pwned 1.2.1 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +15 -9
- data/CHANGELOG.md +44 -17
- data/README.md +117 -7
- data/bin/pwned +52 -0
- data/docs/NotPwnedValidator.html +23 -17
- data/docs/Pwned.html +30 -22
- data/docs/Pwned/Error.html +3 -3
- data/docs/Pwned/Password.html +60 -49
- data/docs/Pwned/TimeoutError.html +3 -3
- data/docs/PwnedValidator.html +3 -3
- data/docs/_index.html +4 -4
- data/docs/css/style.css +4 -7
- data/docs/file.README.html +147 -17
- data/docs/frames.html +1 -1
- data/docs/index.html +147 -17
- data/docs/js/app.js +55 -0
- data/docs/top-level-namespace.html +3 -3
- data/lib/pwned.rb +6 -6
- data/lib/pwned/password.rb +44 -11
- data/lib/pwned/version.rb +1 -1
- data/pwned.gemspec +10 -1
- metadata +20 -7
data/docs/Pwned/Error.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Exception: Pwned::Error
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -139,9 +139,9 @@ requests to the Pwned Passwords API.</p>
|
|
139
139
|
</div>
|
140
140
|
|
141
141
|
<div id="footer">
|
142
|
-
Generated on
|
142
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
143
143
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
144
|
-
0.9.
|
144
|
+
0.9.20 (ruby-2.5.5).
|
145
145
|
</div>
|
146
146
|
|
147
147
|
</div>
|
data/docs/Pwned/Password.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Class: Pwned::Password
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -119,11 +119,16 @@ Pwned Passwords API to find out if the password has been pwned.</p>
|
|
119
119
|
</ul>
|
120
120
|
|
121
121
|
</div>
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
<
|
126
|
-
|
122
|
+
|
123
|
+
<h2>
|
124
|
+
Constant Summary
|
125
|
+
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
|
126
|
+
</h2>
|
127
|
+
|
128
|
+
<dl class="constants">
|
129
|
+
|
130
|
+
<dt id="API_URL-constant" class="">API_URL =
|
131
|
+
<div class="docstring">
|
127
132
|
<div class="discussion">
|
128
133
|
|
129
134
|
<p>The base URL for the Pwned Passwords API</p>
|
@@ -135,11 +140,11 @@ Pwned Passwords API to find out if the password has been pwned.</p>
|
|
135
140
|
|
136
141
|
|
137
142
|
</div>
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
+
</dt>
|
144
|
+
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>https://api.pwnedpasswords.com/range/</span><span class='tstring_end'>"</span></span></pre></dd>
|
145
|
+
|
146
|
+
<dt id="HASH_PREFIX_LENGTH-constant" class="">HASH_PREFIX_LENGTH =
|
147
|
+
<div class="docstring">
|
143
148
|
<div class="discussion">
|
144
149
|
|
145
150
|
<p>The number of characters from the start of the hash of the password that
|
@@ -152,11 +157,11 @@ are used to search for the range of passwords.</p>
|
|
152
157
|
|
153
158
|
|
154
159
|
</div>
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
+
</dt>
|
161
|
+
<dd><pre class="code"><span class='int'>5</span></pre></dd>
|
162
|
+
|
163
|
+
<dt id="SHA1_LENGTH-constant" class="">SHA1_LENGTH =
|
164
|
+
<div class="docstring">
|
160
165
|
<div class="discussion">
|
161
166
|
|
162
167
|
<p>The total length of a SHA1 hash</p>
|
@@ -168,14 +173,14 @@ are used to search for the range of passwords.</p>
|
|
168
173
|
|
169
174
|
|
170
175
|
</div>
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
+
</dt>
|
177
|
+
<dd><pre class="code"><span class='int'>40</span></pre></dd>
|
178
|
+
|
179
|
+
<dt id="DEFAULT_REQUEST_HEADERS-constant" class="">DEFAULT_REQUEST_HEADERS =
|
180
|
+
<div class="docstring">
|
176
181
|
<div class="discussion">
|
177
182
|
|
178
|
-
<p>The default request
|
183
|
+
<p>The default request headers that are used to make HTTP requests to the API.
|
179
184
|
A user agent is provided as requested in the documentation.</p>
|
180
185
|
|
181
186
|
|
@@ -192,12 +197,13 @@ A user agent is provided as requested in the documentation.</p>
|
|
192
197
|
</ul>
|
193
198
|
|
194
199
|
</div>
|
195
|
-
|
196
|
-
|
200
|
+
</dt>
|
201
|
+
<dd><pre class="code"><span class='lbrace'>{</span>
|
197
202
|
<span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>Ruby Pwned::Password </span><span class='embexpr_beg'>#{</span><span class='const'><span class='object_link'><a href="../Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Pwned.html#VERSION-constant" title="Pwned::VERSION (constant)">VERSION</a></span></span><span class='embexpr_end'>}</span><span class='tstring_end'>"</span></span>
|
198
203
|
<span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_freeze'>freeze</span></pre></dd>
|
199
|
-
|
200
|
-
|
204
|
+
|
205
|
+
</dl>
|
206
|
+
|
201
207
|
|
202
208
|
|
203
209
|
|
@@ -382,10 +388,10 @@ A user agent is provided as requested in the documentation.</p>
|
|
382
388
|
|
383
389
|
|
384
390
|
<p class="example_title"><div class='inline'>
|
385
|
-
<p>Setting the user agent and the read timeout of the
|
391
|
+
<p>Setting the user agent and the read timeout of the request</p>
|
386
392
|
</div></p>
|
387
393
|
|
388
|
-
<pre class="example code"><code><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>My user agent</span><span class='tstring_end'>"</span></span
|
394
|
+
<pre class="example code"><code><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>My user agent</span><span class='tstring_end'>"</span></span> <span class='rbrace'>}</span><span class='comma'>,</span> <span class='label'>read_timout:</span> <span class='int'>10</span><span class='rparen'>)</span></code></pre>
|
389
395
|
|
390
396
|
</div>
|
391
397
|
<p class="tag_title">Parameters:</p>
|
@@ -420,7 +426,8 @@ A user agent is provided as requested in the documentation.</p>
|
|
420
426
|
|
421
427
|
—
|
422
428
|
<div class='inline'>
|
423
|
-
<p>Options that can be passed to <code>
|
429
|
+
<p>Options that can be passed to <code>Net::HTTP.start</code> when calling the
|
430
|
+
API</p>
|
424
431
|
</div>
|
425
432
|
|
426
433
|
</li>
|
@@ -436,17 +443,17 @@ A user agent is provided as requested in the documentation.</p>
|
|
436
443
|
<ul class="option">
|
437
444
|
|
438
445
|
<li>
|
439
|
-
<span class="name"
|
440
|
-
<span class="type">(<tt>
|
446
|
+
<span class="name">:headers</span>
|
447
|
+
<span class="type">(<tt>Symbol</tt>)</span>
|
441
448
|
<span class="default">
|
442
449
|
|
443
450
|
— default:
|
444
|
-
<tt
|
451
|
+
<tt>{ "User-Agent" => '"Ruby Pwned::Password #{Pwned::VERSION}" }</tt>
|
445
452
|
|
446
453
|
</span>
|
447
454
|
|
448
455
|
— <div class='inline'>
|
449
|
-
<p>
|
456
|
+
<p>HTTP headers to include in the request</p>
|
450
457
|
</div>
|
451
458
|
|
452
459
|
</li>
|
@@ -499,7 +506,9 @@ A user agent is provided as requested in the documentation.</p>
|
|
499
506
|
55
|
500
507
|
56
|
501
508
|
57
|
502
|
-
58
|
509
|
+
58
|
510
|
+
59
|
511
|
+
60</pre>
|
503
512
|
</td>
|
504
513
|
<td>
|
505
514
|
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 54</span>
|
@@ -507,7 +516,9 @@ A user agent is provided as requested in the documentation.</p>
|
|
507
516
|
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='comma'>,</span> <span class='id identifier rubyid_request_options'>request_options</span><span class='op'>=</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
|
508
517
|
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>TypeError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password must be of type String</span><span class='tstring_end'>"</span></span> <span class='kw'>unless</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span> <span class='const'>String</span>
|
509
518
|
<span class='ivar'>@password</span> <span class='op'>=</span> <span class='id identifier rubyid_password'>password</span>
|
510
|
-
<span class='ivar'>@request_options</span> <span class='op'>=</span> <span class='const'
|
519
|
+
<span class='ivar'>@request_options</span> <span class='op'>=</span> <span class='const'>Hash</span><span class='lparen'>(</span><span class='id identifier rubyid_request_options'>request_options</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span>
|
520
|
+
<span class='ivar'>@request_headers</span> <span class='op'>=</span> <span class='const'>Hash</span><span class='lparen'>(</span><span class='id identifier rubyid_request_options'>request_options</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='symbol'>:headers</span><span class='rparen'>)</span><span class='rparen'>)</span>
|
521
|
+
<span class='ivar'>@request_headers</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="#DEFAULT_REQUEST_HEADERS-constant" title="Pwned::Password::DEFAULT_REQUEST_HEADERS (constant)">DEFAULT_REQUEST_HEADERS</a></span></span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='ivar'>@request_headers</span><span class='rparen'>)</span>
|
511
522
|
<span class='kw'>end</span></pre>
|
512
523
|
</td>
|
513
524
|
</tr>
|
@@ -663,12 +674,12 @@ A user agent is provided as requested in the documentation.</p>
|
|
663
674
|
<pre class="lines">
|
664
675
|
|
665
676
|
|
666
|
-
|
667
|
-
|
668
|
-
|
677
|
+
66
|
678
|
+
67
|
679
|
+
68</pre>
|
669
680
|
</td>
|
670
681
|
<td>
|
671
|
-
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line
|
682
|
+
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 66</span>
|
672
683
|
|
673
684
|
<span class='kw'>def</span> <span class='id identifier rubyid_hashed_password'>hashed_password</span>
|
674
685
|
<span class='ivar'>@hashed_password</span> <span class='op'>||=</span> <span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_hexdigest'>hexdigest</span><span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span>
|
@@ -779,12 +790,12 @@ A user agent is provided as requested in the documentation.</p>
|
|
779
790
|
<pre class="lines">
|
780
791
|
|
781
792
|
|
782
|
-
|
783
|
-
|
784
|
-
|
793
|
+
79
|
794
|
+
80
|
795
|
+
81</pre>
|
785
796
|
</td>
|
786
797
|
<td>
|
787
|
-
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line
|
798
|
+
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 79</span>
|
788
799
|
|
789
800
|
<span class='kw'>def</span> <span class='id identifier rubyid_pwned?'>pwned?</span>
|
790
801
|
<span class='id identifier rubyid_pwned_count'>pwned_count</span> <span class='op'>></span> <span class='int'>0</span>
|
@@ -895,12 +906,12 @@ A user agent is provided as requested in the documentation.</p>
|
|
895
906
|
<pre class="lines">
|
896
907
|
|
897
908
|
|
898
|
-
|
899
|
-
|
900
|
-
|
909
|
+
92
|
910
|
+
93
|
911
|
+
94</pre>
|
901
912
|
</td>
|
902
913
|
<td>
|
903
|
-
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line
|
914
|
+
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 92</span>
|
904
915
|
|
905
916
|
<span class='kw'>def</span> <span class='id identifier rubyid_pwned_count'>pwned_count</span>
|
906
917
|
<span class='ivar'>@pwned_count</span> <span class='op'>||=</span> <span class='id identifier rubyid_fetch_pwned_count'>fetch_pwned_count</span>
|
@@ -915,9 +926,9 @@ A user agent is provided as requested in the documentation.</p>
|
|
915
926
|
</div>
|
916
927
|
|
917
928
|
<div id="footer">
|
918
|
-
Generated on
|
929
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
919
930
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
920
|
-
0.9.
|
931
|
+
0.9.20 (ruby-2.5.5).
|
921
932
|
</div>
|
922
933
|
|
923
934
|
</div>
|
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Exception: Pwned::TimeoutError
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -142,9 +142,9 @@
|
|
142
142
|
</div>
|
143
143
|
|
144
144
|
<div id="footer">
|
145
|
-
Generated on
|
145
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
146
146
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
147
|
-
0.9.
|
147
|
+
0.9.20 (ruby-2.5.5).
|
148
148
|
</div>
|
149
149
|
|
150
150
|
</div>
|
data/docs/PwnedValidator.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Class: PwnedValidator
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -182,9 +182,9 @@ removed</p>
|
|
182
182
|
</div>
|
183
183
|
|
184
184
|
<div id="footer">
|
185
|
-
Generated on
|
185
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
186
186
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
187
|
-
0.9.
|
187
|
+
0.9.20 (ruby-2.5.5).
|
188
188
|
</div>
|
189
189
|
|
190
190
|
</div>
|
data/docs/_index.html
CHANGED
@@ -4,7 +4,7 @@
|
|
4
4
|
<meta charset="utf-8">
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
6
6
|
<title>
|
7
|
-
Documentation by YARD 0.9.
|
7
|
+
Documentation by YARD 0.9.20
|
8
8
|
|
9
9
|
</title>
|
10
10
|
|
@@ -52,7 +52,7 @@
|
|
52
52
|
<div class="clear"></div>
|
53
53
|
</div>
|
54
54
|
|
55
|
-
<div id="content"><h1 class="noborder title">Documentation by YARD 0.9.
|
55
|
+
<div id="content"><h1 class="noborder title">Documentation by YARD 0.9.20</h1>
|
56
56
|
<div id="listing">
|
57
57
|
<h1 class="alphaindex">Alphabetic Index</h1>
|
58
58
|
|
@@ -152,9 +152,9 @@
|
|
152
152
|
</div>
|
153
153
|
|
154
154
|
<div id="footer">
|
155
|
-
Generated on
|
155
|
+
Generated on Tue Oct 1 21:19:35 2019 by
|
156
156
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
157
|
-
0.9.
|
157
|
+
0.9.20 (ruby-2.5.5).
|
158
158
|
</div>
|
159
159
|
|
160
160
|
</div>
|
data/docs/css/style.css
CHANGED
@@ -245,6 +245,7 @@ ul.toplevel { list-style: none; padding-left: 0; font-size: 1.1em; }
|
|
245
245
|
|
246
246
|
dl.constants { margin-left: 10px; }
|
247
247
|
dl.constants dt { font-weight: bold; font-size: 1.1em; margin-bottom: 5px; }
|
248
|
+
dl.constants.compact dt { display: inline-block; font-weight: normal }
|
248
249
|
dl.constants dd { width: 75%; white-space: pre; font-family: monospace; margin-bottom: 18px; }
|
249
250
|
dl.constants .docstring .note:first-child { margin-top: 5px; }
|
250
251
|
|
@@ -326,13 +327,9 @@ ul.summary a, ul.summary a:visited {
|
|
326
327
|
text-decoration: none; font-size: 1.1em;
|
327
328
|
}
|
328
329
|
ul.summary li { margin-bottom: 5px; }
|
329
|
-
.
|
330
|
-
padding: 4px 8px;
|
331
|
-
background: #f8f8f8;
|
332
|
-
border: 1px solid #f0f0f0;
|
333
|
-
border-radius: 5px;
|
334
|
-
}
|
330
|
+
.summary_signature { padding: 4px 8px; background: #f8f8f8; border: 1px solid #f0f0f0; border-radius: 5px; }
|
335
331
|
.summary_signature:hover { background: #CFEBFF; border-color: #A4CCDA; cursor: pointer; }
|
332
|
+
.summary_signature.deprecated { background: #ffe5e5; border-color: #e9dada; }
|
336
333
|
ul.summary.compact li { display: inline-block; margin: 0px 5px 0px 0px; line-height: 2.6em;}
|
337
334
|
ul.summary.compact .summary_signature { padding: 5px 7px; padding-right: 4px; }
|
338
335
|
#content .summary_signature:hover a,
|
@@ -485,7 +482,7 @@ pre.code .rubyid_nth_ref { color: #6D79DE; }
|
|
485
482
|
pre.code .regexp, .dregexp { color: #036A07; }
|
486
483
|
pre.code a { border-bottom: 1px dotted #bbf; }
|
487
484
|
/* inline code */
|
488
|
-
|
485
|
+
*:not(pre) > code {
|
489
486
|
padding: 1px 3px 1px 3px;
|
490
487
|
border: 1px solid #E1E1E8;
|
491
488
|
background: #F7F7F9;
|
data/docs/file.README.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
File: README
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -74,6 +74,33 @@ src="https://inch-ci.org/github/philnash/pwned.svg?branch=master"></a></p>
|
|
74
74
|
<p><a href="https://philnash.github.io/pwned/">API docs</a> | <a
|
75
75
|
href="https://github.com/philnash/pwned">GitHub repo</a></p>
|
76
76
|
|
77
|
+
<h2 id="label-Table+of+Contents">Table of Contents</h2>
|
78
|
+
<ul><li>
|
79
|
+
<p><a href="#about">About</a></p>
|
80
|
+
</li><li>
|
81
|
+
<p><a href="#installation">Installation</a></p>
|
82
|
+
</li><li>
|
83
|
+
<p><a href="#usage">Usage</a></p>
|
84
|
+
</li><li>
|
85
|
+
<p><a href="#plain-ruby">Plain Ruby</a></p>
|
86
|
+
</li><li>
|
87
|
+
<p><a href="#activerecord-validator">Rails (ActiveRecord)</a></p>
|
88
|
+
</li><li>
|
89
|
+
<p><a href="#devise">Devise</a></p>
|
90
|
+
</li><li>
|
91
|
+
<p><a href="#command-line">Command line</a></p>
|
92
|
+
</li><li>
|
93
|
+
<p><a href="#how-pwned-is-pi">How Pwned is Pi?</a></p>
|
94
|
+
</li><li>
|
95
|
+
<p><a href="#development">Development</a></p>
|
96
|
+
</li><li>
|
97
|
+
<p><a href="#contributing">Contributing</a></p>
|
98
|
+
</li><li>
|
99
|
+
<p><a href="#license">License</a></p>
|
100
|
+
</li><li>
|
101
|
+
<p><a href="#code-of-conduct">Code of Conduct</a></p>
|
102
|
+
</li></ul>
|
103
|
+
|
77
104
|
<h2 id="label-About">About</h2>
|
78
105
|
|
79
106
|
<p>Troy Hunt's <a
|
@@ -93,6 +120,11 @@ API, please check <a
|
|
93
120
|
href="https://haveibeenpwned.com/API/v2#AcceptableUse">the acceptable uses
|
94
121
|
and license of the API</a>.</p>
|
95
122
|
|
123
|
+
<p>Here is a blog post I wrote on <a
|
124
|
+
href="https://www.twilio.com/blog/2018/03/better-passwords-in-ruby-applications-pwned-passwords-api.html">how
|
125
|
+
to use this gem in your Ruby applications to make your users’ passwords
|
126
|
+
better</a>.</p>
|
127
|
+
|
96
128
|
<h2 id="label-Installation">Installation</h2>
|
97
129
|
|
98
130
|
<p>Add this line to your application's Gemfile:</p>
|
@@ -112,6 +144,17 @@ and license of the API</a>.</p>
|
|
112
144
|
|
113
145
|
<h2 id="label-Usage">Usage</h2>
|
114
146
|
|
147
|
+
<p>There are a few ways you can use this gem:</p>
|
148
|
+
<ol><li>
|
149
|
+
<p><a href="#plain-ruby">Plain Ruby</a></p>
|
150
|
+
</li><li>
|
151
|
+
<p><a href="#activerecord-validator">Rails</a></p>
|
152
|
+
</li><li>
|
153
|
+
<p><a href="#devise">Rails and Devise</a></p>
|
154
|
+
</li></ol>
|
155
|
+
|
156
|
+
<h3 id="label-Plain+Ruby">Plain Ruby</h3>
|
157
|
+
|
115
158
|
<p>To test a password against the API, instantiate a
|
116
159
|
<code>Pwned::Password</code> object and then ask if it is
|
117
160
|
<code>pwned?</code>.</p>
|
@@ -154,12 +197,14 @@ been pwned, or how many times it was pwned:</p>
|
|
154
197
|
|
155
198
|
<h4 id="label-Advanced">Advanced</h4>
|
156
199
|
|
157
|
-
<p>You can set
|
158
|
-
making the request to the API.
|
159
|
-
|
160
|
-
|
200
|
+
<p>You can set http request options to be used with
|
201
|
+
<code>Net::HTTP.start</code> when making the request to the API. These
|
202
|
+
options are documented in the <a
|
203
|
+
href="http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start">Net::HTTP.start
|
204
|
+
documentation</a>. The <code>:headers</code> option defines defines HTTP
|
205
|
+
headers. These headers must be string keys.</p>
|
161
206
|
|
162
|
-
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>Super fun new user agent</span><span class='tstring_end'>'</span></span> <span class='rbrace'>}</span><span class='rparen'>)</span>
|
207
|
+
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>Super fun new user agent</span><span class='tstring_end'>'</span></span> <span class='rbrace'>}</span><span class='comma'>,</span> <span class='label'>read_timeout:</span> <span class='int'>10</span><span class='rparen'>)</span>
|
163
208
|
</code></pre>
|
164
209
|
|
165
210
|
<h3 id="label-ActiveRecord+Validator">ActiveRecord Validator</h3>
|
@@ -198,7 +243,7 @@ whether the <code>pwned_count</code> is greater than the threshold.</p>
|
|
198
243
|
<span class='kw'>end</span>
|
199
244
|
</code></pre>
|
200
245
|
|
201
|
-
<h4 id="label-Network+
|
246
|
+
<h4 id="label-Network+Error+Handling">Network Error Handling</h4>
|
202
247
|
|
203
248
|
<p>By default the record will be treated as valid when we cannot reach the <a
|
204
249
|
href="https://haveibeenpwned.com/">haveibeenpwned.com</a> servers. This can
|
@@ -233,19 +278,104 @@ be changed with the <code>:on_error</code> validator parameter:</p>
|
|
233
278
|
|
234
279
|
<p>You can configure network requests made from the validator using
|
235
280
|
<code>:request_options</code> (see <a
|
236
|
-
href="http://ruby-doc.org/stdlib-2.
|
237
|
-
for the list of available options
|
238
|
-
|
281
|
+
href="http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start">Net::HTTP.start</a>
|
282
|
+
for the list of available options). In addition to these options, HTTP
|
283
|
+
headers can be specified with the <code>:headers</code> key, e.g.
|
284
|
+
<code>"User-Agent"</code>):</p>
|
239
285
|
|
240
286
|
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span>
|
241
|
-
<span class='label'>request_options:</span> <span class='lbrace'>{</span> <span class='label'>read_timeout:</span> <span class='int'>5</span><span class='comma'>,</span> <span class='label'>open_timeout:</span> <span class='int'>1</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>Super fun user agent</span><span class='tstring_end'>"</span></span> <span class='rbrace'>}</span>
|
287
|
+
<span class='label'>request_options:</span> <span class='lbrace'>{</span> <span class='label'>read_timeout:</span> <span class='int'>5</span><span class='comma'>,</span> <span class='label'>open_timeout:</span> <span class='int'>1</span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>Super fun user agent</span><span class='tstring_end'>"</span></span> <span class='rbrace'>}</span> <span class='rbrace'>}</span>
|
242
288
|
<span class='rbrace'>}</span>
|
243
289
|
</code></pre>
|
244
290
|
|
245
|
-
<
|
246
|
-
|
247
|
-
<p>
|
248
|
-
|
291
|
+
<h3 id="label-Devise">Devise</h3>
|
292
|
+
|
293
|
+
<p>If you are using Devise I recommend you use the <a
|
294
|
+
href="https://github.com/michaelbanfield/devise-pwned_password">devise-pwned_password
|
295
|
+
extension</a> which is now powered by this gem.</p>
|
296
|
+
|
297
|
+
<h3 id="label-Command+line">Command line</h3>
|
298
|
+
|
299
|
+
<p>The gem provides a command line utility for checking passwords. You can
|
300
|
+
call it from your terminal application like this:</p>
|
301
|
+
|
302
|
+
<pre class="code ruby"><code class="ruby">$ pwned password
|
303
|
+
Pwned!
|
304
|
+
The password has been found in public breaches 3645804 times.
|
305
|
+
</code></pre>
|
306
|
+
|
307
|
+
<p>If you don't want the password you are checking to be visible, call:</p>
|
308
|
+
|
309
|
+
<pre class="code ruby"><code class="ruby">$ pwned --secret
|
310
|
+
</code></pre>
|
311
|
+
|
312
|
+
<p>You will be prompted for the password, but it won't be displayed.</p>
|
313
|
+
|
314
|
+
<h2 id="label-How+Pwned+is+Pi-3F">How Pwned is Pi?</h2>
|
315
|
+
|
316
|
+
<p><a href="https://github.com/daz">@daz</a> <a
|
317
|
+
href="https://twitter.com/dazonic/status/1074647842046660609">shared</a> a
|
318
|
+
fantastic example of using this gem to show how many times the digits of Pi
|
319
|
+
have been used as passwords and leaked.</p>
|
320
|
+
|
321
|
+
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>pwned</span><span class='tstring_end'>'</span></span>
|
322
|
+
|
323
|
+
<span class='const'>PI</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>3.14159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111</span><span class='tstring_end'>'</span></span>
|
324
|
+
|
325
|
+
<span class='kw'>for</span> <span class='id identifier rubyid_n'>n</span> <span class='kw'>in</span> <span class='int'>1</span><span class='op'>..</span><span class='int'>40</span>
|
326
|
+
<span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span> <span class='const'>PI</span><span class='lbracket'>[</span><span class='int'>0</span><span class='op'>..</span><span class='lparen'>(</span><span class='id identifier rubyid_n'>n</span> <span class='op'>+</span> <span class='int'>1</span><span class='rparen'>)</span><span class='rbracket'>]</span>
|
327
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'>=</span> <span class='lbracket'>[</span> <span class='id identifier rubyid_n'>n</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_rjust'>rjust</span><span class='lparen'>(</span><span class='int'>2</span><span class='rparen'>)</span> <span class='rbracket'>]</span>
|
328
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'><<</span> <span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_pwned?'>pwned?</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>😡</span><span class='tstring_end'>'</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>😃</span><span class='tstring_end'>'</span></span><span class='rparen'>)</span>
|
329
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'><<</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_pwned_count'>pwned_count</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_rjust'>rjust</span><span class='lparen'>(</span><span class='int'>4</span><span class='rparen'>)</span>
|
330
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'><<</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_password'>password</span>
|
331
|
+
|
332
|
+
<span class='id identifier rubyid_puts'>puts</span> <span class='id identifier rubyid_str'>str</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'> </span><span class='tstring_end'>'</span></span>
|
333
|
+
<span class='kw'>end</span>
|
334
|
+
</code></pre>
|
335
|
+
|
336
|
+
<p>The results may, or may not, surprise you.</p>
|
337
|
+
|
338
|
+
<pre class="code ruby"><code class="ruby">1 😡 16 3.1
|
339
|
+
2 😡 238 3.14
|
340
|
+
3 😡 34 3.141
|
341
|
+
4 😡 1345 3.1415
|
342
|
+
5 😡 2552 3.14159
|
343
|
+
6 😡 791 3.141592
|
344
|
+
7 😡 9582 3.1415926
|
345
|
+
8 😡 1591 3.14159265
|
346
|
+
9 😡 637 3.141592653
|
347
|
+
10 😡 873 3.1415926535
|
348
|
+
11 😡 137 3.14159265358
|
349
|
+
12 😡 103 3.141592653589
|
350
|
+
13 😡 65 3.1415926535897
|
351
|
+
14 😡 201 3.14159265358979
|
352
|
+
15 😡 41 3.141592653589793
|
353
|
+
16 😡 57 3.1415926535897932
|
354
|
+
17 😡 28 3.14159265358979323
|
355
|
+
18 😡 29 3.141592653589793238
|
356
|
+
19 😡 1 3.1415926535897932384
|
357
|
+
20 😡 7 3.14159265358979323846
|
358
|
+
21 😡 5 3.141592653589793238462
|
359
|
+
22 😡 2 3.1415926535897932384626
|
360
|
+
23 😡 2 3.14159265358979323846264
|
361
|
+
24 😃 0 3.141592653589793238462643
|
362
|
+
25 😡 3 3.1415926535897932384626433
|
363
|
+
26 😃 0 3.14159265358979323846264338
|
364
|
+
27 😃 0 3.141592653589793238462643383
|
365
|
+
28 😃 0 3.1415926535897932384626433832
|
366
|
+
29 😃 0 3.14159265358979323846264338327
|
367
|
+
30 😃 0 3.141592653589793238462643383279
|
368
|
+
31 😃 0 3.1415926535897932384626433832795
|
369
|
+
32 😃 0 3.14159265358979323846264338327950
|
370
|
+
33 😃 0 3.141592653589793238462643383279502
|
371
|
+
34 😃 0 3.1415926535897932384626433832795028
|
372
|
+
35 😃 0 3.14159265358979323846264338327950288
|
373
|
+
36 😃 0 3.141592653589793238462643383279502884
|
374
|
+
37 😃 0 3.1415926535897932384626433832795028841
|
375
|
+
38 😃 0 3.14159265358979323846264338327950288419
|
376
|
+
39 😃 0 3.141592653589793238462643383279502884197
|
377
|
+
40 😃 0 3.1415926535897932384626433832795028841971
|
378
|
+
</code></pre>
|
249
379
|
|
250
380
|
<h2 id="label-Development">Development</h2>
|
251
381
|
|
@@ -284,9 +414,9 @@ of conduct</a>.</p>
|
|
284
414
|
</div></div>
|
285
415
|
|
286
416
|
<div id="footer">
|
287
|
-
Generated on
|
417
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
288
418
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
289
|
-
0.9.
|
419
|
+
0.9.20 (ruby-2.5.5).
|
290
420
|
</div>
|
291
421
|
|
292
422
|
</div>
|