if not user_dict:
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    user = UserInDB(**user_dict)
    hashed_password = fake_hash_password(form_data.password)
    if not hashed_password == user.hashed_password:
        raise HTTPException(status_code=400, detail="Incorrect username or password")

    return {"access_token": user.username, "token_type": "bearer"}

  public void testEntrySet_hashCode_size0() {
    assertEquals(
        "multiset.entrySet() has incorrect hash code", 0, getMultiset().entrySet().hashCode());
  }

  @CollectionSize.Require(ONE)
  public void testEntrySet_hashCode_size1() {
    assertEquals(
        "multiset.entrySet() has incorrect hash code",
        1 ^ e0().hashCode(),
        getMultiset().entrySet().hashCode());
  }

  public void testEntrySet_hashCode_size0() {
    assertEquals(
        "multiset.entrySet() has incorrect hash code", 0, getMultiset().entrySet().hashCode());
  }

  @CollectionSize.Require(ONE)
  public void testEntrySet_hashCode_size1() {
    assertEquals(
        "multiset.entrySet() has incorrect hash code",
        1 ^ e0().hashCode(),
        getMultiset().entrySet().hashCode());
  }

#### Die Zeit zum Antworten hilft den Angreifern

Wenn die Angreifer zu diesem Zeitpunkt feststellen, dass der Server einige Mikrosekunden länger braucht, um die Antwort „Incorrect username or password“ zu senden, wissen sie, dass sie _etwas_ richtig gemacht haben, einige der Anfangsbuchstaben waren richtig.

     * to immediately map to NTSTATUS codes.
     */
    static final String[] DOS_ERROR_MESSAGES = {
        "The operation completed successfully.", "Incorrect function.", "Incorrect function.", "The system cannot find the file specified.",
        "Bad password.", "The system cannot find the path specified.", "reserved",

     * to immediately map to NTSTATUS codes.
     */
    static final String[] DOS_ERROR_MESSAGES = {
        "The operation completed successfully.",
        "Incorrect function.",
        "Incorrect function.",
        "The system cannot find the file specified.",
        "Bad password.",
        "The system cannot find the path specified.",
        "reserved",

def test_login_incorrect_password():
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Incorrect username or password"}


def test_login_incorrect_username():
    response = client.post("/token", data={"username": "foo", "password": "secret"})

def test_login_incorrect_password():
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Incorrect username or password"}


def test_login_incorrect_username():
    response = client.post("/token", data={"username": "foo", "password": "secret"})

@needs_py310
def test_login_incorrect_password(client: TestClient):
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Incorrect username or password"}


@needs_py310
def test_login_incorrect_username(client: TestClient):

@needs_py39
def test_login_incorrect_password(client: TestClient):
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Incorrect username or password"}


@needs_py39
def test_login_incorrect_username(client: TestClient):