tiangolo.fastapi/docs/em/docs/tutorial/security/oauth2-jwt.md

Oauth2️⃣ ⏮️ 🔐 (& 🔁), 📨 ⏮️ 🥙 🤝

🔜 👈 👥 ✔️ 🌐 💂‍♂ 💧, ➡️ ⚒ 🈸 🤙 🔐, ⚙️ 🥙 🤝 & 🔐 🔐 🔁.

👉 📟 🕳 👆 💪 🤙 ⚙️ 👆 🈸, 🖊 🔐 #️⃣ 👆 💽, ♒️.

👥 🔜 ▶️ ⚪️➡️ 🌐❔ 👥 ◀️ ⏮️ 📃 & 📈 ⚫️.

🔃 🥙

🥙 ⛓ "🎻 🕸 🤝".

⚫️ 🐩 🚫 🎻 🎚 📏 💧 🎻 🍵 🚀. ⚫️ 👀 💖 👉:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

⚫️ 🚫 🗜,, 🙆 💪 🛡 ℹ ⚪️➡️ 🎚.

✋️ ⚫️ 🛑. , 🕐❔ 👆 📨 🤝 👈 👆 ♨, 👆 💪 ✔ 👈 👆 🤙 ♨ ⚫️.

👈 🌌, 👆 💪 ✍ 🤝 ⏮️ 👔, ➡️ 💬, 1️⃣ 🗓️. & ⤴️ 🕐❔ 👩‍💻 👟 🔙 ⏭ 📆 ⏮️ 🤝, 👆 💭 👈 👩‍💻 🕹 👆 ⚙️.

⏮️ 🗓️, 🤝 🔜 🕛 & 👩‍💻 🔜 🚫 ✔ & 🔜 ✔️ 🛑 🔄 🤚 🆕 🤝. & 🚥 👩‍💻 (⚖️ 🥉 🥳) 🔄 🔀 🤝 🔀 👔, 👆 🔜 💪 🔎 ⚫️, ↩️ 💳 🔜 🚫 🏏.

🚥 👆 💚 🤾 ⏮️ 🥙 🤝 & 👀 ❔ 👫 👷, ✅ https://jwt.io.

❎ python-jose

👥 💪 ❎ python-jose 🏗 & ✔ 🥙 🤝 🐍:

$ pip install "python-jose[cryptography]"

---> 100%

🐍-🇩🇬 🚚 🔐 👩‍💻 ➕.

📥 👥 ⚙️ 👍 1️⃣: )/⚛.

/// tip

👉 🔰 ⏪ ⚙️ PyJWT.

✋️ ⚫️ ℹ ⚙️ 🐍-🇩🇬 ↩️ ⚫️ 🚚 🌐 ⚒ ⚪️➡️ PyJWT ➕ ➕ 👈 👆 💪 💪 ⏪ 🕐❔ 🏗 🛠️ ⏮️ 🎏 🧰.

///

🔐 🔁

"🔁" ⛓ 🏭 🎚 (🔐 👉 💼) 🔘 🔁 🔢 (🎻) 👈 👀 💖 🙃.

🕐❔ 👆 🚶‍♀️ ⚫️❔ 🎏 🎚 (⚫️❔ 🎏 🔐) 👆 🤚 ⚫️❔ 🎏 🙃.

✋️ 👆 🚫🔜 🗜 ⚪️➡️ 🙃 🔙 🔐.

⚫️❔ ⚙️ 🔐 🔁

🚥 👆 💽 📎, 🧙‍♀ 🏆 🚫 ✔️ 👆 👩‍💻' 🔢 🔐, 🕴#️⃣.

, 🧙‍♀ 🏆 🚫 💪 🔄 ⚙️ 👈 🔐 ➕1️⃣ ⚙️ (📚 👩‍💻 ⚙️ 🎏 🔐 🌐, 👉 🔜 ⚠).

❎ passlib

🇸🇲 👑 🐍 📦 🍵 🔐#️⃣.

⚫️ 🐕‍🦺 📚 🔐 🔁 📊 & 🚙 👷 ⏮️ 👫.

👍 📊 "🐡".

, ❎ 🇸🇲 ⏮️ 🐡:

$ pip install "passlib[bcrypt]"

---> 100%

/// tip

⏮️ passlib, 👆 💪 🔗 ⚫️ 💪 ✍ 🔐 ✍ ✳, 🏺 💂‍♂ 🔌-⚖️ 📚 🎏.

, 👆 🔜 💪, 🖼, 💰 🎏 📊 ⚪️➡️ ✳ 🈸 💽 ⏮️ FastAPI 🈸. ⚖️ 📉 ↔ ✳ 🈸 ⚙️ 🎏 💽.

& 👆 👩‍💻 🔜 💪 💳 ⚪️➡️ 👆 ✳ 📱 ⚖️ ⚪️➡️ 👆 FastAPI 📱, 🎏 🕰.

///

#️⃣ & ✔ 🔐

🗄 🧰 👥 💪 ⚪️➡️ passlib.

✍ 🇸🇲 "🔑". 👉 ⚫️❔ 🔜 ⚙️ #️⃣ & ✔ 🔐.

/// tip

🇸🇲 🔑 ✔️ 🛠️ ⚙️ 🎏 🔁 📊, 🔌 😢 🗝 🕐 🕴 ✔ ✔ 👫, ♒️.

🖼, 👆 💪 ⚙️ ⚫️ ✍ & ✔ 🔐 🏗 ➕1️⃣ ⚙️ (💖 ✳) ✋️ #️⃣ 🙆 🆕 🔐 ⏮️ 🎏 📊 💖 🐡.

& 🔗 ⏮️ 🌐 👫 🎏 🕰.

///

✍ 🚙 🔢 #️⃣ 🔐 👟 ⚪️➡️ 👩‍💻.

& ➕1️⃣ 🚙 ✔ 🚥 📨 🔐 🏏 #️⃣ 🏪.

& ➕1️⃣ 1️⃣ 🔓 & 📨 👩‍💻.

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004_py310.py!}

////

/// note

🚥 👆 ✅ 🆕 (❌) 💽 fake_users_db, 👆 🔜 👀 ❔ #️⃣ 🔐 👀 💖 🔜: "$2b$12$EixZaYVK1fsbw1ZfbX3OXePaWxn96p36WQoeG6Lruj3vjPGga31lW".

///

🍵 🥙 🤝

🗄 🕹 ❎.

✍ 🎲 ㊙ 🔑 👈 🔜 ⚙️ 🛑 🥙 🤝.

🏗 🔐 🎲 ㊙ 🔑 ⚙️ 📋:

$ openssl rand -hex 32

09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7

& 📁 🔢 🔢 SECRET_KEY (🚫 ⚙️ 1️⃣ 🖼).

✍ 🔢 ALGORITHM ⏮️ 📊 ⚙️ 🛑 🥙 🤝 & ⚒ ⚫️ "HS256".

✍ 🔢 👔 🤝.

🔬 Pydantic 🏷 👈 🔜 ⚙️ 🤝 🔗 📨.

✍ 🚙 🔢 🏗 🆕 🔐 🤝.

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004_py310.py!}

////

ℹ 🔗

ℹ get_current_user 📨 🎏 🤝 ⏭, ✋️ 👉 🕰, ⚙️ 🥙 🤝.

🔣 📨 🤝, ✔ ⚫️, & 📨 ⏮️ 👩‍💻.

🚥 🤝 ❌, 📨 🇺🇸🔍 ❌ ▶️️ ↖️.

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004_py310.py!}

////

ℹ /token ➡ 🛠️

✍ timedelta ⏮️ 👔 🕰 🤝.

✍ 🎰 🥙 🔐 🤝 & 📨 ⚫️.

//// tab | 🐍 3️⃣.6️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004.py!}

////

//// tab | 🐍 3️⃣.1️⃣0️⃣ & 🔛

{!> ../../../docs_src/security/tutorial004_py310.py!}

////

📡 ℹ 🔃 🥙 "📄" sub

🥙 🔧 💬 👈 📤 🔑 sub, ⏮️ 📄 🤝.

⚫️ 📦 ⚙️ ⚫️, ✋️ 👈 🌐❔ 👆 🔜 🚮 👩‍💻 🆔, 👥 ⚙️ ⚫️ 📥.

🥙 5️⃣📆 ⚙️ 🎏 👜 ↖️ ⚪️➡️ ⚖ 👩‍💻 & 🤝 👫 🎭 🛠️ 🔗 🔛 👆 🛠️.

🖼, 👆 💪 🔬 "🚘" ⚖️ "📰 🏤".

⤴️ 👆 💪 🚮 ✔ 🔃 👈 👨‍💼, 💖 "💾" (🚘) ⚖️ "✍" (📰).

& ⤴️, 👆 💪 🤝 👈 🥙 🤝 👩‍💻 (⚖️ 🤖), & 👫 💪 ⚙️ ⚫️ 🎭 👈 🎯 (💾 🚘, ⚖️ ✍ 📰 🏤) 🍵 💆‍♂ ✔️ 🏧, ⏮️ 🥙 🤝 👆 🛠️ 🏗 👈.

⚙️ 👫 💭, 🥙 💪 ⚙️ 🌌 🌖 🤓 😐.

📚 💼, 📚 👈 👨‍💼 💪 ✔️ 🎏 🆔, ➡️ 💬 foo (👩‍💻 foo, 🚘 foo, & 📰 🏤 foo).

, ❎ 🆔 💥, 🕐❔ 🏗 🥙 🤝 👩‍💻, 👆 💪 🔡 💲 sub 🔑, ✅ ⏮️ username:. , 👉 🖼, 💲 sub 💪 ✔️: username:johndoe.

⚠ 👜 ✔️ 🤯 👈 sub 🔑 🔜 ✔️ 😍 🆔 🤭 🎂 🈸, & ⚫️ 🔜 🎻.

✅ ⚫️

🏃 💽 & 🚶 🩺: http://127.0.0.1:8000/docs.

👆 🔜 👀 👩‍💻 🔢 💖:

✔ 🈸 🎏 🌌 ⏭.

⚙️ 🎓:

🆔: johndoe 🔐: secret

/// check

👀 👈 🕳 📟 🔢 🔐 "secret", 👥 🕴 ✔️ #️⃣ ⏬.

///

🤙 🔗 /users/me/, 👆 🔜 🤚 📨:

{
  "username": "johndoe",
  "email": "[email protected]",
  "full_name": "John Doe",
  "disabled": false
}

🚥 👆 📂 👩‍💻 🧰, 👆 💪 👀 ❔ 📊 📨 🕴 🔌 🤝, 🔐 🕴 📨 🥇 📨 🔓 👩‍💻 & 🤚 👈 🔐 🤝, ✋️ 🚫 ⏮️:

/// note

👀 🎚 Authorization, ⏮️ 💲 👈 ▶️ ⏮️ Bearer .

///

🏧 ⚙️ ⏮️ scopes

Oauth2️⃣ ✔️ 🔑 "↔".

👆 💪 ⚙️ 👫 🚮 🎯 ⚒ ✔ 🥙 🤝.

⤴️ 👆 💪 🤝 👉 🤝 👩‍💻 🔗 ⚖️ 🥉 🥳, 🔗 ⏮️ 👆 🛠️ ⏮️ ⚒ 🚫.

👆 💪 💡 ❔ ⚙️ 👫 & ❔ 👫 🛠️ 🔘 FastAPI ⏪ 🏧 👩‍💻 🦮.

🌃

⏮️ ⚫️❔ 👆 ✔️ 👀 🆙 🔜, 👆 💪 ⚒ 🆙 🔐 FastAPI 🈸 ⚙️ 🐩 💖 Oauth2️⃣ & 🥙.

🌖 🙆 🛠️ 🚚 💂‍♂ ▶️️ 👍 🏗 📄 🔜.

📚 📦 👈 📉 ⚫️ 📚 ✔️ ⚒ 📚 ⚠ ⏮️ 💽 🏷, 💽, & 💪 ⚒. & 👉 📦 👈 📉 👜 💁‍♂️ 🌅 🤙 ✔️ 💂‍♂ ⚠ 🔘.

---

FastAPI 🚫 ⚒ 🙆 ⚠ ⏮️ 🙆 💽, 💽 🏷 ⚖️ 🧰.

⚫️ 🤝 👆 🌐 💪 ⚒ 🕐 👈 👖 👆 🏗 🏆.

& 👆 💪 ⚙️ 🔗 📚 👍 🚧 & 🛎 ⚙️ 📦 💖 passlib & python-jose, ↩️ FastAPI 🚫 🚚 🙆 🏗 🛠️ 🛠️ 🔢 📦.

✋️ ⚫️ 🚚 👆 🧰 📉 🛠️ 🌅 💪 🍵 🎯 💪, ⚖, ⚖️ 💂‍♂.

& 👆 💪 ⚙️ & 🛠️ 🔐, 🐩 🛠️, 💖 Oauth2️⃣ 📶 🙅 🌌.

👆 💪 💡 🌅 🏧 👩‍💻 🦮 🔃 ❔ ⚙️ Oauth2️⃣ "↔", 🌖 👌-🧽 ✔ ⚙️, 📄 👫 🎏 🐩. Oauth2️⃣ ⏮️ ↔ 🛠️ ⚙️ 📚 🦏 🤝 🐕‍🦺, 💖 👱📔, 🇺🇸🔍, 📂, 🤸‍♂, 👱📔, ♒️. ✔ 🥉 🥳 🈸 🔗 ⏮️ 👫 🔗 🔛 👨‍💼 👫 👩‍💻.