Тож розгляньмо це у спрощеному вигляді:

- Користувач вводить `username` і `password` у frontend і натискає `Enter`.
- Frontend (у браузері користувача) надсилає ці `username` і `password` на специфічну URL-адресу нашого API (оголошену як `tokenUrl="token"`).
- API перевіряє ці `username` і `password` та повертає «токен» (ми ще нічого з цього не реалізували).

                                    <label for="password" class="col-sm-3 text-sm-right col-form-label"><la:message
                                            key="labels.file_auth_password"/></label>
                                    <div class="col-sm-9">
                                        <la:errors property="password"/>
                                        <la:password styleId="password" property="password" styleClass="form-control"/>

이를 처리하기 위해 먼저 `username`과 `password`를 UTF-8로 인코딩해서 `bytes`로 변환합니다.

그런 다음 `secrets.compare_digest()`를 사용해 `credentials.username`이 `"stanleyjobson"`이고 `credentials.password`가 `"swordfish"`인지 확실히 확인할 수 있습니다.

{* ../../docs_src/security/tutorial007_an_py310.py hl[1,12:24] *}

이는 다음과 비슷합니다:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # 어떤 오류를 반환
    ...
```

        final Map<String, Object> sourceMap = new HashMap<>();
        if (name != null) {
            sourceMap.put("name", name);
        }
        if (password != null) {
            sourceMap.put("password", password);
        }
        if (groups != null) {
            sourceMap.put("groups", groups);
        }
        if (roles != null) {
            sourceMap.put("roles", roles);
        }

    /**
     * The username of the user.
     */
    @Required
    @Size(max = 100)
    public String name;

    /**
     * The password for the user.
     */
    @Size(max = 100)
    public String password;

    /**
     * The password confirmation field.
     */
    @Size(max = 100)
    public String confirmPassword;

    /**
     * The attributes map for the user.
     */

labels.suggestWord=Suggest Word
labels.targetLabel=Label
labels.term=Term
labels.fields=Fields
labels.ex_q=Extended Query
labels.oldPassword=Current Password
labels.newPassword=New Password
labels.confirmNewPassword=New Password (Confirm)

labels.menu_system=System
labels.menu_wizard=Wizard
labels.menu_crawl_config=General
labels.menu_scheduler_config=Scheduler
labels.menu_dashboard_config=Dashboard

			if err != nil {
				return nil, err
			}

			if args.Password != "" {
				if args.User != "" {
					if _, err = conn.Do("AUTH", args.User, args.Password); err != nil {
						conn.Close()
						return nil, err
					}
				} else {
					if _, err = conn.Do("AUTH", args.Password); err != nil {
						conn.Close()
						return nil, err
					}
				}
			}

        boolean result = chain.changePassword(null, "password");

        assertFalse(result);
        assertEquals(1, chain.changePasswordCalls.size());
        assertNull(chain.changePasswordCalls.get(0).getKey());
        assertEquals("password", chain.changePasswordCalls.get(0).getValue());
    }

    // Test changePassword with null password
    @Test
    public void test_changePassword_nullPassword() {

    }

    /**
     * Returns the time when the user's password was last changed.
     * @return the password last change timestamp
     */
    public Date getPwdLastChangeTime() {
        return this.pwdLastChangeTime;
    }

    /**
     * Returns the earliest time when the user can change their password.
     * @return the password can change timestamp
     */
    public Date getPwdCanChangeTime() {

        final Map<String, Object> requestBody = new HashMap<>();
        final String keyProp = NAME_PREFIX + id;
        requestBody.put(KEY_PROPERTY, keyProp);
        requestBody.put("password", "password" + id);
        requestBody.put("confirm_password", "password" + id);
        return requestBody;
    }

    @Override
    protected Map<String, Object> getUpdateMap() {
        final Map<String, Object> updateMap = new HashMap<>();