How to implement role-based Authorization for Python REST API?
You can use a framework like Yosai that is based on Apache Shiro.
These are some features:
- Enables Role-Based Access Control policies through permission-level and role-level access control
- Two-Factor Authentication, featuring Time-based One-Time Passwords
- Native Support for Caching and Serialization
- Event-driven Processing
- Ready for Web Integration