:lock: Check both username and password in security tutorial (#865)

author Pavel Isaev <isaevpd@users.noreply.github.com>

Fri, 17 Jan 2020 11:49:54 +0000 (13:49 +0200)

committer Sebastián Ramírez <tiangolo@gmail.com>

Fri, 17 Jan 2020 11:49:54 +0000 (12:49 +0100)
author Pavel Isaev <isaevpd@users.noreply.github.com>
Fri, 17 Jan 2020 11:49:54 +0000 (13:49 +0200)
committer Sebastián Ramírez <tiangolo@gmail.com>
Fri, 17 Jan 2020 11:49:54 +0000 (12:49 +0100)
diff --git a/docs/src/security/tutorial007.py b/docs/src/security/tutorial007.py

index ce268433cfdd1f91d08e14487d6500fb0d03f9ed..2c323fd48dbdbcc7d59e1f8e359abc544efb7a37 100644 (file)
--- a/docs/src/security/tutorial007.py
+++ b/docs/src/security/tutorial007.py
@@ -12,7 +12,7 @@ security = HTTPBasic()
  def get_current_username(credentials: HTTPBasicCredentials = Depends(security)):
      correct_username = secrets.compare_digest(credentials.username, "stanleyjobson")
      correct_password = secrets.compare_digest(credentials.password, "swordfish")
-    if not correct_username and correct_password:
+    if not (correct_username and correct_password):
          raise HTTPException(
              status_code=HTTP_401_UNAUTHORIZED,
              detail="Incorrect email or password",
author	Pavel Isaev <isaevpd@users.noreply.github.com>
	Fri, 17 Jan 2020 11:49:54 +0000 (13:49 +0200)
committer	Sebastián Ramírez <tiangolo@gmail.com>
	Fri, 17 Jan 2020 11:49:54 +0000 (12:49 +0100)