How to Implement Authorization in Django
A Django project for managing a hospital system using Permit.io for authorization. The project includes a RESTful API for managing patients, doctors, and appointments. The API is secured using ABAC (Attribute-Based Access Control) and RBAC (Role-Based Access Control) policies. The project also includes a PDP (Policy Decision Point) microservice for evaluating access control policies.
- ABAC (Attribute-Based Access Control)
- CRUD operations
- RESTful API
- User authentication
- Role-based access control
- ReBAC (Relationship-Based Access Control)
- Clone the repository:
https://github.com/tyaga001/django-authorization.git
- Cd into the project directory:
cd hsystem
- Install the dependencies:
pip install -r requirements.txt
- Apply database migrations:
python manage.py migrate
orpython manage.py migrate --run-syncdb
||python manage.py makemigrations hsystem
||python manage.py migrate
- Start the development server:
python manage.py runserver 5000
If you do not have Docker installed as of yet, click here to install Docker.
Run the following command to pull the PDP Microservice container:
docker pull permitio/pdp-v2:latest
Remember to replace <YOUR_API_KEY> with the Secret Key you obtained from your dashboard.
docker run -it -p 7766:7000 --env PDP_DEBUG=True --env PDP_API_KEY=<YOUR_API_KEY> permitio/pdp-v2:latest
- Create a superuser:
python manage.py createsuperuser
- Access the admin panel:
http://localhost:5000/admin/
- Access the API:
http://localhost:5000/api/
- Access the documentation:
http://localhost:5000/docs/
Run the following command in a separate terminal to test whether the app is working as expected:
curl -X GET http://localhost:5000/patients/1/
This project is licensed under the MIT License.