Improve the comment.

Author: hsluoyz

casbin_middleware/middleware.py

@@ -24,24 +24,21 @@ class CasbinMiddleware:
 
     def __init__(self, get_response):
         self.get_response = get_response
+        # Initialize the Casbin enforcer, executed only on once.
         self.enforcer = casbin.Enforcer("casbin_middleware/authz_model.conf", "casbin_middleware/authz_policy.csv")
-        # One-time configuration and initialization.
 
     def __call__(self, request):
-        # Code to be executed for each request before
-        # the view (and later middleware) are called.
-
+        # Check the permission for each request.
         if not self.check_permission(request):
-            raise PermissionDenied
+            # Not authorized, return HTTP 403 error.
+            self.require_permission()
 
+        # Permission passed, go to next module.
         response = self.get_response(request)
-
-        # Code to be executed for each request/response after
-        # the view is called.
-
         return response
 
     def check_permission(self, request):
+        # Customize it based on your authentication method.
         user = request.user.username
         if request.user.is_anonymous:
             user = 'anonymous'