Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 9 of 9 for compare_digest (0.29 sec)

  1. docs_src/security/tutorial007_an.py

        correct_username_bytes = b"stanleyjobson"
        is_correct_username = secrets.compare_digest(
            current_username_bytes, correct_username_bytes
        )
        current_password_bytes = credentials.password.encode("utf8")
        correct_password_bytes = b"swordfish"
        is_correct_password = secrets.compare_digest(
            current_password_bytes, correct_password_bytes
        )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Tue Mar 26 16:56:53 UTC 2024
    - 1.2K bytes
    - Viewed (0)
  2. docs/em/docs/advanced/security/http-basic-auth.md

    ✋️ 🔨 👈, ⏲ ⚖️ 📆 👊 🔜 ✔️ 💭 ☑ 🆔 & 🔐, ⏮️ "ℹ" 👆 🈸, ⚙️ 🕰 ✊ ❔.
    
    #### 🔧 ⚫️ ⏮️ `secrets.compare_digest()`
    
    ✋️ 👆 📟 👥 🤙 ⚙️ `secrets.compare_digest()`.
    
    📏, ⚫️ 🔜 ✊ 🎏 🕰 🔬 `stanleyjobsox` `stanleyjobson` 🌘 ⚫️ ✊ 🔬 `johndoe` `stanleyjobson`. & 🎏 🔐.
    
    👈 🌌, ⚙️ `secrets.compare_digest()` 👆 🈸 📟, ⚫️ 🔜 🔒 🛡 👉 🎂 ↔ 💂‍♂ 👊.
    
    ### 📨 ❌
    
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 06 20:36:54 UTC 2024
    - 4.1K bytes
    - Viewed (0)
  3. docs/zh/docs/advanced/security/http-basic-auth.md

    当然,攻击者不用手动操作,而是编写每秒能执行成千上万次测试的攻击程序,每次都会找到更多正确字符。
    
    但是,在您的应用的**帮助**下,攻击者利用时间差,就能在几分钟或几小时内,以这种方式猜出正确的用户名和密码。
    
    #### 使用 `secrets.compare_digest()` 修补
    
    在此,代码中使用了 `secrets.compare_digest()`。
    
    简单的说,它使用相同的时间对比 `stanleyjobsox` 和 `stanleyjobson`,还有 `johndoe` 和 `stanleyjobson`。对比密码时也一样。
    
    在代码中使用 `secrets.compare_digest()` ,就可以安全地防御全面攻击了。
    
    ### 返回错误
    
    检测到凭证不正确后,返回 `HTTPException` 及状态码 401(与无凭证时返回的内容一样),并添加请求头 `WWW-Authenticate`,让浏览器再次显示登录提示:
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 06 20:36:54 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  4. docs/de/docs/advanced/security/http-basic-auth.md

    #### Das Problem beheben mittels `secrets.compare_digest()`
    
    Aber in unserem Code verwenden wir tatsächlich `secrets.compare_digest()`.
    
    Damit wird, kurz gesagt, der Vergleich von `stanleyjobsox` mit `stanleyjobson` genauso lange dauern wie der Vergleich von `johndoe` mit `stanleyjobson`. Und das Gleiche gilt für das Passwort.
    
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 27 15:25:54 UTC 2024
    - 5.8K bytes
    - Viewed (0)
  5. docs/pt/docs/advanced/security/http-basic-auth.md

    #### Corrija com o `secrets.compare_digest()`
    
    Mas em nosso código já estamos utilizando o `secrets.compare_digest()`.
    
    Resumindo, levará o mesmo tempo para comparar `stanleyjobsox` com `stanleyjobson` do que comparar `johndoe` com `stanleyjobson`. E o mesmo para a senha.
    
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 06 20:36:54 UTC 2024
    - 6.2K bytes
    - Viewed (0)
  6. docs_src/security/tutorial007.py

        correct_username_bytes = b"stanleyjobson"
        is_correct_username = secrets.compare_digest(
            current_username_bytes, correct_username_bytes
        )
        current_password_bytes = credentials.password.encode("utf8")
        correct_password_bytes = b"swordfish"
        is_correct_password = secrets.compare_digest(
            current_password_bytes, correct_password_bytes
        )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Thu Jan 11 14:33:05 UTC 2024
    - 1.1K bytes
    - Viewed (0)
  7. docs/en/docs/advanced/security/http-basic-auth.md

    #### Fix it with `secrets.compare_digest()`
    
    But in our code we are actually using `secrets.compare_digest()`.
    
    In short, it will take the same time to compare `stanleyjobsox` to `stanleyjobson` than it takes to compare `johndoe` to `stanleyjobson`. And the same for the password.
    
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sat Oct 26 16:01:27 UTC 2024
    - 4.8K bytes
    - Viewed (0)
  8. docs_src/security/tutorial007_an_py39.py

        correct_username_bytes = b"stanleyjobson"
        is_correct_username = secrets.compare_digest(
            current_username_bytes, correct_username_bytes
        )
        current_password_bytes = credentials.password.encode("utf8")
        correct_password_bytes = b"swordfish"
        is_correct_password = secrets.compare_digest(
            current_password_bytes, correct_password_bytes
        )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Tue Mar 26 16:56:53 UTC 2024
    - 1.1K bytes
    - Viewed (0)
  9. docs/en/docs/release-notes.md

    * 📝 Update docs for handling HTTP Basic Auth with `secrets.compare_digest()` to account for non-ASCII characters. PR [#3536](https://github.com/tiangolo/fastapi/pull/3536) by [@lewoudar](https://github.com/lewoudar).
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Fri Nov 01 11:25:57 UTC 2024
    - 460.3K bytes
    - Viewed (0)
Back to top