## Connect with the author { #connect-with-the-author }

You can connect with [me (Sebastián Ramírez / `tiangolo`)](https://tiangolo.com), the author.

You can:

* [Follow me on **GitHub**](https://github.com/tiangolo).
    * See other Open Source projects I have created that could help you.
    * Follow me to see when I create a new Open Source project.

If you don't select any scope, you will be "authenticated", but when you try to access `/users/me/` or `/users/me/items/` you will get an error saying that you don't have enough permissions. You will still be able to access `/status/`.

And if you select the scope `me` but not the scope `items`, you will be able to access `/users/me/` but not `/users/me/items/`.

## 試用看看 { #check-it }

如果你打開 API 文件，你可以先驗證並指定你要授權的 scopes。

<img src="/img/tutorial/security/image11.png">

如果你沒有選任何 scope，你仍會「通過驗證」，但當你嘗試存取 `/users/me/` 或 `/users/me/items/` 時，會收到沒有足夠權限的錯誤。你仍能存取 `/status/`。

若你只選了 `me` 而未選 `items`，你能存取 `/users/me/`，但無法存取 `/users/me/items/`。

這就是第三方應用在取得使用者提供的 token 後，嘗試存取上述路徑操作時，會依使用者授與該應用的權限多寡而有不同結果。

## 關於第三方整合 { #about-third-party-integrations }

在這個範例中，我們使用 OAuth2 的「password」流程。

## 查看文档 { #check-it }

打开 API 文档，你可以进行身份验证，并指定要授权的作用域。

<img src="/img/tutorial/security/image11.png">

如果你不选择任何作用域，你依然会“通过认证”，但当你访问 `/users/me/` 或 `/users/me/items/` 时，会收到一个错误，提示你没有足够的权限。你仍然可以访问 `/status/`。

如果你选择了作用域 `me`，但没有选择作用域 `items`，你可以访问 `/users/me/`，但不能访问 `/users/me/items/`。

当第三方应用使用用户提供的令牌访问这些*路径操作*时，也会发生同样的情况，取决于用户授予该应用了多少权限。

## 关于第三方集成 { #about-third-party-integrations }

在这个示例中我们使用的是 OAuth2 的“password”流。

							<div class="error-banner-content">
								<i class="fa fa-exclamation-triangle me-2" aria-hidden="true"></i>
								<span class="error-message"></span>
							</div>
							<button type="button" class="error-banner-retry btn btn-sm btn-outline-light">
								<i class="fa fa-refresh me-1" aria-hidden="true"></i><la:message key="labels.chat_retry" />
							</button>

API ドキュメントを開くと、認証して、許可するスコープを指定できます。

<img src="/img/tutorial/security/image11.png">

どのスコープも選択しない場合は「認証済み」にはなりますが、`/users/me/` や `/users/me/items/` にアクセスしようとすると、権限が不足しているというエラーになります。`/status/` には引き続きアクセスできます。

`me` スコープだけを選択し、`items` スコープを選択しない場合は、`/users/me/` にはアクセスできますが、`/users/me/items/` にはアクセスできません。

これは、ユーザーがアプリケーションに与えた権限の範囲に応じて、サードパーティアプリケーションがこれらの path operation のいずれかに、ユーザーから提供されたトークンでアクセスしようとしたときに起こる動作です。

Morty: (rubs his eyes) What, Rick? What's going on?
Rick: I got a surprise for you, Morty.
Morty: It's the middle of the night. What are you talking about?
Rick: (spills alcohol on Morty's bed) Come on, I got a surprise for you. (drags Morty by the ankle) Come on, hurry up. (pulls Morty out of his bed and into the hall)
Morty: Ow! Ow! You're tugging me too hard!

							<div class="error-banner-content">
								<i class="fa fa-exclamation-triangle me-2" aria-hidden="true"></i>
								<span class="error-message"></span>
							</div>
							<button type="button" class="error-banner-retry btn btn-sm btn-outline-light">
								<i class="fa fa-refresh me-1" aria-hidden="true"></i><la:message key="labels.chat_retry" />
							</button>

*경로 처리*를 만들 때 고정 경로를 갖고 있는 상황들을 맞닥뜨릴 수 있습니다.

`/users/me`처럼, 현재 사용자의 데이터를 가져온다고 합시다.

사용자 ID를 이용해 특정 사용자의 정보를 가져오는 경로 `/users/{user_id}`도 있습니다.

*경로 처리*는 순차적으로 평가되기 때문에 `/users/me`에 대한 경로가 `/users/{user_id}` 이전에 먼저 선언되었는지 확인해야 합니다:

{* ../../docs_src/path_params/tutorial003_py310.py hl[6,11] *}

그렇지 않으면 `/users/{user_id}`에 대한 경로가 `/users/me`에도 매칭되어, 매개변수 `user_id`에 `"me"` 값이 들어왔다고 "생각하게" 됩니다.

마찬가지로, 경로 처리를 재정의할 수는 없습니다:

When creating *path operations*, you can find situations where you have a fixed path.

Like `/users/me`, let's say that it's to get data about the current user.

And then you can also have a path `/users/{user_id}` to get data about a specific user by some user ID.

Because *path operations* are evaluated in order, you need to make sure that the path for `/users/me` is declared before the one for `/users/{user_id}`: