Skip to main content

Django authentication and authorization utilities

Project description

Django authentication and authorization utilities.

https://img.shields.io/pypi/v/django-auth-utils.svg https://img.shields.io/badge/source-GitHub-lightgrey.svg https://img.shields.io/github/issues/pjdelport/django-auth-utils.svg https://travis-ci.org/pjdelport/django-auth-utils.svg?branch=master https://codecov.io/github/pjdelport/django-auth-utils/coverage.svg?branch=master

Installation

pip install django-auth-utils

Supported and tested on:

  • Python: 2.7, 3.4, 3.5, 3.6, PyPy, PyPy3

  • Django: 1.8, 1.10, 1.11

Configuration

In order to use the auth_utils template tag library, add auth_utils to your INSTALLED_APPS.

Alternatively, since Django 1.9, you can add auth_utils.templatetags.auth_utils to your DjangoTemplates OPTIONS.

Usage

Permission-checking views

The ObjectPermissionRequiredMixin view combines Django’s PermissionRequiredMixin and SingleObjectMixin views, and performs the permission check against the object that was looked up.

Use it like the base classes:

from auth_utils.views import ObjectPermissionRequiredMixin


class ArticleDetail(ObjectPermissionRequiredMixin, generic.DetailView):
    model = Article
    permission_required = ['news.read_article']


class ArticleUpdate(ObjectPermissionRequiredMixin, generic.UpdateView):
    model = Article
    permission_required = ['news.change_article']

Permission-checking in templates

Load the template tag library:

{% load auth_utils %}

The perms filter allows checking object-level permissions with a convenient syntax:

{% if perm in user|perms:object %} ... {% endif %}

The object argument is optional. If omitted, the global permission is checked, similar to Django’s perms object.

Examples:

{% if 'news.read_article' in user|perms:article %}
    {{ article.text }}
{% else %}
    You do not have permission to read this article.
{% endif %}


{% if 'news.change_article' in user|perms:article %}
    <a href="...">Edit article</a>
{% endif %}

{% if 'news.delete_article' in user|perms:article %}
    <a href="...">Delete article</a>
{% endif %}

The library provides can_change and can_delete shorthands for checking Django’s default app.change_model and app.delete_model model permissions:

{% if user|can_change:article %} <a href="...">Edit</a> {% endif %}
{% if user|can_delete:article %} <a href="...">Delete</a> {% endif %}

BaseAuthorizationBackend

This base class provides all the boilerplate code necessary for a Django authentication backend to work, without performing any user authentication or permission authorization itself.

This is intended to make it easy to write custom authorization policies that only implement the backend methods they’re interested in:

from auth_utils.backends import BaseAuthorizationBackend


class ArticleEditPolicy(BaseAuthorizationBackend):
    """
    Allow authors to change and delete their own articles.
    """

    def get_user_permissions(self, user_obj, obj=None):
        is_author = isinstance(obj, Article) and article.author == user_obj
        if user_obj.is_active and is_author:
            return {'news.change_article', 'news.delete_article'}
        else:
            return set()


class GuestAccessPolicy(BaseAuthorizationBackend):
    """
    Allow anonymous users to read non-premium articles.
    """

    def get_user_permissions(self, user_obj, obj=None):
        guest_readable = isinstance(obj, Article) and not article.is_premium
        if not user_obj.is_authenticated() and guest_readable:
            return {'news.read_article'}
        else:
            return set()

Once defined, these policies can be enabled in AUTHENTICATION_BACKENDS:

AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',

    # Custom authorization policies
    'news.auth.ArticleEditPolicy',
    'news.auth.GuestAccessPolicy',
]

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-auth-utils-0.1.1.tar.gz (12.5 kB view details)

Uploaded Source

Built Distribution

django_auth_utils-0.1.1-py2.py3-none-any.whl (9.6 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file django-auth-utils-0.1.1.tar.gz.

File metadata

File hashes

Hashes for django-auth-utils-0.1.1.tar.gz
Algorithm Hash digest
SHA256 735cee46eef1ad82e43394d405f4fe678e2af9123cd7f270ce07d0615330e51a
MD5 6a6539f83f9cf8f8509777ada88fa382
BLAKE2b-256 3cacff3c6ed433ea5d8b85f686c09ece258020d022a84b069c08cdefd43b9434

See more details on using hashes here.

Provenance

File details

Details for the file django_auth_utils-0.1.1-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for django_auth_utils-0.1.1-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 0064eea83a530da6d89adbc84b4e357c82eef6086ce620028e977918d530dcf7
MD5 eacfe7ea870ef027851f9d2d693de794
BLAKE2b-256 c9ce830e1f303440c4d17987462591758d60a75d685f9e8a40d3ac053154781f

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page