import static com.google.common.hash.Hashing.adler32;
import static com.google.common.hash.Hashing.crc32;
import static com.google.common.hash.Hashing.farmHashFingerprint64;
import static com.google.common.hash.Hashing.goodFastHash;
import static com.google.common.hash.Hashing.md5;
import static com.google.common.hash.Hashing.murmur3_128;
import static com.google.common.hash.Hashing.murmur3_32;

import static com.google.common.hash.Hashing.adler32;
import static com.google.common.hash.Hashing.crc32;
import static com.google.common.hash.Hashing.farmHashFingerprint64;
import static com.google.common.hash.Hashing.goodFastHash;
import static com.google.common.hash.Hashing.md5;
import static com.google.common.hash.Hashing.murmur3_128;
import static com.google.common.hash.Hashing.murmur3_32;

 * limitations under the License.
 */

package com.google.common.hash;

import static com.google.common.hash.Hashing.md5;
import static com.google.common.hash.Hashing.sha1;
import static com.google.common.hash.Hashing.sha256;
import static com.google.common.hash.Hashing.sha384;
import static com.google.common.hash.Hashing.sha512;
import static com.google.common.truth.Truth.assertThat;
import static java.nio.charset.StandardCharsets.UTF_8;

# OAuth2 com Senha (e hashing), Bearer com tokens JWT { #oauth2-with-password-and-hashing-bearer-with-jwt-tokens }

Agora que temos todo o fluxo de segurança, vamos tornar a aplicação realmente segura, usando tokens <abbr title="JSON Web Tokens">JWT</abbr> e hashing de senhas seguras.

Este código é algo que você pode realmente usar na sua aplicação, salvar os hashes das senhas no seu banco de dados, etc.

Vamos começar de onde paramos no capítulo anterior e incrementá-lo.

    };
    ;

    abstract byte[] hash(Algorithm algorithm, byte[] input);
  }

  private enum Algorithm {
    MD5("MD5", Hashing.md5()),
    SHA_1("SHA-1", Hashing.sha1()),
    SHA_256("SHA-256", Hashing.sha256()),
    SHA_384("SHA-384", Hashing.sha384()),
    SHA_512("SHA-512", Hashing.sha512());

    private final String algorithmName;
    private final HashFunction hashFn;

 * limitations under the License.
 */

package com.google.common.hash;

import static com.google.common.hash.Hashing.hmacMd5;
import static com.google.common.hash.Hashing.hmacSha1;
import static com.google.common.hash.Hashing.hmacSha256;
import static com.google.common.hash.Hashing.hmacSha512;
import static com.google.common.io.BaseEncoding.base16;
import static com.google.common.truth.Truth.assertThat;

///

## Password hashing { #password-hashing }

"Hashing", bazı içerikleri (bu örnekte bir password) anlamsız görünen bir bayt dizisine (pratikte bir string) dönüştürmek demektir.

Aynı içeriği (aynı password'ü) her seferinde verirseniz, her seferinde aynı anlamsız çıktıyı elde edersiniz.

Ancak bu anlamsız çıktıdan geri password'e dönüştürme yapılamaz.

### Neden password hashing kullanılır { #why-use-password-hashing }

Önce bu veriyi Pydantic `UserInDB` modeline koyalım.

Asla düz metin (plaintext) password kaydetmemelisiniz; bu yüzden (sahte) password hashing sistemini kullanacağız.

Password’ler eşleşmezse, aynı hatayı döndürürüz.

#### Password hashing { #password-hashing }

"Hashing" şudur: bir içeriği (bu örnekte password) anlaşılmaz görünen bayt dizisine (yani bir string’e) dönüştürmek.

///

## Password hashing { #password-hashing }

"Hashing" means converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

But you cannot convert from the gibberish back to the password.

### Why use password hashing { #why-use-password-hashing }

# OAuth2 mit Passwort (und Hashing), Bearer mit JWT-Tokens { #oauth2-with-password-and-hashing-bearer-with-jwt-tokens }

Da wir nun über den gesamten Sicherheitsablauf verfügen, machen wir die Anwendung tatsächlich sicher, indem wir <abbr title="JSON Web Tokens">JWT</abbr>-Tokens und sicheres Passwort-Hashing verwenden.

Diesen Code können Sie tatsächlich in Ihrer Anwendung verwenden, die Passwort-Hashes in Ihrer Datenbank speichern, usw.