Skip to main content

June Meetup - Authorization using Python + SQLAlchemy


Join us for our monthly virtual PyDistrict. We'll have one great speaker who'll be presenting: Sam Scott.

Sam Scott - Adding Structure to a Sea of Chaos: A principled approach to authorization using Python + SQLAlchemy

Authorization is an unstructured problem. Writing code to decide who can do what in your app can cover a broad set of cases. The most structure that typically gets applied to this problem area is a set of if statements and roles, but in reality, there are a lot more patterns and structure that we can apply. Oso is an open source batteries-included library for building authorization in your application. It's a bit like SQLAlchemy in that it provides a structured approach to authorization, much like SQLAlchemy does for data modeling and access. In this talk, we'll provide a mental model for authorization and show how to apply it using oso, Python and SQLAlchemy.

About Sam

Sam Scott is the cofounder and CTO of Oso. He’s received a PhD in Cryptography, is an engineer by training, and can discuss anything from authorization and security patterns in SQLAlchemy, to how oso works under the hood and interfaces with Python via FFI, to trends in security policy-as-code and his contributions to TLS 1.3.

You can find him on Twitter @samososos.