# Using TensorFlow Securely

This document discusses the TensorFlow security model. It describes the security
risks to consider when using models, checkpoints or input data for training or
serving. We also provide guidelines on what constitutes a vulnerability in
TensorFlow and how to report them.

This document applies to other repositories in the TensorFlow organization,
covering security practices for the entirety of the TensorFlow ecosystem.

//// tab | Python 3.10+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="4  79"
{!> ../../docs_src/security/tutorial003_an.py!}
```

////

//// tab | Python 3.10+ non-Annotated

//// tab | Python 3.10+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="4  79"
{!> ../../docs_src/security/tutorial003_an.py!}
```

////

//// tab | Python 3.10+ nicht annotiert

All the security utilities that integrate with OpenAPI (and the automatic API docs) inherit from `SecurityBase`, that's how **FastAPI** can know how to integrate them in OpenAPI.

///

## What it does

//// tab | Python 3.10+

```Python hl_lines="63-66"
{!> ../../docs_src/security/tutorial005_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="63-66"
{!> ../../docs_src/security/tutorial005_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="64-67"
{!> ../../docs_src/security/tutorial005_an.py!}
```

////

```Python hl_lines="7  48  55-56  59-60  69-75"
{!> ../../docs_src/security/tutorial004_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="7  48  55-56  59-60  69-75"
{!> ../../docs_src/security/tutorial004_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="7  49  56-57  60-61  70-76"
{!> ../../docs_src/security/tutorial004_an.py!}
```

////

///

```Python hl_lines="153"
{!../../docs_src/security/tutorial005.py!}
```

## 在*路径操作*与依赖项中声明作用域

接下来，为*路径操作*  `/users/me/items/` 声明作用域 `items`。

为此，要从 `fastapi` 中导入并使用 `Security` 。

`Security` 声明依赖项的方式和 `Depends` 一样，但 `Security` 还能接收作用域（字符串）列表类型的参数 `scopes`。

此处使用与 `Depends` 相同的方式，把依赖项函数 `get_current_active_user` 传递给 `Security`。

同时，还传递了作用域**列表**，本例中只传递了一个作用域：`items`（此处支持传递更多作用域）。

//// tab | 🐍 3️⃣.6️⃣ & 🔛

```Python hl_lines="4  76"
{!> ../../docs_src/security/tutorial003.py!}
```

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

```Python hl_lines="2  74"
{!> ../../docs_src/security/tutorial003_py310.py!}
```

////

`OAuth2PasswordRequestForm` 🎓 🔗 👈 📣 📨 💪 ⏮️:

*  `username`.
*  `password`.

* 使用 `HTTPBasic` 创建**安全概图**
* 在*路径操作*的依赖项中使用 `security`
* 返回类型为 `HTTPBasicCredentials` 的对象：
    * 包含发送的 `username` 与 `password`

//// tab | Python 3.9+

```Python hl_lines="4  8  12"
{!> ../../docs_src/security/tutorial006_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="2  7  11"
{!> ../../docs_src/security/tutorial006_an.py!}
```

////

```Python hl_lines="8  49  56-57  60-61  70-76"
{!> ../../docs_src/security/tutorial004_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="8  49  56-57  60-61  70-76"
{!> ../../docs_src/security/tutorial004_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="8  50  57-58  61-62  71-77"
{!> ../../docs_src/security/tutorial004_an.py!}
```

////