Usando as credenciais:

Username: `johndoe`
Password: `secret`

/// check | Verifique

Observe que em nenhuma parte do código está a senha em texto puro "`secret`", nós temos apenas o hash.

///

<img src="/img/tutorial/security/image08.png">

Chame o endpoint `/users/me/`, você receberá o retorno como:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",

      - name: Update performance-test-durations.json
        run: |
          ./gradlew performance:writePerformanceTimes -Porg.gradle.performance.db.url=${{ env.PERFORMANCE_DB_URL }} -Porg.gradle.performance.db.username=${{ env.PERFORMANCE_DB_USERNAME }}
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v8
        with:
          commit-message: Update performance test durations

	ldapActualUser = "ldapActualUser" // this is a key name for the actual DN value
	ldapUserN      = "ldapUsername"   // this is a key name for the short/login username
	// Claim key-prefix for LDAP attributes
	ldapAttribPrefix = "ldapAttrib_"

	// Role Claim key
	roleArnClaim = "roleArn"

	// STS revoke type claim key
	tokenRevokeTypeClaim = "tokenRevokeType"

            param("env.JDK21", javaHome(OpenJdk21, Os.LINUX))
            param("env.JDK25", javaHome(OpenJdk25, Os.LINUX))
            param("env.ORG_GRADLE_PROJECT_artifactoryUserName", "%gradle.internal.repository.build-tool.publish.username%")
            password("env.ORG_GRADLE_PROJECT_infrastructureEmailPwd", "%infrastructureEmailPwd%")
            param("env.ORG_GRADLE_PROJECT_sdkmanKey", "8ed1a771bc236c287ad93c699bfdd2d7")

resources: requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} extraVolumes: [] extraVolumeMounts: [] # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will...

///

Pydantic의 모델 구성을 사용하여 `extra` 필드를 `forbid`할 수 있습니다:

{* ../../docs_src/request_form_models/tutorial002_an_py310.py hl[12] *}

클라이언트가 추가 데이터를 보내려고 하면 **오류** 응답을 받게 됩니다.

예를 들어, 클라이언트가 폼 필드를 보내려고 하면:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

`extra` 필드가 허용되지 않는다는 오류 응답을 받게 됩니다:

```json
{
    "detail": [
        {
            "type": "extra_forbidden",

type iamCache struct {
	updatedAt time.Time

	// map of policy names to policy definitions
	iamPolicyDocsMap map[string]PolicyDoc

	// map of regular username to credentials
	iamUsersMap map[string]UserIdentity
	// map of regular username to policy names
	iamUserPolicyMap *xsync.MapOf[string, MappedPolicy]

	// STS accounts are loaded on demand and not via the periodic IAM reload.

{* ../../docs_src/request_form_models/tutorial002_an_py310.py hl[12] *}

Bir client fazladan veri göndermeye çalışırsa, bir **error** response alır.

Örneğin, client şu form field'larını göndermeye çalışırsa:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

`extra` field'ının izinli olmadığını söyleyen bir error response alır:

```json
{
    "detail": [
        {

        // Configure mock session
        mockSession.transport = mockTransport;

        // Configure authentication - set fields directly since NtlmPasswordAuthentication is final
        mockAuth.username = "testuser";
        mockAuth.domain = "TESTDOMAIN";
        mockAuth.password = "testpass";

        when(mockAuth.getAnsiHash(any(byte[].class))).thenReturn(new byte[24]);

            },
        ],
    }


def test_post_missing_required_field_in_item(client: TestClient):
    response = client.put(
        "/items/5", json={"item": {"name": "Foo"}, "user": {"username": "johndoe"}}
    )
    assert response.status_code == 422
    assert response.json() == {
        "detail": [
            {
                "input": {"name": "Foo"},
                "loc": [