│   ├── collection/     # Enhanced collection utilities
│   ├── convert/        # Type conversion utilities
│   ├── exception/      # Runtime exception wrappers
│   ├── io/            # I/O and resource management
│   ├── lang/          # Reflection and language utilities
│   ├── log/           # Logging abstraction
│   ├── text/          # Text processing utilities
│   ├── xml/           # XML processing utilities

The most complex problem is building an authentication/authorization provider like those, but **FastAPI** gives you the tools to do it easily, while doing the heavy lifting for you.

///

## **FastAPI** utilities { #fastapi-utilities }

FastAPI provides several tools for each of these security schemes in the `fastapi.security` module that simplify using these security mechanisms.

///

/// info

In this example we use invented custom headers `X-Key` and `X-Token`.

But in real cases, when implementing security, you would get more benefits from using the integrated [Security utilities (the next chapter)](../security/index.md){.internal-link target=_blank}.

///

## Dependencies errors and return values { #dependencies-errors-and-return-values }

Now let's build from the previous chapter and add the missing parts to have a complete security flow.

## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

	<groupId>org.codelibs</groupId>
	<artifactId>corelib</artifactId>
	<packaging>jar</packaging>
	<name>CodeLibs Core Library</name>
	<version>0.7.1-SNAPSHOT</version>
	<description>Core library providing essential utilities and functionalities.</description>
	<url>https://github.com/codelibs/corelib</url>
	<inceptionYear>2012</inceptionYear>
	<licenses>
		<license>
			<name>The Apache Software License, Version 2.0</name>

# Templates { #templates }

You can use any template engine you want with **FastAPI**.

A common choice is Jinja2, the same one used by Flask and other tools.

There are utilities to configure it easily that you can use directly in your **FastAPI** application (provided by Starlette).

## Install dependencies { #install-dependencies }

In your production system, you probably have a frontend created with a modern framework like React, Vue.js or Angular.

And to communicate using WebSockets with your backend you would probably use your frontend's utilities.

Or you might have a native mobile application that communicates with your WebSocket backend directly, in native code.

Or you might have any other way to communicate with the WebSocket endpoint.

---

│   │   ├── contents/               # Content parsers and readers
│   │   └── writer/                 # Index writing strategies
│   ├── converter/                  # Text conversion utilities
│   ├── normalizer/                 # Text normalization
│   ├── analysis/                   # Custom analyzers
│   └── settings/                   # Configuration management
├── main/resources/

All the security utilities that integrate with OpenAPI (and the automatic API docs) inherit from `SecurityBase`, that's how **FastAPI** can know how to integrate them in OpenAPI.

///

## What it does { #what-it-does }

## Install custom exception handlers { #install-custom-exception-handlers }

You can add custom exception handlers with <a href="https://www.starlette.io/exceptions/" class="external-link" target="_blank">the same exception utilities from Starlette</a>.

Let's say you have a custom exception `UnicornException` that you (or a library you use) might `raise`.

And you want to handle this exception globally with FastAPI.