How to Implement Authorization in Django
A Django project for managing a hospital system using Permit.io for authorization. The project includes a RESTful API for managing patients, doctors, and appointments. The API is secured using ABAC (Attribute-Based Access Control) and RBAC (Role-Based Access Control) policies. The project also includes a PDP (Policy Decision Point) microservice for evaluating access control policies.
- ABAC (Attribute-Based Access Control)
- CRUD operations
- RESTful API
- User authentication
- Role-based access control
- ReBAC (Relationship-Based Access Control)
- Clone the repository:
https://github.com/tyaga001/django-authorization.git - Cd into the project directory:
cd hsystem - Install the dependencies:
pip install -r requirements.txt - Apply database migrations:
python manage.py migrateorpython manage.py migrate --run-syncdb||python manage.py makemigrations hsystem||python manage.py migrate - Start the development server:
python manage.py runserver 5000
If you do not have Docker installed as of yet, click here to install Docker.
Run the following command to pull the PDP Microservice container:
docker pull permitio/pdp-v2:latestRemember to replace <YOUR_API_KEY> with the Secret Key you obtained from your dashboard.
docker run -it -p 7766:7000 --env PDP_DEBUG=True --env PDP_API_KEY=<YOUR_API_KEY> permitio/pdp-v2:latest
- Create a superuser:
python manage.py createsuperuser - Access the admin panel:
http://localhost:5000/admin/ - Access the API:
http://localhost:5000/api/ - Access the documentation:
http://localhost:5000/docs/
Run the following command in a separate terminal to test whether the app is working as expected:
curl -X GET http://localhost:5000/patients/1/
This project is licensed under the MIT License.