How do you implement authorization in Django?

Question

I have just joined a startup where we build a privacy-related muli-tenant SaaS offering. We are thinking of using Django for it. Django has lot of features and libraries for authentication , 2FA etc but I can't find much on Authorisation. What do you guys use? We can't use any proprietary/closed-source solutions due to the nature of the product.Any suggestions is appreciated?

petr25102018 · Accepted Answer

You will most likely need to build something yourself. Django's authorization is limited in this aspect :(

8organicbits · Answer

I think we need more info about your project and how you want authZ to work. Do you need groups? Can everyone share with anyone? Do you want to support customer defined policies, or should the service define static roles?Oso, AuthZed, and Ory Keto come to mind, but those may be too heavyweight if you just need something basic.

rst_noimage · Answer

https://github.com/pycasbin/django-casbin