assert response.status_code == 200, response.text
    assert response.json() == {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "******@****.***",
        "hashed_password": "fakehashedsecret",
        "disabled": False,
    }


@needs_py310
def test_incorrect_token(client: TestClient):
    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})

    assert response.status_code == 200, response.text
    assert response.json() == {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "******@****.***",
        "hashed_password": "fakehashedsecret",
        "disabled": False,
    }


@needs_py310
def test_incorrect_token(client: TestClient):
    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})

@needs_py39
def test_verify_password():
    from docs_src.security.tutorial005_an_py39 import fake_users_db, verify_password

    assert verify_password("secret", fake_users_db["johndoe"]["hashed_password"])


@needs_py39
def test_get_password_hash():
    from docs_src.security.tutorial005_an_py39 import get_password_hash

    assert get_password_hash("secretalice")


@needs_py39

    assert response.json() == {"detail": "Not authenticated"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_verify_password():
    assert verify_password("secret", fake_users_db["johndoe"]["hashed_password"])


def test_get_password_hash():
    assert get_password_hash("secretalice")


def test_create_access_token():
    access_token = create_access_token(data={"data": "foo"})
    assert access_token

    assert response.json() == {"detail": "Not authenticated"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_verify_password():
    assert verify_password("secret", fake_users_db["johndoe"]["hashed_password"])


def test_get_password_hash():
    assert get_password_hash("secretalice")


def test_create_access_token():
    access_token = create_access_token(data={"data": "foo"})
    assert access_token

@needs_py310
def test_verify_password():
    from docs_src.security.tutorial005_py310 import fake_users_db, verify_password

    assert verify_password("secret", fake_users_db["johndoe"]["hashed_password"])


@needs_py310
def test_get_password_hash():
    from docs_src.security.tutorial005_py310 import get_password_hash

    assert get_password_hash("secretalice")


@needs_py310

@needs_py39
def test_verify_password():
    from docs_src.security.tutorial005_py39 import fake_users_db, verify_password

    assert verify_password("secret", fake_users_db["johndoe"]["hashed_password"])


@needs_py39
def test_get_password_hash():
    from docs_src.security.tutorial005_py39 import get_password_hash

    assert get_password_hash("secretalice")


@needs_py39

@needs_py310
def test_verify_password():
    from docs_src.security.tutorial005_an_py310 import fake_users_db, verify_password

    assert verify_password("secret", fake_users_db["johndoe"]["hashed_password"])


@needs_py310
def test_get_password_hash():
    from docs_src.security.tutorial005_an_py310 import get_password_hash

    assert get_password_hash("secretalice")


@needs_py310

```Python hl_lines="18-24  31-36"
{!../../docs_src/sql_databases/sql_app/crud.py!}
```

/// tip

🇸🇲 🏷 `User` 🔌 `hashed_password` 👈 🔜 🔌 🔐 #️⃣ ⏬ 🔐.

✋️ ⚫️❔ 🛠️ 👩‍💻 🚚 ⏮️ 🔐, 👆 💪 ⚗ ⚫️ & 🏗 #️⃣ 🔐 👆 🈸.

 & ⤴️ 🚶‍♀️ `hashed_password` ❌ ⏮️ 💲 🖊.

///

/// warning

👉 🖼 🚫 🔐, 🔐 🚫#️⃣.

🎰 👨‍❤‍👨 🈸 👆 🔜 💪 #️⃣ 🔐 & 🙅 🖊 👫 🔢.

```Python hl_lines="18-24  31-36"
{!../../docs_src/sql_databases/sql_app/crud.py!}
```

/// tip

SQLAlchemy 模型`User`包含一个`hashed_password`，它应该是一个包含散列的安全密码。

但由于 API 客户端提供的是原始密码，因此您需要将其提取并在应用程序中生成散列密码。

然后将hashed_password参数与要保存的值一起传递。

///

/// warning

此示例不安全，密码未经过哈希处理。

在现实生活中的应用程序中，您需要对密码进行哈希处理，并且永远不要以明文形式保存它们。

有关更多详细信息，请返回教程中的安全部分。