* This is a required field for identifying which label type to update.
     */
    @Required
    @Size(max = 1000)
    public String id;

    /**
     * The username of the user who last updated this label type.
     * Used for audit trail purposes to track who made changes.
     */
    @Size(max = 1000)
    public String updatedBy;

    /**

     * The unique identifier of the role being edited.
     * This is a required field for identifying which role to update.
     */
    @Required
    @Size(max = 1000)
    public String id;

    /**
     * The username of the user who last updated this role.
     * Used for audit trail purposes to track who made changes.
     */
    @Size(max = 1000)
    public String updatedBy;

    /**

     * Must be in ISO 8601 format: YYYY-MM-DDTHH:MM:SS
     */
    @Pattern(regexp = "[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]T[0-9][0-9]:[0-9][0-9]:[0-9][0-9]")
    public String expires;

    /**
     * The username of the user who created this access token.
     * Maximum length is 1000 characters.
     */
    @Size(max = 1000)
    public String createdBy;

    /**
     * The timestamp when this access token was created.

    assertThat(parse("http://username:@host/path"))
      .isEqualTo(parse("http://username@host/path"))
  }

  @Test
  fun passwordWithEmptyUsername() {
    // Chrome doesn't mind, but Firefox rejects URLs with empty usernames and non-empty passwords.
    assertThat(parse("http://:@host/path"))
      .isEqualTo(parse("http://host/path"))
    assertThat(parse("http://:password@@host/path").encodedPassword)

    @Size(max = 10000)
    public String queries;

    /**
     * The virtual host for which these related queries apply.
     */
    @Size(max = 1000)
    public String virtualHost;

    /**
     * The username who created these related queries.
     */
    @Size(max = 1000)
    public String createdBy;

    /**
     * The timestamp when these related queries were created.
     */
    @ValidateTypeFailure

    public String value;

    /**
     * The web configuration ID associated with this request header.
     */
    @Required
    @Size(max = 1000)
    public String webConfigId;

    /**
     * The username of who created this request header.
     */
    @Size(max = 1000)
    public String createdBy;

    /**
     * The timestamp when this request header was created.
     */
    @ValidateTypeFailure

            doColumn("updatedBy");
        }

        public void columnUpdatedTime() {
            doColumn("updatedTime");
        }

        public void columnUsername() {
            doColumn("username");
        }
    }

{* ../../docs_src/request_form_models/tutorial002_an_py39.py hl[12] *}

Si un cliente intenta enviar datos extra, recibirá un response de **error**.

Por ejemplo, si el cliente intenta enviar los campos de formulario:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

Recibirá un response de error indicando que el campo `extra` no está permitido:

```json
{
    "detail": [
        {

```JSON
{
    "item": {
        "name": "Foo",
        "description": "The pretender",
        "price": 42.0,
        "tax": 3.2
    },
    "user": {
        "username": "dave",
        "full_name": "Dave Grohl"
    }
}
```

/// note

Using the credentials:

Username: `johndoe`
Password: `secret`

/// check

Notice that nowhere in the code is the plaintext password "`secret`", we only have the hashed version.

///

<img src="/img/tutorial/security/image08.png">

Call the endpoint `/users/me/`, you will get the response as:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",