{* ../../docs_src/request_form_models/tutorial002_an_py39.py hl[12] *}

Если клиент попробует отправить дополнительные данные, то в ответ он получит **ошибку**.

Например, если клиент попытается отправить поля формы:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

То в ответ он получит **ошибку**, сообщающую ему, что поле `extra` не разрешено:

```json
{
    "detail": [
        {

    /** The sort order for displaying this duplicate host entry */
    @Required
    @Min(value = 0)
    @Max(value = 2147483647)
    @ValidateTypeFailure
    public Integer sortOrder;

    /** The username of who created this duplicate host entry */
    @Size(max = 1000)
    public String createdBy;

    /** The timestamp when this duplicate host entry was created */
    @ValidateTypeFailure
    public Long createdTime;

     * This is a required field for identifying which duplicate host entry to update.
     */
    @Required
    @Size(max = 1000)
    public String id;

    /**
     * The username of the user who last updated this duplicate host configuration.
     * Used for audit trail purposes to track who made changes.
     */
    @Size(max = 1000)
    public String updatedBy;

    /**

     * The sort order for this path mapping (0-2147483647).
     */
    @Required
    @Min(value = 0)
    @Max(value = 2147483647)
    @ValidateTypeFailure
    public Integer sortOrder;

    /**
     * The username who created this path mapping.
     */
    @Size(max = 1000)
    public String createdBy;

    /**
     * The timestamp when this path mapping was created.
     */
    @ValidateTypeFailure

      label: "Are you the owner of this package?"
      description: |
        Only the package owners can request to have their packages removed from pkg.go.dev.
        If the package path doesn't include your github username, please provide some other form of proof of ownership.
    validations:
      required: true
  - type: textarea
    id: retraction-reason
    attributes:

		// We still need to ensure that the target user is a valid LDAP user.
		//
		// The target user may be supplied as a (short) username or a DN.
		// However, for now, we only support using the short username.

		isDN := globalIAMSys.LDAPConfig.ParsesAsDN(targetUser)
		opts.claims[ldapUserN] = targetUser // simple username
		var lookupResult *xldap.DNSearchResult
		lookupResult, targetGroups, err = globalIAMSys.LDAPConfig.LookupUserDN(targetUser)

Используя учетные данные пользователя:

Username: `johndoe`
Password: `secret`

/// check | Заметка
Обратите внимание, что нигде в коде не используется открытый текст пароля "`secret`", мы используем только его хэшированную версию.
///

<img src="/img/tutorial/security/image08.png">

Вызвав эндпоинт `/users/me/`, вы получите ответ в виде:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",

Pero no estás limitado a usar algún modelo de datos, clase o tipo específico.

¿Quieres tener un `id` y `email` y no tener un `username` en tu modelo? Claro. Puedes usar estas mismas herramientas.

¿Quieres solo tener un `str`? ¿O solo un `dict`? ¿O un instance de clase modelo de base de datos directamente? Todo funciona de la misma manera.

package okhttp3.internal

import java.net.Authenticator
import java.net.PasswordAuthentication

class RecordingAuthenticator(
  private val authentication: PasswordAuthentication? =
    PasswordAuthentication(
      "username",
      "password".toCharArray(),
    ),
) : Authenticator() {
  val calls = mutableListOf<String>()

  override fun getPasswordAuthentication(): PasswordAuthentication? {
    calls.add(

    public String id;

    /** The port number for the file authentication connection. */
    public String port;

    /** The username for file authentication. */
    public String username;

    /** The file configuration ID associated with this authentication. */
    public String fileConfigId;

    /** The user who created this file authentication entry. */