From 174e7b1730c6b21eb015a8b8ff3e56e018bc0de3 Mon Sep 17 00:00:00 2001 From: Pavel Isaev Date: Fri, 17 Jan 2020 13:49:54 +0200 Subject: [PATCH] :lock: Check both username and password in security tutorial (#865) --- docs/src/security/tutorial007.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/security/tutorial007.py b/docs/src/security/tutorial007.py index ce268433c..2c323fd48 100644 --- a/docs/src/security/tutorial007.py +++ b/docs/src/security/tutorial007.py @@ -12,7 +12,7 @@ security = HTTPBasic() def get_current_username(credentials: HTTPBasicCredentials = Depends(security)): correct_username = secrets.compare_digest(credentials.username, "stanleyjobson") correct_password = secrets.compare_digest(credentials.password, "swordfish") - if not correct_username and correct_password: + if not (correct_username and correct_password): raise HTTPException( status_code=HTTP_401_UNAUTHORIZED, detail="Incorrect email or password",