usernames - Code Search

docs/zh-hant/docs/tutorial/security/simple-oauth2.md

# 簡易 OAuth2：Password 與 Bearer { #simple-oauth2-with-password-and-bearer }

現在從上一章延伸，補上缺少的部分，完成整個安全流程。

## 取得 `username` 與 `password` { #get-the-username-and-password }

我們要使用 **FastAPI** 提供的安全性工具來取得 `username` 與 `password`。

OAuth2 規範中，當使用「password flow」（我們現在使用的）時，用戶端／使用者必須以表單資料送出 `username` 與 `password` 欄位。

而且規範要求欄位名稱必須就是這兩個，所以像是 `user-name` 或 `email` 都不行。

但別擔心，你在前端要怎麼呈現給最終使用者都可以。

而你的資料庫模型也可以使用任何你想要的欄位名稱。

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Fri Mar 20 17:05:38 GMT 2026

- 9.1K bytes

- Click Count (0)

github.com/codelibs/jcifs

src/main/java/jcifs/smb/AuthenticationProvider.java

            this.domain = domain;
            this.authType = authType;
            this.timestamp = System.currentTimeMillis();
            this.clientAddress = clientAddress;
            this.serverAddress = serverAddress;
        }

        public String getUsername() {
            return username;
        }

        public String getDomain() {
            return domain;
        }

Created: Sun Apr 05 00:10:12 GMT 2026

- Last Modified: Sat Aug 30 05:58:03 GMT 2025

- 3.9K bytes

- Click Count (1)

github.com/tiangolo/fastapi

docs_src/bigger_applications/app_an_py310/routers/users.py


@router.get("/users/", tags=["users"])
async def read_users():
    return [{"username": "Rick"}, {"username": "Morty"}]


@router.get("/users/me", tags=["users"])
async def read_user_me():
    return {"username": "fakecurrentuser"}


@router.get("/users/{username}", tags=["users"])
async def read_user(username: str):

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 13:19:43 GMT 2026

- 407 bytes

- Click Count (0)

github.com/tiangolo/fastapi

fastapi/security/oauth2.py

                """
            ),
        ] = None,
        username: Annotated[
            str,
            Form(),
            Doc(
                """
                `username` string. The OAuth2 spec requires the exact field name
                `username`.

                Read more about it in the

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Tue Mar 24 16:32:10 GMT 2026

- 23.6K bytes

- Click Count (0)

github.com/codelibs/fess

src/main/java/org/codelibs/fess/ldap/LdapManager.java

        } catch (final Exception e) {
            logger.debug("Login failed for user: {}", username, e);
        }
        return OptionalEntity.empty();
    }

    /**
     * Authenticates a user with the specified username without password validation.
     *
     * @param username the username for authentication

Created: Tue Mar 31 13:07:34 GMT 2026

- Last Modified: Fri Jan 02 08:06:20 GMT 2026

- 85.2K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/dependencies/tutorial008b_an_py310.py


@app.get("/items/{item_id}")
def get_item(item_id: str, username: Annotated[str, Depends(get_username)]):
    if item_id not in data:
        raise HTTPException(status_code=404, detail="Item not found")
    item = data[item_id]
    if item["owner"] != username:
        raise OwnerError(username)

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 13:19:43 GMT 2026

- 775 bytes

- Click Count (0)

github.com/tiangolo/fastapi

tests/test_security_openid_connect.py

from inline_snapshot import snapshot
from pydantic import BaseModel

app = FastAPI()

oid = OpenIdConnect(openIdConnectUrl="/openid")


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(oid)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Sun Feb 08 10:18:38 GMT 2026

- 2.5K bytes

- Click Count (0)

github.com/tiangolo/fastapi

tests/test_security_openid_connect_description.py

app = FastAPI()

oid = OpenIdConnect(
    openIdConnectUrl="/openid", description="OpenIdConnect security scheme"
)


class User(BaseModel):
    username: str


def get_current_user(oauth_header: str = Security(oid)):
    user = User(username=oauth_header)
    return user


@app.get("/users/me")
def read_current_user(current_user: User = Depends(get_current_user)):
    return current_user

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Sun Feb 08 10:18:38 GMT 2026

- 2.6K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/zh-hant/docs/advanced/security/http-basic-auth.md

為了處理這點，我們會先將 `username` 與 `password` 以 UTF-8 編碼成 `bytes`。

接著我們可以使用 `secrets.compare_digest()` 來確認 `credentials.username` 等於 `"stanleyjobson"`，而 `credentials.password` 等於 `"swordfish"`。

{* ../../docs_src/security/tutorial007_an_py310.py hl[1,12:24] *}

這大致等同於：

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # 回傳錯誤

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Fri Mar 20 17:05:38 GMT 2026

- 4.7K bytes

- Click Count (0)

github.com/codelibs/fess

src/test/java/org/codelibs/fess/sso/SsoManagerTest.java

        assertEquals("entraiduser", ((TestLoginCredential) credential).username);
    }

    // Helper classes for testing
    private static class TestLoginCredential implements LoginCredential {
        private final String username;

        public TestLoginCredential(String username) {
            this.username = username;
        }

        @Override
        public String toString() {

Created: Tue Mar 31 13:07:34 GMT 2026

- Last Modified: Fri Mar 13 23:01:26 GMT 2026

- 16.5K bytes

- Click Count (0)

Search Options