}

    @Test
    @DisplayName("Should generate multiple unique nonces without collision")
    void testGenerateMultipleNoncesNoCollision() {
        // Given
        int count = 10000; // Test with larger number for collision detection
        Set<String> nonceSet = new HashSet<>();

        // When
        for (int i = 0; i < count; i++) {
            byte[] nonce = encryptionContext.generateNonce();

          distribution: 'temurin'
          java-version: 21

      - name: Enable KVM group perms
        # https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/
        run: |
          echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
          sudo udevadm control --reload-rules

  /*
   * Cache the size for efficiency. Using a long lets us avoid the need for
   * overflow checking and ensures that size() will function correctly even if
   * the multiset had once been larger than Integer.MAX_VALUE.
   */
  private transient long size;

  /** Standard constructor. */
  protected AbstractMapBasedMultiset(Map<E, Count> backingMap) {
    checkArgument(backingMap.isEmpty());

      class: mermaid
      format: !!python/name:pymdownx.superfences.fence_code_format ''
  pymdownx.tilde: null
  pymdownx.blocks.admonition:
    types:
    - note
    - attention
    - caution
    - danger
    - error
    - tip
    - hint
    - warning
    - info
    - check
  pymdownx.blocks.details: null
  pymdownx.blocks.tab:
    alternate_style: true
  mdx_include: null

# 更多模型 { #extra-models }

书接上文，多个关联模型这种情况很常见。

特别是用户模型，因为：

* **输入模型**应该含密码
* **输出模型**不应含密码
* **数据库模型**可能需要包含哈希后的密码

/// danger | 危险

不要存储用户的明文密码。始终只存储之后可用于校验的“安全哈希”。

如果你还不了解，可以在[安全性章节](security/simple-oauth2.md#password-hashing)中学习什么是“密码哈希”。

///

## 多个模型 { #multiple-models }

下面的代码展示了不同模型处理密码字段的方式，及使用位置的大致思路：

{* ../../docs_src/extra_models/tutorial001_py310.py hl[7,9,14,20,22,27:28,31:33,38:39] *}

///

/// note | Technische Details
Etwas Text
///

/// check | Testen
Etwas Text
///

/// tip | Tipp
Etwas Text
///

/// warning | Achtung
Etwas Text
///

/// danger | Gefahr
Etwas Text
///

////

//// tab | Info

Tabs und `Info`/`Note`/`Warning`/usw. Blöcke sollten die Übersetzung ihres Titels nach einem vertikalen Strich (`|`) erhalten.

		bs.XferRateLrg.addSize(sz, duration)
	} else {
		bs.XferRateSml.addSize(sz, duration)
	}
}

// RMetricName - name of replication metric
type RMetricName string

const (
	// Large - objects larger than 128MiB
	Large RMetricName = "Large"
	// Small - objects smaller than 128MiB
	Small RMetricName = "Small"
	// Total - metric pertaining to totals
	Total RMetricName = "Total"
)

    public void testUnicodeStringHandling() {
        ByteBuffer bb = ByteBuffer.wrap(testBuffer).order(ByteOrder.LITTLE_ENDIAN);

        bb.putShort((short) 3); // version
        bb.putShort((short) 100); // size (larger to accommodate unicode strings)
        bb.putShort((short) 1); // serverType
        bb.putShort((short) 0); // rflags
        bb.putShort((short) 5); // proximity
        bb.putShort((short) 300); // ttl

Nous utilisons toujours le même `OAuth2PasswordRequestForm`. Il inclut une propriété `scopes` avec une `list` de `str`, contenant chaque scope reçu dans la requête.

Et nous renvoyons les scopes comme partie du jeton JWT.

/// danger | Danger

Pour simplifier, ici nous ajoutons directement au jeton les scopes reçus.

    <img src="https://github.com/fastapi/fastapi/actions/workflows/test.yml/badge.svg?event=push&branch=master" alt="Test">
</a>
<a href="https://coverage-badge.samuelcolvin.workers.dev/redirect/fastapi/fastapi">
    <img src="https://coverage-badge.samuelcolvin.workers.dev/fastapi/fastapi.svg" alt="Coverage">
</a>
<a href="https://pypi.org/project/fastapi">