- Authentication: Determining the identity of a user, server or client
- Authorization: Determines what resources a user can access
User objects core to Django Authentication System
- Superusers: is_superuser, is_staff and is_active
- Staff: is_active and is_staff
- User: is_active
- Role-based acces controls (RBAC)
- Attribute-based access control (ABAC)
- Django comes with a built-in permissions or authorization system (Django admin site).
- This allows you to manage access to the database models
- By default anytime we create a new model, Django creates four different permissions
- Add
- Change
- Delete
- View
This is created for each Django model