# Protecting Routes

* Next step is to protect the routes, meaning that the user has to be logged in, in order to be able to perform certain operations
* To do that we will have to modify the function parameters:

```python
def delete_post(id: int, db: Session = Depends(get_db), user_id: int = Depends(oauth2.get_current_user)):
```

* So all this does really, is that it sets up the <mark style="color:orange;">`get_current_user`</mark> function as a dependency meaning that the user has to be logged in