{"id":14972665,"url":"https://github.com/pycasbin/django-authorization","last_synced_at":"2025-10-26T19:31:51.800Z","repository":{"id":51689283,"uuid":"303271211","full_name":"pycasbin/django-authorization","owner":"pycasbin","description":"Per object permissions for Django, see example at: https://github.com/pycasbin/django-authorization-example","archived":false,"fork":false,"pushed_at":"2024-04-24T15:30:23.000Z","size":46,"stargazers_count":33,"open_issues_count":0,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-04T05:12:03.644Z","etag":null,"topics":["access-control","authorization","casbin","django","django-framework","middleware","python","rbac"],"latest_commit_sha":null,"homepage":"https://github.com/casbin/pycasbin","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pycasbin.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-10-12T03:50:54.000Z","updated_at":"2025-02-01T18:49:23.000Z","dependencies_parsed_at":"2022-08-13T01:01:50.242Z","dependency_job_id":"cc66ecd2-d467-451d-8264-062b9baaf5dc","html_url":"https://github.com/pycasbin/django-authorization","commit_stats":{"total_commits":12,"total_committers":4,"mean_commits":3.0,"dds":"0.41666666666666663","last_synced_commit":"8dbdc59d6b0f6d289bf182f42dbc678e9eb3a59b"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pycasbin%2Fdjango-authorization","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pycasbin%2Fdjango-authorization/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pycasbin%2Fdjango-authorization/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pycasbin%2Fdjango-authorization/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pycasbin","download_url":"https://codeload.github.com/pycasbin/django-authorization/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238394323,"owners_count":19464583,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","authorization","casbin","django","django-framework","middleware","python","rbac"],"created_at":"2024-09-24T13:47:17.874Z","updated_at":"2025-10-26T19:31:46.446Z","avatar_url":"https://github.com/pycasbin.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# Django Authorization\n\n[![tests](https://github.com/pycasbin/django-authorization/actions/workflows/release.yml/badge.svg)](https://github.com/pycasbin/django-authorization/actions/workflows/release.yml)\n[![Coverage Status](https://coveralls.io/repos/github/pycasbin/django-authorization/badge.svg?branch=master)](https://coveralls.io/github/pycasbin/django-authorization?branch=master)\n[![Version](https://img.shields.io/pypi/v/django-authorization.svg)](https://pypi.org/project/django-authorization/)\n[![Download](https://img.shields.io/pypi/dm/django-authorization.svg)](https://pypi.org/project/django-authorization/)\n[![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord\u0026label=discord\u0026color=5865F2)](https://discord.gg/S5UjpzGZjN)\n\nDjango-authorization is an authorization library for Django framework.\n\nBased on [Casbin](https://github.com/casbin/pycasbin) and [Django-casbin](https://github.com/pycasbin/django-casbin) (middleware, light weight of this plugin), an authorization library that that supports access control models like ACL, RBAC, ABAC.\n\n![image](https://user-images.githubusercontent.com/75596353/188881538-a6a99cb1-c88b-4738-bf4f-452be4fb7c2d.png)\n\n- [Django Authorization](#django-authorization)\n  * [Installation and Configure](#installation-and-configure)\n  * [Usage](#usage)\n    + [Some Important Concepts:](#some-important-concepts-)\n    + [Middleware Usage](#middleware-usage)\n    + [Decorator Usage](#decorator-usage)\n    + [Command Line Usage](#command-line-usage)\n  * [License](#license)\n\n## Installation and Configure\n\n```\npip install django-authorization\n```\n\nWe recommend that you first configure the adapter for persistent storage of the policy, such as: \n\n[django-orm-adapter](https://github.com/pycasbin/django-orm-adapter), After integrating it into the project continue with the configuration of django-authrization\n\n```python\n# 1. Add the app to INSTALLED_APPS\nINSTALLED_APPS = [\n    \"django.contrib.admin\",\n    \"django.contrib.auth\",\n    \"django.contrib.contenttypes\",\n    \"django.contrib.sessions\",\n    \"django.contrib.messages\",\n    \"django.contrib.staticfiles\",\n    \"dauthz.apps.DauthzConfig\",\t# add this app to INSTALLED_APPS\n]\n\n# 2. Add configure of dauthz\nDAUTHZ = {\n    # DEFAULT Dauthz enforcer\n    \"DEFAULT\": {\n        # Casbin model setting.\n        \"MODEL\": {\n            # Available Settings: \"file\", \"text\"\n            \"CONFIG_TYPE\": \"file\",\n            \"CONFIG_FILE_PATH\": Path(__file__).parent.joinpath(\"dauthz-model.conf\"),\n            \"CONFIG_TEXT\": \"\",\n        },\n        # Casbin adapter .\n        \"ADAPTER\": {\n            \"NAME\": \"casbin_adapter.adapter.Adapter\",\n            # 'OPTION_1': '',\n        },\n        \"LOG\": {\n            # Changes whether Dauthz will log messages to the Logger.\n            \"ENABLED\": False,\n        },\n    },\n}\n```\n\nto better prompt the configure method of django-authorization, we made a django-app based on django-authorization, you can see it in [django-authorization-example](https://github.com/pycasbin/django-authorization-example)\n\n## Usage\n\n### Some Important Concepts:\n\nsuch as .conf file, policy, sub, obj, act, please refer to the [casbin website](https://casbin.org/)\n\n### Middleware Usage\n\n```python\n# Install middleware for django-authorization as required\nMIDDLEWARE = [\n    \"django.middleware.security.SecurityMiddleware\",\n    \"django.contrib.sessions.middleware.SessionMiddleware\",\n    \"django.middleware.common.CommonMiddleware\",\n    \"django.middleware.csrf.CsrfViewMiddleware\",\n    \"django.contrib.auth.middleware.AuthenticationMiddleware\",\n    \"django.contrib.messages.middleware.MessageMiddleware\",\n    \"django.middleware.clickjacking.XFrameOptionsMiddleware\",\n    \"dauthz.middlewares.request_middleware.RequestMiddleware\",\t# add the middleware \n]\n```\n\nYou can freely set the casbin enforcer for the middleware via API: set_enforcer_for_request_middleware(enforcer_name) and set_enforcer_for_enforcer_middleware(enforcer_name)\n\n### Decorator Usage\n\nRequest decorator will check the authorization status of user, path, method\n\n```python\n# use request decorator\n@request_decorator\ndef some_view(request):\n    return HttpResponse(\"Hello World\")\n```\n\nEnforcer decorator will check the authorization status of user, obj, edit. example: \n\n```python\n# use enforcer decorator\n# sub: user in request obj: \"artical\" act: \"edit\"\n@enforcer_decorator(\"artical\", \"edit\")\ndef some_view(request):\n    return HttpResponse(\"Hello World\")\n```\n\n### Command Line Usage\n\nThe command line operation allows you to operate directly on the enforcer's database. Three sets of commands are available: policy commands, group commands and role commands.\n\n```shell\nAdd/Get policy, usage: \npython manage.py policy [opt: --enforcer=\u003cenforcer_name\u003e] add \u003csub\u003e \u003cobj\u003e \u003cact\u003e\npython manage.py policy [opt: --enforcer=\u003cenforcer_name\u003e] get \u003csub\u003e \u003cobj\u003e \u003cact\u003e\n\nAdd/Get role to user, usage: \npython manage.py role [opt: --enforcer=\u003cenforcer_name\u003e] add \u003cuser\u003e \u003crole\u003e\npython manage.py role [opt: --enforcer=\u003cenforcer_name\u003e] get \u003cuser\u003e\n\nAdd/Get group policy, usage:\npython manage.py group [opt: --enforcer=\u003cenforcer_name\u003e] add \u003cuser\u003e \u003crole\u003e [opt:\u003cdomain\u003e]\npython manage.py group [opt: --enforcer=\u003cenforcer_name\u003e] get \u003cuser\u003e \u003crole\u003e [opt:\u003cdomain\u003e]\n```\n\n### Backend Usage\n\nYou can integrate Pycasbin with [Django authentication system](https://docs.djangoproject.com/en/4.2/topics/auth/default/#permissions-and-authorization). For more usage, you can refer to `tests/test_backend.py`. To enable the backend, you need to specify it in `settings.py`.\n\n```python\nAUTHENTICATION_BACKENDS = [\n    \"dauthz.backends.CasbinBackend\",\n    \"django.contrib.auth.backends.ModelBackend\", \n    ]\n```\n\nNote that you still need to add permissions for users with pycasbin `add_policy()` due to the mechanism of the django permission system.\n\n## License\n\nThis project is licensed under the [Apache 2.0 license](https://github.com/php-casbin/laravel-authz/blob/master/LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpycasbin%2Fdjango-authorization","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpycasbin%2Fdjango-authorization","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpycasbin%2Fdjango-authorization/lists"}