Class: Pwned::Password

Inherits:
Object
  • Object
show all
Defined in:
lib/pwned/password.rb

Overview

This class represents a password. It does all the work of talking to the Pwned Passwords API to find out if the password has been pwned.

Constant Summary collapse

API_URL =

The base URL for the Pwned Passwords API

"https://api.pwnedpasswords.com/range/"
HASH_PREFIX_LENGTH =

The number of characters from the start of the hash of the password that are used to search for the range of passwords.

5
SHA1_LENGTH =

The total length of a SHA1 hash

40
DEFAULT_REQUEST_HEADERS =

The default request headers that are used to make HTTP requests to the API. A user agent is provided as requested in the documentation.

{
  "User-Agent" => "Ruby Pwned::Password #{Pwned::VERSION}"
}.freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(password, request_options = {}) ⇒ Boolean

Creates a new password object.

Examples:

A simple password with the default request options

password = Pwned::Password.new("password")

Setting the user agent and the read timeout of the request

password = Pwned::Password.new("password", headers: { "User-Agent" => "My user agent" }, read_timout: 10)

Parameters:

  • password (String)

    The password you want to check against the API.

  • request_options (Hash) (defaults to: {})

    Options that can be passed to Net::HTTP.start when calling the API

Options Hash (request_options):

  • :headers (Symbol) — default: { "User-Agent" => '"Ruby Pwned::Password #{Pwned::VERSION}" }

    HTTP headers to include in the request

Raises:

  • (TypeError)

    if the password is not a string.

Since:

  • 1.1.0



54
55
56
57
58
59
60
# File 'lib/pwned/password.rb', line 54

def initialize(password, request_options={})
  raise TypeError, "password must be of type String" unless password.is_a? String
  @password = password
  @request_options = Hash(request_options).dup
  @request_headers = Hash(request_options.delete(:headers))
  @request_headers = DEFAULT_REQUEST_HEADERS.merge(@request_headers)
end

Instance Attribute Details

#passwordString (readonly)

Returns the password that is being checked.

Returns:

  • (String)

    the password that is being checked.

Since:

  • 1.0.0



36
37
38
# File 'lib/pwned/password.rb', line 36

def password
  @password
end

Instance Method Details

#hashed_passwordString

Returns the full SHA1 hash of the given password in uppercase.

Returns:

  • (String)

    The full SHA1 hash of the given password.

Since:

  • 1.0.0



66
67
68
# File 'lib/pwned/password.rb', line 66

def hashed_password
  @hashed_password ||= Digest::SHA1.hexdigest(password).upcase
end

#pwned?Boolean

Returns true when the password has been pwned.

Examples:

password = Pwned::Password.new("password")
password.pwned? #=> true

Returns:

  • (Boolean)

    true when the password has been pwned.

Raises:

Since:

  • 1.0.0



79
80
81
# File 'lib/pwned/password.rb', line 79

def pwned?
  pwned_count > 0
end

#pwned_countInteger

Returns the number of times the password has been pwned.

Examples:

password = Pwned::Password.new("password")
password.pwned_count #=> 3303003

Returns:

  • (Integer)

    the number of times the password has been pwned.

Raises:

Since:

  • 1.0.0



92
93
94
# File 'lib/pwned/password.rb', line 92

def pwned_count
  @pwned_count ||= fetch_pwned_count
end