pwned 1.2.1 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +15 -9
- data/CHANGELOG.md +44 -17
- data/README.md +117 -7
- data/bin/pwned +52 -0
- data/docs/NotPwnedValidator.html +23 -17
- data/docs/Pwned.html +30 -22
- data/docs/Pwned/Error.html +3 -3
- data/docs/Pwned/Password.html +60 -49
- data/docs/Pwned/TimeoutError.html +3 -3
- data/docs/PwnedValidator.html +3 -3
- data/docs/_index.html +4 -4
- data/docs/css/style.css +4 -7
- data/docs/file.README.html +147 -17
- data/docs/frames.html +1 -1
- data/docs/index.html +147 -17
- data/docs/js/app.js +55 -0
- data/docs/top-level-namespace.html +3 -3
- data/lib/pwned.rb +6 -6
- data/lib/pwned/password.rb +44 -11
- data/lib/pwned/version.rb +1 -1
- data/pwned.gemspec +10 -1
- metadata +20 -7
data/docs/Pwned/Error.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Exception: Pwned::Error
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -139,9 +139,9 @@ requests to the Pwned Passwords API.</p>
|
|
139
139
|
</div>
|
140
140
|
|
141
141
|
<div id="footer">
|
142
|
-
Generated on
|
142
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
143
143
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
144
|
-
0.9.
|
144
|
+
0.9.20 (ruby-2.5.5).
|
145
145
|
</div>
|
146
146
|
|
147
147
|
</div>
|
data/docs/Pwned/Password.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Class: Pwned::Password
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -119,11 +119,16 @@ Pwned Passwords API to find out if the password has been pwned.</p>
|
|
119
119
|
</ul>
|
120
120
|
|
121
121
|
</div>
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
<
|
126
|
-
|
122
|
+
|
123
|
+
<h2>
|
124
|
+
Constant Summary
|
125
|
+
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
|
126
|
+
</h2>
|
127
|
+
|
128
|
+
<dl class="constants">
|
129
|
+
|
130
|
+
<dt id="API_URL-constant" class="">API_URL =
|
131
|
+
<div class="docstring">
|
127
132
|
<div class="discussion">
|
128
133
|
|
129
134
|
<p>The base URL for the Pwned Passwords API</p>
|
@@ -135,11 +140,11 @@ Pwned Passwords API to find out if the password has been pwned.</p>
|
|
135
140
|
|
136
141
|
|
137
142
|
</div>
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
+
</dt>
|
144
|
+
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>https://api.pwnedpasswords.com/range/</span><span class='tstring_end'>"</span></span></pre></dd>
|
145
|
+
|
146
|
+
<dt id="HASH_PREFIX_LENGTH-constant" class="">HASH_PREFIX_LENGTH =
|
147
|
+
<div class="docstring">
|
143
148
|
<div class="discussion">
|
144
149
|
|
145
150
|
<p>The number of characters from the start of the hash of the password that
|
@@ -152,11 +157,11 @@ are used to search for the range of passwords.</p>
|
|
152
157
|
|
153
158
|
|
154
159
|
</div>
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
+
</dt>
|
161
|
+
<dd><pre class="code"><span class='int'>5</span></pre></dd>
|
162
|
+
|
163
|
+
<dt id="SHA1_LENGTH-constant" class="">SHA1_LENGTH =
|
164
|
+
<div class="docstring">
|
160
165
|
<div class="discussion">
|
161
166
|
|
162
167
|
<p>The total length of a SHA1 hash</p>
|
@@ -168,14 +173,14 @@ are used to search for the range of passwords.</p>
|
|
168
173
|
|
169
174
|
|
170
175
|
</div>
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
+
</dt>
|
177
|
+
<dd><pre class="code"><span class='int'>40</span></pre></dd>
|
178
|
+
|
179
|
+
<dt id="DEFAULT_REQUEST_HEADERS-constant" class="">DEFAULT_REQUEST_HEADERS =
|
180
|
+
<div class="docstring">
|
176
181
|
<div class="discussion">
|
177
182
|
|
178
|
-
<p>The default request
|
183
|
+
<p>The default request headers that are used to make HTTP requests to the API.
|
179
184
|
A user agent is provided as requested in the documentation.</p>
|
180
185
|
|
181
186
|
|
@@ -192,12 +197,13 @@ A user agent is provided as requested in the documentation.</p>
|
|
192
197
|
</ul>
|
193
198
|
|
194
199
|
</div>
|
195
|
-
|
196
|
-
|
200
|
+
</dt>
|
201
|
+
<dd><pre class="code"><span class='lbrace'>{</span>
|
197
202
|
<span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>Ruby Pwned::Password </span><span class='embexpr_beg'>#{</span><span class='const'><span class='object_link'><a href="../Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Pwned.html#VERSION-constant" title="Pwned::VERSION (constant)">VERSION</a></span></span><span class='embexpr_end'>}</span><span class='tstring_end'>"</span></span>
|
198
203
|
<span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_freeze'>freeze</span></pre></dd>
|
199
|
-
|
200
|
-
|
204
|
+
|
205
|
+
</dl>
|
206
|
+
|
201
207
|
|
202
208
|
|
203
209
|
|
@@ -382,10 +388,10 @@ A user agent is provided as requested in the documentation.</p>
|
|
382
388
|
|
383
389
|
|
384
390
|
<p class="example_title"><div class='inline'>
|
385
|
-
<p>Setting the user agent and the read timeout of the
|
391
|
+
<p>Setting the user agent and the read timeout of the request</p>
|
386
392
|
</div></p>
|
387
393
|
|
388
|
-
<pre class="example code"><code><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>My user agent</span><span class='tstring_end'>"</span></span
|
394
|
+
<pre class="example code"><code><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>My user agent</span><span class='tstring_end'>"</span></span> <span class='rbrace'>}</span><span class='comma'>,</span> <span class='label'>read_timout:</span> <span class='int'>10</span><span class='rparen'>)</span></code></pre>
|
389
395
|
|
390
396
|
</div>
|
391
397
|
<p class="tag_title">Parameters:</p>
|
@@ -420,7 +426,8 @@ A user agent is provided as requested in the documentation.</p>
|
|
420
426
|
|
421
427
|
—
|
422
428
|
<div class='inline'>
|
423
|
-
<p>Options that can be passed to <code>
|
429
|
+
<p>Options that can be passed to <code>Net::HTTP.start</code> when calling the
|
430
|
+
API</p>
|
424
431
|
</div>
|
425
432
|
|
426
433
|
</li>
|
@@ -436,17 +443,17 @@ A user agent is provided as requested in the documentation.</p>
|
|
436
443
|
<ul class="option">
|
437
444
|
|
438
445
|
<li>
|
439
|
-
<span class="name"
|
440
|
-
<span class="type">(<tt>
|
446
|
+
<span class="name">:headers</span>
|
447
|
+
<span class="type">(<tt>Symbol</tt>)</span>
|
441
448
|
<span class="default">
|
442
449
|
|
443
450
|
— default:
|
444
|
-
<tt
|
451
|
+
<tt>{ "User-Agent" => '"Ruby Pwned::Password #{Pwned::VERSION}" }</tt>
|
445
452
|
|
446
453
|
</span>
|
447
454
|
|
448
455
|
— <div class='inline'>
|
449
|
-
<p>
|
456
|
+
<p>HTTP headers to include in the request</p>
|
450
457
|
</div>
|
451
458
|
|
452
459
|
</li>
|
@@ -499,7 +506,9 @@ A user agent is provided as requested in the documentation.</p>
|
|
499
506
|
55
|
500
507
|
56
|
501
508
|
57
|
502
|
-
58
|
509
|
+
58
|
510
|
+
59
|
511
|
+
60</pre>
|
503
512
|
</td>
|
504
513
|
<td>
|
505
514
|
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 54</span>
|
@@ -507,7 +516,9 @@ A user agent is provided as requested in the documentation.</p>
|
|
507
516
|
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='comma'>,</span> <span class='id identifier rubyid_request_options'>request_options</span><span class='op'>=</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
|
508
517
|
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>TypeError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password must be of type String</span><span class='tstring_end'>"</span></span> <span class='kw'>unless</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_is_a?'>is_a?</span> <span class='const'>String</span>
|
509
518
|
<span class='ivar'>@password</span> <span class='op'>=</span> <span class='id identifier rubyid_password'>password</span>
|
510
|
-
<span class='ivar'>@request_options</span> <span class='op'>=</span> <span class='const'
|
519
|
+
<span class='ivar'>@request_options</span> <span class='op'>=</span> <span class='const'>Hash</span><span class='lparen'>(</span><span class='id identifier rubyid_request_options'>request_options</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span>
|
520
|
+
<span class='ivar'>@request_headers</span> <span class='op'>=</span> <span class='const'>Hash</span><span class='lparen'>(</span><span class='id identifier rubyid_request_options'>request_options</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='symbol'>:headers</span><span class='rparen'>)</span><span class='rparen'>)</span>
|
521
|
+
<span class='ivar'>@request_headers</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="#DEFAULT_REQUEST_HEADERS-constant" title="Pwned::Password::DEFAULT_REQUEST_HEADERS (constant)">DEFAULT_REQUEST_HEADERS</a></span></span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='ivar'>@request_headers</span><span class='rparen'>)</span>
|
511
522
|
<span class='kw'>end</span></pre>
|
512
523
|
</td>
|
513
524
|
</tr>
|
@@ -663,12 +674,12 @@ A user agent is provided as requested in the documentation.</p>
|
|
663
674
|
<pre class="lines">
|
664
675
|
|
665
676
|
|
666
|
-
|
667
|
-
|
668
|
-
|
677
|
+
66
|
678
|
+
67
|
679
|
+
68</pre>
|
669
680
|
</td>
|
670
681
|
<td>
|
671
|
-
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line
|
682
|
+
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 66</span>
|
672
683
|
|
673
684
|
<span class='kw'>def</span> <span class='id identifier rubyid_hashed_password'>hashed_password</span>
|
674
685
|
<span class='ivar'>@hashed_password</span> <span class='op'>||=</span> <span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_hexdigest'>hexdigest</span><span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_upcase'>upcase</span>
|
@@ -779,12 +790,12 @@ A user agent is provided as requested in the documentation.</p>
|
|
779
790
|
<pre class="lines">
|
780
791
|
|
781
792
|
|
782
|
-
|
783
|
-
|
784
|
-
|
793
|
+
79
|
794
|
+
80
|
795
|
+
81</pre>
|
785
796
|
</td>
|
786
797
|
<td>
|
787
|
-
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line
|
798
|
+
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 79</span>
|
788
799
|
|
789
800
|
<span class='kw'>def</span> <span class='id identifier rubyid_pwned?'>pwned?</span>
|
790
801
|
<span class='id identifier rubyid_pwned_count'>pwned_count</span> <span class='op'>></span> <span class='int'>0</span>
|
@@ -895,12 +906,12 @@ A user agent is provided as requested in the documentation.</p>
|
|
895
906
|
<pre class="lines">
|
896
907
|
|
897
908
|
|
898
|
-
|
899
|
-
|
900
|
-
|
909
|
+
92
|
910
|
+
93
|
911
|
+
94</pre>
|
901
912
|
</td>
|
902
913
|
<td>
|
903
|
-
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line
|
914
|
+
<pre class="code"><span class="info file"># File 'lib/pwned/password.rb', line 92</span>
|
904
915
|
|
905
916
|
<span class='kw'>def</span> <span class='id identifier rubyid_pwned_count'>pwned_count</span>
|
906
917
|
<span class='ivar'>@pwned_count</span> <span class='op'>||=</span> <span class='id identifier rubyid_fetch_pwned_count'>fetch_pwned_count</span>
|
@@ -915,9 +926,9 @@ A user agent is provided as requested in the documentation.</p>
|
|
915
926
|
</div>
|
916
927
|
|
917
928
|
<div id="footer">
|
918
|
-
Generated on
|
929
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
919
930
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
920
|
-
0.9.
|
931
|
+
0.9.20 (ruby-2.5.5).
|
921
932
|
</div>
|
922
933
|
|
923
934
|
</div>
|
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Exception: Pwned::TimeoutError
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -142,9 +142,9 @@
|
|
142
142
|
</div>
|
143
143
|
|
144
144
|
<div id="footer">
|
145
|
-
Generated on
|
145
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
146
146
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
147
|
-
0.9.
|
147
|
+
0.9.20 (ruby-2.5.5).
|
148
148
|
</div>
|
149
149
|
|
150
150
|
</div>
|
data/docs/PwnedValidator.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
Class: PwnedValidator
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -182,9 +182,9 @@ removed</p>
|
|
182
182
|
</div>
|
183
183
|
|
184
184
|
<div id="footer">
|
185
|
-
Generated on
|
185
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
186
186
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
187
|
-
0.9.
|
187
|
+
0.9.20 (ruby-2.5.5).
|
188
188
|
</div>
|
189
189
|
|
190
190
|
</div>
|
data/docs/_index.html
CHANGED
@@ -4,7 +4,7 @@
|
|
4
4
|
<meta charset="utf-8">
|
5
5
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
6
6
|
<title>
|
7
|
-
Documentation by YARD 0.9.
|
7
|
+
Documentation by YARD 0.9.20
|
8
8
|
|
9
9
|
</title>
|
10
10
|
|
@@ -52,7 +52,7 @@
|
|
52
52
|
<div class="clear"></div>
|
53
53
|
</div>
|
54
54
|
|
55
|
-
<div id="content"><h1 class="noborder title">Documentation by YARD 0.9.
|
55
|
+
<div id="content"><h1 class="noborder title">Documentation by YARD 0.9.20</h1>
|
56
56
|
<div id="listing">
|
57
57
|
<h1 class="alphaindex">Alphabetic Index</h1>
|
58
58
|
|
@@ -152,9 +152,9 @@
|
|
152
152
|
</div>
|
153
153
|
|
154
154
|
<div id="footer">
|
155
|
-
Generated on
|
155
|
+
Generated on Tue Oct 1 21:19:35 2019 by
|
156
156
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
157
|
-
0.9.
|
157
|
+
0.9.20 (ruby-2.5.5).
|
158
158
|
</div>
|
159
159
|
|
160
160
|
</div>
|
data/docs/css/style.css
CHANGED
@@ -245,6 +245,7 @@ ul.toplevel { list-style: none; padding-left: 0; font-size: 1.1em; }
|
|
245
245
|
|
246
246
|
dl.constants { margin-left: 10px; }
|
247
247
|
dl.constants dt { font-weight: bold; font-size: 1.1em; margin-bottom: 5px; }
|
248
|
+
dl.constants.compact dt { display: inline-block; font-weight: normal }
|
248
249
|
dl.constants dd { width: 75%; white-space: pre; font-family: monospace; margin-bottom: 18px; }
|
249
250
|
dl.constants .docstring .note:first-child { margin-top: 5px; }
|
250
251
|
|
@@ -326,13 +327,9 @@ ul.summary a, ul.summary a:visited {
|
|
326
327
|
text-decoration: none; font-size: 1.1em;
|
327
328
|
}
|
328
329
|
ul.summary li { margin-bottom: 5px; }
|
329
|
-
.
|
330
|
-
padding: 4px 8px;
|
331
|
-
background: #f8f8f8;
|
332
|
-
border: 1px solid #f0f0f0;
|
333
|
-
border-radius: 5px;
|
334
|
-
}
|
330
|
+
.summary_signature { padding: 4px 8px; background: #f8f8f8; border: 1px solid #f0f0f0; border-radius: 5px; }
|
335
331
|
.summary_signature:hover { background: #CFEBFF; border-color: #A4CCDA; cursor: pointer; }
|
332
|
+
.summary_signature.deprecated { background: #ffe5e5; border-color: #e9dada; }
|
336
333
|
ul.summary.compact li { display: inline-block; margin: 0px 5px 0px 0px; line-height: 2.6em;}
|
337
334
|
ul.summary.compact .summary_signature { padding: 5px 7px; padding-right: 4px; }
|
338
335
|
#content .summary_signature:hover a,
|
@@ -485,7 +482,7 @@ pre.code .rubyid_nth_ref { color: #6D79DE; }
|
|
485
482
|
pre.code .regexp, .dregexp { color: #036A07; }
|
486
483
|
pre.code a { border-bottom: 1px dotted #bbf; }
|
487
484
|
/* inline code */
|
488
|
-
|
485
|
+
*:not(pre) > code {
|
489
486
|
padding: 1px 3px 1px 3px;
|
490
487
|
border: 1px solid #E1E1E8;
|
491
488
|
background: #F7F7F9;
|
data/docs/file.README.html
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
<title>
|
7
7
|
File: README
|
8
8
|
|
9
|
-
— Documentation by YARD 0.9.
|
9
|
+
— Documentation by YARD 0.9.20
|
10
10
|
|
11
11
|
</title>
|
12
12
|
|
@@ -74,6 +74,33 @@ src="https://inch-ci.org/github/philnash/pwned.svg?branch=master"></a></p>
|
|
74
74
|
<p><a href="https://philnash.github.io/pwned/">API docs</a> | <a
|
75
75
|
href="https://github.com/philnash/pwned">GitHub repo</a></p>
|
76
76
|
|
77
|
+
<h2 id="label-Table+of+Contents">Table of Contents</h2>
|
78
|
+
<ul><li>
|
79
|
+
<p><a href="#about">About</a></p>
|
80
|
+
</li><li>
|
81
|
+
<p><a href="#installation">Installation</a></p>
|
82
|
+
</li><li>
|
83
|
+
<p><a href="#usage">Usage</a></p>
|
84
|
+
</li><li>
|
85
|
+
<p><a href="#plain-ruby">Plain Ruby</a></p>
|
86
|
+
</li><li>
|
87
|
+
<p><a href="#activerecord-validator">Rails (ActiveRecord)</a></p>
|
88
|
+
</li><li>
|
89
|
+
<p><a href="#devise">Devise</a></p>
|
90
|
+
</li><li>
|
91
|
+
<p><a href="#command-line">Command line</a></p>
|
92
|
+
</li><li>
|
93
|
+
<p><a href="#how-pwned-is-pi">How Pwned is Pi?</a></p>
|
94
|
+
</li><li>
|
95
|
+
<p><a href="#development">Development</a></p>
|
96
|
+
</li><li>
|
97
|
+
<p><a href="#contributing">Contributing</a></p>
|
98
|
+
</li><li>
|
99
|
+
<p><a href="#license">License</a></p>
|
100
|
+
</li><li>
|
101
|
+
<p><a href="#code-of-conduct">Code of Conduct</a></p>
|
102
|
+
</li></ul>
|
103
|
+
|
77
104
|
<h2 id="label-About">About</h2>
|
78
105
|
|
79
106
|
<p>Troy Hunt's <a
|
@@ -93,6 +120,11 @@ API, please check <a
|
|
93
120
|
href="https://haveibeenpwned.com/API/v2#AcceptableUse">the acceptable uses
|
94
121
|
and license of the API</a>.</p>
|
95
122
|
|
123
|
+
<p>Here is a blog post I wrote on <a
|
124
|
+
href="https://www.twilio.com/blog/2018/03/better-passwords-in-ruby-applications-pwned-passwords-api.html">how
|
125
|
+
to use this gem in your Ruby applications to make your users’ passwords
|
126
|
+
better</a>.</p>
|
127
|
+
|
96
128
|
<h2 id="label-Installation">Installation</h2>
|
97
129
|
|
98
130
|
<p>Add this line to your application's Gemfile:</p>
|
@@ -112,6 +144,17 @@ and license of the API</a>.</p>
|
|
112
144
|
|
113
145
|
<h2 id="label-Usage">Usage</h2>
|
114
146
|
|
147
|
+
<p>There are a few ways you can use this gem:</p>
|
148
|
+
<ol><li>
|
149
|
+
<p><a href="#plain-ruby">Plain Ruby</a></p>
|
150
|
+
</li><li>
|
151
|
+
<p><a href="#activerecord-validator">Rails</a></p>
|
152
|
+
</li><li>
|
153
|
+
<p><a href="#devise">Rails and Devise</a></p>
|
154
|
+
</li></ol>
|
155
|
+
|
156
|
+
<h3 id="label-Plain+Ruby">Plain Ruby</h3>
|
157
|
+
|
115
158
|
<p>To test a password against the API, instantiate a
|
116
159
|
<code>Pwned::Password</code> object and then ask if it is
|
117
160
|
<code>pwned?</code>.</p>
|
@@ -154,12 +197,14 @@ been pwned, or how many times it was pwned:</p>
|
|
154
197
|
|
155
198
|
<h4 id="label-Advanced">Advanced</h4>
|
156
199
|
|
157
|
-
<p>You can set
|
158
|
-
making the request to the API.
|
159
|
-
|
160
|
-
|
200
|
+
<p>You can set http request options to be used with
|
201
|
+
<code>Net::HTTP.start</code> when making the request to the API. These
|
202
|
+
options are documented in the <a
|
203
|
+
href="http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start">Net::HTTP.start
|
204
|
+
documentation</a>. The <code>:headers</code> option defines defines HTTP
|
205
|
+
headers. These headers must be string keys.</p>
|
161
206
|
|
162
|
-
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>Super fun new user agent</span><span class='tstring_end'>'</span></span> <span class='rbrace'>}</span><span class='rparen'>)</span>
|
207
|
+
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>password</span><span class='tstring_end'>"</span></span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>'</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>Super fun new user agent</span><span class='tstring_end'>'</span></span> <span class='rbrace'>}</span><span class='comma'>,</span> <span class='label'>read_timeout:</span> <span class='int'>10</span><span class='rparen'>)</span>
|
163
208
|
</code></pre>
|
164
209
|
|
165
210
|
<h3 id="label-ActiveRecord+Validator">ActiveRecord Validator</h3>
|
@@ -198,7 +243,7 @@ whether the <code>pwned_count</code> is greater than the threshold.</p>
|
|
198
243
|
<span class='kw'>end</span>
|
199
244
|
</code></pre>
|
200
245
|
|
201
|
-
<h4 id="label-Network+
|
246
|
+
<h4 id="label-Network+Error+Handling">Network Error Handling</h4>
|
202
247
|
|
203
248
|
<p>By default the record will be treated as valid when we cannot reach the <a
|
204
249
|
href="https://haveibeenpwned.com/">haveibeenpwned.com</a> servers. This can
|
@@ -233,19 +278,104 @@ be changed with the <code>:on_error</code> validator parameter:</p>
|
|
233
278
|
|
234
279
|
<p>You can configure network requests made from the validator using
|
235
280
|
<code>:request_options</code> (see <a
|
236
|
-
href="http://ruby-doc.org/stdlib-2.
|
237
|
-
for the list of available options
|
238
|
-
|
281
|
+
href="http://ruby-doc.org/stdlib-2.6.3/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start">Net::HTTP.start</a>
|
282
|
+
for the list of available options). In addition to these options, HTTP
|
283
|
+
headers can be specified with the <code>:headers</code> key, e.g.
|
284
|
+
<code>"User-Agent"</code>):</p>
|
239
285
|
|
240
286
|
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_validates'>validates</span> <span class='symbol'>:password</span><span class='comma'>,</span> <span class='label'>not_pwned:</span> <span class='lbrace'>{</span>
|
241
|
-
<span class='label'>request_options:</span> <span class='lbrace'>{</span> <span class='label'>read_timeout:</span> <span class='int'>5</span><span class='comma'>,</span> <span class='label'>open_timeout:</span> <span class='int'>1</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>Super fun user agent</span><span class='tstring_end'>"</span></span> <span class='rbrace'>}</span>
|
287
|
+
<span class='label'>request_options:</span> <span class='lbrace'>{</span> <span class='label'>read_timeout:</span> <span class='int'>5</span><span class='comma'>,</span> <span class='label'>open_timeout:</span> <span class='int'>1</span><span class='comma'>,</span> <span class='label'>headers:</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>"</span></span> <span class='op'>=></span> <span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>Super fun user agent</span><span class='tstring_end'>"</span></span> <span class='rbrace'>}</span> <span class='rbrace'>}</span>
|
242
288
|
<span class='rbrace'>}</span>
|
243
289
|
</code></pre>
|
244
290
|
|
245
|
-
<
|
246
|
-
|
247
|
-
<p>
|
248
|
-
|
291
|
+
<h3 id="label-Devise">Devise</h3>
|
292
|
+
|
293
|
+
<p>If you are using Devise I recommend you use the <a
|
294
|
+
href="https://github.com/michaelbanfield/devise-pwned_password">devise-pwned_password
|
295
|
+
extension</a> which is now powered by this gem.</p>
|
296
|
+
|
297
|
+
<h3 id="label-Command+line">Command line</h3>
|
298
|
+
|
299
|
+
<p>The gem provides a command line utility for checking passwords. You can
|
300
|
+
call it from your terminal application like this:</p>
|
301
|
+
|
302
|
+
<pre class="code ruby"><code class="ruby">$ pwned password
|
303
|
+
Pwned!
|
304
|
+
The password has been found in public breaches 3645804 times.
|
305
|
+
</code></pre>
|
306
|
+
|
307
|
+
<p>If you don't want the password you are checking to be visible, call:</p>
|
308
|
+
|
309
|
+
<pre class="code ruby"><code class="ruby">$ pwned --secret
|
310
|
+
</code></pre>
|
311
|
+
|
312
|
+
<p>You will be prompted for the password, but it won't be displayed.</p>
|
313
|
+
|
314
|
+
<h2 id="label-How+Pwned+is+Pi-3F">How Pwned is Pi?</h2>
|
315
|
+
|
316
|
+
<p><a href="https://github.com/daz">@daz</a> <a
|
317
|
+
href="https://twitter.com/dazonic/status/1074647842046660609">shared</a> a
|
318
|
+
fantastic example of using this gem to show how many times the digits of Pi
|
319
|
+
have been used as passwords and leaked.</p>
|
320
|
+
|
321
|
+
<pre class="code ruby"><code class="ruby"><span class='id identifier rubyid_require'>require</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>pwned</span><span class='tstring_end'>'</span></span>
|
322
|
+
|
323
|
+
<span class='const'>PI</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>3.14159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111</span><span class='tstring_end'>'</span></span>
|
324
|
+
|
325
|
+
<span class='kw'>for</span> <span class='id identifier rubyid_n'>n</span> <span class='kw'>in</span> <span class='int'>1</span><span class='op'>..</span><span class='int'>40</span>
|
326
|
+
<span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="Pwned.html" title="Pwned (module)">Pwned</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Pwned/Password.html" title="Pwned::Password (class)">Password</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="Pwned/Password.html#initialize-instance_method" title="Pwned::Password#initialize (method)">new</a></span></span> <span class='const'>PI</span><span class='lbracket'>[</span><span class='int'>0</span><span class='op'>..</span><span class='lparen'>(</span><span class='id identifier rubyid_n'>n</span> <span class='op'>+</span> <span class='int'>1</span><span class='rparen'>)</span><span class='rbracket'>]</span>
|
327
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'>=</span> <span class='lbracket'>[</span> <span class='id identifier rubyid_n'>n</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_rjust'>rjust</span><span class='lparen'>(</span><span class='int'>2</span><span class='rparen'>)</span> <span class='rbracket'>]</span>
|
328
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'><<</span> <span class='lparen'>(</span><span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_pwned?'>pwned?</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>😡</span><span class='tstring_end'>'</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>😃</span><span class='tstring_end'>'</span></span><span class='rparen'>)</span>
|
329
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'><<</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_pwned_count'>pwned_count</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_rjust'>rjust</span><span class='lparen'>(</span><span class='int'>4</span><span class='rparen'>)</span>
|
330
|
+
<span class='id identifier rubyid_str'>str</span> <span class='op'><<</span> <span class='id identifier rubyid_password'>password</span><span class='period'>.</span><span class='id identifier rubyid_password'>password</span>
|
331
|
+
|
332
|
+
<span class='id identifier rubyid_puts'>puts</span> <span class='id identifier rubyid_str'>str</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span> <span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'> </span><span class='tstring_end'>'</span></span>
|
333
|
+
<span class='kw'>end</span>
|
334
|
+
</code></pre>
|
335
|
+
|
336
|
+
<p>The results may, or may not, surprise you.</p>
|
337
|
+
|
338
|
+
<pre class="code ruby"><code class="ruby">1 😡 16 3.1
|
339
|
+
2 😡 238 3.14
|
340
|
+
3 😡 34 3.141
|
341
|
+
4 😡 1345 3.1415
|
342
|
+
5 😡 2552 3.14159
|
343
|
+
6 😡 791 3.141592
|
344
|
+
7 😡 9582 3.1415926
|
345
|
+
8 😡 1591 3.14159265
|
346
|
+
9 😡 637 3.141592653
|
347
|
+
10 😡 873 3.1415926535
|
348
|
+
11 😡 137 3.14159265358
|
349
|
+
12 😡 103 3.141592653589
|
350
|
+
13 😡 65 3.1415926535897
|
351
|
+
14 😡 201 3.14159265358979
|
352
|
+
15 😡 41 3.141592653589793
|
353
|
+
16 😡 57 3.1415926535897932
|
354
|
+
17 😡 28 3.14159265358979323
|
355
|
+
18 😡 29 3.141592653589793238
|
356
|
+
19 😡 1 3.1415926535897932384
|
357
|
+
20 😡 7 3.14159265358979323846
|
358
|
+
21 😡 5 3.141592653589793238462
|
359
|
+
22 😡 2 3.1415926535897932384626
|
360
|
+
23 😡 2 3.14159265358979323846264
|
361
|
+
24 😃 0 3.141592653589793238462643
|
362
|
+
25 😡 3 3.1415926535897932384626433
|
363
|
+
26 😃 0 3.14159265358979323846264338
|
364
|
+
27 😃 0 3.141592653589793238462643383
|
365
|
+
28 😃 0 3.1415926535897932384626433832
|
366
|
+
29 😃 0 3.14159265358979323846264338327
|
367
|
+
30 😃 0 3.141592653589793238462643383279
|
368
|
+
31 😃 0 3.1415926535897932384626433832795
|
369
|
+
32 😃 0 3.14159265358979323846264338327950
|
370
|
+
33 😃 0 3.141592653589793238462643383279502
|
371
|
+
34 😃 0 3.1415926535897932384626433832795028
|
372
|
+
35 😃 0 3.14159265358979323846264338327950288
|
373
|
+
36 😃 0 3.141592653589793238462643383279502884
|
374
|
+
37 😃 0 3.1415926535897932384626433832795028841
|
375
|
+
38 😃 0 3.14159265358979323846264338327950288419
|
376
|
+
39 😃 0 3.141592653589793238462643383279502884197
|
377
|
+
40 😃 0 3.1415926535897932384626433832795028841971
|
378
|
+
</code></pre>
|
249
379
|
|
250
380
|
<h2 id="label-Development">Development</h2>
|
251
381
|
|
@@ -284,9 +414,9 @@ of conduct</a>.</p>
|
|
284
414
|
</div></div>
|
285
415
|
|
286
416
|
<div id="footer">
|
287
|
-
Generated on
|
417
|
+
Generated on Tue Oct 1 21:19:37 2019 by
|
288
418
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
289
|
-
0.9.
|
419
|
+
0.9.20 (ruby-2.5.5).
|
290
420
|
</div>
|
291
421
|
|
292
422
|
</div>
|