8.8 KiB

Raw Blame History

🙅 Oauth2️⃣ ⏮️ 🔐 & 📨

🔜 ➡️ 🏗 ⚪️➡️ ⏮️ 📃 & 🚮 ❌ 🍕 ✔️ 🏁 💂‍♂ 💧.

🤚 `username` & `password`

👥 🔜 ⚙️ FastAPI 💂‍♂ 🚙 🤚 username & password.

Oauth2️⃣ ✔ 👈 🕐❔ ⚙️ "🔐 💧" (👈 👥 ⚙️) 👩‍💻/👩‍💻 🔜 📨 username & password 🏑 📨 💽.

& 🔌 💬 👈 🏑 ✔️ 🌟 💖 👈. user-name ⚖️ email 🚫🔜 👷.

✋️ 🚫 😟, 👆 💪 🎦 ⚫️ 👆 🎋 👆 🏁 👩‍💻 🕸.

& 👆 💽 🏷 💪 ⚙️ 🙆 🎏 📛 👆 💚.

✋️ 💳 ➡ 🛠️, 👥 💪 ⚙️ 👉 📛 🔗 ⏮️ 🔌 (& 💪, 🖼, ⚙️ 🛠️ 🛠️ 🧾 ⚙️).

🔌 🇵🇸 👈 username & password 🔜 📨 📨 💽 (, 🙅‍♂ 🎻 📥).

`scope`

🔌 💬 👈 👩‍💻 💪 📨 ➕1️⃣ 📨 🏑 "scope".

📨 🏑 📛 scope (⭐), ✋️ ⚫️ 🤙 📏 🎻 ⏮️ "↔" 🎏 🚀.

🔠 "↔" 🎻 (🍵 🚀).

👫 🛎 ⚙️ 📣 🎯 💂‍♂ ✔, 🖼:

users:read ⚖️ users:write ⚠ 🖼.
instagram_basic ⚙️ 👱📔 / 👱📔.
https://www.googleapis.com/auth/drive ⚙️ 🇺🇸🔍.

/// info

Oauth2️⃣ "↔" 🎻 👈 📣 🎯 ✔ ✔.

⚫️ 🚫 🤔 🚥 ⚫️ ✔️ 🎏 🦹 💖 : ⚖️ 🚥 ⚫️ 📛.

👈 ℹ 🛠️ 🎯.

Oauth2️⃣ 👫 🎻.

///

📟 🤚 `username` & `password`

🔜 ➡️ ⚙️ 🚙 🚚 FastAPI 🍵 👉.

`OAuth2PasswordRequestForm`

🥇, 🗄 OAuth2PasswordRequestForm, & ⚙️ ⚫️ 🔗 ⏮️ Depends ➡ 🛠️ /token:

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003_py310.py!}

////

OAuth2PasswordRequestForm 🎓 🔗 👈 📣 📨 💪 ⏮️:

username.
password.
📦 scope 🏑 🦏 🎻, ✍ 🎻 🎏 🚀.
📦 grant_type.

/// tip

Oauth2️⃣ 🔌 🤙 🚚 🏑 grant_type ⏮️ 🔧 💲 password, ✋️ OAuth2PasswordRequestForm 🚫 🛠️ ⚫️.

🚥 👆 💪 🛠️ ⚫️, ⚙️ OAuth2PasswordRequestFormStrict ↩️ OAuth2PasswordRequestForm.

///

📦 client_id (👥 🚫 💪 ⚫️ 👆 🖼).
📦 client_secret (👥 🚫 💪 ⚫️ 👆 🖼).

/// info

OAuth2PasswordRequestForm 🚫 🎁 🎓 FastAPI OAuth2PasswordBearer.

OAuth2PasswordBearer ⚒ FastAPI 💭 👈 ⚫️ 💂‍♂ ⚖. ⚫️ 🚮 👈 🌌 🗄.

✋️ OAuth2PasswordRequestForm 🎓 🔗 👈 👆 💪 ✔️ ✍ 👆, ⚖️ 👆 💪 ✔️ 📣 Form 🔢 🔗.

✋️ ⚫️ ⚠ ⚙️ 💼, ⚫️ 🚚 FastAPI 🔗, ⚒ ⚫️ ⏩.

///

⚙️ 📨 💽

/// tip

👐 🔗 🎓 OAuth2PasswordRequestForm 🏆 🚫 ✔️ 🔢 scope ⏮️ 📏 🎻 👽 🚀, ↩️, ⚫️ 🔜 ✔️ scopes 🔢 ⏮️ ☑ 📇 🎻 🔠 ↔ 📨.

👥 🚫 ⚙️ scopes 👉 🖼, ✋️ 🛠️ 📤 🚥 👆 💪 ⚫️.

///

🔜, 🤚 👩‍💻 📊 ⚪️➡️ (❌) 💽, ⚙️ username ⚪️➡️ 📨 🏑.

🚥 📤 🙅‍♂ ✅ 👩‍💻, 👥 📨 ❌ 💬 "❌ 🆔 ⚖️ 🔐".

❌, 👥 ⚙️ ⚠ HTTPException:

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003_py310.py!}

////

✅ 🔐

👉 ☝ 👥 ✔️ 👩‍💻 📊 ⚪️➡️ 👆 💽, ✋️ 👥 🚫 ✅ 🔐.

➡️ 🚮 👈 💽 Pydantic UserInDB 🏷 🥇.

👆 🔜 🙅 🖊 🔢 🔐,, 👥 🔜 ⚙️ (❌) 🔐 🔁 ⚙️.

🚥 🔐 🚫 🏏, 👥 📨 🎏 ❌.

🔐 🔁

"🔁" ⛓: 🏭 🎚 (🔐 👉 💼) 🔘 🔁 🔢 (🎻) 👈 👀 💖 🙃.

🕐❔ 👆 🚶‍♀️ ⚫️❔ 🎏 🎚 (⚫️❔ 🎏 🔐) 👆 🤚 ⚫️❔ 🎏 🙃.

✋️ 👆 🚫🔜 🗜 ⚪️➡️ 🙃 🔙 🔐.

⚫️❔ ⚙️ 🔐 🔁

🚥 👆 💽 📎, 🧙‍♀ 🏆 🚫 ✔️ 👆 👩‍💻' 🔢 🔐, 🕴#️⃣.

, 🧙‍♀ 🏆 🚫 💪 🔄 ⚙️ 👈 🎏 🔐 ➕1️⃣ ⚙️ (📚 👩‍💻 ⚙️ 🎏 🔐 🌐, 👉 🔜 ⚠).

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003_py310.py!}

////

🔃 `**user_dict`

UserInDB(**user_dict) ⛓:

🚶‍♀️ 🔑 & 💲 user_dict 🔗 🔑-💲 ❌, 🌓:

UserInDB(
    username = user_dict["username"],
    email = user_dict["email"],
    full_name = user_dict["full_name"],
    disabled = user_dict["disabled"],
    hashed_password = user_dict["hashed_password"],
)

/// info

🌅 🏁 🔑 **👩‍💻_ #️⃣ ✅ 🔙 🧾 ➕ 🏷{.internal-link target=_blank}.

///

📨 🤝

📨 token 🔗 🔜 🎻 🎚.

⚫️ 🔜 ✔️ token_type. 👆 💼, 👥 ⚙️ "📨" 🤝, 🤝 🆎 🔜 "bearer".

& ⚫️ 🔜 ✔️ access_token, ⏮️ 🎻 ⚗ 👆 🔐 🤝.

👉 🙅 🖼, 👥 🔜 🍕 😟 & 📨 🎏 username 🤝.

/// tip

⏭ 📃, 👆 🔜 👀 🎰 🔐 🛠️, ⏮️ 🔐 #️⃣ & 🥙 🤝.

✋️ 🔜, ➡️ 🎯 🔛 🎯 ℹ 👥 💪.

///

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003_py310.py!}

////

/// tip

🔌, 👆 🔜 📨 🎻 ⏮️ access_token & token_type, 🎏 👉 🖼.

👉 🕳 👈 👆 ✔️ 👆 👆 📟, & ⚒ 💭 👆 ⚙️ 📚 🎻 🔑.

⚫️ 🌖 🕴 👜 👈 👆 ✔️ 💭 ☑ 👆, 🛠️ ⏮️ 🔧.

🎂, FastAPI 🍵 ⚫️ 👆.

///

ℹ 🔗

🔜 👥 🔜 ℹ 👆 🔗.

👥 💚 🤚 current_user 🕴 🚥 👉 👩‍💻 🦁.

, 👥 ✍ 🌖 🔗 get_current_active_user 👈 🔄 ⚙️ get_current_user 🔗.

👯‍♂️ 👉 🔗 🔜 📨 🇺🇸🔍 ❌ 🚥 👩‍💻 🚫 🔀, ⚖️ 🚥 🔕.

, 👆 🔗, 👥 🔜 🕴 🤚 👩‍💻 🚥 👩‍💻 🔀, ☑ 🔓, & 🦁:

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial003_py310.py!}

////

/// info

🌖 🎚 WWW-Authenticate ⏮️ 💲 Bearer 👥 🛬 📥 🍕 🔌.

🙆 🇺🇸🔍 (❌) 👔 📟 4️⃣0️⃣1️⃣ "⛔" 🤔 📨 WWW-Authenticate 🎚.

💼 📨 🤝 (👆 💼), 💲 👈 🎚 🔜 Bearer.

👆 💪 🤙 🚶 👈 ➕ 🎚 & ⚫️ 🔜 👷.

✋️ ⚫️ 🚚 📥 🛠️ ⏮️ 🔧.

, 📤 5️⃣📆 🧰 👈 ⌛ & ⚙️ ⚫️ (🔜 ⚖️ 🔮) & 👈 💪 ⚠ 👆 ⚖️ 👆 👩‍💻, 🔜 ⚖️ 🔮.

👈 💰 🐩...

///

👀 ⚫️ 🎯

📂 🎓 🩺: http://127.0.0.1:8000/docs.

🔓

🖊 "✔" 🔼.

⚙️ 🎓:

👩‍💻: johndoe

🔐: secret

⏮️ 🔗 ⚙️, 👆 🔜 👀 ⚫️ 💖:

🤚 👆 👍 👩‍💻 💽

🔜 ⚙️ 🛠️ GET ⏮️ ➡ /users/me.

👆 🔜 🤚 👆 👩‍💻 📊, 💖:

{
  "username": "johndoe",
  "email": "johndoe@example.com",
  "full_name": "John Doe",
  "disabled": false,
  "hashed_password": "fakehashedsecret"
}

🚥 👆 🖊 🔒 ℹ & ⏏, & ⤴️ 🔄 🎏 🛠️ 🔄, 👆 🔜 🤚 🇺🇸🔍 4️⃣0️⃣1️⃣ ❌:

{
  "detail": "Not authenticated"
}

🔕 👩‍💻

🔜 🔄 ⏮️ 🔕 👩‍💻, 🔓 ⏮️:

👩‍💻: alice

🔐: secret2

& 🔄 ⚙️ 🛠️ GET ⏮️ ➡ /users/me.

👆 🔜 🤚 "🔕 👩‍💻" ❌, 💖:

{
  "detail": "Inactive user"
}

🌃

👆 🔜 ✔️ 🧰 🛠️ 🏁 💂‍♂ ⚙️ ⚓️ 🔛 username & password 👆 🛠️.

⚙️ 👫 🧰, 👆 💪 ⚒ 💂‍♂ ⚙️ 🔗 ⏮️ 🙆 💽 & ⏮️ 🙆 👩‍💻 ⚖️ 💽 🏷.

🕴 ℹ ❌ 👈 ⚫️ 🚫 🤙 "🔐".

⏭ 📃 👆 🔜 👀 ❔ ⚙️ 🔐 🔐 🔁 🗃 & 🥙 🤝.

8.8 KiB Raw Blame History Unescape Escape

🙅 Oauth2️⃣ ⏮️ 🔐 & 📨

🤚 username & password

scope

📟 🤚 username & password

OAuth2PasswordRequestForm

⚙️ 📨 💽

✅ 🔐

🔐 🔁

⚫️❔ ⚙️ 🔐 🔁

🔃 **user_dict

📨 🤝

ℹ 🔗

👀 ⚫️ 🎯

🔓

🤚 👆 👍 👩‍💻 💽

🔕 👩‍💻

🌃

8.8 KiB

Raw Blame History

🤚 `username` & `password`

`scope`

📟 🤚 `username` & `password`

`OAuth2PasswordRequestForm`

🔃 `**user_dict`