# Security - First Steps { #security-first-steps }

Let's imagine that you have your **backend** API in some domain.

And you have a **frontend** in another domain or in a different path of the same domain (or in a mobile application).

And you want to have a way for the frontend to authenticate with the backend, using a **username** and **password**.

We can use **OAuth2** to build that with **FastAPI**.

# Segurança - Primeiros Passos { #security-first-steps }

Vamos imaginar que você tem a sua API de **backend** em algum domínio.

E você tem um **frontend** em outro domínio ou em um path diferente no mesmo domínio (ou em uma aplicação mobile).

E você quer uma maneira de o frontend autenticar com o backend, usando um **username** e **password**.

Podemos usar **OAuth2** para construir isso com o **FastAPI**.

# Seguridad - Primeros pasos { #security-first-steps }

Imaginemos que tienes tu API de **backend** en algún dominio.

Y tienes un **frontend** en otro dominio o en un path diferente del mismo dominio (o en una aplicación móvil).

Y quieres tener una forma para que el frontend se autentique con el backend, usando un **username** y **password**.

Podemos usar **OAuth2** para construir eso con **FastAPI**.

 * The class provides methods to interrupt the thread and stop the timeout target.
 *
 * <p>
 * The class uses a logger to log debug messages.
 * It also uses an AtomicBoolean to track whether the thread is running.
 * </p>
 *
 * <p>
 * The expired method is called when a timeout occurs.
 * It interrupts the running thread up to a maximum number of times.
 * The stop method is called to stop the timeout target.
 * </p>
 */

            thread.start();
            if (logger.isDebugEnabled()) {
                logger.debug("TimeoutManager started.");
            }
        }
    }

    /**
     * Stops the process.
     */
    public synchronized void stop() {
        if (thread != null) {
            thread.interrupt();
            thread = null;
            if (logger.isDebugEnabled()) {
                logger.debug("TimeoutManager stopped.");

claim_name    (string)    JWT canned policy claim name, defaults to "policy"
claim_prefix  (string)    JWT claim namespace prefix e.g. "customer1/"
scopes        (csv)       Comma separated list of OpenID scopes for server, defaults to advertised scopes from discovery document e.g. "email,admin"
comment       (sentence)  optionally add a comment to this setting
```

and ENV based options

```

     *
     * @return whether the task is stopped
     */
    public boolean isStopped() {
        return status == STOPPED;
    }

    /**
     * Stops the timer.
     */
    public void stop() {
        if (status != ACTIVE) {
            throw new ClIllegalStateException(String.valueOf(status));
        }
        status = STOPPED;
    }

    /**
     * Restarts the timer.

Sebastián Ramírez <******@****.***> 1731896744 +0100

        include:
          - os: windows-latest
            java: 21
            root-pom: pom.xml
    runs-on: ${{ matrix.os }}
    env:
      ROOT_POM: ${{ matrix.root-pom }}
    steps:
      # Cancel any previous runs for the same branch that are still running.
      - name: 'Cancel previous runs'
        uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1
        with:

    startTick = ticker.read();
    return this;
  }

  /**
   * Stops the stopwatch. Future reads will return the fixed duration that had elapsed up to this
   * point.
   *
   * @return this {@code Stopwatch} instance
   * @throws IllegalStateException if the stopwatch is already stopped.
   */
  @CanIgnoreReturnValue
  public Stopwatch stop() {
    long tick = ticker.read();