{"id":20035814,"url":"https://github.com/officialpycasbin/django-casbin","last_synced_at":"2025-10-04T12:50:26.461Z","repository":{"id":262369977,"uuid":"887025433","full_name":"officialpycasbin/django-casbin","owner":"officialpycasbin","description":"Django authorization middleware based on PyCasbin","archived":false,"fork":false,"pushed_at":"2025-08-15T14:54:12.000Z","size":16,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-08-15T16:31:39.527Z","etag":null,"topics":["auth","authorization","authz","casbin","django","middleware","plugin","py","pycasbin","python","pythonweb"],"latest_commit_sha":null,"homepage":"https://github.com/casbin/pycasbin","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/officialpycasbin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-12T03:16:08.000Z","updated_at":"2025-08-15T14:54:17.000Z","dependencies_parsed_at":"2024-12-15T00:31:23.899Z","dependency_job_id":null,"html_url":"https://github.com/officialpycasbin/django-casbin","commit_stats":null,"previous_names":["officialpycasbin/django-casbin"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/officialpycasbin/django-casbin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/officialpycasbin%2Fdjango-casbin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/officialpycasbin%2Fdjango-casbin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/officialpycasbin%2Fdjango-casbin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/officialpycasbin%2Fdjango-casbin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/officialpycasbin","download_url":"https://codeload.github.com/officialpycasbin/django-casbin/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/officialpycasbin%2Fdjango-casbin/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278315196,"owners_count":25966775,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","authorization","authz","casbin","django","middleware","plugin","py","pycasbin","python","pythonweb"],"created_at":"2024-11-13T10:09:22.063Z","updated_at":"2025-10-04T12:50:26.430Z","avatar_url":"https://github.com/officialpycasbin.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# django-casbin\r\n\r\n[![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord\u0026label=discord\u0026color=5865F2)](https://discord.gg/S5UjpzGZjN)\r\n\r\ndjango-casbin is an authorization middleware for [Django](https://www.djangoproject.com/), it's based on [PyCasbin](https://github.com/casbin/pycasbin).\r\n\r\n## Installation\r\n\r\n```\r\npip install casbin\r\n```\r\n\r\n## Simple Example\r\n\r\nThis repo is just a working Django app that shows the usage of django-casbin. To use it in your existing Django app, you need:\r\n\r\n- Add the middleware to your Django app's ``settings.py``:\r\n\r\n```python\r\nMIDDLEWARE = [\r\n    'django.middleware.security.SecurityMiddleware',\r\n    'django.contrib.sessions.middleware.SessionMiddleware',\r\n    'django.middleware.common.CommonMiddleware',\r\n    'django.middleware.csrf.CsrfViewMiddleware',\r\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\r\n    'django.contrib.messages.middleware.MessageMiddleware',\r\n    'django.middleware.clickjacking.XFrameOptionsMiddleware',\r\n    'casbin_middleware.middleware.CasbinMiddleware', # Add this line, must after AuthenticationMiddleware.\r\n]\r\n```\r\n\r\n- Copy ``casbin_middleware`` folder to your Django's top folder, modify ``casbin_middleware/middleware.py`` if you need:\r\n\r\n```python\r\nimport casbin\r\n\r\ndef __init__(self, get_response):\r\n    self.get_response = get_response\r\n    # load the casbin model and policy from files.\r\n    # change the 2nd arg to use a database.\r\n    self.enforcer = casbin.Enforcer(\"casbin_middleware/authz_model.conf\", \"casbin_middleware/authz_policy.csv\")\r\n\r\ndef check_permission(self, request):\r\n    # change the user, path, method as you need.\r\n    user = request.user.username\r\n    if request.user.is_anonymous:\r\n        user = 'anonymous'\r\n    path = request.path\r\n    method = request.method\r\n    return self.enforcer.enforce(user, path, method)\r\n```\r\n\r\n- The default policy ``authz_policy.csv`` is:\r\n\r\n```csv\r\np, anonymous, /, GET\r\np, admin, *, *\r\ng, alice, admin\r\n```\r\n\r\nIt means ``anonymous`` user can only access homepage ``/``. Admin users like alice can access any pages. Currently all accesses are regarded as ``anonymous``. Add your authentication to let a user log in.\r\n\r\n## Documentation\r\n\r\nThe authorization determines a request based on ``{subject, object, action}``, which means what ``subject`` can perform what ``action`` on what ``object``. In this plugin, the meanings are:\r\n\r\n1. ``subject``: the logged-in user name\r\n2. ``object``: the URL path for the web resource like \"dataset1/item1\"\r\n3. ``action``: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like \"read-file\", \"write-blog\"\r\n\r\nFor how to write authorization policy and other details, please refer to [the Casbin's documentation](https://casbin.org).\r\n\r\n## Getting Help\r\n\r\n- [Casbin](https://casbin.org)\r\n\r\n## License\r\n\r\nThis project is under Apache 2.0 License. See the [LICENSE](LICENSE) file for the full license text.\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fofficialpycasbin%2Fdjango-casbin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fofficialpycasbin%2Fdjango-casbin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fofficialpycasbin%2Fdjango-casbin/lists"}