{"id":944,"date":"2026-05-26T23:13:43","date_gmt":"2026-05-26T15:13:43","guid":{"rendered":"https:\/\/junai.ai\/blog\/fastapi-auth-oauth2-jwt-9\/"},"modified":"2026-05-26T23:13:43","modified_gmt":"2026-05-26T15:13:43","slug":"fastapi-auth-oauth2-jwt-9","status":"publish","type":"post","link":"https:\/\/junai.ai\/blog\/fastapi-auth-oauth2-jwt-9\/","title":{"rendered":"FastAPI \uc778\uc99d \u2014 OAuth2\uc640 JWT \ud1a0\ud070"},"content":{"rendered":"\n<!-- WordPress REST API \ubc1c\ud589\uc6a9 HTML (\uc790\ub3d9 \uc0dd\uc131) -->\n<!-- WP-FEATURED-MEDIA-ID: 931 -->\n<div style=\"max-width:800px;margin:0 auto;\">\n<style>\n:root {--color-primary:#00897b;--color-accent:#009688;--color-bg:#fafbfc;--color-bg-card:#fff;--color-text:#1a202c;--color-text-muted:#64748b;--hero-start:#004d40;--hero-end:#00897b;}\n*{box-sizing:border-box;}\n.container{max-width:760px;margin:0 auto;padding:0 24px 80px;}\n.hero{background:linear-gradient(135deg,var(--hero-start) 0%,var(--hero-end) 100%);color:#fff;padding:80px 24px 60px;text-align:center;}\n.hero .eyebrow{display:inline-block;font-size:14px;color:#80cbc4;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;margin-bottom:14px;}\n.hero h1{font-size:36px;margin:0 0 16px;line-height:1.3;font-weight:800;}\n.hero p{color:#b2dfdb;font-size:18px;max-width:640px;margin:0 auto;line-height:1.6;}\n.hero img{width:100%;max-width:640px;height:auto;margin:32px auto 0;border-radius:10px;display:block;}\narticle{padding-top:48px;}\narticle h2{font-size:26px;margin:56px 0 20px;padding-left:14px;border-left:5px solid var(--color-accent);line-height:1.4;}\narticle h3{font-size:19px;margin:32px 0 12px;color:var(--color-primary);}\narticle p{margin:16px 0;}\narticle strong{color:var(--color-primary);font-weight:700;}\narticle code{background:#b2dfdb;padding:2px 8px;border-radius:4px;font-family:'SF Mono',Menlo,Consolas,monospace;font-size:14px;color:#004d40;}\n.databox{background:#b2dfdb;border-left:4px solid var(--color-accent);padding:16px 20px;margin:24px 0;border-radius:0 8px 8px 0;font-size:15.5px;}\n.databox strong{color:var(--color-primary);}\n.warnbox{background:linear-gradient(135deg,#fef3c7 0%,#fde68a 100%);padding:16px 20px;margin:24px 0;border-radius:8px;font-size:15.5px;}\n.tablewrap{overflow-x:auto;-webkit-overflow-scrolling:touch;margin:22px 0;}\ntable{width:100%;border-collapse:collapse;font-size:15px;background:var(--color-bg-card);}\nth,td{padding:11px 12px;text-align:left;border-bottom:1px solid #e2e8f0;vertical-align:top;}\nth{background:#f1f5f9;font-weight:700;color:#0f172a;}\ntd:first-child,th:first-child{font-weight:700;}\n@media (max-width:560px){.tablewrap table,.tablewrap thead,.tablewrap tbody,.tablewrap tr,.tablewrap th,.tablewrap td{display:block;width:auto;}.tablewrap thead{display:none;}.tablewrap tr{margin:0 0 14px;border:1px solid #e2e8f0;border-radius:10px;overflow:hidden;}.tablewrap td{border:none;border-bottom:1px solid #f1f5f9;padding:9px 14px;}.tablewrap td:first-child{background:#f1f5f9;font-weight:800;font-size:15.5px;}.tablewrap td:last-child{border-bottom:none;}.tablewrap td[data-label]::before{content:attr(data-label) \" \u2014 \";font-weight:700;color:var(--color-primary);}}\n.code-block{background:#0f172a;color:#e2e8f0;padding:16px 20px;border-radius:8px;font-family:'SF Mono',Menlo,Consolas,monospace;font-size:14px;line-height:1.6;margin:20px 0;overflow-x:auto;white-space:pre;}\n.cta{background:linear-gradient(135deg,#00897b 0%,#009688 100%);color:#fff;padding:28px 24px;border-radius:12px;margin:48px 0 0;text-align:center;}\n.cta h3{color:#fff;margin:0 0 8px;font-size:20px;}\n.cta p{color:#b2dfdb;margin:0;font-size:15.5px;}\n.footer-nav{margin-top:32px;padding-top:20px;border-top:1px solid #e2e8f0;font-size:14px;color:var(--color-text-muted);}\n.footer-nav a{color:var(--color-primary);text-decoration:none;}\n@media (max-width:480px){.hero h1{font-size:26px;}.hero p{font-size:16px;}article h2{font-size:21px;}article h3{font-size:17px;}body{font-size:16px;}}\n<\/style>\n<section class=\"hero\">\n  <span class=\"eyebrow\">FastAPI \uad50\uc7ac \u00b7 9\ud3b8 \u00b7 \uc778\uc99d<\/span>\n  <h1>FastAPI \uc778\uc99d \u2014 OAuth2\uc640 JWT \ud1a0\ud070<\/h1>\n  <p>&#8220;\ub108 \ub204\uad6c\ub0d0&#8221;\ub97c \ubb3b\ub294 \ub85c\uadf8\uc778\ubd80\ud130 &#8220;\uc774\uac70 \ud574\ub3c4 \ub418\ub0d0&#8221;\ub97c \ub530\uc9c0\ub294 \ubcf4\ud638\ub41c \ub77c\uc6b0\ud2b8\uae4c\uc9c0. \ube44\ubc00\ubc88\ud638 \ud574\uc2f1\uacfc JWT \ud1a0\ud070\uc73c\ub85c \uc778\uc99d\uc744 \uc81c\ub300\ub85c \uc138\uc6b4\ub2e4.<\/p>\n  <img decoding=\"async\" src=\"https:\/\/junai.ai\/blog\/wp-content\/uploads\/2026\/05\/hero-5-106.jpg\" alt=\"JWT \ud1a0\ud070 \uc5f4\uc1e0\uac00 \ubcf4\ud638\ub41c API \uc5d4\ub4dc\ud3ec\uc778\ud2b8\ub97c \uc5ec\ub294 \uc778\uc99d \ud750\ub984\uacfc \ubc29\ud328\u00b7\uc790\ubb3c\uc1e0\uac00 \uc11c\ubc84\ub97c \uc9c0\ud0a4\ub294 \uc544\uc774\uc18c\uba54\ud2b8\ub9ad \uc77c\ub7ec\uc2a4\ud2b8\">\n<\/section>\n\n<div class=\"container\">\n<article>\n\n<p>\uc9c0\uae08\uae4c\uc9c0 \uc6b0\ub9ac\uac00 \ub9cc\ub4e0 API \ub294 <strong>\ub204\uad6c\ub098 \ub9c8\uc74c\ub300\ub85c \ub4e4\uc5b4\uc62c \uc218 \uc788\ub294 \ubb38<\/strong> \uc774\uc5c8\ub2e4. <code>\/items<\/code> \ub97c \ubd80\ub974\uba74 \ub204\uad6c\ub4e0 \ubaa9\ub85d\uc744 \ubcf4\uace0, <code>POST<\/code> \ub97c \ub0a0\ub9ac\uba74 \ub204\uad6c\ub4e0 \ub370\uc774\ud130\ub97c \uc4f4\ub2e4. \uc791\uc740 \ud1a0\uc774 \ud504\ub85c\uc81d\ud2b8\ub77c\uba74 \uad1c\ucc2e\uc9c0\ub9cc, \uc9c4\uc9dc \uc11c\ube44\uc2a4\ub77c\uba74 \uace7\uc7a5 \uc9c8\ubb38\uc774 \uc0dd\uae34\ub2e4 \u2014 <strong>&#8220;\uc774 \uc694\uccad\uc744 \ubcf4\ub0b8 \uac8c \ub204\uad6c\uc9c0? \uc774 \uc0ac\ub78c\uc774 \uc774\uac78 \ubd10\ub3c4 \ub418\ub098?&#8221;<\/strong><\/p>\n\n<p>\uadf8 \uc9c8\ubb38\uc5d0 \ub2f5\ud558\ub294 \uac8c <strong>\uc778\uc99d(authentication)<\/strong> \uacfc <strong>\uc778\uac00(authorization)<\/strong> \ub2e4. 9\ud3b8\uc740 FastAPI \uc758 \ud45c\uc900 \uc778\uc99d \ubc29\uc2dd\uc778 <strong>OAuth2 + JWT<\/strong> \ub97c \ucc98\uc74c\ubd80\ud130 \ub05d\uae4c\uc9c0 \uc9e0\ub2e4. \ud68c\uc6d0\uc758 \ube44\ubc00\ubc88\ud638\ub97c \uc548\uc804\ud558\uac8c \uc800\uc7a5\ud558\uace0, \ub85c\uadf8\uc778\ud558\uba74 \ud1a0\ud070\uc744 \ubc1c\uae09\ud558\uace0, \uadf8 \ud1a0\ud070\uc774 \uc788\uc5b4\uc57c\ub9cc \ub4e4\uc5b4\uc62c \uc218 \uc788\ub294 \ub77c\uc6b0\ud2b8\ub97c \ub9cc\ub4e0\ub2e4. \ubcf4\uc548\uc740 \ud55c \ubc88 \ud5f7\uac08\ub9ac\uba74 \ud1b5\uc9f8\ub85c \ubb34\ub108\uc9c0\ub294 \uc601\uc5ed\uc774\ub77c, \ud754\ud55c \uc2e4\uc218\ub4e4\ub3c4 \uac19\uc774 \uc9da\ub294\ub2e4.<\/p>\n\n<h2>1. \uc778\uc99d\uacfc \uc778\uac00 \u2014 \ud5f7\uac08\ub9ac\uba74 \uc548 \ub418\ub294 \ub450 \ub2e8\uc5b4<\/h2>\n\n<p>\ub450 \ub2e8\uc5b4\uac00 \ube44\uc2b7\ud574 \ubcf4\uc5ec\uc11c \uc790\uc8fc \uc11e\uc774\ub294\ub370, \ud55c \ubb38\uc7a5\uc73c\ub85c \uac00\ub974\uba74 \ud3c9\uc0dd \uc548 \ud5f7\uac08\ub9b0\ub2e4.<\/p>\n\n<div class=\"databox\">\n<strong>\uc778\uc99d(Authentication) = &#8220;\ub108 \ub204\uad6c\ub0d0&#8221;<\/strong> \u2014 \uc2e0\uc6d0\uc744 \ud655\uc778\ud558\ub294 \uc77c. \ub85c\uadf8\uc778\ud574\uc11c &#8220;\ub098\ub294 \uae40\ucca0\uc218\uc785\ub2c8\ub2e4&#8221;\ub97c \uc99d\uba85\ud558\ub294 \ub2e8\uacc4.<br>\n<strong>\uc778\uac00(Authorization) = &#8220;\ub108 \uc774\uac70 \ud574\ub3c4 \ub418\ub0d0&#8221;<\/strong> \u2014 \uad8c\ud55c\uc744 \ud655\uc778\ud558\ub294 \uc77c. \uae40\ucca0\uc218\uac00 <strong>\uad00\ub9ac\uc790 \ud398\uc774\uc9c0<\/strong>\uc5d0 \ub4e4\uc5b4\uac08 \uc790\uaca9\uc774 \uc788\ub294\uc9c0 \ub530\uc9c0\ub294 \ub2e8\uacc4.\n<\/div>\n\n<p>\uacf5\ud56d\uc73c\ub85c \ube44\uc720\ud558\uba74 \u2014 <strong>\uc778\uc99d<\/strong>\uc740 \uc5ec\uad8c\uc744 \ubcf4\uc5ec \uc8fc\uace0 &#8220;\ubcf8\uc778\uc774 \ub9de\ub2e4&#8221;\ub97c \ud655\uc778\ubc1b\ub294 \uc77c\uc774\uace0, <strong>\uc778\uac00<\/strong>\ub294 \uadf8 \uc5ec\uad8c\uc5d0 \ucc0d\ud78c \ube44\uc790\ub85c &#8220;\uc774 \ub098\ub77c\uc5d0 \ub4e4\uc5b4\uac08 \uc218 \uc788\ub2e4&#8221;\ub97c \ud655\uc778\ubc1b\ub294 \uc77c\uc774\ub2e4. \uc21c\uc11c\ub3c4 \ud56d\uc0c1 \uc778\uc99d\uc774 \uba3c\uc800\ub2e4. \ub204\uad6c\uc778\uc9c0\ubd80\ud130 \uc54c\uc544\uc57c \uadf8 \uc0ac\ub78c\uc774 \ubb58 \ud560 \uc218 \uc788\ub294\uc9c0 \ub530\uc9c8 \uc218 \uc788\uc73c\ub2c8\uae4c.<\/p>\n\n<p>\uc774\ubc88 \ud3b8\uc740 \ub300\ubd80\ubd84 <strong>\uc778\uc99d<\/strong>\uc5d0 \uc9d1\uc911\ud55c\ub2e4. &#8220;\ub85c\uadf8\uc778\ud55c \uc0ac\uc6a9\uc790\ub9cc \ub4e4\uc5b4\uc62c \uc218 \uc788\ub2e4&#8221;\uae4c\uc9c0\uac00 9\ud3b8\uc758 \ubaa9\ud45c\uace0, \ub4f1\uae09\ubcc4 \uad8c\ud55c(\uad00\ub9ac\uc790 vs \uc77c\ubc18)\uc744 \ub098\ub204\ub294 \uc778\uac00\ub294 \uadf8 \uc704\uc5d0 \uc5b9\ub294 \uc751\uc6a9\uc774\ub2e4. \uc778\uc99d\uc774 \ub2e8\ub2e8\ud558\uba74 \uc778\uac00\ub294 \uc870\uac74\ubb38 \ud55c \uc904\ub85c \ub05d\ub09c\ub2e4.<\/p>\n\n<h2>2. \ube44\ubc00\ubc88\ud638 \ud574\uc2f1 \u2014 \ud3c9\ubb38 \uc800\uc7a5\uc740 \uc0ac\uace0\ub2e4<\/h2>\n\n<p>\uc778\uc99d\uc758 \ucd9c\ubc1c\uc810\uc740 \ube44\ubc00\ubc88\ud638\ub2e4. \uadf8\ub7f0\ub370 \uc5ec\uae30\uc11c \ucd08\ubcf4\uac00 \uac00\uc7a5 \ud06c\uac8c \uc0ac\uace0\ub97c \uce5c\ub2e4. <strong>\ube44\ubc00\ubc88\ud638\ub97c DB \uc5d0 \uadf8\ub300\ub85c(\ud3c9\ubb38\uc73c\ub85c) \uc800\uc7a5<\/strong>\ud558\ub294 \uac83\uc774\ub2e4. \uc808\ub300 \uc548 \ub41c\ub2e4. DB \uac00 \ud55c \ubc88 \ud138\ub9ac\uba74 \ubaa8\ub4e0 \ud68c\uc6d0\uc758 \ube44\ubc00\ubc88\ud638\uac00 \uadf8\ub300\ub85c \ub178\ucd9c\ub418\uace0, \uc0ac\ub78c\ub4e4\uc740 \uac19\uc740 \ube44\ubc00\ubc88\ud638\ub97c \uc5ec\ub7ec \uc0ac\uc774\ud2b8\uc5d0 \ub3cc\ub824\uc4f0\uae30 \ub54c\ubb38\uc5d0 \ud53c\ud574\uac00 \uc6b0\ub9ac \uc11c\ube44\uc2a4\uc5d0\uc11c \ub05d\ub098\uc9c0 \uc54a\ub294\ub2e4.<\/p>\n\n<p>\ud574\ubc95\uc740 <strong>\ud574\uc2f1(hashing)<\/strong> \uc774\ub2e4. \ube44\ubc00\ubc88\ud638\ub97c \ub418\ub3cc\ub9b4 \uc218 \uc5c6\ub294 \ud615\ud0dc\ub85c \ubc14\uafd4\uc11c \uc800\uc7a5\ud55c\ub2e4. <code>mypassword123<\/code> \uc774 <code>$2b$12$Kx...<\/code> \uac19\uc740 \uae34 \ubb38\uc790\uc5f4\uc774 \ub418\ub294\ub370, \uc774\uac74 \uc6d0\ub798 \uac12\uc73c\ub85c <strong>\ub418\ub3cc\ub9b4 \uc218 \uc5c6\ub2e4<\/strong>. \ub85c\uadf8\uc778\ud560 \ub54c\ub294 \uc785\ub825\ubc1b\uc740 \ube44\ubc00\ubc88\ud638\ub97c \uac19\uc740 \ubc29\uc2dd\uc73c\ub85c \ud574\uc2f1\ud574\uc11c, \uc800\uc7a5\ub41c \ud574\uc2dc\uc640 \uc77c\uce58\ud558\ub294\uc9c0\ub9cc \ube44\uad50\ud55c\ub2e4.<\/p>\n\n<p>FastAPI \uc9c4\uc601\uc5d0\uc11c\ub294 <strong>passlib<\/strong> \ub77c\uc774\ube0c\ub7ec\ub9ac\uc5d0 <strong>bcrypt<\/strong> \uc54c\uace0\ub9ac\uc998\uc744 \uc5b9\uc5b4 \uc4f4\ub2e4. \uba3c\uc800 \uc124\uce58\ubd80\ud130.<\/p>\n\n<div class=\"code-block\">$ pip install &#8220;python-jose[cryptography]&#8221; &#8220;passlib[bcrypt]&#8221;<\/div>\n\n<p>\ub450 \ud328\ud0a4\uc9c0\ub97c \ud55c \ubc88\uc5d0 \uae54\uc558\ub2e4. <code>passlib[bcrypt]<\/code> \ub294 \ud574\uc2f1\uc6a9, <code>python-jose[cryptography]<\/code> \ub294 \uc7a0\uc2dc \ub4a4 JWT \ubc1c\uae09\uc5d0 \uc4f4\ub2e4. \uc774\uc81c \ud574\uc2dc\ub97c \ub9cc\ub4e4\uace0 \uac80\uc99d\ud558\ub294 \ud5ec\ud37c\ub97c \uc9e0\ub2e4.<\/p>\n\n<div class=\"code-block\"># security.py\nfrom passlib.context import CryptContext\n\npwd_context = CryptContext(schemes=[&#8220;bcrypt&#8221;], deprecated=&#8221;auto&#8221;)\n\ndef hash_password(plain: str) -> str:\n    # \ud68c\uc6d0\uac00\uc785 \uc2dc \ud3c9\ubb38\uc744 \ud574\uc2dc\ub85c \ubc14\uafd4 DB \uc5d0 \uc800\uc7a5\n    return pwd_context.hash(plain)\n\ndef verify_password(plain: str, hashed: str) -> bool:\n    # \ub85c\uadf8\uc778 \uc2dc \uc785\ub825\uac12\uacfc \uc800\uc7a5\ub41c \ud574\uc2dc\ub97c \ube44\uad50 (True \/ False)\n    return pwd_context.verify(plain, hashed)<\/div>\n\n<p><code>CryptContext<\/code> \uac00 \ud575\uc2ec\uc774\ub2e4. <code>schemes=[\"bcrypt\"]<\/code> \ub294 &#8220;bcrypt \ub85c \ud574\uc2f1\ud558\ub77c&#8221;\ub294 \ub73b\uc774\uace0, <code>deprecated=\"auto\"<\/code> \ub294 \ub098\uc911\uc5d0 \ub354 \uac15\ud55c \uc54c\uace0\ub9ac\uc998\uc73c\ub85c \ubc14\uafc0 \ub54c \uc61b \ud574\uc2dc\ub3c4 \uc790\ub3d9\uc73c\ub85c \uc778\uc2dd\ud558\uac8c \ud574 \uc8fc\ub294 \uc635\uc158\uc774\ub2e4. <code>hash_password<\/code> \ub294 \ud68c\uc6d0\uac00\uc785 \ub54c \ud638\ucd9c\ud558\uace0, <code>verify_password<\/code> \ub294 \ub85c\uadf8\uc778 \ub54c \uc785\ub825\uac12\uc744 \uac80\uc99d\ud55c\ub2e4. bcrypt \ub294 \uac19\uc740 \ube44\ubc00\ubc88\ud638\ub77c\ub3c4 \ub9e4\ubc88 \ub2e4\ub978 \ud574\uc2dc\ub97c \ub0b4\ub193\uc9c0\ub9cc(\ub0b4\ubd80\uc5d0 \ubb34\uc791\uc704 <strong>salt<\/strong> \uac00 \uc11e\uc778\ub2e4), <code>verify<\/code> \uac00 \uadf8\uac78 \uc54c\uc544\uc11c \ucc98\ub9ac\ud558\ub2c8 \uc6b0\ub9ac\ub294 \uc2e0\uacbd \uc4f8 \uac8c \uc5c6\ub2e4.<\/p>\n\n<div class=\"warnbox\">\n<strong>\ubcf4\uc548 \uc8fc\uc758 \u2014 \uc808\ub300 \ud558\uc9c0 \ub9d0 \uac83<\/strong> \u2014 \u2460 \ube44\ubc00\ubc88\ud638\ub97c <strong>\ud3c9\ubb38 \uadf8\ub300\ub85c \uc800\uc7a5<\/strong>\ud558\uba74 \uc548 \ub41c\ub2e4. \u2461 <code>MD5<\/code>\u00b7<code>SHA-1<\/code> \uac19\uc740 \ube60\ub978 \ud574\uc2dc\ub85c \uc800\uc7a5\ud558\uba74 \uc548 \ub41c\ub2e4. \uc774\ub7f0 \ud574\uc2dc\ub294 \ucd08\ub2f9 \uc218\uc2ed\uc5b5 \ubc88 \ub300\uc785\ud558\ub294 \ubb34\ucc28\ubcc4 \uacf5\uaca9\uc5d0 \uc21c\uc2dd\uac04\uc5d0 \ub6ab\ub9b0\ub2e4. \ube44\ubc00\ubc88\ud638 \uc800\uc7a5\uc5d0\ub294 <strong>\uc77c\ubd80\ub7ec \ub290\ub9ac\uac8c \uc124\uacc4\ub41c<\/strong> bcrypt\u00b7argon2\u00b7scrypt \ub9cc \uc4f4\ub2e4. \u2462 <code>SECRET_KEY<\/code> \ub098 \ud574\uc2dc\ub97c <strong>\ucf54\ub4dc\u00b7\uae43 \uc800\uc7a5\uc18c\uc5d0 \ubc15\uc9c0 \ub9d0 \uac83<\/strong> \u2014 \ubc18\ub4dc\uc2dc \ud658\uacbd\ubcc0\uc218\ub85c \ube80\ub2e4.\n<\/div>\n\n<h2>3. \ub85c\uadf8\uc778 \u2192 JWT \ubc1c\uae09<\/h2>\n\n<p>\ube44\ubc00\ubc88\ud638 \uac80\uc99d\uc774 \ud1b5\uacfc\ud558\uba74, \uc11c\ubc84\ub294 \uc0ac\uc6a9\uc790\uc5d0\uac8c <strong>&#8220;\ub108\ub294 \uc778\uc99d\ub410\ub2e4&#8221;\ub294 \uc99d\ud45c<\/strong>\ub97c \ubc1c\uae09\ud55c\ub2e4. \uadf8 \uc99d\ud45c\uac00 <strong>JWT(JSON Web Token)<\/strong> \ub2e4. \ud55c \ubc88 \ub85c\uadf8\uc778\ud558\uba74 \ud1a0\ud070\uc744 \ubc1b\uace0, \uc774\ud6c4 \uc694\uccad\ub9c8\ub2e4 \uadf8 \ud1a0\ud070\uc744 \ub4e4\uace0 \uc624\uba74 \uc11c\ubc84\ub294 \ub9e4\ubc88 \ube44\ubc00\ubc88\ud638\ub97c \ubb3b\uc9c0 \uc54a\uc544\ub3c4 &#8220;\uc544, \uc544\uae4c \uadf8 \uc0ac\ub78c\uc774\uad70&#8221; \ud558\uace0 \uc54c\uc544\ubcf8\ub2e4.<\/p>\n\n<p>JWT \ub294 <strong>\uc810(.)<\/strong> \uc73c\ub85c \ub098\ub25c \uc138 \ud1a0\ub9c9\uc758 \ubb38\uc790\uc5f4\uc774\ub2e4 \u2014 \ud5e4\ub354\u00b7\ud398\uc774\ub85c\ub4dc\u00b7\uc11c\uba85. \ud575\uc2ec\uc740 \ub9c8\uc9c0\ub9c9 <strong>\uc11c\uba85<\/strong> \uc778\ub370, \uc11c\ubc84\ub9cc \uc544\ub294 <code>SECRET_KEY<\/code> \ub85c \ub9cc\ub4e4\uc5b4\uc9c4\ub2e4. \ub204\uac00 \ud1a0\ud070 \ub0b4\uc6a9\uc744 \uc704\uc870\ud574\ub3c4 \uc11c\uba85\uc774 \uc548 \ub9de\uc73c\uba74 \uc11c\ubc84\uac00 \uc989\uc2dc \uac00\uc9dc\ub77c\uace0 \ud310\ubcc4\ud55c\ub2e4. FastAPI \ub294 \ub85c\uadf8\uc778 \ud3fc\uc744 \ubc1b\ub294 \ud45c\uc900 \ub3c4\uad6c <code>OAuth2PasswordRequestForm<\/code> \uc744 \uc81c\uacf5\ud55c\ub2e4.<\/p>\n\n<div class=\"code-block\"># auth.py\nimport os\nfrom datetime import datetime, timedelta, timezone\nfrom fastapi import APIRouter, Depends, HTTPException, status\nfrom fastapi.security import OAuth2PasswordRequestForm\nfrom jose import jwt\n\nfrom security import verify_password\nfrom db import get_user_by_email   # 9\ud3b8 \ubc94\uc704 \ubc16, DB \uc870\ud68c \ud568\uc218\ub77c\uace0 \uac00\uc815\n\nSECRET_KEY = os.environ[&#8220;SECRET_KEY&#8221;]   # \ud658\uacbd\ubcc0\uc218\uc5d0\uc11c\ub9cc! \ucf54\ub4dc\uc5d0 \ubc15\uc9c0 \uc54a\ub294\ub2e4\nALGORITHM = &#8220;HS256&#8221;\nACCESS_TOKEN_EXPIRE_MINUTES = 30\n\nrouter = APIRouter()\n\n@router.post(&#8220;\/token&#8221;)\ndef login(form: OAuth2PasswordRequestForm = Depends()):\n    user = get_user_by_email(form.username)   # OAuth2 \ud45c\uc900\uc0c1 \ud544\ub4dc\uba85\uc774 username\n    if not user or not verify_password(form.password, user.hashed_password):\n        raise HTTPException(\n            status_code=status.HTTP_401_UNAUTHORIZED,\n            detail=&#8221;\uc774\uba54\uc77c \ub610\ub294 \ube44\ubc00\ubc88\ud638\uac00 \uc62c\ubc14\ub974\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4&#8221;,\n            headers={&#8220;WWW-Authenticate&#8221;: &#8220;Bearer&#8221;},\n        )\n    expire = datetime.now(timezone.utc) + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)\n    token = jwt.encode(\n        {&#8220;sub&#8221;: user.email, &#8220;exp&#8221;: expire},\n        SECRET_KEY,\n        algorithm=ALGORITHM,\n    )\n    return {&#8220;access_token&#8221;: token, &#8220;token_type&#8221;: &#8220;bearer&#8221;}<\/div>\n\n<p>\ud55c \ud750\ub984\uc73c\ub85c \uc77d\uc73c\uba74 \u2014 \u2460 <code>OAuth2PasswordRequestForm<\/code> \uc774 \ud3fc\uc5d0\uc11c <code>username<\/code>\u00b7<code>password<\/code> \ub97c \uaebc\ub0b4 \uc900\ub2e4(OAuth2 \uaddc\uaca9\uc774\ub77c \uc774\uba54\uc77c\uc744 \ubc1b\uc544\ub3c4 \ud544\ub4dc\uba85\uc740 <code>username<\/code> \uc774\ub2e4). \u2461 DB \uc5d0\uc11c \uc0ac\uc6a9\uc790\ub97c \ucc3e\uace0 <code>verify_password<\/code> \ub85c \ube44\ubc00\ubc88\ud638\ub97c \uac80\uc99d\ud55c\ub2e4. \u2462 \ud2c0\ub9ac\uba74 <strong>401<\/strong> \uc744 \ub358\uc9c4\ub2e4. \u2463 \ub9de\uc73c\uba74 <code>jwt.encode<\/code> \ub85c \ud1a0\ud070\uc744 \ub9cc\ub4e0\ub2e4. \ud398\uc774\ub85c\ub4dc\uc758 <code>sub<\/code> \ub294 &#8220;\uc774 \ud1a0\ud070\uc758 \uc8fc\uc778&#8221;(\ubcf4\ud1b5 \uc0ac\uc6a9\uc790 \uc2dd\ubcc4\uc790), <code>exp<\/code> \ub294 <strong>\ub9cc\ub8cc \uc2dc\uac01<\/strong> \uc774\ub2e4.<\/p>\n\n<div class=\"databox\">\n<strong>\uc65c <code>exp<\/code>(\ub9cc\ub8cc)\uac00 \uc911\uc694\ud55c\uac00<\/strong> \u2014 \ud1a0\ud070\uc774 \uc601\uc6d0\ud788 \uc720\ud6a8\ud558\uba74, \ud55c \ubc88 \uc0c8\uc5b4 \ub098\uac04 \ud1a0\ud070\uc73c\ub85c \uc601\uc6d0\ud788 \ub85c\uadf8\uc778\ub41c\ub2e4. 30\ubd84 \uc815\ub3c4\uc758 \uc9e7\uc740 \uc218\uba85\uc744 \ub450\uba74 \ud0c8\ucde8\ub3fc\ub3c4 \ud53c\ud574 \uc2dc\uac04\uc774 \uc81c\ud55c\ub41c\ub2e4. \uc751\ub2f5\uc758 <code>{\"access_token\": ..., \"token_type\": \"bearer\"}<\/code> \ud615\ud0dc\ub3c4 <strong>OAuth2 \ud45c\uc900<\/strong> \uc774\ub77c, \ud074\ub77c\uc774\uc5b8\ud2b8\uac00 \ubc1b\uc544\uc11c \uadf8\ub300\ub85c \uc4f0\uae30 \uc88b\ub2e4.\n<\/div>\n\n<h2>4. \ubcf4\ud638\ub41c \ub77c\uc6b0\ud2b8 \u2014 \ud1a0\ud070\uc774 \uc788\uc5b4\uc57c \ub4e4\uc5b4\uc628\ub2e4<\/h2>\n\n<p>\uc774\uc81c \ub9c8\uc9c0\ub9c9 \uc870\uac01. \ubc1c\uae09\ud55c \ud1a0\ud070\uc744 <strong>\ub9e4 \uc694\uccad\uc5d0\uc11c \uac80\uc0ac<\/strong>\ud574\uc11c, \uc720\ud6a8\ud55c \ud1a0\ud070\uc744 \uac00\uc9c4 \uc0ac\ub78c\ub9cc \ud1b5\uacfc\uc2dc\ud0a4\ub294 \ub77c\uc6b0\ud2b8\ub97c \ub9cc\ub4e0\ub2e4. \uc5ec\uae30\uc11c 5\ud3b8\uc5d0\uc11c \ubc30\uc6b4 <code>Depends<\/code> \uac00 \ube5b\ub09c\ub2e4. &#8220;\ud604\uc7ac \uc0ac\uc6a9\uc790\ub97c \uc54c\uc544\ub0b4\ub294&#8221; \uc758\uc874\uc131\uc744 \ud55c \ubc88 \ub9cc\ub4e4\uc5b4 \ub450\uace0, \ubcf4\ud638\uac00 \ud544\uc694\ud55c \ubaa8\ub4e0 \ub77c\uc6b0\ud2b8\uc5d0 \ub07c\uc6cc \ub123\uc73c\uba74 \ub41c\ub2e4.<\/p>\n\n<div class=\"code-block\"># deps.py\nfrom fastapi import Depends, HTTPException, status\nfrom fastapi.security import OAuth2PasswordBearer\nfrom jose import jwt, JWTError\n\nfrom auth import SECRET_KEY, ALGORITHM\nfrom db import get_user_by_email\n\noauth2_scheme = OAuth2PasswordBearer(tokenUrl=&#8221;token&#8221;)\n\ndef get_current_user(token: str = Depends(oauth2_scheme)):\n    credentials_error = HTTPException(\n        status_code=status.HTTP_401_UNAUTHORIZED,\n        detail=&#8221;\uc790\uaca9 \uc99d\uba85\uc744 \ud655\uc778\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4&#8221;,\n        headers={&#8220;WWW-Authenticate&#8221;: &#8220;Bearer&#8221;},\n    )\n    try:\n        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])\n        email = payload.get(&#8220;sub&#8221;)\n        if email is None:\n            raise credentials_error\n    except JWTError:        # \uc11c\uba85 \uc704\uc870\u00b7\ub9cc\ub8cc(exp) \ubaa8\ub450 \uc5ec\uae30\uc11c \uc7a1\ud78c\ub2e4\n        raise credentials_error\n    user = get_user_by_email(email)\n    if user is None:\n        raise credentials_error\n    return user<\/div>\n\n<p><code>OAuth2PasswordBearer(tokenUrl=\"token\")<\/code> \uac00 \ub450 \uac00\uc9c0\ub97c \ud55c\ub2e4 \u2014 \uc694\uccad \ud5e4\ub354\uc758 <code>Authorization: Bearer &lt;\ud1a0\ud070&gt;<\/code> \uc5d0\uc11c \ud1a0\ud070\uc744 \ubf51\uc544 \uc8fc\uace0, <code>\/docs<\/code> \ud654\uba74\uc5d0 <strong>\ub85c\uadf8\uc778 \ubc84\ud2bc<\/strong>\uc744 \uc790\ub3d9\uc73c\ub85c \ub9cc\ub4e4\uc5b4 \uc900\ub2e4. <code>jwt.decode<\/code> \ub294 \uc11c\uba85\uc744 \uac80\uc99d\ud558\uace0 \ub9cc\ub8cc\ub97c \ud655\uc778\ud558\ub294\ub370, \ub458 \uc911 \ud558\ub098\ub77c\ub3c4 \uc5b4\uae0b\ub098\uba74 <code>JWTError<\/code> \ub97c \ub358\uc9c4\ub2e4 \u2014 \uadf8\ub798\uc11c \uc704\uc870 \ud1a0\ud070\uc774\ub4e0 \ub9cc\ub8cc \ud1a0\ud070\uc774\ub4e0 \ubaa8\ub450 <strong>401<\/strong> \ub85c \ub5a8\uc5b4\uc9c4\ub2e4. \uc774\uc81c \ubcf4\ud638\ub41c \ub77c\uc6b0\ud2b8\ub294 \ud55c \uc904\uc9dc\ub9ac\ub2e4.<\/p>\n\n<div class=\"code-block\"># main.py\nfrom fastapi import FastAPI, Depends\nfrom deps import get_current_user\nimport auth\n\napp = FastAPI()\napp.include_router(auth.router)   # \/token (\ub85c\uadf8\uc778) \ub4f1\ub85d\n\n@app.get(&#8220;\/me&#8221;)\ndef read_me(user = Depends(get_current_user)):\n    # \uc5ec\uae30 \ub4e4\uc5b4\uc654\ub2e4\ub294 \uac74 \ud1a0\ud070 \uac80\uc99d\uc744 \uc774\ubbf8 \ud1b5\uacfc\ud588\ub2e4\ub294 \ub73b\n    return {&#8220;email&#8221;: user.email}<\/div>\n\n<p>\uc774\uac8c \uc804\ubd80\ub2e4. <code>\/me<\/code> \ud568\uc218 \uc2dc\uadf8\ub2c8\ucc98\uc5d0 <code>user = Depends(get_current_user)<\/code> \ud55c \uc904\uc744 \ub07c\uc6b4 \uac83\ub9cc\uc73c\ub85c, FastAPI \ub294 \ud568\uc218 \ubcf8\ubb38\uc744 \uc2e4\ud589\ud558\uae30 <strong>\uc804\uc5d0<\/strong> \ud1a0\ud070\uc744 \uac80\uc0ac\ud55c\ub2e4. \ud1a0\ud070\uc774 \uc5c6\uac70\ub098 \uc704\uc870\ub410\uac70\ub098 \ub9cc\ub8cc\ub410\uc73c\uba74 \ud568\uc218\ub294 \uc544\uc608 \ud638\ucd9c\ub418\uc9c0 \uc54a\uace0 \uace7\uc7a5 <strong>401<\/strong> \uc774 \ub098\uac04\ub2e4. \ubcf4\ud638\uac00 \ud544\uc694\ud55c \ub2e4\ub978 \ub77c\uc6b0\ud2b8\ub3c4 \uac19\uc740 \uc758\uc874\uc131 \ud55c \uc904\ub9cc \ubd99\uc774\uba74 \ub41c\ub2e4 \u2014 \uc778\uc99d \ub85c\uc9c1\uc744 \ub77c\uc6b0\ud2b8\ub9c8\ub2e4 \ubca0\uaef4 \uc4f8 \ud544\uc694\uac00 \uc5c6\ub2e4.<\/p>\n\n<p>\uc751\uc6a9\uc740 \uc790\uc5f0\uc2a4\ub7fd\uac8c \ub530\ub77c\uc628\ub2e4. \ub85c\uadf8\uc778\ud55c \uc0ac\uc6a9\uc790\ub9cc \uc790\uae30 \uae00\uc744 \uc218\uc815\ud558\uac8c \ud558\ub824\uba74 <code>get_current_user<\/code> \uac00 \ub3cc\ub824\uc900 <code>user<\/code> \uc640 \uae00 \uc791\uc131\uc790\ub97c \ube44\uad50\ud558\uba74 \ub418\uace0(\uc5ec\uae30\uc11c\ubd80\ud130\uac00 <strong>\uc778\uac00<\/strong>\ub2e4), \uad00\ub9ac\uc790 \uc804\uc6a9 \ub77c\uc6b0\ud2b8\ub294 <code>user.is_admin<\/code> \uc744 \uc870\uac74\ubb38 \ud558\ub098\ub85c \uac80\uc0ac\ud558\uba74 \ub41c\ub2e4. \ub2e8\ub2e8\ud55c \uc778\uc99d \uc704\uc5d0\uc11c \uc778\uac00\ub294 \uc774\ub807\uac8c \uac00\ubcbc\uc6cc\uc9c4\ub2e4.<\/p>\n\n<h3>\uc694\uc57d<\/h3>\n\n<p>9\ud3b8\uc744 \ud55c \ud638\ud761\uc5d0 \uc815\ub9ac\ud558\uba74 \u2014 <strong>\uc778\uc99d<\/strong>\uc740 &#8220;\ub108 \ub204\uad6c\ub0d0&#8221;, <strong>\uc778\uac00<\/strong>\ub294 &#8220;\ub108 \uc774\uac70 \ud574\ub3c4 \ub418\ub0d0&#8221;\ub2e4. \ube44\ubc00\ubc88\ud638\ub294 \uc808\ub300 \ud3c9\ubb38\uc774\ub098 MD5 \ub85c \uc800\uc7a5\ud558\uc9c0 \uc54a\uace0 <strong>passlib + bcrypt<\/strong> \ub85c \ud574\uc2f1\ud55c\ub2e4. \ub85c\uadf8\uc778\uc774 \ud1b5\uacfc\ud558\uba74 <code>OAuth2PasswordRequestForm<\/code> \uc73c\ub85c \ud3fc\uc744 \ubc1b\uc544 \uac80\uc99d\ud558\uace0, <strong>python-jose<\/strong> \uc758 <code>jwt.encode<\/code> \ub85c <code>sub<\/code>\u00b7<code>exp<\/code> \ub97c \ub2f4\uc740 <strong>JWT<\/strong> \ub97c \ud658\uacbd\ubcc0\uc218 <code>SECRET_KEY<\/code> \ub85c \uc11c\uba85\ud574 \ubc1c\uae09\ud55c\ub2e4. \ubcf4\ud638\ub41c \ub77c\uc6b0\ud2b8\ub294 <code>OAuth2PasswordBearer<\/code> \ub85c \ud1a0\ud070\uc744 \ubf51\uace0 <code>get_current_user<\/code> \uc758\uc874\uc131\uc5d0\uc11c <code>jwt.decode<\/code> \ub85c \uac80\uc99d\ud574, \uc704\uc870\u00b7\ub9cc\ub8cc \ud1a0\ud070\uc744 \ubaa8\ub450 401 \ub85c \ub9c9\ub294\ub2e4. \uc778\uc99d\uc758 \ubf08\ub300\uac00 \uc774 \uc138 \ub2e8\uacc4 \u2014 <strong>\ud574\uc2f1 \u00b7 \ubc1c\uae09 \u00b7 \uac80\uc99d<\/strong> \u2014 \uc548\uc5d0 \ub2e4 \ub4e4\uc5b4 \uc788\ub2e4.<\/p>\n\n<div class=\"cta\">\n<h3>\ub2e4\uc74c \ud3b8 \uc608\uace0 \u2014 FastAPI \ud14c\uc2a4\ud2b8<\/h3>\n<p>\uc9c0\uae08\uae4c\uc9c0 \ub9cc\ub4e0 API \uac00 \uc815\ub9d0 \uc758\ub3c4\ub300\ub85c \ub3d9\uc791\ud558\ub294\uc9c0, TestClient \uc640 pytest \ub85c \uc790\ub3d9 \uac80\uc99d\ud558\ub294 \ubc95\uc744 \ubc30\uc6b4\ub2e4.<\/p>\n<\/div>\n\n<div class=\"footer-nav\">\n\uc2dc\ub9ac\uc988 \u00b7 <a href=\"https:\/\/junai.ai\/blog\/category\/fastapi\/\">\uc27d\uac8c \ubc30\uc6b0\ub294 FastAPI<\/a> \u00b7 \ud568\uaed8 \ubcf4\uae30: <a href=\"https:\/\/junai.ai\/blog\/category\/python\/\">\ud30c\uc774\uc36c \uae30\ucd08 \uc2dc\ub9ac\uc988<\/a>\n<\/div>\n\n<\/article>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\ube44\ubc00\ubc88\ud638 \ud574\uc2f1\ubd80\ud130 JWT \ubc1c\uae09, \ubcf4\ud638\ub41c \ub77c\uc6b0\ud2b8\uae4c\uc9c0. FastAPI \uc758 OAuth2 \uc640 \ud1a0\ud070\uc73c\ub85c \ub85c\uadf8\uc778 \uc778\uc99d\uc744 \uc548\uc804\ud558\uac8c \uad6c\ud604\ud558\ub294 \ubc95\uc744 \ub2e4\ub8ec\ub2e4. \uad50\uc7ac 9\ud3b8.<\/p>\n","protected":false},"author":1,"featured_media":931,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-944","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-fastapi"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts\/944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/comments?post=944"}],"version-history":[{"count":0,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/posts\/944\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/media\/931"}],"wp:attachment":[{"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/media?parent=944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/categories?post=944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/junai.ai\/blog\/wp-json\/wp\/v2\/tags?post=944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}