)

// Provider implements identity provider specific admin operations, such as
// looking up users, fetching additional attributes etc.
type Provider interface {
	LoginWithUser(username, password string) error
	LoginWithClientID(clientID, clientSecret string) error
	LookupUser(userid string) (User, error)

這是怎麼運作的？來看一下。🤓

### 型別註解與工具支援 { #type-annotations-and-tooling }

先看看編輯器、mypy 與其他工具會怎麼看這件事。

`BaseUser` 有基礎欄位。然後 `UserIn` 繼承自 `BaseUser` 並新增 `password` 欄位，因此它會包含兩個模型的所有欄位。

我們把函式回傳型別註解為 `BaseUser`，但實際上回傳的是 `UserIn` 實例。

編輯器、mypy 與其他工具不會抱怨，因為就型別學而言，`UserIn` 是 `BaseUser` 的子類別，這代表當預期任何 `BaseUser` 時，`UserIn` 是一個有效的型別。

### FastAPI 的資料過濾 { #fastapi-data-filtering }

對 FastAPI 而言，它會查看回傳型別，並確保你回傳的內容只包含該型別中宣告的欄位。

    /**
     * Creates the LMv2 response for the supplied information.
     *
     * @param domain
     *            The domain in which the username exists.
     * @param user
     *            The username.
     * @param password
     *            The user's password.
     * @param challenge
     *            The server challenge.
     * @param clientChallenge
     *            The client challenge (nonce).

 * up the build process by avoiding unnecessary downloads.</p>
 *
 * <p>By default, the local repository is located in the {@code .m2/repository}
 * directory within the user's home directory ({@code ~/.m2/repository} on
 * Unix-like systems or {@code C:\Users\YourName\.m2\repository} on Windows).
 * The location of the local repository can be customized in the
 * {@code settings.xml} file.</p>
 *
 * @since 4.0.0
 * @see Repository

# Déclarez une variable comme étant une str
# et profitez de l'aide de l'éditeur dans cette fonction
def main(user_id: str):
    return user_id


# Un modèle Pydantic
class User(BaseModel):
    id: int
    name: str
    joined: date
```

Qui peuvent ensuite être utilisés comme ceci :

```Python
my_user: User = User(id=3, name="John Doe", joined="2018-07-19")

second_user_data = {
    "id": 4,
    "name": "Mary",

Por ejemplo, digamos que tienes 4 endpoints de API (*path operations*):

* `/items/public/`
* `/items/private/`
* `/users/{user_id}/activate`
* `/items/pro/`

entonces podrías agregar diferentes requisitos de permiso para cada uno de ellos solo con dependencias y sub-dependencias:

```mermaid
graph TB

The following example shows how to get the details of the user with `{userid}` from `{realm}` realm:

```
curl \
  -H "Authorization: Bearer eyJhbGciOiJSUz..." \
  "http://localhost:8080/auth/admin/realms/{realm}/users/{userid}"
```

### Configure MinIO

```
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123
minio server /mnt/export

## Kullanıcıyı alın { #get-the-user }

`get_current_user`, oluşturduğumuz (sahte) bir yardımcı (utility) fonksiyonu kullanacak; bu fonksiyon `str` olarak bir token alır ve Pydantic `User` modelimizi döndürür:

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## Mevcut kullanıcıyı enjekte edin { #inject-the-current-user }

## 获取用户 { #get-the-user }

`get_current_user` 使用创建的（伪）工具函数，该函数接收 `str` 类型的令牌，并返回 Pydantic 的 `User` 模型：

{* ../../docs_src/security/tutorial002_an_py310.py hl[19:22,26:27] *}

## 注入当前用户 { #inject-the-current-user }

在*路径操作* 的 `Depends` 中使用 `get_current_user`：

{* ../../docs_src/security/tutorial002_an_py310.py hl[31] *}

注意，此处把 `current_user` 的类型声明为 Pydantic 的 `User` 模型。

这有助于在函数内部使用代码补全和类型检查。

# Get Current User { #get-current-user }

In the previous chapter the security system (which is based on the dependency injection system) was giving the *path operation function* a `token` as a `str`:

{* ../../docs_src/security/tutorial001_an_py310.py hl[12] *}

But that is still not that useful.

Let's make it give us the current user.

## Create a user model { #create-a-user-model }

First, let's create a Pydantic user model.