password2 - Code Search

src/main/java/org/codelibs/fess/helper/SystemHelper.java

    }

    /**
     * Validates a password against configured password policy requirements.
     *
     * @param password The password to validate.
     * @return An empty string if the password is valid, or an error key for the validation failure.
     */
    public String validatePassword(final String password) {
        if (StringUtil.isBlank(password)) {
            return "errors.blank_password";
        }

Created: Tue Mar 31 13:07:34 GMT 2026

- Last Modified: Sat Mar 28 06:59:19 GMT 2026

- 43.2K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/ru/docs/tutorial/security/simple-oauth2.md

Теперь, отталкиваясь от предыдущей главы, добавим недостающие части, чтобы получить полный поток безопасности.

## Получение `username` и `password` { #get-the-username-and-password }

Для получения `username` и `password` мы будем использовать утилиты безопасности **FastAPI**.

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Mar 19 17:56:20 GMT 2026

- 16.2K bytes

- Click Count (0)

github.com/codelibs/fess

src/main/java/org/codelibs/fess/opensearch/config/cbean/cq/bs/BsFileAuthenticationCQ.java

        TermQueryBuilder builder = regTermQ("password", password);
        if (opLambda != null) {
            opLambda.callback(builder);
        }
    }

    public void setPassword_NotEqual(String password) {
        setPassword_NotTerm(password, null);
    }

    public void setPassword_NotTerm(String password) {
        setPassword_NotTerm(password, null);

Created: Tue Mar 31 13:07:34 GMT 2026

- Last Modified: Sat Mar 15 06:53:53 GMT 2025

- 88.1K bytes

- Click Count (0)

github.com/codelibs/fess

src/main/java/org/codelibs/fess/auth/AuthenticationManager.java

    }

    /**
     * Changes the password for a user across all authentication chains.
     * @param username The username for which to change the password.
     * @param password The new password.
     * @return True if the password was successfully changed in all chains, false otherwise.
     */
    public boolean changePassword(final String username, final String password) {

Created: Tue Mar 31 13:07:34 GMT 2026

- Last Modified: Thu Jul 17 08:28:31 GMT 2025

- 3.1K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/ko/docs/tutorial/security/oauth2-jwt.md

///

## 패스워드 해싱 { #password-hashing }

"해싱(Hashing)"은 어떤 내용(여기서는 패스워드)을 알아볼 수 없는 바이트 시퀀스(그냥 문자열)로 변환하는 것을 의미합니다.

정확히 같은 내용(정확히 같은 패스워드)을 넣으면 정확히 같은 알아볼 수 없는 문자열이 나옵니다.

하지만 그 알아볼 수 없는 문자열에서 다시 패스워드로 되돌릴 수는 없습니다.

### 패스워드 해싱을 사용하는 이유 { #why-use-password-hashing }

데이터베이스를 탈취당하더라도, 침입자는 사용자의 평문 패스워드 대신 해시만 얻게 됩니다.

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Fri Mar 20 14:06:26 GMT 2026

- 13K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial003_an_py310.py

    if not user_dict:
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    user = UserInDB(**user_dict)
    hashed_password = fake_hash_password(form_data.password)
    if not hashed_password == user.hashed_password:
        raise HTTPException(status_code=400, detail="Incorrect username or password")

    return {"access_token": user.username, "token_type": "bearer"}


@app.get("/users/me")

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Mon Nov 24 19:03:06 GMT 2025

- 2.5K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/uk/docs/tutorial/extra-models.md

дасть еквівалентний результат:

```Python
UserInDB(
    username="john",
    password="secret",
    email="******@****.***",
    full_name=None,
)
```

А точніше, використовуючи безпосередньо `user_dict`, з будь-яким його вмістом у майбутньому:

```Python
UserInDB(
    username = user_dict["username"],
    password = user_dict["password"],
    email = user_dict["email"],
    full_name = user_dict["full_name"],
)

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Mar 19 18:27:41 GMT 2026

- 9.4K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs_src/security/tutorial004_py310.py


def get_password_hash(password):
    return password_hash.hash(password)


def get_user(db, username: str):
    if username in db:
        user_dict = db[username]
        return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Thu Feb 12 18:10:35 GMT 2026

- 4.1K bytes

- Click Count (0)

github.com/codelibs/fess

src/main/java/org/codelibs/fess/app/web/login/PasswordForm.java

/**
 * Form for password change.
 */
public class PasswordForm {

    /**
     * Default constructor.
     */
    public PasswordForm() {
        // Default constructor
    }

    /** The username. */
    public String username;

    /** The password. */
    @NotBlank
    public String password;

    /** The confirm password. */
    @NotBlank

Created: Tue Mar 31 13:07:34 GMT 2026

- Last Modified: Thu Jul 17 08:28:31 GMT 2025

- 1.2K bytes

- Click Count (0)

github.com/tiangolo/fastapi

docs/zh/docs/tutorial/security/simple-oauth2.md

# OAuth2 实现简单的 Password 和 Bearer 验证 { #simple-oauth2-with-password-and-bearer }

本章添加上一章示例中欠缺的部分，实现完整的安全流。

## 获取 `username` 和 `password` { #get-the-username-and-password }

首先，使用 **FastAPI** 安全工具获取 `username` 和 `password`。

OAuth2 规范要求使用“密码流”时，客户端或用户必须以表单数据形式发送 `username` 和 `password` 字段。

并且，这两个字段必须命名为 `username` 和 `password`，不能使用 `user-name` 或 `email` 等其它名称。

不过也不用担心，前端仍可以显示终端用户所需的名称。

数据库模型也可以使用所需的名称。

Created: Sun Apr 05 07:19:11 GMT 2026

- Last Modified: Fri Mar 20 17:06:37 GMT 2026

- 9K bytes

- Click Count (0)

Search Options