Django has it but most people end up building their own because it's highly domain specific.
The permissions framework is also so complicated that most projects don't use it.
At this point it's worth asking whether frameworks should even have built-in authentication when it's a simple matter of storing a session id in a cookie.
The permissions framework is also so complicated that most projects don't use it.
At this point it's worth asking whether frameworks should even have built-in authentication when it's a simple matter of storing a session id in a cookie.