// Make attempts from same IP with different users
        for (int i = 1; i <= 5; i++) {
            assertTrue(rateLimiter.checkAttempt("user" + i, ip), "Attempt " + i + " should be allowed");
            rateLimiter.recordFailure("user" + i, ip);
        }

        // 6th attempt from same IP should be blocked
        assertFalse(rateLimiter.checkAttempt("user6", ip), "Should block after IP rate limit");
    }

            // Act: choose len so upper/lower 16-bit parts are exercised
            byte[] buf = new byte[0x30000];
            try {
                in.readDirect(buf, 0, 0x12345);
                fail("Expected IOException due to short-circuit");
            } catch (IOException expected) {
                // expected
            }

            // Assert captured request parameters

	c.Assert(err, nil)
	response, err = s.client.Do(request)
	c.Assert(err, nil)
	c.Assert(response.StatusCode, http.StatusOK)

	deleteResp = DeleteObjectsResponse{}
	delRespBytes, err = io.ReadAll(response.Body)
	c.Assert(err, nil)
	err = xml.Unmarshal(delRespBytes, &deleteResp)
	c.Assert(err, nil)
	c.Assert(len(deleteResp.DeletedObjects), len(delObjReq.Objects))

        assertEquals("DOM", s1.getDomainName());
        assertEquals("user1", s1.getAccountName());
        assertEquals("DOM", s2.getDomainName());
        assertEquals("user2", s2.getAccountName());
        assertEquals("DOM", s3.getDomainName());
        assertEquals("userX", s3.getAccountName());
    }

    @Test

## Kullanıcıyı alın { #get-the-user }

`get_current_user`, oluşturduğumuz (sahte) bir yardımcı (utility) fonksiyonu kullanacak; bu fonksiyon `str` olarak bir token alır ve Pydantic `User` modelimizi döndürür:

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Mevcut kullanıcıyı enjekte edin { #inject-the-current-user }

## 获取用户 { #get-the-user }

`get_current_user` 使用创建的（伪）工具函数，该函数接收 `str` 类型的令牌，并返回 Pydantic 的 `User` 模型：

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## 注入当前用户 { #inject-the-current-user }

在*路径操作* 的 `Depends` 中使用 `get_current_user`：

{* ../../docs_src/security/tutorial002_an_py310.py hl[31] *}

注意，此处把 `current_user` 的类型声明为 Pydantic 的 `User` 模型。

这有助于在函数内部使用代码补全和类型检查。

// getUserWithProvider - returns the appropriate internal username based on the user provider.
// if validate is true, an error is returned if the user does not exist.
func getUserWithProvider(ctx context.Context, userProvider, user string, validate bool) (string, error) {
	switch userProvider {
	case madmin.BuiltinProvider:
		if validate {
			if _, ok := globalIAMSys.GetUser(ctx, user); !ok {
				return "", errNoSuchUser
			}
		}
		return user, nil

# Get Current User { #get-current-user }

In the previous chapter the security system (which is based on the dependency injection system) was giving the *path operation function* a `token` as a `str`:

{* ../../docs_src/security/tutorial001_an_py310.py hl[12] *}

But that is still not that useful.

Let's make it give us the current user.

## Create a user model { #create-a-user-model }

First, let's create a Pydantic user model.

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## 현재 사용자 주입하기 { #inject-the-current-user }

이제 *경로 처리*에서 `get_current_user`와 함께 같은 `Depends`를 사용할 수 있습니다:

{* ../../docs_src/security/tutorial002_an_py310.py hl[31] *}

`current_user`의 타입을 Pydantic 모델 `User`로 선언한다는 점에 주목하세요.

이는 함수 내부에서 자동 완성과 타입 체크에 도움을 줍니다.

/// tip | 팁

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Obter o usuário { #get-the-user }

`get_current_user` usará uma função utilitária (falsa) que criamos, que recebe um token como uma `str` e retorna nosso modelo Pydantic `User`:

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Injetar o usuário atual { #inject-the-current-user }