Search Options

Display Count
Sort
Preferred Language
Advanced Search

Results 1 - 10 of 14 for verify_password (0.11 seconds)

The search processing time has exceeded the limit. The displayed results may be partial.

  2. github.com/tiangolo/fastapi

    docs_src/security/tutorial004_an_py310.py 

            return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False
    if not verify_password(password, user.hashed_password):
        return False
    return user


def create_access_token(data: dict, expires_delta: timedelta | None = None):
    to_encode = data.copy()
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Feb 12 18:10:35 GMT 2026
    - 4.2K bytes
    - Click Count (0)
  3. github.com/tiangolo/fastapi

    docs_src/security/tutorial005_an_py310.py 

            return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False
    if not verify_password(password, user.hashed_password):
        return False
    return user


def create_access_token(data: dict, expires_delta: timedelta | None = None):
    to_encode = data.copy()
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Feb 12 18:10:35 GMT 2026
    - 5.4K bytes
    - Click Count (0)
  4. github.com/tiangolo/fastapi

    docs_src/security/tutorial004_py310.py 

            return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False
    if not verify_password(password, user.hashed_password):
        return False
    return user


def create_access_token(data: dict, expires_delta: timedelta | None = None):
    to_encode = data.copy()
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Feb 12 18:10:35 GMT 2026
    - 4.1K bytes
    - Click Count (0)
  5. github.com/tiangolo/fastapi

    docs_src/security/tutorial005_py310.py 

            return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False
    if not verify_password(password, user.hashed_password):
        return False
    return user


def create_access_token(data: dict, expires_delta: timedelta | None = None):
    to_encode = data.copy()
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Feb 12 18:10:35 GMT 2026
    - 5.3K bytes
    - Click Count (0)
  6. github.com/tiangolo/fastapi

    docs/ja/docs/tutorial/security/oauth2-jwt.md 

    さらに、ユーザーを認証して返す関数も作成します。

{* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

`authenticate_user` がデータベースに存在しないユーザー名で呼び出された場合でも、ダミーのハッシュを使って `verify_password` を実行します。

これにより、ユーザー名が有効かどうかに関わらずエンドポイントの応答時間がおおよそ同じになり、既存のユーザー名を列挙するために悪用されうる「タイミング攻撃」を防止できます。

/// note | 備考
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Fri Mar 20 14:07:17 GMT 2026
    - 14.6K bytes
    - Click Count (1)
  7. github.com/tiangolo/fastapi

    docs/tr/docs/tutorial/security/oauth2-jwt.md 

    {* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

`authenticate_user`, veritabanında var olmayan bir username ile çağrıldığında, yine de sahte (dummy) bir hash'e karşı `verify_password` çalıştırıyoruz.

Bu, username geçerli olsun ya da olmasın endpoint'in yaklaşık aynı sürede yanıt vermesini sağlar; böylece mevcut username'leri saymaya yarayabilecek zamanlama saldırılarını (timing attacks) engeller.
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Fri Mar 20 07:53:17 GMT 2026
    - 12.1K bytes
    - Click Count (0)
  8. github.com/tiangolo/fastapi

    docs/de/docs/tutorial/security/oauth2-jwt.md 

    {* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

Wenn `authenticate_user` mit einem Benutzernamen aufgerufen wird, der in der Datenbank nicht existiert, führen wir dennoch `verify_password` gegen einen Dummy-Hash aus.
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Mar 19 17:58:09 GMT 2026
    - 12.9K bytes
    - Click Count (0)
  9. github.com/tiangolo/fastapi

    docs/es/docs/tutorial/security/oauth2-jwt.md 

    {* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

Cuando `authenticate_user` se llama con un nombre de usuario que no existe en la base de datos, aun así ejecutamos `verify_password` contra un hash ficticio.
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Mar 19 18:15:55 GMT 2026
    - 11.5K bytes
    - Click Count (0)
  10. github.com/tiangolo/fastapi

    docs/uk/docs/tutorial/security/oauth2-jwt.md 

    {* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

Коли `authenticate_user` викликається з ім'ям користувача, якого немає в базі даних, ми все одно запускаємо `verify_password` для «підставного» хешу.
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Mar 19 18:27:41 GMT 2026
    - 17.9K bytes
    - Click Count (0)
  11. github.com/tiangolo/fastapi

    docs/fr/docs/tutorial/security/oauth2-jwt.md 

    {* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

Lorsque `authenticate_user` est appelée avec un nom d'utilisateur qui n'existe pas dans la base de données, nous exécutons tout de même `verify_password` contre un hachage factice.
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Mar 19 18:37:13 GMT 2026
    - 12.6K bytes
    - Click Count (0)
Back to Top