Search Options

Results per page
Sort
Preferred Languages
Advance

Results 21 - 30 of 91 for johndoe (0.06 sec)

  2. github.com/tiangolo/fastapi

    docs/em/docs/advanced/security/http-basic-auth.md 

    ### ⏲ 👊

✋️ ⚫️❔ "⏲ 👊"❓

➡️ 🌈 👊 🔄 💭 🆔 & 🔐.

& 👫 📨 📨 ⏮️ 🆔 `johndoe` & 🔐 `love123`.

⤴️ 🐍 📟 👆 🈸 🔜 🌓 🕳 💖:

```Python
if "johndoe" == "stanleyjobson" and "love123" == "swordfish":
    ...
```
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 06 20:36:54 UTC 2024
    - 4.1K bytes
    - Viewed (0)
  3. github.com/tiangolo/fastapi

    tests/test_tutorial/test_security/test_tutorial005_an.py 

    def test_login():
    response = client.post("/token", data={"username": "johndoe", "password": "secret"})
    assert response.status_code == 200, response.text
    content = response.json()
    assert "access_token" in content
    assert content["token_type"] == "bearer"


def test_login_incorrect_password():
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Wed Mar 13 19:07:10 UTC 2024
    - 15.4K bytes
    - Viewed (0)
  4. github.com/tiangolo/fastapi

    docs/zh/docs/advanced/security/http-basic-auth.md 

    但使用 `secrets.compare_digest()`,可以防御**时差攻击**,更加安全。

### 时差攻击

什么是**时差攻击**?

假设攻击者试图猜出用户名与密码。

他们发送用户名为 `johndoe`,密码为 `love123`  的请求。

然后,Python 代码执行如下操作:

```Python
if "johndoe" == "stanleyjobson" and "love123" == "swordfish":
    ...
```

但就在 Python 比较完 `johndoe` 的第一个字母 `j` 与 `stanleyjobson` 的 `s` 时,Python 就已经知道这两个字符串不相同了,它会这么想,**没必要浪费更多时间执行剩余字母的对比计算了**。应用立刻就会返回**错误的用户或密码**。
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 06 20:36:54 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  5. github.com/tiangolo/fastapi

    tests/test_tutorial/test_security/test_tutorial005_py310.py 

        response = client.post("/token", data={"username": "johndoe", "password": "secret"})
    assert response.status_code == 200, response.text
    content = response.json()
    assert "access_token" in content
    assert content["token_type"] == "bearer"


@needs_py310
def test_login_incorrect_password(client: TestClient):
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Wed Mar 13 19:07:10 UTC 2024
    - 16.3K bytes
    - Viewed (0)
  6. github.com/tiangolo/fastapi

    tests/test_tutorial/test_security/test_tutorial005_py39.py 

        response = client.post("/token", data={"username": "johndoe", "password": "secret"})
    assert response.status_code == 200, response.text
    content = response.json()
    assert "access_token" in content
    assert content["token_type"] == "bearer"


@needs_py39
def test_login_incorrect_password(client: TestClient):
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Wed Mar 13 19:07:10 UTC 2024
    - 16.3K bytes
    - Viewed (0)
  7. github.com/tiangolo/fastapi

    tests/test_tutorial/test_security/test_tutorial005_an_py310.py 

        response = client.post("/token", data={"username": "johndoe", "password": "secret"})
    assert response.status_code == 200, response.text
    content = response.json()
    assert "access_token" in content
    assert content["token_type"] == "bearer"


@needs_py310
def test_login_incorrect_password(client: TestClient):
    response = client.post(
        "/token", data={"username": "johndoe", "password": "incorrect"}
    )
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Wed Mar 13 19:07:10 UTC 2024
    - 16.3K bytes
    - Viewed (0)
  8. github.com/tiangolo/fastapi

    docs_src/security/tutorial003_an_py310.py 

    from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from pydantic import BaseModel

fake_users_db = {
    "johndoe": {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "johndoe@example.com",
        "hashed_password": "fakehashedsecret",
        "disabled": False,
    },
    "alice": {
        "username": "alice",
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Tue Mar 26 16:56:53 UTC 2024
    - 2.5K bytes
    - Viewed (0)
  9. github.com/tiangolo/fastapi

    docs/de/docs/advanced/security/http-basic-auth.md 

    Und sie senden eine Anfrage mit dem Benutzernamen `johndoe` und dem Passwort `love123`.

Dann würde der Python-Code in Ihrer Anwendung etwa so aussehen:

```Python
if "johndoe" == "stanleyjobson" and "love123" == "swordfish":
    ...
```
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sun Oct 27 15:25:54 UTC 2024
    - 5.8K bytes
    - Viewed (0)
  10. github.com/tiangolo/fastapi

    docs/en/docs/advanced/security/http-basic-auth.md 

    And they send a request with a username `johndoe` and a password `love123`.

Then the Python code in your application would be equivalent to something like:

```Python
if "johndoe" == "stanleyjobson" and "love123" == "swordfish":
    ...
```
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sat Oct 26 16:01:27 UTC 2024
    - 4.8K bytes
    - Viewed (0)
  11. github.com/tiangolo/fastapi

    docs_src/security/tutorial005_an_py310.py 

    SECRET_KEY = "09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7"
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30


fake_users_db = {
    "johndoe": {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "johndoe@example.com",
        "hashed_password": "$2b$12$EixZaYVK1fsbw1ZfbX3OXePaWxn96p36WQoeG6Lruj3vjPGga31lW",
        "disabled": False,
    },
    "alice": {
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Mon May 20 17:37:28 UTC 2024
    - 5.2K bytes
    - Viewed (0)
Back to top