OAuth2PasswordBearer - Code Search

fastapi/security/init.py

from .http import HTTPDigest as HTTPDigest
from .oauth2 import OAuth2 as OAuth2
from .oauth2 import OAuth2AuthorizationCodeBearer as OAuth2AuthorizationCodeBearer
from .oauth2 import OAuth2PasswordBearer as OAuth2PasswordBearer
from .oauth2 import OAuth2PasswordRequestForm as OAuth2PasswordRequestForm
from .oauth2 import OAuth2PasswordRequestFormStrict as OAuth2PasswordRequestFormStrict
from .oauth2 import SecurityScopes as SecurityScopes

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Sun Dec 20 18:50:00 GMT 2020

- 881 bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/en/docs/tutorial/security/first-steps.md

## **FastAPI**'s `OAuth2PasswordBearer` { #fastapis-oauth2passwordbearer }

**FastAPI** provides several tools, at different levels of abstraction, to implement these security features.

In this example we are going to use **OAuth2**, with the **Password** flow, using a **Bearer** token. We do that using the `OAuth2PasswordBearer` class.

/// info

A "bearer" token is not the only option.

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Sat Mar 07 09:29:03 GMT 2026

- 8.3K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial004_an_py310.py

from datetime import datetime, timedelta, timezone
from typing import Annotated

import jwt
from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from jwt.exceptions import InvalidTokenError
from pwdlib import PasswordHash
from pydantic import BaseModel

# to get a string like this run:
# openssl rand -hex 32

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 18:10:35 GMT 2026

- 4.2K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/zh-hant/docs/tutorial/security/first-steps.md

    - 例如 token 是 `foobar`，則 `Authorization` 標頭內容為：`Bearer foobar`。

## FastAPI 的 `OAuth2PasswordBearer` { #fastapis-oauth2passwordbearer }

FastAPI 提供多層抽象的工具來實作這些安全機制。

本例將使用 OAuth2 的 Password 流程，並以 Bearer token 進行驗證；我們會用 `OAuth2PasswordBearer` 類別來完成。

/// info

「Bearer」token 不是唯一選項。

但對本例最合適。

通常對多數情境也足夠，除非你是 OAuth2 專家並確信有更適合你的選項。

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Fri Mar 20 17:05:38 GMT 2026

- 7.2K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/zh/docs/tutorial/security/first-steps.md

    * 如果令牌内容是 `foobar`，`Authorization` 请求头的内容就是：`Bearer foobar`。

## **FastAPI** 的 `OAuth2PasswordBearer` { #fastapis-oauth2passwordbearer }

**FastAPI** 在不同抽象层级提供了多种安全工具。

本示例将使用 **OAuth2** 的 **Password** 流程并配合 **Bearer** 令牌，通过 `OAuth2PasswordBearer` 类来实现。

/// info | 信息

“Bearer” 令牌并非唯一选项。

但它非常适合我们的用例。

对于大多数用例，它也可能是最佳选择，除非你是 OAuth2 专家，并明确知道为何其他方案更适合你的需求。

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Fri Mar 20 17:06:37 GMT 2026

- 7.5K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial003_py310.py

from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from pydantic import BaseModel

fake_users_db = {
    "johndoe": {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "******@****.***",
        "hashed_password": "fakehashedsecret",
        "disabled": False,
    },
    "alice": {
        "username": "alice",

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Mon Nov 24 19:03:06 GMT 2025

- 2.4K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial004_py310.py

from datetime import datetime, timedelta, timezone

import jwt
from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from jwt.exceptions import InvalidTokenError
from pwdlib import PasswordHash
from pydantic import BaseModel

# to get a string like this run:
# openssl rand -hex 32
SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 18:10:35 GMT 2026

- 4.1K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial005_an_py310.py

from datetime import datetime, timedelta, timezone
from typing import Annotated

import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
    OAuth2PasswordBearer,
    OAuth2PasswordRequestForm,
    SecurityScopes,
)
from jwt.exceptions import InvalidTokenError
from pwdlib import PasswordHash
from pydantic import BaseModel, ValidationError

# to get a string like this run:

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 18:10:35 GMT 2026

- 5.4K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial005_py310.py

from datetime import datetime, timedelta, timezone

import jwt
from fastapi import Depends, FastAPI, HTTPException, Security, status
from fastapi.security import (
    OAuth2PasswordBearer,
    OAuth2PasswordRequestForm,
    SecurityScopes,
)
from jwt.exceptions import InvalidTokenError
from pwdlib import PasswordHash
from pydantic import BaseModel, ValidationError

# to get a string like this run:
# openssl rand -hex 32

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 18:10:35 GMT 2026

- 5.3K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/en/docs/reference/security/index.md

    APIKeyHeader,
    APIKeyQuery,
    HTTPAuthorizationCredentials,
    HTTPBasic,
    HTTPBasicCredentials,
    HTTPBearer,
    HTTPDigest,
    OAuth2,
    OAuth2AuthorizationCodeBearer,
    OAuth2PasswordBearer,
    OAuth2PasswordRequestForm,
    OAuth2PasswordRequestFormStrict,
    OpenIdConnect,
    SecurityScopes,
)
```

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Wed Feb 04 12:41:54 GMT 2026

- 1.7K bytes

- Click Count (0)

Search Options