But this way we can focus on how the **Dependency Injection** system works.

### Create a dependency, or "dependable" { #create-a-dependency-or-dependable }

Let's first focus on the dependency.

It is just a function that can take all the same parameters that a *path operation function* can take:

{* ../../docs_src/dependencies/tutorial001_an_py310.py hl[8:9] *}

That's it.

**2 lines**.

That doesn't add any extra security to your API, the *path operations* will still be available where they are.

If there's a security flaw in your code, it will still exist.

We can use **OAuth2** to build that with **FastAPI**.

But let's save you the time of reading the full long specification just to find those little pieces of information you need.

Let's use the tools provided by **FastAPI** to handle security.

## How it looks { #how-it-looks }

Let's first just use the code and see how it works, and then we'll come back to understand what's happening.

## Create `main.py` { #create-main-py }

# About HTTPS { #about-https }

It is easy to assume that HTTPS is something that is just "enabled" or not.

But it is way more complex than that.

/// tip

If you are in a hurry or don't care, continue with the next sections for step by step instructions to set everything up with different techniques.

///

        assertTrue(n > 0);
        assertNull(block.andx, "andx should be cleared when errorCode != 0");
    }

    @Test
    @DisplayName("NT_CREATE_ANDX extended response adjusts wordCount by +8")
    void testNtCreateAndxExtendedAdjustsWordCount() {
        SmbComNTCreateAndXResponse resp = new SmbComNTCreateAndXResponse() {
            @Override

They are just a convenience, they hold the same number, but that way you can use the editor's autocomplete to find them:

<img src="/img/tutorial/response-status-code/image02.png">

/// note | Technical Details

You could also use `from starlette import status`.

# Security { #security }

There are many ways to handle security, authentication and authorization.

And it normally is a complex and "difficult" topic.

In many frameworks and systems just handling security and authentication takes a big amount of effort and code (in many cases it can be 50% or more of all the code written).

Here we do it... just to show that we can 🤷:

```Python hl_lines="21-23" title="app/main.py"
{!../../docs_src/bigger_applications/app/main.py!}
```

and it will work correctly, together with all the other *path operations* added with `app.include_router()`.

/// info | Very Technical Details

**Note**: this is a very technical detail that you probably can **just skip**.

---

            assertEquals("fuzzy", fuzzyQueryBuilder.value());
            assertEquals(1.8f, fuzzyQueryBuilder.boost());
        } else {
            // For DefaultQueryBuilder or DisMaxQueryBuilder, we just verify it was created
            assertTrue(result instanceof DefaultQueryBuilder || result instanceof DisMaxQueryBuilder);
        }
    }

    public void test_execute_withNestedBoostQuery() {

You could load it at the top level of the module/file, but that would also mean that it would **load the model** even if you are just running a simple automated test, then that test would be **slow** because it would have to wait for the model to load before being able to run an independent part of the code.