Skip to content

User Authorization

User Authorization

In this video, we are going to learn the concepts of user authorization in django.

  • User Authorization is basically, the process of granting access to a specific resources or giving permissions to a certain actions within an applicartion based on user's identity and permissions.

Lets take an example: Suppose you want to authorize a person to access to the admin panel and modify the data stored on the database. In this case, you need to give certain permissions to that user profile. So, the process of giving permissions and authorizing the user to perform a certain action or to access a certain resource on the system, is called user authorizations.

Different types of users in Django

Now let us discuss the type of user profile in django. This concept will help you to get more clarity on how user authorization works in django.

  • In django, there are basically 3 types of user account and they are Superuser, staff, regular user account.

Superuser

  • A superuser in Django is a user account with full administrative privileges.

  • Superusers have unrestricted access to all parts of the Django application, including administrative interfaces and sensitive operations.

  • By default, the createsuperuser management command allows you to create a superuser account. Superusers can perform administrative tasks like managing other users, assigning permissions, creating or modifying models, and more.

  • They have the highest level of control and authority within the application.

Staff

  • Staff users are regular users with some privileges in Django.

  • They have access to admin panel and can perform certain administrative functionalities but with limited permissions compared to superusers.

  • Staff users can be granted permissions to perform specific administrative tasks, such as managing content, moderating user-generated data, or accessing certain parts of the administrative interface.

  • They are typically responsible for day-to-day administrative operations but do not have complete control over the entire system.

Regular user account

  • Regular Users in Django represent regular individuals who interact with the application.

  • They may have different roles and permissions depending on the application's design and requirements.

  • Regular Users can be authenticated and authorized to perform specific actions or to access certain resources.

  • They can have various levels of access based on the permissions and roles assigned to them.

In this way, you have learnt the basic concepts of three different user types in django. In the next video, we will learn the concepts of permissions and groups in django.