Issues in documentation page "Simple OAuth2 with Password and Bearer"

First check

• I added a very descriptive title to this issue.
• I used the GitHub search to find a similar issue and didn’t find it.
• I searched the FastAPI documentation, with the integrated search.
• I already searched in Google “How to X in FastAPI” and didn’t find any information.
• I already read and followed all the tutorial in the docs and didn’t find an answer.
• I already checked if it is not related to FastAPI but to Pydantic.
• I already checked if it is not related to FastAPI but to Swagger UI.
• I already checked if it is not related to FastAPI but to ReDoc.
• After submitting this, I commit to one of:
  • Read open issues with questions until I find 2 issues where I can help someone and add a comment to help there.
  • I already hit the “watch” button in this repository to receive notifications and I commit to help at least 2 people that ask questions in the future.
  • Implement a Pull Request for a confirmed bug.

Description

In fastapi.security.oauth2.py, line 51 (OAuth2PasswordRequestForm class definition), it’s defined scope: str = Form(""). However, Form("") is not a str. Below, in line 58 we find:

self.scopes = scope.split()

This is compatible with the type but it’s incompatible with the default value, as Form has no split method.

I know I’m being just picky here, but in my efforts to understand the whole thing, I did:

from fastapi.security import OAuth2PasswordRequestForm
x = OAuth2PasswordRequestForm(username='johndoe', password='secret')

and I got:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "C:\shared\workspaces\manager-westend\.venv\lib\site-packages\fastapi\security\oauth2.py", line 58, in __init__
    self.scopes = scope.split()
AttributeError: 'Form' object has no attribute 'split'

In order for it to run, I have to do:

from fastapi.security import OAuth2PasswordRequestForm
x = OAuth2PasswordRequestForm(username='johndoe', password='secret', scope='')

This is expected. So, the beginner’s question is: should the default value of scope not be "" instead of Form("")?

Is this a pull request, or just ignorance? Should I just stop poking around with dependency classes?

Environment

• OS: Windows
• FastAPI Version: 0.66.0
• Python version: 3.9.0 (tags/v3.9.0:9cf6752, Oct 5 2020, 15:34:40) [MSC v.1927 64 bit (AMD64)] on win32

Footnote

On a somewhat related topic, it is not too clear to me why we need the get_current_user functionality. Is this just to serve the /users/me endpoint? I don’t see it impacting on the login process. I can still login as alice, just not do anything in there with her inactive.