## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Basic"},
        )
    return credentials.username


@app.get("/users/me")
def read_current_user(username: Annotated[str, Depends(get_current_username)]):

     * domain, username, and password. Parameters that are {@code null}
     * will be substituted with {@code jcifs.smb.client.domain},
     * {@code jcifs.smb.client.username}, {@code jcifs.smb.client.password}
     * property values.
     *
     * @param tc
     *            context to use
     * @param domain the authentication domain
     * @param username the username to authenticate with

                    },
                    "ModelB": {
                        "title": "ModelB",
                        "required": ["username"],
                        "type": "object",
                        "properties": {
                            "username": {"title": "Username", "type": "string"}
                        },
                    },
                    "ValidationError": {

    }

    /**
     * Retrieves a user by their username.
     *
     * @param username the username to search for
     * @return an OptionalEntity containing the user if found
     */
    public OptionalEntity<User> getUserByName(final String username) {
        return userBhv.selectEntity(cb -> {
            cb.query().setName_Equal(username);
        });
    }

    /**

from fastapi import FastAPI

app = FastAPI(swagger_ui_parameters={"syntaxHighlight": {"theme": "obsidian"}})


@app.get("/users/{username}")
async def read_user(username: str):

# 簡易 OAuth2：Password 與 Bearer { #simple-oauth2-with-password-and-bearer }

現在從上一章延伸，補上缺少的部分，完成整個安全流程。

## 取得 `username` 與 `password` { #get-the-username-and-password }

我們要使用 **FastAPI** 提供的安全性工具來取得 `username` 與 `password`。

OAuth2 規範中，當使用「password flow」（我們現在使用的）時，用戶端／使用者必須以表單資料送出 `username` 與 `password` 欄位。

而且規範要求欄位名稱必須就是這兩個，所以像是 `user-name` 或 `email` 都不行。

但別擔心，你在前端要怎麼呈現給最終使用者都可以。

而你的資料庫模型也可以使用任何你想要的欄位名稱。

                final String username = account.username();
                if (logger.isDebugEnabled()) {
                    logger.debug("homeAccountId={}, username={}", homeAccountId, username);
                }
                permissionSet.add(systemHelper.getSearchRoleByUser(homeAccountId));
                permissionSet.add(systemHelper.getSearchRoleByUser(username));

from typing import Annotated

from fastapi import FastAPI, Form

app = FastAPI()


@app.post("/login/")
async def login(username: Annotated[str, Form()], password: Annotated[str, Form()]):

        }
        final String username = getUserBean().get().getUserId();
        try {
            userService.changePassword(username, form.password);
            saveInfo(messages -> messages.addSuccessChangedPassword(GLOBAL));
        } catch (final Exception e) {
            logger.warn("Failed to change password for user: username={}, error={}", username, e.getMessage(), e);