Hashing.md5().bits() + Hashing.md5().bits(),
        Hashing.concatenating(Hashing.md5(), Hashing.md5()).bits());
    assertEquals(
        Hashing.md5().bits() + Hashing.murmur3_32().bits(),
        Hashing.concatenating(Hashing.md5(), Hashing.murmur3_32()).bits());
    assertEquals(
        Hashing.md5().bits() + Hashing.murmur3_32().bits() + Hashing.murmur3_128().bits(),

// KafkaSHA256 is a function that returns a crypto/sha256 hasher and should be used
// to create Client objects configured for SHA-256 hashing.
var KafkaSHA256 scram.HashGeneratorFcn = sha256.New

// KafkaSHA512 is a function that returns a crypto/sha512 hasher and should be used
// to create Client objects configured for SHA-512 hashing.
var KafkaSHA512 scram.HashGeneratorFcn = sha512.New

// XDGSCRAMClient implements the client-side of an authentication

		{"a/b/c/", 159},
		{"/a/b/c", 96},
		{string([]byte{0xff, 0xfe, 0xfd}), 147},
	}

	// Tests hashing order to be consistent.
	for i, testCase := range testCases {
		if sipHashElement := hashKey("SIPMOD", testCase.objectName, 200, testUUID); sipHashElement != testCase.sipHash {
			t.Errorf("Test case %d: Expected \"%v\" but failed \"%v\"", i+1, testCase.sipHash, sipHashElement)
		}
	}

        }
        if (!bits.get(combinedHash % bitSize)) {
          return false;
        }
      }
      return true;
    }
  },
  /**
   * This strategy uses all 128 bits of {@link Hashing#murmur3_128} when hashing. It looks different
   * from the implementation in MURMUR128_MITZ_32 because we're avoiding the multiplication in the
   * loop and doing a (much simpler) += hash2. We're also changing the index to a positive number by

 * little-endian order.
 *
 * <p><b>Warning:</b> The result of calling any methods after calling {@link #hash} is undefined.
 *
 * <p><b>Warning:</b> Using a specific character encoding when hashing a {@link CharSequence} with
 * {@link #putString(CharSequence, Charset)} is generally only useful for cross-language
 * compatibility (otherwise prefer {@link #putUnencodedChars}). However, the character encodings

 */

// TODO(user): when things stabilize, flesh this out
/**
 * Hash functions and related structures.
 *
 * <p>See the Guava User Guide article on <a
 * href="https://github.com/google/guava/wiki/HashingExplained">hashing</a>.
 */
@CheckReturnValue
@NullMarked
package com.google.common.hash;

import com.google.errorprone.annotations.CheckReturnValue;

    }

    @ParameterizedTest
    @ValueSource(strings = { "", "a", "short", "medium length text", "very long text that exceeds typical block sizes" })
    @DisplayName("Should handle various input sizes for hashing")
    void testHashVariousInputSizes(String input) {
        // Given
        byte[] data = input.getBytes();

        // When
        MessageDigest md4 = Crypto.getMD4();

  - 🧪 [Playwright](https://playwright.dev) for End-to-End testing.
  - 🦇 Dark mode support.
- 🐋 [Docker Compose](https://www.docker.com) for development and production.
- 🔒 Secure password hashing by default.
- 🔑 JWT (JSON Web Token) authentication.
- 📫 Email based password recovery.
- ✅ Tests with [Pytest](https://pytest.org).
- 📞 [Traefik](https://traefik.io) as a reverse proxy / load balancer.

先把那些資料放進 Pydantic 的 `UserInDB` 模型。

你絕對不要以純文字儲存密碼，所以我們會使用（假的）密碼雜湊系統。

如果密碼不匹配，我們回傳同樣的錯誤。

#### 密碼雜湊（hashing） { #password-hashing }

「雜湊」的意思是：把一些內容（這裡是密碼）轉換成一串看起來像亂碼的位元組序列（就是字串）。

只要你輸入完全相同的內容（完全相同的密碼），就會得到完全相同的亂碼。

但你無法從這串亂碼還原回原本的密碼。

##### 為何要做密碼雜湊 { #why-use-password-hashing }

如果你的資料庫被竊取，攻擊者拿到的不是使用者的純文字密碼，而只是雜湊值。

因此攻擊者無法嘗試把那些密碼用在其他系統上（因為很多使用者在各處都用同一組密碼，這會很危險）。

	}

	// Tests hashing order to be consistent.
	for i, testCase := range testCases {
		hashedOrder := hashOrder(testCase.objectName, 16)
		if !reflect.DeepEqual(testCase.hashedOrder, hashedOrder) {
			t.Errorf("Test case %d: Expected \"%v\" but failed \"%v\"", i+1, testCase.hashedOrder, hashedOrder)
		}
	}

	// Tests hashing order to fail for when order is '-1'.