* Speichern Sie niemals Klartext-Passwörter, sondern nur Passwort-Hashes.
* Implementieren und verwenden Sie gängige kryptografische Tools wie pwdlib und JWT-Tokens, usw.
* Fügen Sie bei Bedarf detailliertere Berechtigungskontrollen mit OAuth2-Scopes hinzu.
* ... usw.

  - 🦇 Dark mode support.
- 🐋 [Docker Compose](https://www.docker.com) for development and production.
- 🔒 Secure password hashing by default.
- 🔑 JWT (JSON Web Token) authentication.
- 📫 Email based password recovery.
- ✅ Tests with [Pytest](https://pytest.org).
- 📞 [Traefik](https://traefik.io) as a reverse proxy / load balancer.

    cause: Throwable,
  ): Boolean =
    when (className) {
      "okhttp3.recipes.CheckHandshake" -> true

      // by design
      "okhttp3.recipes.RequestBodyCompression" -> true

      // expired token
      else -> false
    }

    * of NTLMv2 authentication.
    */
    int NTLMSSP_NEGOTIATE_NTLM2 = 0x00080000;

    /**
     * Requests an initial response token.
     */
    int NTLMSSP_REQUEST_INIT_RESPONSE = 0x00100000;

    /**
     * Requests an accept response token.
     */
    int NTLMSSP_REQUEST_ACCEPT_RESPONSE = 0x00200000;

    /**
     * Requests the use of a non-NT session key.
     */

            uv.lock
    - name: Install GitHub Actions dependencies
      run: uv sync --locked --no-dev --group github-actions
    - name: Label Approved
      run: uv run ./scripts/label_approved.py
      env:
        TOKEN: ${{ secrets.GITHUB_TOKEN }}
        CONFIG: >
          {
            "approved-1":
              {
                "number": 1,
                "await_label": "awaiting-review"
              }

   *
   * The simplest way to maintain a rate of QPS is to keep the timestamp of the last granted
   * request, and ensure that (1/QPS) seconds have elapsed since then. For example, for a rate of
   * QPS=5 (5 tokens per second), if we ensure that a request isn't granted earlier than 200ms after
   * the last one, then we achieve the intended rate. If a request comes and the last request was

                It is also useful when you want to have authentication that can be
                provided in one of multiple optional ways (for example, in a query
                parameter or in an HTTP Bearer token).
                """
            ),
        ] = True,
    ):
        super().__init__(
            location=APIKeyIn.query,
            name=name,
            scheme_name=scheme_name,

      return delegate().floorKey(key);
    }

    @Override
    public NavigableMap<K, V> headMap(K toKey, boolean inclusive) {
      assertTrue(Thread.holdsLock(mutex));
      return delegate().headMap(toKey, inclusive);
    }

    @Override
    public SortedMap<K, V> headMap(K toKey) {
      return headMap(toKey, false);
    }

    @Override
    public @Nullable Entry<K, V> higherEntry(K key) {

## 와일드카드 { #wildcards }

또한 목록을 `"*"`("와일드카드")로 선언해 모두 허용된다고 말할 수도 있습니다.

하지만 그러면 자격 증명(credentials)이 포함된 모든 것을 제외하고 특정 유형의 통신만 허용하게 됩니다. 예: 쿠키, Bearer Token에 사용되는 것과 같은 Authorization 헤더 등.

따라서 모든 것이 올바르게 동작하게 하려면, 허용된 출처를 명시적으로 지정하는 것이 더 좋습니다.

## `CORSMiddleware` 사용 { #use-corsmiddleware }

`CORSMiddleware`를 사용하여 **FastAPI** 애플리케이션에서 이를 설정할 수 있습니다.

from fastapi.testclient import TestClient
from inline_snapshot import snapshot
from pydantic import BaseModel

app = FastAPI()

reusable_oauth2 = OAuth2(
    flows={
        "password": {
            "tokenUrl": "token",
            "scopes": {"read:users": "Read the users", "write:users": "Create users"},
        }
    }
)


class User(BaseModel):
    username: str


# Here we use string annotations to test them