Topic

Adding structure to a sea of chaos: a principled approach to authorization using Python + SQLAlchemy

By: Sam Scott

Date: March 11, 2021, 6 p.m.

Authorization is an unstructured problem. Writing code to decide who can do what in your app can cover a broad set of cases. The most structure that typically gets applied to this problem area is a set of if statements and roles, but in reality, there are a lot more patterns and structure that we can apply. oso is an open source system for building authorization into applications. It's a bit like SQLAlchemy in that it provides a structured approached to authorization, much like SQLAlchemy does for data modeling and access. In this talk, oso cofounder/CTO, Sam Scott, will provide a mental model for authorization and show how to apply it using oso, Python and SQLAlchemy.

Some useful links:

https://www.osohq.com/

https://twitter.com/osoHQ

https://www.osohq.com/post/introducing-builtin-roles

https://join-slack.osohq.com/

https://docs.osohq.com/