![Standalone Meta AI App Released for iPhone [Download]](https://www.iclarified.com/images/news/97157/97157/97157-640.jpg)
![Apple Seeds watchOS 11.5 Beta 4 to Developers [Download]](https://www.iclarified.com/images/news/97147/97147/97147-640.jpg)
![Here are Android Auto’s upcoming climate controls [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/03/android-auto-icon-subaru.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=icon}
_Vladimir_Stanisic_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![[The AI Show Episode 145]: OpenAI Releases o3 and o4-mini, AI Is Causing “Quiet Layoffs,” Executive Order on Youth AI Education & GPT-4o’s Controversial Update](https://www.marketingaiinstitute.com/hubfs/ep%20145%20cover.png)
Dev challenge
This is a submission for the Permit.io Authorization Challenge: Permissions Redefined What I Built In many applications, managing user permissions can become cumbersome when hardcoded inside the app’s logic. Permissions are usually defined in a monolithic way, leading to messy code, difficulty in updates, and sometimes security vulnerabilities. By integrating Permit.io for authorization: 1. Centralized Permission Management: Permissions are stored and managed externally, making it easy to change or scale without modifying the app’s core logic. 2. Dynamic Role Management: Roles and permissions can be adjusted through Permit.io’s dashboard, allowing for quick changes without touching code. 3. Improved Security: Fine-grained policies ensure users can only access resources relevant to their role, helping prevent unauthorized actions. Demo https://github.com/Disha-Se/Task-manager- Project Repo My Journey Step 1: Project Setup I started by setting up a FastAPI project with login and task routes. The API uses mock data for users and roles and handles authentication via a simple POST login endpoint. Step 2: Integrating Permit.io Using the Permit.io Python SDK, I added authorization checks using permit.check(user=role, action="create", resource="task") The permit.check() function queries Permit.io to decide if a user role is allowed to perform an action on a resource. Challenge: At first, I forgot to use async for permit.check(), which caused an error since the SDK uses async calls. Solution: Made all route handlers using authorization async and added await. Step 3: Adding Frontend I created a simple frontend with HTML, CSS, and JavaScript: • Login screen • Task creation form • Task list display This frontend uses fetch() to call the FastAPI endpoints and includes a custom header (X-Username) for tracking user identity. Challenge: The frontend needed CORS setup and static file serving. Solution: Mounted StaticFiles from FastAPI and placed all HTML/CSS/JS in a frontend/ directory. Step 4: Deployment Preparation To make deployment smooth, I added: • A render.yaml file for Render.com • Instructions to connect the repo and deploy with one click Challenge: FastAPI apps require ports and environment variables configured. Solution: Used uvicorn with port 10000 and added an environment variable for PERMIT_API_KEY. Using Permit.io for Authorization Login to Permit (opens browser) permit login Initialize the project (run this in the project directory) permit init --project task-manager --env dev Create roles permit roles:create admin permit roles:create user Create resource permit resources:create task Add actions to resource permit actions:add task create permit actions:add task view Grant permissions permit permissions:grant admin create task permit permissions:grant admin view task permit permissions:grant user create task permit permissions:grant user view task Push changes to Permit permit push
This is a submission for the Permit.io Authorization Challenge: Permissions Redefined
What I Built
In many applications, managing user permissions can become cumbersome when hardcoded inside the app’s logic. Permissions are usually defined in a monolithic way, leading to messy code, difficulty in updates, and sometimes security vulnerabilities.
By integrating Permit.io for authorization:
1. Centralized Permission Management: Permissions are stored and managed externally, making it easy to change or scale without modifying the app’s core logic.
2. Dynamic Role Management: Roles and permissions can be adjusted through Permit.io’s dashboard, allowing for quick changes without touching code.
3. Improved Security: Fine-grained policies ensure users can only access resources relevant to their role, helping prevent unauthorized actions.
Demo
https://github.com/Disha-Se/Task-manager-
Project Repo
My Journey
Step 1: Project Setup
I started by setting up a FastAPI project with login and task routes. The API uses mock data for users and roles and handles authentication via a simple POST login endpoint.
Step 2: Integrating Permit.io
Using the Permit.io Python SDK, I added authorization checks using
permit.check(user=role, action="create", resource="task")
The permit.check() function queries Permit.io to decide if a user role is allowed to perform an action on a resource.
Challenge: At first, I forgot to use async for permit.check(), which caused an error since the SDK uses async calls.
Solution: Made all route handlers using authorization async and added await.
Step 3: Adding Frontend
I created a simple frontend with HTML, CSS, and JavaScript:
• Login screen
• Task creation form
• Task list display
This frontend uses fetch() to call the FastAPI endpoints and includes a custom header (X-Username) for tracking user identity.
Challenge: The frontend needed CORS setup and static file serving.
Solution: Mounted StaticFiles from FastAPI and placed all HTML/CSS/JS in a frontend/ directory.
Step 4: Deployment Preparation
To make deployment smooth, I added:
• A render.yaml file for Render.com
• Instructions to connect the repo and deploy with one click
Challenge: FastAPI apps require ports and environment variables configured.
Solution: Used uvicorn with port 10000 and added an environment variable for PERMIT_API_KEY.
Using Permit.io for Authorization
Login to Permit (opens browser)
permit login
Initialize the project (run this in the project directory)
permit init --project task-manager --env dev
Create roles
permit roles:create admin
permit roles:create user
Create resource
permit resources:create task
Add actions to resource
permit actions:add task create
permit actions:add task view
Grant permissions
permit permissions:grant admin create task
permit permissions:grant admin view task
permit permissions:grant user create task
permit permissions:grant user view task
Push changes to Permit
permit push
