}

    /**
     * Record successful authentication
     *
     * @param username the username
     * @param sourceIp the source IP
     */
    public void recordSuccess(String username, String sourceIp) {
        if (username != null) {
            AccountAttempts account = accountAttempts.get(username);
            if (account != null) {
                account.reset();
            }
        }

    public void update(final User user) {
        final String username = user.getName();
        final String password = user.getOriginalPassword();
        changePassword(username, password);
    }

    @Override
    public void delete(final User user) {
        final String username = user.getName();
        if (isTargetUser(username)) {
            executeCommand(deleteCommand, username, StringUtil.EMPTY);
        }
    }

     * @param username the username to authenticate with
     * @param password the password to authenticate with
     */
    public NtlmPasswordAuthentication(String domain, String username, final String password) {
        int ci;

        if (username != null) {
            ci = username.indexOf('@');
            if (ci > 0) {
                domain = username.substring(ci + 1);
                username = username.substring(0, ci);

    ],
)
def get_mod(request: pytest.FixtureRequest):
    mod = importlib.import_module(f"docs_src.security.{request.param}")

    return mod


def get_access_token(*, username="johndoe", password="secret", client: TestClient):
    data = {"username": username, "password": password}
    response = client.post("/token", data=data)
    content = response.json()
    access_token = content.get("access_token")
    return access_token

## `username` und `password` entgegennehmen { #get-the-username-and-password }

Wir werden **FastAPIs** Sicherheits-Werkzeuge verwenden, um den `username` und das `password` entgegenzunehmen.

OAuth2 spezifiziert, dass der Client/Benutzer bei Verwendung des „Password Flow“ (den wir verwenden) die Felder `username` und `password` als Formulardaten senden muss.

## Obtener el `username` y `password` { #get-the-username-and-password }

Vamos a usar las utilidades de seguridad de **FastAPI** para obtener el `username` y `password`.

OAuth2 especifica que cuando se utiliza el "password flow" (que estamos usando), el cliente/usuario debe enviar campos `username` y `password` como form data.

def get_mod(request: pytest.FixtureRequest):
    mod = importlib.import_module(f"docs_src.security.{request.param}")

    return mod


def get_access_token(
    *, username="johndoe", password="secret", scope=None, client: TestClient
):
    data = {"username": username, "password": password}
    if scope:
        data["scope"] = scope
    response = client.post("/token", data=data)
    content = response.json()

                username = username.substring(0, ci);
            } else {
                ci = username.indexOf('\\');
                if (ci > 0) {
                    domain = username.substring(0, ci);
                    username = username.substring(ci + 1);
                }
            }
        }

        this.domain = domain != null ? domain : "";
        this.username = username != null ? username : "";

                """
            ),
        ] = None,
        username: Annotated[
            str,
            Form(),
            Doc(
                """
                `username` string. The OAuth2 spec requires the exact field name
                `username`.
                """
            ),
        ],
        password: Annotated[
            str,

        String username = "resetuser";
        String ip = "192.168.1.5";

        // Two failures
        assertTrue(rateLimiter.checkAttempt(username, ip));
        rateLimiter.recordFailure(username, ip);

        assertTrue(rateLimiter.checkAttempt(username, ip));
        rateLimiter.recordFailure(username, ip);

        // Success should reset counter
        assertTrue(rateLimiter.checkAttempt(username, ip));