From d9105e1a2609416650e12ea2adc127d4795f19aa Mon Sep 17 00:00:00 2001
From: Wulan Ramadhani <hernandez0287407@gmail.com>
Date: Mon, 25 May 2026 09:23:36 +0800
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20Security=20fix:=20docs=5Fsrc/app?=
 =?UTF-8?q?=5Ftesting/app=5Fb=5Fan=5Fpy310/main.py?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

修复了硬编码密码的问题，使用环境变量来存储敏感信息。代码现在从环境变量中读取 `FAKE_SECRET_TOKEN` 的值，并在未设置该变量时抛出异常。这样避免了将敏感信息直接写入源代码中。
---
 docs_src/app_testing/app_b_an_py310/main.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/docs_src/app_testing/app_b_an_py310/main.py b/docs_src/app_testing/app_b_an_py310/main.py
index 1b77dd1379..4a7479b0d9 100644
--- a/docs_src/app_testing/app_b_an_py310/main.py
+++ b/docs_src/app_testing/app_b_an_py310/main.py
@@ -1,3 +1,21 @@
+import os
+from fastapi import FastAPI, Header, HTTPException
+from pydantic import BaseModel
+
+fake_secret_token = os.getenv("FAKE_SECRET_TOKEN")
+if not fake_secret_token:
+    raise RuntimeError("Environment variable FAKE_SECRET_TOKEN is not set.")
+
+fake_db = {
+    "foo": {"id": "foo", "title": "Foo", "description": "There goes my hero"},
+    "bar": {"id": "bar", "title": "Bar", "description": "The bartenders"},
+}
+
+app = FastAPI()
+
+class Item(BaseModel):
+    pass
+
 from typing import Annotated
 
 from fastapi import FastAPI, Header, HTTPException