def fake_decode_token(token):
    # This doesn't provide any security at all
    # Check the next version
    user = get_user(fake_users_db, token)
    return user


async def get_current_user(token: str = Depends(oauth2_scheme)):
    user = fake_decode_token(token)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",

{* ../../docs_src/security/tutorial002_an_py310.py hl[5,12:6] *}

## Create a `get_current_user` dependency { #create-a-get-current-user-dependency }

Let's create a dependency `get_current_user`.

Remember that dependencies can have sub-dependencies?

`get_current_user` will have a dependency with the same `oauth2_scheme` we created before.

{* ../../docs_src/security/tutorial002_an_py310.py hl[5,12:6] *}

## Eine `get_current_user`-Abhängigkeit erstellen { #create-a-get-current-user-dependency }

Erstellen wir eine Abhängigkeit `get_current_user`.

Erinnern Sie sich, dass Abhängigkeiten Unterabhängigkeiten haben können?

`get_current_user` wird seinerseits von `oauth2_scheme` abhängen, das wir zuvor erstellt haben.

Como a dependência `get_current_active_user` possui uma subdependência em `get_current_user`, o escopo `"me"` declarado em `get_current_active_user` será incluído na lista de escopos necessários em `security_scopes.scopes` passado para `get_current_user`.

A própria *operação de rota* também declara o escopo, `"items"`, então ele também estará na lista de `security_scopes.scopes` passado para o `get_current_user`.

{* ../../docs_src/security/tutorial002_an_py310.py hl[5,12:6] *}

## Criar uma dependência `get_current_user` { #create-a-get-current-user-dependency }

Vamos criar uma dependência chamada `get_current_user`.

Lembra que as dependências podem ter subdependências?

`get_current_user` terá uma dependência com o mesmo `oauth2_scheme` que criamos antes.

api_key = APIKeyQuery(name="key", description="API Key Query")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user


client = TestClient(app)


def test_security_api_key():

class User(BaseModel):
    username: str


def get_current_user(oauth_header: Optional[str] = Security(api_key)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: Optional[User] = Depends(get_current_user)):
    if current_user is None:
        return {"msg": "Create an account first"}

class User(BaseModel):
    username: str


def get_current_user(oauth_header: Optional[str] = Security(api_key)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    if current_user is None:
        return {"msg": "Create an account first"}

## 依存関係 `get_current_user` を作成

依存関係 `get_current_user` を作ってみましょう。

依存関係はサブ依存関係を持つことができるのを覚えていますか？

`get_current_user` は前に作成した `oauth2_scheme` と同じ依存関係を持ちます。

以前直接 *path operation* の中でしていたのと同じように、新しい依存関係である `get_current_user` は `str` として `token` を受け取るようになります:

{* ../../docs_src/security/tutorial002.py hl[25] *}

## ユーザーの取得

        expire = datetime.now(timezone.utc) + timedelta(minutes=15)
    to_encode.update({"exp": expire})
    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt


async def get_current_user(token: str = Depends(oauth2_scheme)):
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",