데이터베이스가 유출된 경우 해커는 사용자의 일반 텍스트 암호가 아니라 해시만 갖게 됩니다.

따라서 해커는 다른 시스템에서 동일한 암호를 사용하려고 시도할 수 없습니다(많은 사용자가 모든 곳에서 동일한 암호를 사용하므로 이는 위험할 수 있습니다).

//// tab | 파이썬 3.7 이상

{* ../../docs_src/security/tutorial003.py hl[80:83] *}

////

{* ../../docs_src/security/tutorial003_py310.py hl[78:81] *}

#### `**user_dict`에 대해

`UserInDB(**user_dict)`는 다음을 의미한다:

*`user_dict`의 키와 값을 다음과 같은 키-값 인수로 직접 전달합니다:*

```Python

 * limitations under the License.
 */
package okhttp3

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

/** An [SSLSession] that delegates all calls.  */
abstract class DelegatingSSLSession(

import pytest
from fastapi import Depends, FastAPI, Security
from fastapi.security import OAuth2, OAuth2PasswordRequestFormStrict
from fastapi.testclient import TestClient
from pydantic import BaseModel

app = FastAPI()

reusable_oauth2 = OAuth2(
    flows={
        "password": {
            "tokenUrl": "token",
            "scopes": {"read:users": "Read the users", "write:users": "Create users"},
        }
    }
)

        // Channel
        assertEquals(0, SMBUtil.readInt4(buffer, bodyOffset + 8));

        // Security Buffer Offset
        int securityBufferOffset = SMBUtil.readInt2(buffer, bodyOffset + 12);
        assertTrue(securityBufferOffset > 0);

        // Security Buffer Length
        assertEquals(token.length, SMBUtil.readInt2(buffer, bodyOffset + 14));

        // Previous Session ID

创建设置令牌过期时间的变量。

定义令牌端点响应的 Pydantic 模型。

创建生成新的访问令牌的工具函数。

{* ../../docs_src/security/tutorial004.py hl[6,12:14,28:30,78:86] *}

## 更新依赖项

更新 `get_current_user` 以接收与之前相同的令牌，但这里用的是 JWT 令牌。

解码并校验接收到的令牌，然后，返回当前用户。

如果令牌无效，则直接返回 HTTP 错误。

{* ../../docs_src/security/tutorial004_an_py310.py hl[4,7,13:15,29:31,79:87] *}

## 更新 `/token` *路径操作*

用令牌过期时间创建 `timedelta` 对象。

from .param_functions import Form as Form
from .param_functions import Header as Header
from .param_functions import Path as Path
from .param_functions import Query as Query
from .param_functions import Security as Security
from .requests import Request as Request
from .responses import Response as Response
from .routing import APIRouter as APIRouter
from .websockets import WebSocket as WebSocket

    int NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED = 0x00002000;

    /**
    * Sent by the server to indicate that the server and client are
    * on the same machine.  This implies that the server will include
    * a local security context handle in the Type 2 message, for
    * use in local authentication.
    */
    int NTLMSSP_NEGOTIATE_LOCAL_CALL = 0x00004000;

    /**
    * Indicates that authenticated communication between the client

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package okhttp3.internal.tls

import java.security.GeneralSecurityException
import java.security.cert.Certificate
import java.security.cert.X509Certificate
import java.util.ArrayDeque
import java.util.Deque
import javax.net.ssl.SSLPeerUnverifiedException

/**

        response.connection
          .socket()
          .javaClass.name,
      ).isEqualTo(
        "sun.security.ssl.SSLSocketImpl",
      )
    }
  }

  @Test
  fun testSupportedProtocols() {
    val factory = SSLSocketFactory.getDefault()
    assertThat(factory.javaClass.name).isEqualTo("sun.security.ssl.SSLSocketFactoryImpl")
    val s = factory.createSocket() as SSLSocket

    when {

 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.internal.smb1.com;

import java.security.GeneralSecurityException;

import jcifs.CIFSContext;
import jcifs.Configuration;
import jcifs.SmbConstants;
import jcifs.internal.smb1.AndXServerMessageBlock;
import jcifs.internal.smb1.ServerMessageBlock;