* bodies may only be used with HTTP/2. Calls to HTTP/1 servers will fail before the HTTP request
   * is transmitted. If you cannot ensure that your client and server both support HTTP/2, do not
   * use this feature.
   *
   * ### Duplex APIs
   *
   * With regular request bodies it is not legal to write bytes to the sink passed to

{* ../../docs_src/body_nested_models/tutorial007_py310.py hl[7,12,18,21,25] *}

/// info

Notice how `Offer` has a list of `Item`s, which in turn have an optional list of `Image`s

///

## Bodies of pure lists { #bodies-of-pure-lists }

If the top level value of the JSON body you expect is a JSON `array` (a Python `list`), you can declare the type in the parameter of the function, the same as in Pydantic models:

```Python

///

## Use cases { #use-cases }

Some use cases include:

* Converting non-JSON request bodies to JSON (e.g. <a href="https://msgpack.org/index.html" class="external-link" target="_blank">`msgpack`</a>).
* Decompressing gzip-compressed request bodies.
* Automatically logging all request bodies.

## Handling custom request body encodings { #handling-custom-request-body-encodings }

But that is still not that useful.

Let's make it give us the current user.

## Create a user model { #create-a-user-model }

First, let's create a Pydantic user model.

The same way we use Pydantic to declare bodies, we can use it anywhere else:

{* ../../docs_src/security/tutorial002_an_py310.py hl[5,12:6] *}

## Create a `get_current_user` dependency { #create-a-get-current-user-dependency }

      """
      |Unreadable ResponseBody! These Response objects have bodies that are stripped:
      | * Response.cacheResponse
      | * Response.networkResponse
      | * Response.priorResponse
      | * EventSourceListener
      | * WebSocketListener
      |(It is safe to call contentType() and contentLength() on these response bodies.)
      """.trimMargin(),
    )

  override fun timeout() = Timeout.NONE

- Support for query parameters, headers, body (String or stream), compression, SSL configuration, proxies, and timeouts
- Automatic in-memory or on-disk caching of request/response bodies
- Synchronous and asynchronous (callback) execution
- Minimal dependencies (only Apache Commons IO)

## Installation

### Maven

Add the dependency to your `pom.xml` (replace `x.y.z` with the latest version):

Si quieres asegurar tu API, hay varias cosas mejores que puedes hacer, por ejemplo:

* Asegúrate de tener modelos Pydantic bien definidos para tus request bodies y responses.
* Configura los permisos y roles necesarios usando dependencias.
* Nunca guardes contraseñas en texto plano, solo hashes de contraseñas.

If you want to secure your API, there are several better things you can do, for example:

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like Passlib and JWT tokens, etc.

/// info | Información

`Form` es una clase que hereda directamente de `Body`.

///

/// tip | Consejo

Para declarar bodies de forms, necesitas usar `Form` explícitamente, porque sin él, los parámetros se interpretarían como parámetros de query o como parámetros de body (JSON).

///

## Sobre "Campos de Formulario"

/// info

`Form` is a class that inherits directly from `Body`.

///

/// tip

To declare form bodies, you need to use `Form` explicitly, because without it the parameters would be interpreted as query parameters or body (JSON) parameters.

///

## About "Form Fields" { #about-form-fields }