[PYTHON] I'm trying to create an authentication / authorization process with Django

First, what is different from Spring Security

Spring Security controls access URLs with matchers using method chains, Django doesn't seem to have filter control.

Therefore, it is necessary to implement the authentication and authorization process independently or use the library.

Django authorization method

For the time being, this is the method that this person is introducing The request already contains a user object.

https://www.slideshare.net/hirokiky/django-pyconjp2017

In other words, once accepting access with View, "It is not the correct user object, role, access is denied." That's the format

Yosona format

Personally, it may be better to issue tokens.

  1. Save the authentication token and role in a cookie
  2. Compare the token saved in the transaction table with the cookie (cache method is difficult to debug> <)
  3. If it is a disallowed page, an error message will be displayed

The approval procedure like this seems to be good.

When I personally compare it to the Spring Security code I thought that Django authentication, in which code is written for each view, is more maintainable.

Design like this

The design looks like this. I wonder if I can implement it after that.

Recommended Posts

I'm trying to create an authentication / authorization process with Django
Create an API with Django
Create an authentication feature with django-allauth and CustomUser in Django
Create an update screen with Django Updateview
I tried to create a table only with Django
An easy way to create an import module with jupyter
Create an environment with virtualenv
It's too easy to use an existing database with Django
Create a homepage with django
Minimum Makefile and buildout.cfg to create an environment with buildout
Create a Todo app with Django ① Build an environment with Docker
[Python Kivy] How to create an exe file with pyinstaller
[Django] Memo to create an environment of Django + MySQL + Vue.js [Python]
I tried to create an article in Wiki.js with SQLAlchemy
How to deal with "You have multiple authentication backends configured ..." (Django)
Create an alias for Route53 to CloudFront with the AWS API
Try to create an execution path diff viewer with angr + bingraphvis
I get an error when trying to install maec 4.0.1.0 with pip
Rails users try to create a simple blog engine with Django
Create an environment for Django x Apache x mod_wsgi with Vagrant (Ubuntu 16.04)
Create a REST API to operate dynamodb with the Django REST Framework
Steps to develop Django with VSCode
Load Django modules with an interpreter
Steps to create a Django project
Create folders from '01' to '12' with python
Authentication process with gRPC and Firebase Authentication
Create an Excel file with Python3
How to create an email user
How to get started with Django
Create an age group with pandas
Note: Send an email with Django
Create a file uploader with Django
How to authenticate with Django Part 2
How to authenticate with Django Part 3
I tried to create CSV upload, data processing, download function with Django
I want to create an Ubuntu chrome User Profile with Colab only
I want to create an API that returns a model with a recursive relationship in the Django REST Framework
How to do arithmetic with Django template
Step notes to get started with django
Create RESTful APIs with Django Rest Framework
Browse an existing external database with Django
How to create an NVIDIA Docker environment
Quickly create an excel file with Python #python
[Django] Give an initial value to ChoiceField
I'm having trouble with Django's Twitter authentication
Trying to handle SQLite3 with Python [Note]
Create your first app with Django startproject
[Python] Quickly create an API with Flask
Create an add-in-enabled Excel instance with xlwings
Create an English word app with python
Try to generate an image with aliasing
Create an upgradeable msi file with cx_Freeze
Workaround if you get an error when trying to install PySide with pip
Create an API to convert PDF files to TIF images with FastAPI and Docker
An error occurs when trying to import scikit-learn after connecting to Oracle with SQLAlchemy
An example of cloudbuild.yaml when auto-deploying Django to App Engine with Cloud Build
Try to create a Todo management site using WebSocket with Django (Swamp Dragon)
I tried to create an environment to check regularly using Selenium with AWS Fargate