# Получить текущего пользователя { #get-current-user }

В предыдущей главе система безопасности (основанная на системе внедрения зависимостей) передавала *функции-обработчику пути* `token` типа `str`:

{* ../../docs_src/security/tutorial001_an_py39.py hl[12] *}

Но это всё ещё не слишком полезно.

Сделаем так, чтобы она возвращала текущего пользователя.

## Создать модель пользователя { #create-a-user-model }

  notify:
    endpoint: https://notify.endpoint # notification endpoint to receive job completion status
    token: Bearer xxxxx # optional authentication token for the notification endpoint
  
  retry:
    attempts: 10 # number of retries for the job before giving up
    delay: 500ms # least amount of delay between each retry
`
	var job BatchJobRequest

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Obter o usuário { #get-the-user }

`get_current_user` usará uma função utilitária (falsa) que criamos, que recebe um token como uma `str` e retorna nosso modelo Pydantic `User`:

	  #     value: "image/*" # match objects with 'content-type', with all values starting with 'image/'

	notify:
	  endpoint: "https://notify.endpoint" # notification endpoint to receive job status events
	  token: "Bearer xxxxx" # optional authentication token for the notification endpoint

	retry:
	  attempts: 10 # number of retries for the job before giving up
	  delay: "500ms" # least amount of delay between each retry
```

def test_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text
    assert response.json() == {"token": "testtoken"}


def test_incorrect_token(client: TestClient):
    response = client.get("/items", headers={"Authorization": "Notexistent testtoken"})
    assert response.status_code == 401, response.text

    if item_id not in fake_db:
        raise HTTPException(status_code=404, detail="Item not found")
    return fake_db[item_id]


@app.post("/items/", response_model=Item)
async def create_item(item: Item, x_token: str = Header()):
    if x_token != fake_secret_token:
        raise HTTPException(status_code=400, detail="Invalid X-Token header")
    if item.id in fake_db:

    if item_id not in fake_db:
        raise HTTPException(status_code=404, detail="Item not found")
    return fake_db[item_id]


@app.post("/items/", response_model=Item)
async def create_item(item: Item, x_token: str = Header()):
    if x_token != fake_secret_token:
        raise HTTPException(status_code=400, detail="Invalid X-Token header")
    if item.id in fake_db:

				return
			}
		case "Time":
			z.Time, err = dc.ReadTime()
			if err != nil {
				err = msgp.WrapError(err, "Time")
				return
			}
		case "Token":
			z.Token, err = dc.ReadString()
			if err != nil {
				err = msgp.WrapError(err, "Token")
				return
			}
		default:
			err = dc.Skip()
			if err != nil {
				err = msgp.WrapError(err)
				return
			}
		}
	}
	return
}

    if item_id not in fake_db:
        raise HTTPException(status_code=404, detail="Item not found")
    return fake_db[item_id]


@app.post("/items/", response_model=Item)
async def create_item(item: Item, x_token: Annotated[str, Header()]):
    if x_token != fake_secret_token:
        raise HTTPException(status_code=400, detail="Invalid X-Token header")
    if item.id in fake_db:

{
    "properties": {
      "name": {
        "type": "keyword"
      },
      "token": {
        "type": "keyword"
      },
      "permissions": {
        "type": "keyword"
      },
      "parameter_name" : {
        "type": "keyword"
      },
      "expiredTime": {
        "type": "long"
      },
      "createdBy": {
        "type": "keyword"
      },
      "createdTime": {
        "type": "long"
      },