Now we create a `HeroCreate` model, this is the one that will **validate** the data from the clients.

It has the same fields as `HeroBase`, and it also has `secret_name`.

Now, when the clients **create a new hero**, they will send the `secret_name`, it will be stored in the database, but those secret names won't be returned in the API to the clients.

/// tip

This is how you would handle **passwords**. Receive them, but don't return them in the API.

	defer cancel()

	if prefix == "" {
		// if all objects are not deleted yet this call may fail.
		return clnt.RemoveBucket(cctx, bucket)
	}

	objectsCh := make(chan minio.ObjectInfo)

	// Send object names that are needed to be removed to objectsCh
	go func() {
		defer xioutil.SafeClose(objectsCh)
		opts := minio.ListObjectsOptions{
			Prefix:    prefix,
			Recursive: true,
		}

```

////

## Recap

You can now get the current user directly in your *path operation function*.

We are already halfway there.

We just need to add a *path operation* for the user/client to actually send the `username` and `password`.

                }
                this.completed = true;
            }
            else if ( this.mechContext.isMICAvailable() && ( !this.disableMic || this.requireMic ) ) {
                // we need to send our final data
                mechMIC = calculateMechListMIC();
            }
            else if ( targ.getResult() == NegTokenTarg.REJECTED ) {
                throw new SmbException("SPNEGO mechanism was rejected");

The benefit of raising an exception over `return`ing a value will be more evident in the section about Dependencies and Security.

errors.cannot_delete_doc_because_of_running=Crawler is running. The document cannot be deleted.
errors.failed_to_delete_doc_in_admin=Failed to delete document.
errors.failed_to_send_testmail=Failed to send the test mail.
errors.could_not_find_backup_index=Could not find index for backup.
errors.no_user_for_changing_password=The current password is incorrect.
errors.failed_to_change_password=Failed to change your password.

errors.cannot_delete_doc_because_of_running=Crawler is running. The document cannot be deleted.
errors.failed_to_delete_doc_in_admin=Failed to delete document.
errors.failed_to_send_testmail=Failed to send the test mail.
errors.could_not_find_backup_index=Could not find index for backup.
errors.no_user_for_changing_password=The current password is incorrect.
errors.failed_to_change_password=Failed to change your password.

			h.PutResponse(resp)
		}
		if err != nil {
			PutByteBuffer(payload)
			r := RemoteErr(err.Error())
			return nil, &r
		}
		return payload, nil
	}, subroute...)
}

// Requester is able to send requests to a remote.
type Requester interface {
	Request(ctx context.Context, h HandlerID, req []byte) ([]byte, error)
}

// Call the remote with the request and return the response.

		// considered as Delete marker true to avoid listing such objects by
		// regular ListObjects() calls. However for delete replication this
		// ends up being a problem because "upon" a successful delete this
		// ends up creating a new delete marker that is spurious and unnecessary.
		//
		// Regression introduced by #14555 was reintroduced in #15564
		if versionFound {

labels.notification_search_top=Search top page
labels.storage_endpoint=Endpoint
labels.storage_access_key=Access Key
labels.storage_secret_key=Secret Key
labels.storage_bucket=Bucket
labels.send_testmail=Send TestMail
labels.backup_configuration=Back Up
labels.backup_name=Name
labels.backup_bulk_file=Bulk File
labels.backup_button_upload=Upload