- 🦇 Suporte para modo escuro.
- 🐋 [Docker Compose](https://www.docker.com) para desenvolvimento e produção.
- 🔒 _Hash_ seguro de senhas por padrão.
- 🔑 Autenticação por token JWT.
- 📫 Recuperação de senhas baseada em email.
- ✅ Testes com [Pytest](https://pytest.org).
- 📞 [Traefik](https://traefik.io) como proxy reverso / balanceador de carga.

///

/// info | Info

In diesem Beispiel verwenden wir zwei erfundene benutzerdefinierte Header `X-Key` und `X-Token`.

Aber in realen Fällen würden Sie bei der Implementierung von Sicherheit mehr Vorteile durch die Verwendung der integrierten [Sicherheits-Werkzeuge (siehe nächstes Kapitel)](../security/index.md){.internal-link target=_blank} erzielen.

		}
	}
}

// getHealSequenceByToken - Retrieve a heal sequence by token. The second
// argument returns if a heal sequence actually exists.
func (ahs *allHealState) getHealSequenceByToken(token string) (h *healSequence, exists bool) {
	ahs.RLock()
	defer ahs.RUnlock()
	for _, healSeq := range ahs.healSeqMap {
		if healSeq.clientToken == token {
			return healSeq, true
		}
	}
	return nil, false
}

		listObjectsInfo ListObjectsV2Info
	)

	// Always set this
	listObjectsInfo.ContinuationToken = token

	// Open and iterate through the files in the archive.
	for _, file := range files {
		objName := zipObjInfo.Name + archiveSeparator + file.Name
		if objName <= startAfter || objName <= token {
			continue
		}
		if strings.HasPrefix(objName, prefix) {
			if count == maxKeys {
				isTruncated = true

          echo "$OUTPUT" >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV
      - name: Comment on PR if check failed
        if: ${{ failure() }}
        uses: actions/github-script@v8
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const output = `
            Some bad merge is found:
            \`\`\`
            ${{ env.OUTPUT }}
            \`\`\`
            `;

          rm -rf ./site
          mkdir ./site
      - uses: actions/download-artifact@v6
        with:
          path: ./site/
          pattern: docs-site-*
          merge-multiple: true
          github-token: ${{ secrets.GITHUB_TOKEN }}
          run-id: ${{ github.event.workflow_run.id }}
      - name: Deploy to Cloudflare Pages
        # hashFiles returns an empty string if there are no files
        if: hashFiles('./site/*')

	},
	ErrInvalidToken: {
		Code:           "InvalidTokenId",
		Description:    "The security token included in the request is invalid",
		HTTPStatusCode: http.StatusForbidden,
	},
	ErrNoTokenRevokeType: {
		Code:           "InvalidArgument",
		Description:    "No token revoke type specified and one could not be inferred from the request",
		HTTPStatusCode: http.StatusBadRequest,
	},

Если токен недействителен, то сразу же верните HTTP-ошибку.

{* ../../docs_src/security/tutorial004_an_py310.py hl[90:107] *}

## Обновление *операции пути* `/token` { #update-the-token-path-operation }

Создайте `timedelta` со временем истечения срока действия токена.

Создайте реальный токен доступа JWT и верните его

{* ../../docs_src/security/tutorial004_an_py310.py hl[118:133] *}

   * Sec-Token-Binding}</a> header field name.
   *
   * @since 25.1
   */
  public static final String SEC_TOKEN_BINDING = "Sec-Token-Binding";

  /**
   * The HTTP <a href="https://datatracker.ietf.org/doc/html/draft-ietf-tokbind-ttrp">{@code
   * Sec-Provided-Token-Binding-ID}</a> header field name.
   *
   * @since 25.1
   */

# 現在のユーザーの取得

一つ前の章では、（依存性注入システムに基づいた）セキュリティシステムは、 *path operation関数* に `str` として `token` を与えていました:

{* ../../docs_src/security/tutorial001.py hl[10] *}

しかし、それはまだそんなに有用ではありません。

現在のユーザーを取得するようにしてみましょう。

## ユーザーモデルの作成

まずは、Pydanticのユーザーモデルを作成しましょう。

ボディを宣言するのにPydanticを使用するのと同じやり方で、Pydanticを別のどんなところでも使うことができます:

{* ../../docs_src/security/tutorial002.py hl[5,12:16] *}

## 依存関係 `get_current_user` を作成