Luego podemos usar `secrets.compare_digest()` para asegurar que `credentials.username` es `"stanleyjobson"`, y que `credentials.password` es `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Esto sería similar a:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Devuelve algún error
    ...
```

        assertVersionEqual("1", "1.0.0");
        assertVersionOlder("1.0", "1.1");
        assertVersionOlder("1.1", "1.2");
        assertVersionOlder("1.0.0", "1.1");
        assertVersionOlder("1.1", "1.2.0");

        assertVersionOlder("1.1.2.alpha1", "1.1.2");
        assertVersionOlder("1.1.2.alpha1", "1.1.2.beta1");
        assertVersionOlder("1.1.2.beta1", "1.2");

        assertVersionOlder("1.0-alpha-1", "1.0");

为了解决这个问题，我们首先将 `username` 和 `password` 转换为使用 UTF-8 编码的 `bytes` 。

然后我们可以使用 `secrets.compare_digest()` 来确保 `credentials.username` 是 `"stanleyjobson"`，且 `credentials.password` 是`"swordfish"`。

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

这类似于：

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

但使用 `secrets.compare_digest()`，可以防御**时差攻击**，更加安全。

Dann können wir `secrets.compare_digest()` verwenden, um sicherzustellen, dass `credentials.username` `"stanleyjobson"` und `credentials.password` `"swordfish"` ist.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Dies wäre das gleiche wie:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Einen Error zurückgeben
    ...
```

*path operation* が `request` を受け取る前に、 `request` とともに実行されるコードを追加できます。

また `response` が生成された後、それを返す前にも追加できます。

例えば、リクエストの処理とレスポンスの生成にかかった秒数を含むカスタムヘッダー `X-Process-Time` を追加できます:

{* ../../docs_src/middleware/tutorial001.py hl[10,12:13] *}

## その他のミドルウェア

他のミドルウェアの詳細については、[高度なユーザーガイド: 高度なミドルウェア](../advanced/middleware.md){.internal-link target=_blank}を参照してください。

Por ejemplo, podrías añadir un custom header `X-Process-Time` que contenga el tiempo en segundos que tomó procesar la request y generar una response:

{* ../../docs_src/middleware/tutorial001_py39.py hl[10,12:13] *}

/// tip | Consejo

    where an integer (but not int typed) is used. Encoding this as a float
    results in failed round-tripping between encode and parse.
    Our Id type is a prime example of this.

    >>> decimal_encoder(Decimal("1.0"))
    1.0

    >>> decimal_encoder(Decimal("1"))
    1

    >>> decimal_encoder(Decimal("NaN"))
    nan
    """
    exponent = dec_value.as_tuple().exponent
    if isinstance(exponent, int) and exponent >= 0:

        multimap.putAll("bar", asList(4, 5));
        multimap.putAll("foo", asList(6));
        multimap.putAll("baz", asList(7, 8));
        multimap.putAll("dog", asList(9));
        multimap.putAll("bar", asList(10, 11));
        multimap.putAll("cat", asList(12, 13, 14));
        return multimap.keySet().iterator();
      }

      @Override
      protected void verify(List<String> elements) {

Então nós podemos utilizar o `secrets.compare_digest()` para garantir que o `credentials.username` é `"stanleyjobson"`, e que o `credentials.password` é `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Isso seria parecido com:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

  public void testManyEqual() {
    assertThat(
            ComparisonChain.start()
                .compare(1, 1)
                .compare(1L, 1L)
                .compareFalseFirst(true, true)
                .compare(1.0, 1.0)
                .compare(1.0f, 1.0f)
                .compare("a", "a", Ordering.usingToString())
                .result())
        .isEqualTo(0);
  }

  public void testShortCircuitLess() {
    assertThat(