# Security - First Steps { #security-first-steps }

Let's imagine that you have your **backend** API in some domain.

And you have a **frontend** in another domain or in a different path of the same domain (or in a mobile application).

And you want to have a way for the frontend to authenticate with the backend, using a **username** and **password**.

We can use **OAuth2** to build that with **FastAPI**.

# Sécurité - Premiers pas { #security-first-steps }

Imaginons que vous ayez votre API de **backend** sur un certain domaine.

Et vous avez un **frontend** sur un autre domaine ou dans un chemin différent du même domaine (ou dans une application mobile).

Et vous voulez que le **frontend** puisse s'authentifier auprès du **backend**, en utilisant un **username** et un **password**.

Nous pouvons utiliser **OAuth2** pour construire cela avec **FastAPI**.

# Güvenlik - İlk Adımlar { #security-first-steps }

**backend** API’nizin bir domain’de olduğunu düşünelim.

Ve başka bir domain’de ya da aynı domain’in farklı bir path’inde (veya bir mobil uygulamada) bir **frontend**’iniz var.

Ve frontend’in, **username** ve **password** kullanarak backend ile kimlik doğrulaması yapabilmesini istiyorsunuz.

Bunu **FastAPI** ile **OAuth2** kullanarak oluşturabiliriz.

# Seguridad - Primeros pasos { #security-first-steps }

Imaginemos que tienes tu API de **backend** en algún dominio.

Y tienes un **frontend** en otro dominio o en un path diferente del mismo dominio (o en una aplicación móvil).

Y quieres tener una forma para que el frontend se autentique con el backend, usando un **username** y **password**.

Podemos usar **OAuth2** para construir eso con **FastAPI**.

# Segurança - Primeiros Passos { #security-first-steps }

Vamos imaginar que você tem a sua API de **backend** em algum domínio.

E você tem um **frontend** em outro domínio ou em um path diferente no mesmo domínio (ou em uma aplicação mobile).

E você quer uma maneira de o frontend autenticar com o backend, usando um **username** e **password**.

Podemos usar **OAuth2** para construir isso com o **FastAPI**.

 * Iterator#remove} operations. This utility takes the brute-force approach of trying <i>all</i>
 * possible sequences of these operations, up to a given number of steps. So, if the caller
 * specifies to use <i>n</i> steps, a total of <i>3^n</i> tests are actually performed.
 *
 * <p>For instance, if <i>steps</i> is 5, one example sequence that will be tested is:
 *
 * <ol>
 *   <li>remove();
 *   <li>hasNext()
 *   <li>hasNext();
 *   <li>remove();

    maxParallelForks: String = "%maxParallelForks%",
    extraSteps: BuildSteps.() -> Unit = {}, // the steps after runner steps
    preSteps: BuildSteps.() -> Unit = {}, // the steps before runner steps
) {
    buildType.applyDefaultSettings(os, timeout = timeout, buildJvm = buildJvm, arch = arch)

    buildType.steps {
        preSteps()
    }

jobs:
  changes:
    runs-on: ubuntu-latest
    # Required permissions
    permissions:
      pull-requests: read
    # Set job outputs to values from filter step
    outputs:
      docs: ${{ steps.filter.outputs.docs }}
    steps:
    - uses: actions/checkout@v6
    # For pull requests it's not necessary to checkout the code but for the main branch it is
    - uses: dorny/paths-filter@v4
      id: filter

jobs:
  # Label of the container job
  sqlite:
    strategy:
      matrix:
        go: ['stable', 'oldstable']
        platform: [ubuntu-latest] # can not run in windows OS
    runs-on: ${{ matrix.platform }}

    steps:
    - name: Set up Go 1.x
      uses: actions/setup-go@v5
      with:
        go-version: ${{ matrix.go }}

    - name: Check out code into the Go module directory
      uses: actions/checkout@v4

    @BeforeEach
    fun setUp() {
        val stepsCapturer = slot<BuildSteps.() -> Unit>()
        every { buildType.steps } returns steps
        every { buildType.stage } returns buildModel.stages[2]
        every {
            buildType.steps(capture(stepsCapturer))
        } answers {
            stepsCapturer.captured(steps)
            mockk()
        }
    }

    @Test
    fun `can apply defaults to configurations`() {