Add Casbin middleware.
diff --git a/casbin_middleware/__init__.py b/casbin_middleware/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/casbin_middleware/__init__.py
diff --git a/casbin_middleware/authz_model.conf b/casbin_middleware/authz_model.conf
new file mode 100644
index 0000000..d5705e5
--- /dev/null
+++ b/casbin_middleware/authz_model.conf
@@ -0,0 +1,14 @@
+[request_definition]

+r = sub, obj, act

+

+[policy_definition]

+p = sub, obj, act

+

+[role_definition]

+g = _, _

+

+[policy_effect]

+e = some(where (p.eft == allow))

+

+[matchers]

+m = (g(r.sub, p.sub) || p.sub == "*") && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")
\ No newline at end of file
diff --git a/casbin_middleware/authz_policy.csv b/casbin_middleware/authz_policy.csv
new file mode 100644
index 0000000..1c26998
--- /dev/null
+++ b/casbin_middleware/authz_policy.csv
@@ -0,0 +1,3 @@
+p, anonymous, /, GET

+p, admin, *, *

+g, alice, admin
\ No newline at end of file
diff --git a/casbin_middleware/middleware.py b/casbin_middleware/middleware.py
new file mode 100644
index 0000000..d40ff9b
--- /dev/null
+++ b/casbin_middleware/middleware.py
@@ -0,0 +1,53 @@
+# Copyright 2019 The Casbin Authors. All Rights Reserved.

+#

+# Licensed under the Apache License, Version 2.0 (the "License");

+# you may not use this file except in compliance with the License.

+# You may obtain a copy of the License at

+#

+#      http://www.apache.org/licenses/LICENSE-2.0

+#

+# Unless required by applicable law or agreed to in writing, software

+# distributed under the License is distributed on an "AS IS" BASIS,

+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+# See the License for the specific language governing permissions and

+# limitations under the License.

+

+import casbin

+

+from django.core.exceptions import PermissionDenied

+

+

+class CasbinMiddleware:

+    """

+    Casbin middleware.

+    """

+

+    def __init__(self, get_response):

+        self.get_response = get_response

+        self.enforcer = casbin.Enforcer("casbin_middleware/authz_model.conf", "casbin_middleware/authz_policy.csv")

+        # One-time configuration and initialization.

+

+    def __call__(self, request):

+        # Code to be executed for each request before

+        # the view (and later middleware) are called.

+

+        if not self.check_permission(request):

+            raise PermissionDenied

+

+        response = self.get_response(request)

+

+        # Code to be executed for each request/response after

+        # the view is called.

+

+        return response

+

+    def check_permission(self, request):

+        user = request.user.username

+        if request.user.is_anonymous:

+            user = 'anonymous'

+        path = request.path

+        method = request.method

+        return self.enforcer.enforce(user, path, method)

+

+    def require_permission(self,):

+        raise PermissionDenied

diff --git a/django_example/settings.py b/django_example/settings.py
index 7e77958..12e8bed 100644
--- a/django_example/settings.py
+++ b/django_example/settings.py
@@ -47,6 +47,7 @@
     'django.contrib.auth.middleware.AuthenticationMiddleware',

     'django.contrib.messages.middleware.MessageMiddleware',

     'django.middleware.clickjacking.XFrameOptionsMiddleware',

+    'casbin_middleware.middleware.CasbinMiddleware',

 ]

 

 ROOT_URLCONF = 'django_example.urls'