Give users different privileges
Anvil has a built-in user management system that makes login and permissions easy.
Follow this quickstart to check which user is logged in before running certain parts of your app (authorisation).
Log in to Anvil and click ‘create app’. Choose the Material Design theme.
Add the Users Service:
Write this code in the
__init__ method of Form1:
Now run your app, sign up and verify your email (note: you’re only signing up to your own app here!).
(If you want more detail on this step, see the User Login Quickstart)
In the App Browser, click the + next to Server Modules to add a new Server Module.
You will see a code editor with a yellow background.
Write this function into the Server Module:
@anvil.server.callable def print_my_permissions(): super_user = 'email@example.com' if anvil.users.get_user() is None: print("Nobody is logged in.") elif anvil.users.get_user()['email'] == super_user: print("%s is allowed to see this." % super_user) else: print("This path is for minimum-access users.")
super_user to the email address you signed up to your app with.
Now go to the code for Form1 and add this line to the end of the
It calls your server function from the client.
Run your app and log in. You will see this in the Output Panel:
Sign up with a different email address (or just put some dummy data directly into the Users table). You
This path is for minimum-access users in the Output Panel. To get the
Nobody is logged in message,
you have to reach that
if statement with nobody logged in - comment out the
to achieve that.
That’s a quick introduction to user authorisation in Anvil. You will usually manage user permissions with
like the one in this quickstart.
As a general rule, you should check user permissions in Server Modules rather than in client code. Any code running in a browser can be manipulated by the user - that goes for any web app, not just Anvil. Code in an Anvil Server Module is protected by industry-standard security best practice, so your permissions checks there are guaranteed to be honoured.
You can also run
anvil.users.get_user() on your own machine(s) using the Uplink, which of course can be
just as secure as a Server Module (since you manage it, that’s up to you).
Often, you want to assign a role to each user and check your user’s role when deciding what to grant them access to.
This can be achieved by adding a Text column to the Users Data Table called something like
role, then checking this
column when performing authorisation. The code from this example would be something like:
admin_role = "admin" if anvil.users.get_user() is None: print("Nobody is logged in.") elif anvil.users.get_user()['role'] == admin_role: print("Users with role '%s' are allowed to see this." % admin_role) else: print("This path is for minimum-access users.")
Click on the button below to clone a finished version of this app into your account.
Want more depth on this subject?
Read more about User authentication and authorisation.
Want another quickstart?
Every quickstart is on the Quickstarts page.