Authorization¶
Authorization is a crucial security feature in Ellar that determines what resources authenticated users can access. Ellar provides a flexible and powerful authorization system through policies, roles, and claims.
Table of Contents¶
- Basic Authorization
- Policies
- Role-Based Authorization
- Claims-Based Authorization
- Custom Policies with Requirements
- Combining Policies
Basic Authorization¶
To use authorization in your Ellar application, you need to:
- Decorate your controllers or routes with
@Authorize() - Apply specific policies using
@CheckPolicies() - Ensure users are authenticated using
@AuthenticationRequired()
Here's a basic example:
from ellar.auth import AuthenticationRequired, Authorize, CheckPolicies
from ellar.common import Controller, get
@Controller("/articles")
@Authorize() # Enable authorization for all routes
@AuthenticationRequired() # Require authentication
class ArticleController:
@get("/admin")
@CheckPolicies(RolePolicy("admin")) # Only allow admins
async def admin_dashboard(self):
return "Admin Dashboard"
@get("/public")
async def public_articles(self): # Accessible to any authenticated user
return "Public Articles"
For detailed information about specific authorization features, please refer to the respective sections in the documentation.