beraber - Code Search

docs/pt/docs/tutorial/security/first-steps.md

    * Mas precisa de autenticação para aquele endpoint específico.
    * Então, para autenticar com nossa API, ele envia um header `Authorization` com o valor `Bearer ` mais o token.
    * Se o token contém `foobar`, o conteúdo do header `Authorization` seria: `Bearer foobar`.

## O `OAuth2PasswordBearer` do **FastAPI** { #fastapis-oauth2passwordbearer }

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Wed Nov 12 16:23:57 UTC 2025

- 8.9K bytes

- Viewed (0)

github.com/tiangolo/fastapi

docs/es/docs/tutorial/security/first-steps.md

    * Pero necesita autenticación para ese endpoint específico.
    * Así que, para autenticarse con nuestra API, envía un `header` `Authorization` con un valor de `Bearer ` más el token.
    * Si el token contiene `foobar`, el contenido del `header` `Authorization` sería: `Bearer foobar`.

## `OAuth2PasswordBearer` de **FastAPI** { #fastapis-oauth2passwordbearer }

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Tue Dec 16 16:33:45 UTC 2025

- 8.9K bytes

- Viewed (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial003_py39.py

    user = fake_decode_token(token)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return user


async def get_current_active_user(current_user: User = Depends(get_current_user)):
    if current_user.disabled:
        raise HTTPException(status_code=400, detail="Inactive user")

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Wed Dec 17 20:41:43 UTC 2025

- 2.4K bytes

- Viewed (0)

github.com/tiangolo/fastapi

tests/test_security_openid_connect_optional.py

    return current_user


client = TestClient(app)


def test_security_oauth2():
    response = client.get("/users/me", headers={"Authorization": "Bearer footokenbar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "Bearer footokenbar"}


def test_security_oauth2_password_other_header():
    response = client.get("/users/me", headers={"Authorization": "Other footokenbar"})

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Fri Jun 30 18:25:16 UTC 2023

- 2.4K bytes

- Viewed (0)

github.com/tiangolo/fastapi

docs_src/dataclasses_/tutorial002_py310.py

@app.get("/items/next", response_model=Item)
async def read_next_item():
    return {
        "name": "Island In The Moon",
        "price": 12.99,
        "description": "A place to be playin' and havin' fun",
        "tags": ["breater"],

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Fri Dec 26 10:43:02 UTC 2025

- 506 bytes

- Viewed (0)

github.com/tiangolo/fastapi

docs/zh/docs/tutorial/security/simple-oauth2.md

因此，在端点中，只有当用户存在、通过身份验证、且状态为激活时，才能获得该用户：

{* ../../docs_src/security/tutorial003.py hl[58:67,69:72,90] *}

/// info | 说明

此处返回值为 `Bearer` 的响应头 `WWW-Authenticate` 也是规范的一部分。

任何 401**UNAUTHORIZED**HTTP（错误）状态码都应返回 `WWW-Authenticate` 响应头。

本例中，因为使用的是 Bearer Token，该响应头的值应为 `Bearer`。

实际上，忽略这个附加响应头，也不会有什么问题。

之所以在此提供这个附加响应头，是为了符合规范的要求。

说不定什么时候，就有工具用得上它，而且，开发者或用户也可能用得上。

这就是遵循标准的好处……

///

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Mon Nov 18 02:25:44 UTC 2024

- 8.6K bytes

- Viewed (0)

github.com/tiangolo/fastapi

tests/test_top_level_security_scheme_in_openapi.py

@app.get("/", dependencies=[Depends(bearer_scheme)])
async def get_root():
    return {"message": "Hello, World!"}


client = TestClient(app)


def test_get_root():
    response = client.get("/", headers={"Authorization": "Bearer token"})
    assert response.status_code == 200, response.text
    assert response.json() == {"message": "Hello, World!"}


def test_get_root_no_token():
    response = client.get("/")

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Mon Nov 24 19:03:06 UTC 2025

- 1.9K bytes

- Viewed (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial003_an_py39.py

    user = fake_decode_token(token)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Not authenticated",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return user


async def get_current_active_user(
    current_user: Annotated[User, Depends(get_current_user)],
):
    if current_user.disabled:

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Mon Nov 24 19:03:06 UTC 2025

- 2.5K bytes

- Viewed (0)

github.com/tiangolo/fastapi

tests/test_tutorial/test_security/test_tutorial002.py

    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Not authenticated"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_token(client: TestClient):
    response = client.get("/users/me", headers={"Authorization": "Bearer testtoken"})
    assert response.status_code == 200, response.text
    assert response.json() == {
        "username": "testtokenfakedecoded",

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Fri Dec 26 10:43:02 UTC 2025

- 2.2K bytes

- Viewed (0)

github.com/tiangolo/fastapi

fastapi/security/api_key.py

                It is also useful when you want to have authentication that can be
                provided in one of multiple optional ways (for example, in a query
                parameter or in an HTTP Bearer token).
                """
            ),
        ] = True,
    ):
        super().__init__(
            location=APIKeyIn.query,
            name=name,
            scheme_name=scheme_name,

Registered: Sun Dec 28 07:19:09 UTC 2025

- Last Modified: Wed Dec 17 21:25:59 UTC 2025

- 9.6K bytes

- Viewed (1)

Search Options