///

And we are using this model to declare our input and the same model to declare our output:

{* ../../docs_src/response_model/tutorial002_py310.py hl[16] *}

Now, whenever a browser is creating a user with a password, the API will return the same password in the response.

In this case, it might not be a problem, because it's the same user sending the password.

But in our code we are actually using `secrets.compare_digest()`.

In short, it will take the same time to compare `stanleyjobsox` to `stanleyjobson` than it takes to compare `johndoe` to `stanleyjobson`. And the same for the password.

That way, using `secrets.compare_digest()` in your application code, it will be safe against this whole range of security attacks.

        assertSame(dfs, context.getDfs(), "Should return same instance on multiple calls");
    }

    @Test
    @DisplayName("getNameServiceClient should return initialized name service client")
    void testGetNameServiceClient() {
        // When
        NameServiceClient nameServiceClient = context.getNameServiceClient();

        // Then
        assertNotNull(nameServiceClient, "Name service client should not be null");

All of them share the same parameters for additional validation and metadata you have seen.

///

/// note | Technical Details

When you import `Query`, `Path` and others from `fastapi`, they are actually functions.

That when called, return instances of classes of the same name.

    @DisplayName("Constructor stores and exposes same array reference")
    void constructor_and_get_referenceSemantics() {
        // Arrange
        byte[] data = new byte[] { (byte) 0xDE, (byte) 0xAD, (byte) 0xBE, (byte) 0xEF };

        // Act
        SecurityBlob blob = new SecurityBlob(data);

        // Assert
        assertSame(data, blob.get(), "get() should expose the same array reference passed in");

## Multiple path and query parameters { #multiple-path-and-query-parameters }

You can declare multiple path parameters and query parameters at the same time, **FastAPI** knows which is which.

And you don't have to declare them in any specific order.

They will be detected by name:

{* ../../docs_src/query_params/tutorial004_py310.py hl[6,8] *}

## Required query parameters { #required-query-parameters }

    @Test
    @DisplayName("MonotonicClock singleton instance should always return the same instance")
    void testSingletonInstance() {
        MonotonicClock clock1 = MonotonicClock.get();
        MonotonicClock clock2 = MonotonicClock.get();

        assertSame(clock1, clock2, "Multiple calls to get() should return the same instance");
    }

    @Test
    @DisplayName("MonotonicClock should always use UTC timezone")

If the passwords don't match, we return the same error.

#### Password hashing { #password-hashing }

"Hashing" means: converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

But you cannot convert from the gibberish back to the password.

* **Machine Learning**: it normally requires lots of "matrix" and "vector" multiplications. Think of a huge spreadsheet with numbers and multiplying all of them together at the same time.

After that, all of the processing logic is the same.

But because of our changes in `GzipRequest.body`, the request body will be automatically decompressed when it is loaded by **FastAPI** when needed.

## Accessing the request body in an exception handler { #accessing-the-request-body-in-an-exception-handler }

/// tip