* 导入 `HTTPBsic` 与 `HTTPBasicCredentials`
* 使用 `HTTPBsic` 创建**安全概图**
* 在*路径操作*的依赖项中使用 `security`
* 返回类型为 `HTTPBasicCredentials` 的对象：
    * 包含发送的 `username` 与 `password`

```Python hl_lines="2  6  10"
{!../../../docs_src/security/tutorial006.py!}
```

第一次打开 URL（或在 API 文档中点击 **Execute** 按钮）时，浏览器要求输入用户名与密码：

<img src="/img/tutorial/security/image12.png">

## 检查用户名

以下是更完整的示例。

使用依赖项检查用户名与密码是否正确。

            Doc(
                """
                Security scheme name.

                It will be included in the generated OpenAPI (e.g. visible at `/docs`).
                """
            ),
        ] = None,
        description: Annotated[
            Optional[str],
            Doc(
                """
                Security scheme description.

        defaultSettings.put("onelogin.saml2.security.nameid_encrypted", "false");
        defaultSettings.put("onelogin.saml2.security.authnrequest_signed", "false");
        defaultSettings.put("onelogin.saml2.security.logoutrequest_signed", "false");
        defaultSettings.put("onelogin.saml2.security.logoutresponse_signed", "false");
        defaultSettings.put("onelogin.saml2.security.want_messages_signed", "false");

    ```

## 현재 유저 주입하기

이제 *경로 작동*에서 `get_current_user`와 동일한 `Depends`를 사용할 수 있습니다.

=== "파이썬 3.7 이상"

    ```Python hl_lines="31"
    {!> ../../../docs_src/security/tutorial002.py!}
    ```

=== "파이썬 3.10 이상"

    ```Python hl_lines="29"
    {!> ../../../docs_src/security/tutorial002_py310.py!}
    ```

Pydantic 모델인 `User`로 `current_user`의 타입을 선언하는 것을 알아야 합니다.

    ```Python
    {!> ../../../docs_src/security/tutorial001_an_py39.py!}
    ```

=== "Python 3.8+"

    ```Python
    {!> ../../../docs_src/security/tutorial001_an.py!}
    ```

=== "Python 3.8+ без Annotated"

    !!! tip "Подсказка"
        Предпочтительнее использовать версию с аннотацией, если это возможно.

    ```Python
    {!> ../../../docs_src/security/tutorial001.py!}
    ```


## Запуск

    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt


async def get_current_user(
    security_scopes: SecurityScopes, token: str = Depends(oauth2_scheme)
):
    if security_scopes.scopes:
        authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
    else:
        authenticate_value = "Bearer"
    credentials_exception = HTTPException(

    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt


async def get_current_user(
    security_scopes: SecurityScopes, token: Annotated[str, Depends(oauth2_scheme)]
):
    if security_scopes.scopes:
        authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
    else:
        authenticate_value = "Bearer"
    credentials_exception = HTTPException(

import secrets

from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials
from typing_extensions import Annotated

app = FastAPI()

security = HTTPBasic()


def get_current_username(
    credentials: Annotated[HTTPBasicCredentials, Depends(security)],
):
    current_username_bytes = credentials.username.encode("utf8")
    correct_username_bytes = b"stanleyjobson"

    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt


async def get_current_user(
    security_scopes: SecurityScopes, token: Annotated[str, Depends(oauth2_scheme)]
):
    if security_scopes.scopes:
        authenticate_value = f'Bearer scope="{security_scopes.scope_str}"'
    else:
        authenticate_value = "Bearer"
    credentials_exception = HTTPException(

```Python hl_lines="25"
{!../../../docs_src/security/tutorial002.py!}
```

## 获取用户

`get_current_user` 使用创建的（伪）工具函数，该函数接收 `str` 类型的令牌，并返回 Pydantic 的 `User` 模型：

```Python hl_lines="19-22  26-27"
{!../../../docs_src/security/tutorial002.py!}
```

## 注入当前用户

在*路径操作* 的 `Depends` 中使用 `get_current_user`：

```Python hl_lines="31"
{!../../../docs_src/security/tutorial002.py!}
```