if err := DB.AutoMigrate(&Blog{}, &Tag{}); err != nil {
		t.Fatalf("Failed to auto migrate, got error: %v", err)
	}

	blog := Blog{
		Locale:  "ZH",
		Subject: "subject",
		Body:    "body",
		Tags: []Tag{
			{Locale: "ZH", Value: "tag1"},
			{Locale: "ZH", Value: "tag2"},
		},
	}

	DB.Save(&blog)
	if !compareTags(blog.Tags, []string{"tag1", "tag2"}) {

/*
 [Log Notification]
*/
subject: [FESS] /*pmb.level*/ Log Alert: /*pmb.hostname*/
>>>
--- Server Info ---
Host Name: /*pmb.hostname:orElse('Unknown')*/

--- Log Summary ---
Level: /*pmb.level*/
Total: /*pmb.count*/ event(s) in the last /*pmb.interval*/ seconds

--- Log Details ---
/*pmb.details*/

Create a real JWT access token and return it.

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

### Technical details about the JWT "subject" `sub` { #technical-details-about-the-jwt-subject-sub }

The JWT specification says that there's a key `sub`, with the subject of the token.

It's optional to use it, but that's where you would put the user's identification, so we are using it here.

- [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
- [ ] Each commit in the pull request should have a meaningful subject line and body.
  Note that commits might be squashed by a maintainer on merge.
- [ ] Write unit tests that match behavioral changes, where the tests fail if the changes to the runtime are not applied.

      source, and configuration files.

      "Object" form shall mean any form resulting from mechanical
      transformation or translation of a Source form, including but
      not limited to compiled object code, generated documentation,
      and conversions to other media types.

      "Work" shall mean the work of authorship, whether in Source or
      Object form, made available under the License, as indicated by a

トークンの有効期限を表す`timedelta`を作成します。

実際のJWTアクセストークンを作成し、それを返します。

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

### JWTの「subject」`sub` についての技術的な詳細 { #technical-details-about-the-jwt-subject-sub }

JWTの仕様では、トークンのsubjectを表すキー`sub`があるとされています。

使用するかどうかは任意ですが、`sub`はユーザーの識別情報を入れるように規定されているので、ここで使用します。

JWTは、ユーザーを識別して、そのユーザーがAPI上で直接操作を実行できるようにする以外にも、他の用途で使用されることがあります。

  public void testReuseBuilderReducingHashTableSizeWithPowerOfTwoTotalElements() {
    ImmutableSet.Builder<Object> builder = ImmutableSet.builderWithExpectedSize(6);
    builder.add(0);
    ImmutableSet<Object> unused = builder.build();
    ImmutableSet<Object> subject = builder.add(1).add(2).add(3).build();
    assertFalse(subject.contains(4));
  }

  public void testReuseBuilderReducingHashTableSizeWithPowerOfTwoTotalElements() {
    ImmutableSet.Builder<Object> builder = ImmutableSet.builderWithExpectedSize(6);
    builder.add(0);
    ImmutableSet<Object> unused = builder.build();
    ImmutableSet<Object> subject = builder.add(1).add(2).add(3).build();
    assertFalse(subject.contains(4));
  }

### Certificate Pinning ([.kt][CertificatePinningKotlin], [.java][CertificatePinningJava])

用權杖有效期建立一個 `timedelta`。

建立真正的 JWT access token 並回傳它。

{* ../../docs_src/security/tutorial004_an_py310.py hl[121:136] *}

### 關於 JWT「主體」`sub` 的技術細節 { #technical-details-about-the-jwt-subject-sub }

JWT 規範說有個鍵 `sub`，代表權杖的主體（subject）。

使用它是可選的，但通常會把使用者的識別資訊放在這裡，所以我們在此採用。

JWT 除了用來識別使用者並允許他直接對你的 API 執行操作外，也可用於其他用途。

例如，你可以識別一台「車」或一篇「部落格文章」。

接著可以替該實體加上權限，如「drive」（對車而言）或「edit」（對文章而言）。