OAuth2 的設計讓後端或 API 可以獨立於執行使用者驗證的伺服器。

但在這個例子中，同一個 FastAPI 應用會同時處理 API 與驗證。

簡化來看流程如下：

- 使用者在前端輸入 `username` 與 `password`，按下 `Enter`。
- 前端（在使用者的瀏覽器中執行）把 `username` 與 `password` 傳到我們 API 的特定 URL（在程式中宣告為 `tokenUrl="token"`）。
- API 檢查 `username` 與 `password`，並回傳一個「token（權杖）」（我們還沒實作這部分）。
    - 「token（權杖）」就是一段字串，之後可用來識別並驗證此使用者。
    - 通常 token 會設定一段時間後失效。
        - 因此使用者之後需要重新登入。

								</source>
							</sources>
						</mapping>
						<mapping>
							<directory>${packaging.fess.var.dir}</directory>
							<filemode>755</filemode>
							<username>${packaging.fess.user}</username>
							<groupname>${packaging.fess.group}</groupname>
						</mapping>
						<!-- bin -->
						<mapping>
							<directory>${packaging.fess.bin.dir}</directory>
							<filemode>755</filemode>

app = FastAPI()

security = HTTPBasic()


@app.get("/users/me")
def read_current_user(credentials: HTTPBasicCredentials = Depends(security)):

因此，延續上面的 `user_dict`，寫成：

```Python
UserInDB(**user_dict)
```

效果等同於：

```Python
UserInDB(
    username="john",
    password="secret",
    email="******@****.***",
    full_name=None,
)
```

更精確地說，直接使用 `user_dict`（未來內容可能有所不同）則等同於：

```Python
UserInDB(
    username = user_dict["username"],
    password = user_dict["password"],
    email = user_dict["email"],
    full_name = user_dict["full_name"],

				<la:form styleId="login" method="post">
					<div class="input-group mb-3">
						<c:set var="ph_username">
							<la:message key="labels.login.placeholder_username" />
						</c:set>
						<la:text property="username" styleId="username"
							class="form-control" placeholder="${ph_username}" />
						<div class="input-group-append">
							<span class="input-group-text">
								<i class="fa fa-user fa-fw" aria-hidden="true"></i>

@ExtendWith(MockitoExtension.class)
class NtlmContextTest {

    @Mock
    private NtlmPasswordAuthentication mockAuth;

    private final String domain = "TEST_DOMAIN";
    private final String username = "testUser";
    private final String password = "testPassword";
    private final String workstation = "TEST_WORKSTATION";

    @BeforeEach
    void setUp() {
        // MockitoExtension handles mock initialization

     *
     * @param form the create form
     * @param username the current username
     * @param currentTime the current time
     * @return optional file configuration entity
     */
    public static OptionalEntity<FileConfig> getEntity(final CreateForm form, final String username, final long currentTime) {
        switch (form.crudMode) {
        case CrudMode.CREATE:

					<property name="updateCommand">[
					"/usr/sbin/htpasswd",
					"-b",
					"/tmp/test.txt",
					"$USERNAME",
					"$PASSWORD"
					]</property>
					<property name="deleteCommand">[
					"/usr/sbin/htpasswd",
					"-D",
					"/tmp/test.txt",
					"$USERNAME"
					]</property>
					<property name="targetUsers">[
					"admin"
					]</property>
				</component>
			</arg>

  var base: String? = null
  var scheme = ""
  var username = ""
  var password: String? = null
  var host = ""
  var port = ""
  var path = ""
  var query = ""
  var fragment = ""

  fun expectParseFailure() = scheme.isEmpty()

  private operator fun set(
    name: String,
    value: String,
  ) {
    when (name) {
      "s" -> scheme = value
      "u" -> username = value
      "pass" -> password = value

        yield "Rick"
    finally:
        print("Cleanup up before response is sent")

UserNameDep = Annotated[str, Depends(get_username, scope="function")]

@app.get("/users/me")
def get_user_me(username: UserNameDep):
    return username
```

## Class Dependencies

Avoid creating class dependencies when possible.

If a class is needed, instead create a regular function dependency that returns a class instance.

Do this: