{* ../../docs_src/security/tutorial004_an_py310.py hl[118:133] *}

### Technische Details zum JWT-„Subjekt“ `sub` { #technical-details-about-the-jwt-subject-sub }

Die JWT-Spezifikation besagt, dass es einen Schlüssel `sub` mit dem Subjekt des Tokens gibt.

Die Verwendung ist optional, aber dort würden Sie die Identifikation des Benutzers speichern, daher verwenden wir das hier.

Crea un verdadero token de acceso JWT y devuélvelo.

{* ../../docs_src/security/tutorial004_an_py310.py hl[118:133] *}

### Detalles técnicos sobre el "sujeto" `sub` de JWT { #technical-details-about-the-jwt-subject-sub }

La especificación de JWT dice que hay una clave `sub`, con el sujeto del token.

Es opcional usarlo, pero ahí es donde pondrías la identificación del usuario, por lo que lo estamos usando aquí.

		if len(h) < 32 {
			return nil, nil, fmt.Errorf("want subroute len 32, got %v", len(h))
		}
		subID := (*[32]byte)(h[len(h)-32:])
		sub = (*subHandlerID)(subID)
		// Add if more modifications to h is needed
		h = h[:len(h)-32]
	}
	return sub, h, nil
}

// setZeroPayloadFlag will clear or set the FlagPayloadIsZero if
// m.Payload is length 0, but not nil.
func (m *message) setZeroPayloadFlag() {

Create a real JWT access token and return it.

{* ../../docs_src/security/tutorial004_an_py310.py hl[118:133] *}

### Technical details about the JWT "subject" `sub` { #technical-details-about-the-jwt-subject-sub }

The JWT specification says that there's a key `sub`, with the subject of the token.

It's optional to use it, but that's where you would put the user's identification, so we are using it here.

          .isEqualTo(returnType);
    }
    return sub;
  }

  /**
   * Call this in a {@link TestSubtype} public method asserting that subtype relationship does not
   * hold.
   */
  final <X> @Nullable X notSubtype(@SuppressWarnings("unused") Object sub) {
    Type returnType = method.getGenericReturnType();
    Type paramType = getOnlyParameterType();

Including how to handle lifespan state that can be used in other areas of your code.

///

## Sub Applications { #sub-applications }

Incluindo como lidar com estado do lifespan que pode ser usado em outras áreas do seu código.

///

## Sub Aplicações { #sub-applications }

	Sensitive bool `json:"-"`

	// Indicates if the value is a secret such as a password that shouldn't be
	// exposed by the server
	Secret bool `json:"-"`

	// Indicates if sub-sys supports multiple targets.
	MultipleTargets bool `json:"multipleTargets"`
}

// HelpKVS - implement order of keys help messages.
type HelpKVS []HelpKV

// Lookup - lookup a key from help kvs.

        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        username = payload.get("sub")
        if username is None:
            raise credentials_exception
        token_data = TokenData(username=username)
    except InvalidTokenError:
        raise credentials_exception

{* ../../docs_src/behind_a_proxy/tutorial004_py39.py hl[9] *}

e então ele não será incluído no OpenAPI schema.

## Montando uma sub-aplicação { #mounting-a-sub-application }

Se você precisar montar uma sub-aplicação (como descrito em [Sub-aplicações - Montagens](sub-applications.md){.internal-link target=_blank}) enquanto também usa um proxy com `root_path`, você pode fazer isso normalmente, como esperaria.