{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## 현재 사용자 주입하기 { #inject-the-current-user }

이제 *경로 처리*에서 `get_current_user`와 함께 같은 `Depends`를 사용할 수 있습니다:

{* ../../docs_src/security/tutorial002_an_py310.py hl[31] *}

`current_user`의 타입을 Pydantic 모델 `User`로 선언한다는 점에 주목하세요.

이는 함수 내부에서 자동 완성과 타입 체크에 도움을 줍니다.

/// tip | 팁

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Obter o usuário { #get-the-user }

`get_current_user` usará uma função utilitária (falsa) que criamos, que recebe um token como uma `str` e retorna nosso modelo Pydantic `User`:

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Injetar o usuário atual { #inject-the-current-user }

        }
        final FessLoginAssist loginAssist = ComponentUtil.getComponent(FessLoginAssist.class);
        return loginAssist.getSavedUserBean()
                .map(user -> user.hasRoles(roles) || user.hasRoles(ComponentUtil.getFessConfig().getAuthenticationAdminRolesAsArray()))
                .orElse(false);
    }

    /**
     * Masks email addresses in the input string for privacy protection.

# Bir değişkeni str olarak belirt
# ve fonksiyon içinde editör desteği al
def main(user_id: str):
    return user_id


# Bir Pydantic modeli
class User(BaseModel):
    id: int
    name: str
    joined: date
```

Sonra şöyle kullanabilirsiniz:

```Python
my_user: User = User(id=3, name="John Doe", joined="2018-07-19")

second_user_data = {
    "id": 4,
    "name": "Mary",

Örneğin, 4 API endpoint'iniz (*path operation*) olduğunu varsayalım:

* `/items/public/`
* `/items/private/`
* `/users/{user_id}/activate`
* `/items/pro/`

O zaman her biri için farklı izin gereksinimlerini yalnızca dependency'ler ve alt dependency'lerle ekleyebilirsiniz:

```mermaid
graph TB

current_user(["current_user"])

### 關於 `**user_in.model_dump()` { #about-user-in-model-dump }

#### Pydantic 的 `.model_dump()` { #pydantics-model-dump }

`user_in` 是一個 `UserIn` 類別的 Pydantic 模型。

Pydantic 模型有 `.model_dump()` 方法，會回傳包含該模型資料的 `dict`。

因此，若我們建立一個 Pydantic 物件 `user_in` 如：

```Python
user_in = UserIn(username="john", password="secret", email="******@****.***")
```

接著呼叫：

```Python

        return mac.doFinal(data);
    }

    /**
     * Returns the user's Kerberos realm.
     *
     * @return the user realm
     */
    public String getUserRealm() {
        return this.userRealm;
    }

    /**
     * Returns the user's principal name.
     *
     * @return the user principal name
     */
    public String getUserPrincipalName() {

    /**
     * Returns the user's home directory.
     * If not explicitly set, this value will be detected during parsing.
     *
     * @return the user's home directory path, or null if not set
     */
    @Nullable
    Path userHome();

    /**
     * Returns the input stream to be used for the Maven execution.
     * If not set, {@link System#in} will be used by default.
     *

Por exemplo, vamos supor que você possua 4 endpoints na sua API (*operações de rota*):

* `/items/public/`
* `/items/private/`
* `/users/{user_id}/activate`
* `/items/pro/`

Você poderia adicionar diferentes requisitos de permissão para cada um deles utilizando apenas dependências e sub-dependências:

```mermaid
graph TB

* The browser thinks it's not sending JSON (because of the missing `Content-Type` header).

Then the malicious website could make the local AI agent send angry messages to the user's ex-boss... or worse. 😅

## Open Internet { #open-internet }

If your app is in the open internet, you wouldn't "trust the network" and let anyone send privileged requests without authentication.