def test_inactive_user():
    response = client.get("/users/me", headers={"Authorization": "Bearer alice"})
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Inactive user"}


def test_openapi_schema():
    response = client.get("/openapi.json")
    assert response.status_code == 200, response.text
    assert response.json() == {
        "openapi": "3.1.0",

  // handlers are available on every node, and handlers of the same name are
  // equivalent on every node.
  // For example, a handler called "runc" might specify that the runc OCI
  // runtime (using native Linux containers) will be used to run the containers
  // in a pod.
  // The Handler must be lowercase, conform to the DNS Label (RFC 1123) requirements,
  // and is immutable.
  optional string handler = 2;

    return user


async def get_current_active_user(
    current_user: User = Security(get_current_user, scopes=["me"]),
):
    if current_user.disabled:
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user


@app.post("/token")
async def login_for_access_token(
    form_data: OAuth2PasswordRequestForm = Depends(),
) -> Token:

async def get_current_active_user(
    current_user: Annotated[User, Security(get_current_user, scopes=["me"])],
):
    if current_user.disabled:
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user


@app.post("/token")
async def login_for_access_token(
    form_data: Annotated[OAuth2PasswordRequestForm, Depends()],
) -> Token:

type rebalanceAdminStatus struct {
	ID        string                // identifies the ongoing rebalance operation by a uuid
	Pools     []rebalancePoolStatus `json:"pools"` // contains all pools, including inactive
	StoppedAt time.Time             `json:"stoppedAt,omitempty"`
}

func rebalanceStatus(ctx context.Context, z *erasureServerPools) (r rebalanceAdminStatus, err error) {
	// Load latest rebalance status

    the implementation trade-offs. We can't use our HTTP client engine on Kotlin/JS, and we weren't
    prepared to build a TLS API for Kotlin/Native.

    We'd prefer a multiplatform HTTP client API that's backed by OkHttp on Android and JVM, and
    other engines on other platforms. [Ktor] does this pretty well today!

   * symmetry. Moreover, we don't want to reconstruct a native type variable {@code <A>} using our
   * implementation unless some of its bounds have changed in resolution. This avoids creating
   * unequal TypeVariable implementation unnecessarily. When the bounds do change, however, it's
   * fine for the synthetic TypeVariable to be unequal to any native TypeVariable anyway.
   */
  static final class NativeTypeVariableEquals<X> {

    )
    response = client.get(
        "/users/me", headers={"Authorization": f"Bearer {access_token}"}
    )
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Inactive user"}


@needs_py39
def test_read_items(client: TestClient):
    access_token = get_access_token(scope="me items", client=client)
    response = client.get(

}
```

### 비활성된 유저

이제 비활성된 사용자로 시도하고, 인증해봅시다:

유저명: `alice`

패스워드: `secret2`

그리고 `/users/me` 경로와 함께 `GET` 작업을 사용해 봅시다.

다음과 같은 "Inactive user" 오류가 발생합니다:

```JSON
{
  "detail": "Inactive user"
}
```

## 요약

이제 API에 대한 `username` 및 `password`를 기반으로 완전한 보안 시스템을 구현할 수 있는 도구가 있습니다.

이러한 도구를 사용하여 보안 시스템을 모든 데이터베이스 및 모든 사용자 또는 데이터 모델과 호환되도록 만들 수 있습니다.

        def line = '"C:\\Program Files\\Java\\jdk1.7/bin/java.exe"    -Dorg.gradle.daemon.idletimeout=120000 -Dorg.gradle.daemon.registry.base=C:\\some\\agent\\workspace\\build\\daemon -Dorg.gradle.native.dir=C:\\some\\agent\\workspace\\intTestHomeDir\\worker-1\\native -Dorg.gradle.deprecation.trace=true -Djava.io.tmpdir=C:\\some\\agent\\workspace\\subprojects\\osgi\\build\\tmp -Dfile.encoding=windows-1252 -Dorg.gradle.classloaderscope.strict=true -ea -ea "-Dorg.gradle.appname=gradle"...