Django packages related to authorization infrastructure and permissions

  • Mar 20, 2022
Django-guardian

Django-guardian - Python

3.2k

Usage

After installation and project hooks we can finally use object permissions with Django.

Lets start really quickly:

>>> from django.contrib.auth.models import User, Group
>>> jack = User.objects.create_user('jack', '[email protected]', 'topsecretagentjack')
>>> admins = Group.objects.create(name='admins')
>>> jack.has_perm('change_group', admins)
False
>>> from guardian.models import UserObjectPermission
>>> UserObjectPermission.objects.assign_perm('change_group', jack, obj=admins)
<UserObjectPermission: admins | jack | change_group>
>>> jack.has_perm('change_group', admins)
True
hacktoberfest

 

Django-oauth-toolkit

Django-oauth-toolkit - Python

2.5k

Django OAuth Toolkit can help you providing out of the box all the endpoints, data and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant.

If you need an OAuth2 provider you'll want to add the following to your urls.py. Notice that oauth2_provider namespace is mandatory.

urlpatterns = [
    ...
    path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
]
django oauth2 python

 

Django-oauth2-provider

Django-oauth2-provider - Python

335

Provide OAuth2 access to your app

 

Django-oml/

Django-oml - Python

12

Object Moderation Layer

OML_CONFIG = {

        # True if some groups wont be moderated
        'OML_EXCLUDE_MODERATED': True/False,

        # List of groups id that will be omitted
        'OML_EXCLUDED_GROUPS': []

}
django django-admin django-models django-permissions permissions python

 

Django-permission/

Django-permission - Python

301

An enhanced permission system which support object permission in Django

Add our extra authorization/authentication backend

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend', # default
    'permission.backends.PermissionBackend',
)
django framework permission python

 

Django-rules

Django-rules - Python

1.4k

Awesome Django authorization, without the database

Features

  • Documented, tested, reliable and easy to use.
  • Versatile. Decorate callables to build complex graphs of predicates. Predicates can be any type of callable -- simple functions, lambdas, methods, callable class objects, partial functions, decorated functions, anything really.
  • A good Django citizen. Seamless integration with Django views, templates and the Admin for testing for object-level permissions.
  • Efficient and smart. No need to mess around with a database to figure out whether John really wrote that book.
  • Simple. Dive in the code. You'll need 10 minutes to figure out how it works.
  • Powerful. rules comes complete with advanced features, such as invocation context and storage for arbitrary data, skipping evaluation of predicates under specific conditions, logging of evaluated predicates and more!
authorization django permissions predicates python rules