First, let's quickly see the parts that change from the examples in the main **Tutorial - User Guide** for [OAuth2 with Password (and hashing), Bearer with JWT tokens](../../tutorial/security/oauth2-jwt.md){.internal-link target=_blank}. Now using OAuth2 scopes:
-//// tab | Python 3.10+
-
-```Python hl_lines="5 9 13 47 65 106 108-116 122-125 129-135 140 156"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="2 5 9 13 47 65 106 108-116 122-125 129-135 140 156"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="2 5 9 13 48 66 107 109-117 123-126 130-136 141 157"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="4 8 12 46 64 105 107-115 121-124 128-134 139 155"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="2 5 9 13 47 65 106 108-116 122-125 129-135 140 156"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="2 5 9 13 47 65 106 108-116 122-125 129-135 140 156"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[5,9,13,47,65,106,108:116,122:125,129:135,140,156] *}
Now let's review those changes step by step.
The `scopes` parameter receives a `dict` with each scope as a key and the description as the value:
-//// tab | Python 3.10+
-
-```Python hl_lines="63-66"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="63-66"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="64-67"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="62-65"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="63-66"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="63-66"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[63:66] *}
Because we are now declaring those scopes, they will show up in the API docs when you log-in/authorize.
///
-//// tab | Python 3.10+
-
-```Python hl_lines="156"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="156"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="157"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="155"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="156"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="156"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[156] *}
## Declare scopes in *path operations* and dependencies
///
-//// tab | Python 3.10+
-
-```Python hl_lines="5 140 171"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="5 140 171"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="5 141 172"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="4 139 168"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="5 140 169"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="5 140 169"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[5,140,171] *}
/// info | "Technical Details"
This `SecurityScopes` class is similar to `Request` (`Request` was used to get the request object directly).
-//// tab | Python 3.10+
-
-```Python hl_lines="9 106"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="9 106"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="9 107"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="8 105"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="9 106"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="9 106"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[9,106] *}
## Use the `scopes`
In this exception, we include the scopes required (if any) as a string separated by spaces (using `scope_str`). We put that string containing the scopes in the `WWW-Authenticate` header (this is part of the spec).
-//// tab | Python 3.10+
-
-```Python hl_lines="106 108-116"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="106 108-116"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="107 109-117"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="105 107-115"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="106 108-116"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="106 108-116"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[106,108:116] *}
## Verify the `username` and data shape
We also verify that we have a user with that username, and if not, we raise that same exception we created before.
-//// tab | Python 3.10+
-
-```Python hl_lines="47 117-128"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="47 117-128"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="48 118-129"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="46 116-127"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="47 117-128"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="47 117-128"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[47,117:128] *}
## Verify the `scopes`
For this, we use `security_scopes.scopes`, that contains a `list` with all these scopes as `str`.
-//// tab | Python 3.10+
-
-```Python hl_lines="129-135"
-{!> ../../docs_src/security/tutorial005_an_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+
-
-```Python hl_lines="129-135"
-{!> ../../docs_src/security/tutorial005_an_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+
-
-```Python hl_lines="130-136"
-{!> ../../docs_src/security/tutorial005_an.py!}
-```
-
-////
-
-//// tab | Python 3.10+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="128-134"
-{!> ../../docs_src/security/tutorial005_py310.py!}
-```
-
-////
-
-//// tab | Python 3.9+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="129-135"
-{!> ../../docs_src/security/tutorial005_py39.py!}
-```
-
-////
-
-//// tab | Python 3.8+ non-Annotated
-
-/// tip
-
-Prefer to use the `Annotated` version if possible.
-
-///
-
-```Python hl_lines="129-135"
-{!> ../../docs_src/security/tutorial005.py!}
-```
-
-////
+{* ../../docs_src/security/tutorial005_an_py310.py hl[129:135] *}
## Dependency tree and scopes
projects / thirdparty / fastapi / fastapi.git / commitdiff
