</c:if>
							<c:choose>
								<c:when test="${!empty username && username != 'guest'}">
									<li class="nav-item">
										<div class="dropdown">
											<a id="userMenu" class="nav-link dropdown-toggle" data-bs-toggle="dropdown"
												href="#" role="button" aria-haspopup="true"
												aria-expanded="false"> <em class="fa fa-fw fa-user">${username}
											</a>

    void delete(User user);

    /**
     * Changes the password for the specified user.
     * @param username The username for which to change the password.
     * @param password The new password.
     * @return True if the password was successfully changed, false otherwise.
     */
    boolean changePassword(String username, String password);

    /**
     * Loads user information from the authentication chain.

Para manejar eso, primero convertimos el `username` y `password` a `bytes` codificándolos con UTF-8.

Luego podemos usar `secrets.compare_digest()` para asegurar que `credentials.username` es `"stanleyjobson"`, y que `credentials.password` es `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Esto sería similar a:

```Python

 * Form for password change.
 */
public class PasswordForm {

    /**
     * Default constructor.
     */
    public PasswordForm() {
        // Default constructor
    }

    /** The username. */
    public String username;

    /** The password. */
    @NotBlank
    public String password;

    /** The confirm password. */
    @NotBlank
    public String confirmPassword;

    /**

Больше никаких неправильных имён ключей, метания по документации или прокручивания кода вверх и вниз, в попытках узнать - использовали вы ранее `username` или `user_name`.

### Краткость

        final SystemHelper systemHelper = ComponentUtil.getSystemHelper();
        final String username = systemHelper.getUsername();
        final long currentTime = systemHelper.getCurrentTimeAsLong();
        return getEntity(form, username, currentTime).map(entity -> {
            entity.setUpdatedBy(username);
            entity.setUpdatedTime(currentTime);

            }
            final int domainLength = domain != null ? domain.length : 0;
            final String userName = getUser();
            byte[] user = null;
            if (userName != null && userName.length() != 0) {
                user = unicode ? userName.getBytes(UNI_ENCODING) : userName.toUpperCase().getBytes(oem);
            }
            final int userLength = user != null ? user.length : 0;

Então, vamos rever de um ponto de vista simplificado:

* O usuário digita o `username` e a `senha` no frontend e aperta `Enter`.
* O frontend (rodando no browser do usuário) manda o `username` e a `senha` para uma URL específica na sua API (declarada com `tokenUrl="token"`).
* A API checa aquele `username` e `senha`, e responde com um "token" (nós não implementamos nada disso ainda).

     *
     * @param form the form containing the web authentication data
     * @param username the username of the current user
     * @param currentTime the current timestamp
     * @return an optional WebAuthentication entity
     */
    public static OptionalEntity<WebAuthentication> getEntity(final CreateForm form, final String username, final long currentTime) {
        switch (form.crudMode) {
        case CrudMode.CREATE:

				<la:form styleId="login" method="post">
					<div class="input-group mb-3">
						<c:set var="ph_username">
							<la:message key="labels.login.placeholder_username" />
						</c:set>
						<la:text property="username" styleId="username"
							class="form-control" placeholder="${ph_username}" />
						<div class="input-group-append">
							<span class="input-group-text">
								<em class="fa fa-user fa-fw">
            				</span>