用户登录时，就可以根据自己的【用户】找到所有的角色，再根据角色找到所有的权限，再将权限信息放入session
目录结构：

路由设置
web/urls.py

from django.conf.urls import url
from web.views import account

urlpatterns = [
    url(r'^login/$',account.login)
]

luffy_permission_simon/urls.py

from django.contrib import admin
from django.conf.urls import include,url

urlpatterns = [
    url('^admin/', admin.site.urls),
    url('^', include('web.urls'))
]

用户登录视图放在web/views/account.py

# -*- encoding: utf-8 -*-
"""
@File    : account.py
@Time    : 2021-12-15 22:04
@Author  : tangsai
@Email   : 294168604@qq.com
@Software: PyCharm
"""
from django.shortcuts import HttpResponse, render, redirect
from rbac import models


def login(request):
    # 1. 用户登录
    if request.method == 'GET':
        return render(request, 'login.html')
    user = request.POST.get('user')
    pwd = request.POST.get('pwd')

    current_user = models.UserInfo.objects.filter(name=user, password=pwd).first()
    if not current_user:
        return render(request, 'login.html', {'msg': '用户名或密码错误'})

    # 2. 权限信息初始化
    # 根据当前用户信息获取此用户所拥有的所有权限，并放入session。
    # 当前用户所有权限
    permission_queryset = current_user.roles.filter(permissions__isnull=False).values("permissions__id",
                                                                                      "permissions__url").distinct()

    # 获取权限中所有的URL
    # permission_list = []
    # for item in permission_queryset:
    #     permission_list.append(item['permissions__url'])

    permission_list = [item['permissions__url'] for item in permission_queryset]
    # for item in permission_list:
    #     print(item)
    # request.session[settings.PERMISSION_SESSION_KEY] = permission_list
    request.session['luffy_permission_url_list_key'] = permission_list

    return redirect('/customer/list/')

模板
login.html

    
    


用户登录

    {% csrf_token %}
    
    
    {{ msg }}