Django Rest Framework, how to set up authentication and authorization?

A

Antigo_ptz2016-10-26 14:33:25

Django

Antigo_ptz, 2016-10-26 14:33:25

Greetings!
Because I got acquainted with the Python language and the Django framework quite recently, the following question arose:
I am writing a backend of a restful web application. I use Python, Django + Django Rest Framework. I need to write an authentication-authorization system. There will be multiple users on the system. There are only two groups: admins and users. Users can NOT register themselves, they must be registered only by the admin. All work should be done through the rest api, because different third-party clients will work with the application.
How can I use the user and permissions implementation that Django provides?
Can I somehow block access to applications not at the object level, but at the request level (for example: I need all requests that start with /api/employee to be available to one group, and /api/monitoring requests to another group users)
Thanks in advance!

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

M

Mykola, 2016-10-26
@IKMOL

Yes, it's easy, just read the documentation here.
Then read specifically about authentication .
Learn that you can add/write your own access classes authentication_classes, permission_classes.