## Authentication:

Definition: Authentication is the process of verifying the identity of a user, system, or application. It ensures that the entity claiming a particular identity is indeed who it says it is.
#### Example: 
Consider a user trying to log into an email account. The authentication process involves providing a username and password. If the entered credentials match the stored credentials associated with that account, the user is successfully authenticated and granted access.
## Authorization:

Definition: Authorization is the process of determining what actions or resources a user, system, or application is allowed to access after successful authentication. Once the identity is verified, authorization defines the permissions and privileges associated with that identity.
#### Example: 
After successfully authenticating to an email account, authorization determines what actions the user can perform. For instance, an authenticated user may be authorized to read, write, and delete emails, but not allowed to change account settings. Authorization is about defining and enforcing these access rights.

### tokenUrl="token"
This parameter doesn't create that endpoint / path operation, but declares that the URL /token will be the one that the client should use to get the token.
That information is used in OpenAPI, and then in the interactive API documentation systems.

##### Annotated[str, Depends(oauth2_scheme)]
The Annotated class is used for adding additional metadata or annotations to the type hints in Python. In the context of FastAPI, it's often used to attach dependencies or additional information to parameters.

In [1]:
# main.py
from typing import Annotated

from fastapi import Depends, FastAPI
from fastapi.security import OAuth2PasswordBearer

app = FastAPI()

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") 

@app.get("/")
async def root():
    print(OAuth2PasswordBearer.__doc__)
    return {"message": "Hello World"}

@app.get("/token")
async def read_items(token: Annotated[str, Depends(oauth2_scheme)]):
    return {"token": token}

In [3]:
from fastapi.security import OAuth2PasswordBearer,OAuth2PasswordRequestForm
@app.post("/form")
async def login(form_data: Annotated[OAuth2PasswordRequestForm, Depends()]):
    return {"access_token": form_data.username ,"tokentype": "bearer" }
# http://127.0.0.1:8000/openapi.json
