# ๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ” ๐Ÿ”ฐ ๐Ÿ” ๐Ÿ™… ๐Ÿ’ผ, ๐Ÿ‘† ๐Ÿ’ช โš™๏ธ ๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ” ๐Ÿ”ฐ ๐Ÿ”. ๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ” ๐Ÿ”ฐ ๐Ÿ”, ๐Ÿˆธ โŒ› ๐ŸŽš ๐Ÿ‘ˆ ๐Ÿ”Œ ๐Ÿ†” & ๐Ÿ”. ๐Ÿšฅ โšซ๏ธ ๐Ÿšซ ๐Ÿ“จ โšซ๏ธ, โšซ๏ธ ๐Ÿ“จ ๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ” 4๏ธโƒฃ0๏ธโƒฃ1๏ธโƒฃ "โ›”" โŒ. & ๐Ÿ“จ ๐ŸŽš `WWW-Authenticate` โฎ๏ธ ๐Ÿ’ฒ `Basic`, & ๐Ÿ“ฆ `realm` ๐Ÿ”ข. ๐Ÿ‘ˆ ๐Ÿ’ฌ ๐Ÿ–ฅ ๐ŸŽฆ ๐Ÿ› ๏ธ ๐Ÿ“‹ ๐Ÿ†” & ๐Ÿ”. โคด๏ธ, ๐Ÿ•โ” ๐Ÿ‘† ๐Ÿ†Ž ๐Ÿ‘ˆ ๐Ÿ†” & ๐Ÿ”, ๐Ÿ–ฅ ๐Ÿ“จ ๐Ÿ‘ซ ๐ŸŽš ๐Ÿ”. ## ๐Ÿ™… ๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ” ๐Ÿ”ฐ ๐Ÿ” * ๐Ÿ—„ `HTTPBasic` & `HTTPBasicCredentials`. * โœ "`security` โš–" โš™๏ธ `HTTPBasic`. * โš™๏ธ ๐Ÿ‘ˆ `security` โฎ๏ธ ๐Ÿ”— ๐Ÿ‘† *โžก ๐Ÿ› ๏ธ*. * โšซ๏ธ ๐Ÿ“จ ๐ŸŽš ๐Ÿ†Ž `HTTPBasicCredentials`: * โšซ๏ธ ๐Ÿ”Œ `username` & `password` ๐Ÿ“จ. {* ../../docs_src/security/tutorial006.py hl[2,6,10] *} ๐Ÿ•โ” ๐Ÿ‘† ๐Ÿ”„ ๐Ÿ“‚ ๐Ÿ“› ๐Ÿฅ‡ ๐Ÿ•ฐ (โš–๏ธ ๐Ÿ–Š "๐Ÿ› ๏ธ" ๐Ÿ”ผ ๐Ÿฉบ) ๐Ÿ–ฅ ๐Ÿ”œ ๐Ÿ’ญ ๐Ÿ‘† ๐Ÿ‘† ๐Ÿ†” & ๐Ÿ”: ## โœ… ๐Ÿ†” ๐Ÿ“ฅ ๐ŸŒ… ๐Ÿ ๐Ÿ–ผ. โš™๏ธ ๐Ÿ”— โœ… ๐Ÿšฅ ๐Ÿ†” & ๐Ÿ” โ˜‘. ๐Ÿ‘‰, โš™๏ธ ๐Ÿ ๐Ÿฉ ๐Ÿ•น `secrets` โœ… ๐Ÿ†” & ๐Ÿ”. `secrets.compare_digest()` ๐Ÿ’ช โœŠ `bytes` โš–๏ธ `str` ๐Ÿ‘ˆ ๐Ÿ•ด ๐Ÿ”Œ ๐Ÿ”  ๐Ÿฆน (๐Ÿ• ๐Ÿ‡ช๐Ÿ‡ธ), ๐Ÿ‘‰ โ›“ โšซ๏ธ ๐Ÿšซ๐Ÿ”œ ๐Ÿ‘ท โฎ๏ธ ๐Ÿฆน ๐Ÿ’– `รก`, `Sebastiรกn`. ๐Ÿต ๐Ÿ‘ˆ, ๐Ÿ‘ฅ ๐Ÿฅ‡ ๐Ÿ—œ `username` & `password` `bytes` ๐Ÿ”ข ๐Ÿ‘ซ โฎ๏ธ ๐Ÿ” -8๏ธโƒฃ. โคด๏ธ ๐Ÿ‘ฅ ๐Ÿ’ช โš™๏ธ `secrets.compare_digest()` ๐Ÿšš ๐Ÿ‘ˆ `credentials.username` `"stanleyjobson"`, & ๐Ÿ‘ˆ `credentials.password` `"swordfish"`. {* ../../docs_src/security/tutorial007.py hl[1,11:21] *} ๐Ÿ‘‰ ๐Ÿ”œ ๐ŸŽ: ```Python if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"): # Return some error ... ``` โœ‹๏ธ โš™๏ธ `secrets.compare_digest()` โšซ๏ธ ๐Ÿ”œ ๐Ÿ” ๐Ÿ›ก ๐Ÿ†Ž ๐Ÿ‘Š ๐Ÿค™ "๐Ÿ•ฐ ๐Ÿ‘Š". ### โฒ ๐Ÿ‘Š โœ‹๏ธ โšซ๏ธโ” "โฒ ๐Ÿ‘Š"โ“ โžก๏ธ ๐ŸŒˆ ๐Ÿ‘Š ๐Ÿ”„ ๐Ÿ’ญ ๐Ÿ†” & ๐Ÿ”. & ๐Ÿ‘ซ ๐Ÿ“จ ๐Ÿ“จ โฎ๏ธ ๐Ÿ†” `johndoe` & ๐Ÿ” `love123`. โคด๏ธ ๐Ÿ ๐Ÿ“Ÿ ๐Ÿ‘† ๐Ÿˆธ ๐Ÿ”œ ๐ŸŒ“ ๐Ÿ•ณ ๐Ÿ’–: ```Python if "johndoe" == "stanleyjobson" and "love123" == "swordfish": ... ``` โœ‹๏ธ โ–ถ๏ธ๏ธ ๐Ÿ™ ๐Ÿ ๐Ÿ”ฌ ๐Ÿฅ‡ `j` `johndoe` ๐Ÿฅ‡ `s` `stanleyjobson`, โšซ๏ธ ๐Ÿ”œ ๐Ÿ“จ `False`, โ†ฉ๏ธ โšซ๏ธ โช ๐Ÿ’ญ ๐Ÿ‘ˆ ๐Ÿ“š 2๏ธโƒฃ ๐ŸŽป ๐Ÿšซ ๐ŸŽ, ๐Ÿ’ญ ๐Ÿ‘ˆ "๐Ÿ“ค ๐Ÿ™…โ€โ™‚ ๐Ÿ’ช ๐Ÿ—‘ ๐ŸŒ… ๐Ÿ“Š โš– ๐ŸŽ‚ ๐Ÿ”ค". & ๐Ÿ‘† ๐Ÿˆธ ๐Ÿ”œ ๐Ÿ’ฌ "โŒ ๐Ÿ‘ฉโ€๐Ÿ’ป โš–๏ธ ๐Ÿ”". โœ‹๏ธ โคด๏ธ ๐Ÿ‘Š ๐Ÿ”„ โฎ๏ธ ๐Ÿ†” `stanleyjobsox` & ๐Ÿ” `love123`. & ๐Ÿ‘† ๐Ÿˆธ ๐Ÿ“Ÿ ๐Ÿ”จ ๐Ÿ•ณ ๐Ÿ’–: ```Python if "stanleyjobsox" == "stanleyjobson" and "love123" == "swordfish": ... ``` ๐Ÿ ๐Ÿ”œ โœ”๏ธ ๐Ÿ”ฌ ๐ŸŽ‚ `stanleyjobso` ๐Ÿ‘ฏโ€โ™‚๏ธ `stanleyjobsox` & `stanleyjobson` โญ ๐Ÿค” ๐Ÿ‘ˆ ๐Ÿ‘ฏโ€โ™‚๏ธ ๐ŸŽป ๐Ÿšซ ๐ŸŽ. โšซ๏ธ ๐Ÿ”œ โœŠ โž• โฒ ๐Ÿ“จ ๐Ÿ”™ "โŒ ๐Ÿ‘ฉโ€๐Ÿ’ป โš–๏ธ ๐Ÿ”". #### ๐Ÿ•ฐ โ” โ„น ๐Ÿ‘Š ๐Ÿ‘ˆ โ˜, ๐Ÿ‘€ ๐Ÿ‘ˆ ๐Ÿ’ฝ โœŠ โฒ ๐Ÿ“ ๐Ÿ“จ "โŒ ๐Ÿ‘ฉโ€๐Ÿ’ป โš–๏ธ ๐Ÿ”" ๐Ÿ“จ, ๐Ÿ‘Š ๐Ÿ”œ ๐Ÿ’ญ ๐Ÿ‘ˆ ๐Ÿ‘ซ ๐Ÿคš _๐Ÿ•ณ_ โ–ถ๏ธ๏ธ, โ–ถ๏ธ ๐Ÿ”ค โ–ถ๏ธ๏ธ. & โคด๏ธ ๐Ÿ‘ซ ๐Ÿ’ช ๐Ÿ”„ ๐Ÿ”„ ๐Ÿค” ๐Ÿ‘ˆ โšซ๏ธ ๐ŸŽฒ ๐Ÿ•ณ ๐ŸŒ– ๐ŸŽ `stanleyjobsox` ๐ŸŒ˜ `johndoe`. #### "๐Ÿ•ด" ๐Ÿ‘Š โ†—๏ธ, ๐Ÿ‘Š ๐Ÿ”œ ๐Ÿšซ ๐Ÿ”„ ๐ŸŒ ๐Ÿ‘‰ โœ‹, ๐Ÿ‘ซ ๐Ÿ”œ โœ ๐Ÿ“‹ โšซ๏ธ, ๐ŸŽฒ โฎ๏ธ ๐Ÿ’ฏ โš–๏ธ ๐Ÿ’ฏ ๐Ÿ’ฏ ๐Ÿ“ ๐Ÿฅˆ. & ๐Ÿ”œ ๐Ÿคš 1๏ธโƒฃ โž• โ˜‘ ๐Ÿ”ค ๐Ÿ•ฐ. โœ‹๏ธ ๐Ÿ”จ ๐Ÿ‘ˆ, โฒ โš–๏ธ ๐Ÿ“† ๐Ÿ‘Š ๐Ÿ”œ โœ”๏ธ ๐Ÿ’ญ โ˜‘ ๐Ÿ†” & ๐Ÿ”, โฎ๏ธ "โ„น" ๐Ÿ‘† ๐Ÿˆธ, โš™๏ธ ๐Ÿ•ฐ โœŠ โ”. #### ๐Ÿ”ง โšซ๏ธ โฎ๏ธ `secrets.compare_digest()` โœ‹๏ธ ๐Ÿ‘† ๐Ÿ“Ÿ ๐Ÿ‘ฅ ๐Ÿค™ โš™๏ธ `secrets.compare_digest()`. ๐Ÿ“, โšซ๏ธ ๐Ÿ”œ โœŠ ๐ŸŽ ๐Ÿ•ฐ ๐Ÿ”ฌ `stanleyjobsox` `stanleyjobson` ๐ŸŒ˜ โšซ๏ธ โœŠ ๐Ÿ”ฌ `johndoe` `stanleyjobson`. & ๐ŸŽ ๐Ÿ”. ๐Ÿ‘ˆ ๐ŸŒŒ, โš™๏ธ `secrets.compare_digest()` ๐Ÿ‘† ๐Ÿˆธ ๐Ÿ“Ÿ, โšซ๏ธ ๐Ÿ”œ ๐Ÿ”’ ๐Ÿ›ก ๐Ÿ‘‰ ๐ŸŽ‚ โ†” ๐Ÿ’‚โ€โ™‚ ๐Ÿ‘Š. ### ๐Ÿ“จ โŒ โฎ๏ธ ๐Ÿ” ๐Ÿ‘ˆ ๐ŸŽ“ โŒ, ๐Ÿ“จ `HTTPException` โฎ๏ธ ๐Ÿ‘” ๐Ÿ“Ÿ 4๏ธโƒฃ0๏ธโƒฃ1๏ธโƒฃ (๐ŸŽ ๐Ÿ“จ ๐Ÿ•โ” ๐Ÿ™…โ€โ™‚ ๐ŸŽ“ ๐Ÿšš) & ๐Ÿšฎ ๐ŸŽš `WWW-Authenticate` โš’ ๐Ÿ–ฅ ๐ŸŽฆ ๐Ÿ’ณ ๐Ÿ“‹ ๐Ÿ”„: {* ../../docs_src/security/tutorial007.py hl[23:27] *}