Authorization is an unstructured problem. Writing code to decide who can do what in your app can cover a broad set of cases. The most structure that typically gets applied to this problem area is a set of if statements and roles, but in reality, there are a lot more patterns and structure that we can apply.
Oso cofounder/CTO Sam Scott gave a talk on authorization and how to apply it using Oso, Python and SQLAlchemy. Watch the 20-min talk to learn about:
- What is authorization and why it matters
- Common authorization patterns around roles
- How to apply authorization in Python using SQLAlchemy and Oso
Some useful links for more on this topic:
- Guide to adding roles with SQLAlchemy
- How we structured role features in sqlalchemy-oso
- Blog Post: GraphQL Authorization with Graphene, SQLAlchemy and Oso
- Demo: Authorization Patterns for GraphQL using Oso + Python Graphene Library
If you have any feedback, or want to chat about authorization or anything else, come join us in Slack.