feat: integrate django authentication system #16
Conversation
|
@Nekotoxin please review |
|
|
|
@leeqvip plz review |
# [1.1.0](v1.0.3...v1.1.0) (2023-08-17) ### Features * integrate django authentication system ([#16](#16)) ([34770ec](34770ec))
|
🎉 This PR is included in version 1.1.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
| ] | ||
| ``` | ||
|
|
||
| 注意,由于django权限系统的机制,您仍需要使用pycasbin的`add_policy()`方法来添加策略。 |
There was a problem hiding this comment.
Is it possible to add, modify, and delete permissions ?
myuser.groups.set([group_list])
myuser.groups.add(group, group, ...)
myuser.groups.remove(group, group, ...)
myuser.groups.clear()
myuser.user_permissions.set([permission_list])
myuser.user_permissions.add(permission, permission, ...)
myuser.user_permissions.remove(permission, permission, ...)
myuser.user_permissions.clear()
There was a problem hiding this comment.
The django user_permissions module uses its own model, so it can't to do these operations with pycasbin.
| else: | ||
| if user.check_password(password) and self.user_can_authenticate(user): | ||
| return user | ||
|
|
There was a problem hiding this comment.
Can user authentication be skipped? Hand it over to other Backends to complete.
Only the authorization of permissions is provided here.
There was a problem hiding this comment.
Django will use each backend in order, if users want to custom their own authentication function, they can define a new backend and place it before casbin_backend.
There was a problem hiding this comment.
So it's redundant and useless. Casbin only provides authorization but not authentication.
There was a problem hiding this comment.
I see. I will file a new pr to remove it.
Add a backend to integrate django authentication system.