* The **input model** needs to be able to have a password.
* The **output model** should not have a password.
* The **database model** would probably need to have a hashed password.

/// danger

Never store user's plaintext passwords. Always store a "secure hash" that you can then verify.

If you don't know, you will learn what a "password hash" is in the [security chapters](security/simple-oauth2.md#password-hashing){.internal-link target=_blank}.

///

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

Then, when you type that username and password, the browser sends them in the header automatically.

        super();
    }

    /**
     * Adds a password for files matching the given regular expression pattern.
     * @param regex the regular expression pattern to match against URLs or resource names
     * @param password the password to use for matching files
     */
    public void addPassword(final String regex, final String password) {
        passwordMap.put(Pattern.compile(regex), password);
    }

    /**

```Python
UserInDB(
    username="john",
    password="secret",
    email="******@****.***",
    full_name=None,
)
```

O más exactamente, usando `user_dict` directamente, con cualquier contenido que pueda tener en el futuro:

```Python
UserInDB(
    username = user_dict["username"],
    password = user_dict["password"],
    email = user_dict["email"],
    full_name = user_dict["full_name"],

        "arn:aws:s3:::*"
      ]
    }
  ]
}
```

### Visit <http://localhost:8080>

You will be redirected to dex login screen - click "Login with email", enter username password
> username: ******@****.***
> password: password

and then click "Grant access"

On the browser now you shall see the list of buckets output, along with your temporary credentials obtained from MinIO.

```
{
 "buckets": [

Por ejemplo, en una de las formas en las que se puede usar la especificación OAuth2 (llamada "password flow") se requiere enviar un `username` y `password` como campos de formulario.

La <abbr title="specification">especificación</abbr> requiere que los campos se llamen exactamente `username` y `password`, y que se envíen como campos de formulario, no JSON.

{* ../../docs_src/request_forms/tutorial001_an_py39.py hl[9] *}

For example, in one of the ways the OAuth2 specification can be used (called "password flow") it is required to send a `username` and `password` as form fields.

The <abbr title="specification">spec</abbr> requires the fields to be exactly named `username` and `password`, and to be sent as form fields, not JSON.

    }

    /**
     * Returns the password for SMB authentication.
     * @return the password
     */
    public String getPassword() {
        return password;
    }

    /**
     * Sets the password for SMB authentication.
     * @param password the password to set
     */
    public void setPassword(final String password) {
        this.password = password;
    }

    /**

        }

        params {
            password("env.ORG_GRADLE_PROJECT_gradleS3AccessKey", "%gradleS3AccessKey%")
            password("env.ORG_GRADLE_PROJECT_gradleS3SecretKey", "%gradleS3SecretKey%")
            password("env.ORG_GRADLE_PROJECT_artifactoryUserPassword", "%gradle.internal.repository.build-tool.publish.password%")
            password("env.DOTCOM_DEV_DOCS_AWS_ACCESS_KEY", "%dotcomDevDocsAwsAccessKey%")

    }

    /**
     * Returns the password.
     * @return The password.
     */
    public String getPassword() {
        return password;
    }

    /**
     * Sets the password.
     * @param password The password.
     */
    public void setPassword(final String password) {
        this.password = password;
    }

    /**