--initial-cluster s1=http://0.0.0.0:2380 \
  --initial-cluster-token tkn \
  --initial-cluster-state new
```

You may also setup etcd with TLS following this documentation [here](https://coreos.com/etcd/docs/latest/op-guide/security.html)

### 3. Setup MinIO with etcd

MinIO server expects environment variable for etcd as `MINIO_ETCD_ENDPOINTS`, this environment variable takes many comma separated entries.

```

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Obter o usuário { #get-the-user }

`get_current_user` usará uma função utilitária (falsa) que criamos, que recebe um token como uma `str` e retorna nosso modelo Pydantic `User`:

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Injetar o usuário atual { #inject-the-current-user }

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3

import java.io.IOException
import java.security.Security
import okhttp3.internal.platform.Platform
import org.conscrypt.Conscrypt

// TLS 1.3
private val TLS13_CIPHER_SUITES =
  listOf(
    CipherSuite.TLS_AES_128_GCM_SHA256,
    CipherSuite.TLS_AES_256_GCM_SHA384,

Нажмите кнопку "Authorize".

Используйте учётные данные:

Пользователь: `johndoe`

Пароль: `secret`

<img src="/img/tutorial/security/image04.png">

После аутентификации вы увидите следующее:

<img src="/img/tutorial/security/image05.png">

### Получение собственных пользовательских данных { #get-your-own-user-data }

Теперь используйте операцию `GET` с путём `/users/me`.

### 使用

接下来，使用 `Depends` 把 `oauth2_scheme` 传入依赖项。

{* ../../docs_src/security/tutorial001.py hl[10] *}

该依赖项使用字符串（`str`）接收*路径操作函数*的参数 `token` 。

**FastAPI** 使用依赖项在 OpenAPI 概图（及 API 文档）中定义**安全方案**。

/// info | 技术细节

**FastAPI** 使用（在依赖项中声明的）类 `OAuth2PasswordBearer` 在 OpenAPI 中定义安全方案，这是因为它继承自 `fastapi.security.oauth2.OAuth2`，而该类又是继承自`fastapi.security.base.SecurityBase`。

import static java.nio.charset.StandardCharsets.UTF_8;
import static org.junit.Assert.assertThrows;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import junit.framework.TestCase;
import org.jspecify.annotations.NullUnmarked;

/**
 * Tests for the MessageDigestHashFunction.
 *

from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from pydantic import BaseModel

fake_users_db = {
    "johndoe": {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "******@****.***",
        "hashed_password": "fakehashedsecret",
        "disabled": False,
    },
    "alice": {
        "username": "alice",

创建设置令牌过期时间的变量。

定义令牌端点响应的 Pydantic 模型。

创建生成新的访问令牌的工具函数。

{* ../../docs_src/security/tutorial004.py hl[6,12:14,28:30,78:86] *}

## 更新依赖项

更新 `get_current_user` 以接收与之前相同的令牌，但这里用的是 JWT 令牌。

解码并校验接收到的令牌，然后，返回当前用户。

如果令牌无效，则直接返回 HTTP 错误。

{* ../../docs_src/security/tutorial004_an_py310.py hl[4,7,13:15,29:31,79:87] *}

## 更新 `/token` *路径操作*

用令牌过期时间创建 `timedelta` 对象。

from datetime import datetime, timedelta, timezone

import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
    OAuth2PasswordBearer,
    OAuth2PasswordRequestForm,
    SecurityScopes,
)
from jwt.exceptions import InvalidTokenError
from pwdlib import PasswordHash
from pydantic import BaseModel, ValidationError

# to get a string like this run:
# openssl rand -hex 32

# Test security scheme at the top level, including OpenAPI
# Ref: https://github.com/fastapi/fastapi/discussions/14263
# Ref: https://github.com/fastapi/fastapi/issues/14271
from fastapi import Depends, FastAPI
from fastapi.security import HTTPBearer
from fastapi.testclient import TestClient
from inline_snapshot import snapshot

app = FastAPI()

bearer_scheme = HTTPBearer()


@app.get("/", dependencies=[Depends(bearer_scheme)])