RABC: Role-based access control ( Role-Based Access Control )
Generally after logging system certification by the user's operating authority will first determine, subsequent operations to determine whether the user's legal!
RABC need at least three tables: a user table - roles table - permission table (many-more reasonable)
User table: to store user names and passwords, login verification, can rewrite the U- Ser table using django built auth authentication system, can also be customized;
Role Table: allocation of user roles,
Permissions table: storing all of the required permissions assigned url request path
RBAC permissions assigned during the operation :
User login, the user table by user name and password verification
Login is successful, record user login status, and query the permissions of the current user (user permissions table by association) record (can be recorded in django 's session table)
Access authentication for each url request to verify the login state and advance permission (middleware can be placed process_request , note provided corresponding release whitelist)