* The **input model** needs to be able to have a password.
* The **output model** should not have a password.
* The **database model** would probably need to have a hashed password.

/// danger

Never store user's plaintext passwords. Always store a "secure hash" that you can then verify.

If you don't know, you will learn what a "password hash" is in the [security chapters](security/simple-oauth2.md#password-hashing){.internal-link target=_blank}.

///

        params.put(ExtractData.RESOURCE_NAME_KEY, resourceName);
        assertEquals("PASSWORD", pdfExtractor.getPassword(params));
    }

    public void test_getPassword_json() {
        String url;
        Map<String, String> params = new HashMap<>();
        params.put(ExtractData.FILE_PASSWORDS, "{\".*hoge1.pdf\":\"password\",\"fuga.pdf\":\"PASSWORD\"}");

        url = null;
        params.put(ExtractData.URL, url);

                    "properties": {
                        "username": {"type": "string", "title": "Username"},
                        "password": {"type": "string", "title": "Password"},
                    },
                    "type": "object",
                    "required": ["username", "password"],
                    "title": "FormData",
                },
                "ValidationError": {

def test_login_incorrect_username():
    response = client.post("/token", data={"username": "foo", "password": "secret"})
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Incorrect username or password"}


def test_no_token():
    response = client.get("/users/me")
    assert response.status_code == 401, response.text

    }

    public void setUsername(final String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(final String password) {
        this.password = password;
    }

    public String getDomain() {
        return domain;
    }

    public void setDomain(final String domain) {
        this.domain = domain;

        this.host = host;
    }

    /**
     * Get user's password used to log in to proxy server.
     *
     * @return user's password at proxy host
     */
    public String getPassword() {
        return password;
    }

    /**
     * Set the user's password for the proxy server.
     *
     * @param password password to use to log in to a proxy server
     */

     * @param targetName
     *            SPN of the target system, optional
     * @param passwordHash
     *            The NT password hash, takes precedence over password (which is no longer required unless legacy LM
     *            authentication is needed)
     * @param password
     *            The password to use when constructing the response.
     * @param domain
     *            The domain in which the user has an account.

     * domain, username, and password. Parameters that are <tt>null</tt>
     * will be substituted with <tt>jcifs.smb.client.domain</tt>,
     * <tt>jcifs.smb.client.username</tt>, <tt>jcifs.smb.client.password</tt>
     * property values.
     * 
     * @param tc
     *            context to use
     * @param domain
     * @param username
     * @param password
     */

    app,
    create_access_token,
    fake_users_db,
    get_password_hash,
    verify_password,
)

client = TestClient(app)


def get_access_token(username="johndoe", password="secret", scope=None):
    data = {"username": username, "password": password}
    if scope:
        data["scope"] = scope
    response = client.post("/token", data=data)
    content = response.json()
    access_token = content.get("access_token")

    if not user_dict:
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    user = UserInDB(**user_dict)
    hashed_password = fake_hash_password(form_data.password)
    if not hashed_password == user.hashed_password:
        raise HTTPException(status_code=400, detail="Incorrect username or password")

    return {"access_token": user.username, "token_type": "bearer"}


@app.get("/users/me")