#   o user: (Required)
    #   o password: password plainly or path to password file (with default password)
    #       e.g. foo or df:dfprop/system-password.txt|foo
    #       (NotRequired - Default '')
    #   o isSkipIfNotFoundPasswordFileAndDefault: Does it skip the user SQL statement
    #       when using password file but not found it and also default password?
    #       (NotRequired - Default false)
    #

        assertTrue("Result should contain password={cipher}, but was: " + result, result.contains("password={cipher}"));

        // Test with empty encryption target
        value = "password=";
        result = ParameterUtil.encrypt(value);
        assertTrue(result.contains("password={cipher}"));

        // Test with only whitespace value
        value = "password=   ";
        result = ParameterUtil.encrypt(value);

    }

    /** The username. */
    @NotBlank
    public String username;

    /** The password. */
    @NotBlank
    public String password;

    /** The confirm password. */
    public String confirmPassword;

    /**
     * Clears the security info.
     */
    public void clearSecurityInfo() {
        password = null;
        confirmPassword = null;
    }

        // Credentials
        final CredentialsConfig credentials = new CredentialsConfig();
        credentials.setUsername(username);
        final String password = paramMap.get(prefix + "password");
        credentials.setPassword(password == null ? StringUtil.EMPTY : password);
        if (Constants.NTLM.equals(scheme)) {
            credentials.setType(CredentialsType.NTLM);
            credentials.setDomain(paramMap.get(prefix + "domain"));

        }
    }

    @Override
    public boolean changePassword(final String username, final String password) {
        if (isTargetUser(username) && StringUtil.isNotBlank(password)) {
            return executeCommand(updateCommand, username, password) == 0;
        }
        return true;
    }

    @Override
    public User load(final User user) {
        return user;
    }

    /**

            user.clearOriginalPassword();
        }
    }

    /**
     * Changes the password for a user identified by username.
     * Updates both the authentication manager and the database with the new encrypted password.
     *
     * @param username the username of the user
     * @param password the new password in plain text
     * @throws FessUserNotFoundException if the user is not found
     */

def get_password_hash(password):
    return password_hash.hash(password)


def get_user(db, username: str):
    if username in db:
        user_dict = db[username]
        return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False

            } else {
                // plain text
                this.password = new byte[(pwAuth.getPassword().length() + 1) * 2];
                this.passwordLength = writeString(pwAuth.getPassword(), this.password, 0);
            }
        } else {
            // no password in tree connect
            this.passwordLength = 1;
        }

It can be used by third party applications and systems.

And it can also be used by yourself, to debug, check and test the same application.

## The `password` flow { #the-password-flow }

Now let's go back a bit and understand what is all that.

The `password` "flow" is one of the ways ("flows") defined in OAuth2, to handle security and authentication.

def get_password_hash(password):
    return password_hash.hash(password)


def get_user(db, username: str):
    if username in db:
        user_dict = db[username]
        return UserInDB(**user_dict)


def authenticate_user(fake_db, username: str, password: str):
    user = get_user(fake_db, username)
    if not user:
        verify_password(password, DUMMY_HASH)
        return False