Create new users following the multi-user guide [here](https://docs.min.io/community/minio-object-store/administration/identity-access-management.html)

### Testing an example with awscli tool

> Use the same username and password created in the previous steps.

```
[foobar]
region = us-east-1
aws_access_key_id = foobar
aws_secret_access_key = foo12345
```

validi",andSpaces:" e spazi ",badInt:"Il numero inserito non è valido",badSecurityNumber:"Il numero di sicurezza inserito non è valido",badUKVatAnswer:"La Partita IVA (VAT) inserita non è valida nel Regno Unito",badStrength:"La password proposta non è sufficientemente sicura",badNumberOfSelectedOptionsStart:"Deve selezionare almeno",badNumberOfSelectedOptionsEnd:" risposta/e",badAlphaNumeric:"Il valore proposto deve contenere caratteri alfanumerici (a-z e 1234...)",badAl...

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like Passlib and JWT tokens, etc.
* Add more granular permission controls with OAuth2 scopes where needed.
* ...etc.

{* ../../docs_src/request_form_models/tutorial002_an_py39.py hl[12] *}

클라이언트가 추가 데이터를 보내려고 하면 **오류** 응답을 받게 됩니다.

예를 들어, 클라이언트가 폼 필드를 보내려고 하면:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

`extra` 필드가 허용되지 않는다는 오류 응답을 받게 됩니다:

```json
{
    "detail": [
        {
            "type": "extra_forbidden",
            "loc": ["body", "extra"],

# Path to SSL certificate authorities for secure HTTP connections.
search_engine.http.ssl.certificate_authorities=
# Username for authenticating to the search engine.
search_engine.username=
# Password for authenticating to the search engine.
search_engine.password=
# Interval (ms) for heartbeat checks to the search engine.
search_engine.heartbeat_interval=10000

# Cipher algorithm used for encryption.
app.cipher.algorism=aes

            lastDeletedUser = user;
        }

        @Override
        public boolean changePassword(String username, String password) {
            changePasswordCallCount++;
            lastChangePasswordUsername = username;
            lastChangePasswordPassword = password;
            return changePasswordResult;
        }

        @Override
        public User load(User user) {

                int index = auth.indexOf(':');
                String user = index != -1 ? auth.substring(0, index) : auth;
                final String password = index != -1 ? auth.substring(index + 1) : "";
                index = user.indexOf('\\');
                if (index == -1) {
                    index = user.indexOf('/');
                }

            public String getHttpProxyPort() {
                return StringUtil.EMPTY;
            }

            @Override
            public String getAppEncryptPropertyPattern() {
                return ".*password|.*key|.*token|.*secret";
            }
        };
        ComponentUtil.setFessConfig(fessConfig);
        SystemHelper systemHelper = new SystemHelper() {
            @Override

Ahora puedes obtener el usuario actual directamente en tu *path operation function*.

Ya estamos a mitad de camino.

Solo necesitamos agregar una *path operation* para que el usuario/cliente envíe realmente el `username` y `password`.

            result.setHostname(DfTypeUtil.toString(source.get("hostname")));
            result.setParameters(DfTypeUtil.toString(source.get("parameters")));
            result.setPassword(DfTypeUtil.toString(source.get("password")));
            result.setPort(DfTypeUtil.toInteger(source.get("port")));
            result.setProtocolScheme(DfTypeUtil.toString(source.get("protocolScheme")));