</div>

    !!! tip
        By adding the `standard`, Uvicorn will install and use some recommended extra dependencies.

        That including `uvloop`, the high-performance drop-in replacement for `asyncio`, that provides the big concurrency performance boost.

        When you install FastAPI with something like `pip install fastapi` you already get `uvicorn[standard]` as well.

=== "Hypercorn"

### Dependency Injection

FastAPI bao gồm một hệ thống <abbr title='cũng biết đến như là "components", "resources", "services", "providers"'><strong>Dependency Injection</strong></abbr> vô cùng dễ sử dụng nhưng vô cùng mạnh mẽ.

* Thậm chí, các dependency có thể có các dependency khác, tạo thành một phân cấp hoặc **"một đồ thị" của các dependency**.

  - author: Nils de Bruin
    author_link: https://medium.com/@nilsdebruin
    link: https://medium.com/data-rebels/fastapi-google-as-an-external-authentication-provider-3a527672cf33
    title: FastAPI — Google as an external authentication provider
  - author: William Hayes
    author_link: https://medium.com/@williamhayes
    link: https://medium.com/@williamhayes/fastapi-starlette-debug-vs-prod-5f7561db3a59

def test_users_token_monica_with_no_jessica(client: TestClient):
    response = client.get("/users?token=monica")
    assert response.status_code == 400
    assert response.json() == {"detail": "No Jessica token provided"}


def test_items_token_jessica(client: TestClient):
    response = client.get(
        "/items?token=jessica", headers={"X-Token": "fake-super-secret-token"}
    )
    assert response.status_code == 200

@needs_py39
def test_users_token_monica_with_no_jessica(client: TestClient):
    response = client.get("/users?token=monica")
    assert response.status_code == 400
    assert response.json() == {"detail": "No Jessica token provided"}


@needs_py39
def test_items_token_jessica(client: TestClient):
    response = client.get(
        "/items?token=jessica", headers={"X-Token": "fake-super-secret-token"}
    )

## Other Return Type Annotations

There might be cases where you return something that is not a valid Pydantic field and you annotate it in the function, only to get the support provided by tooling (the editor, mypy, etc).

### Return a Response Directly

* Jak ustawić **ograniczenia walidacyjne** takie jak `maksymalna długość` lub `regex`.
* Potężny i łatwy w użyciu system **<abbr title="znane jako komponenty, resources, providers, services, injectables">Dependency Injection</abbr>**.
* Zabezpieczenia i autentykacja, wliczając wsparcie dla **OAuth2** z **tokenami JWT** oraz autoryzacją **HTTP Basic**.

* Come stabilire **vincoli di validazione** come `maximum_length` o `regex`.
* Un sistema di **<abbr title="detto anche components, resources, providers, services, injectables">Dependency Injection</abbr>** facile da usare e molto potente.
e potente.
* Sicurezza e autenticazione, incluso il supporto per **OAuth2** con **token JWT** e autenticazione **HTTP Basic**.

**剧透警告**： 教程 - 用户指南中的内容有：

* 对来自不同地方的参数进行声明，如：**请求头**、**cookies**、**form 表单**以及**上传的文件**。
* 如何设置**校验约束**如 `maximum_length` 或者 `regex`。
* 一个强大并易于使用的 **<abbr title="也被称为 components, resources, providers, services, injectables">依赖注入</abbr>** 系统。
* 安全性和身份验证，包括通过 **JWT 令牌**和 **HTTP 基本身份认证**来支持 **OAuth2**。
* 更进阶（但同样简单）的技巧来声明 **多层嵌套 JSON 模型** （借助 Pydantic）。
* 许多额外功能（归功于 Starlette）比如：
    * **WebSockets**
    * **GraphQL**

We can use **OAuth2** to build that with **FastAPI**.

But let's save you the time of reading the full long specification just to find those little pieces of information you need.

Let's use the tools provided by **FastAPI** to handle security.

## How it looks

Let's first just use the code and see how it works, and then we'll come back to understand what's happening.

## Create `main.py`