UNPKG

@zxcvbn-ts/matcher-pwned

Version:

HaveIBeenPwned Matcher for zxcvbn-ts

github.com/zxcvbn-ts/zxcvbn

zxcvbn-ts/zxcvbn

74 lines (71 loc) 2.34 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
'use strict'; const isNodeJs = typeof process !== 'undefined' && process.release && process.release.name === 'node'; const textEncode = text => { if (isNodeJs) { const utf8 = decodeURI(encodeURIComponent(text)); const result = new Uint8Array(utf8.length); for (let i = 0; i < utf8.length; i += 1) { result[i] = utf8.charCodeAt(i); } return result; } try { // eslint-disable-next-line compat/compat return new TextEncoder().encode(text); } catch (error) { throw new Error(`No encoder found, ${error}`); } }; const digestMessage = async message => { const data = textEncode(message); let hash = ''; if (isNodeJs) { // eslint-disable-next-line global-require const crypto = require('crypto'); hash = crypto.createHash('sha1').update(message).digest('hex').toUpperCase(); } else if (crypto) { const hashBuffer = await crypto.subtle.digest('SHA-1', data); const hashArray = Array.from(new Uint8Array(hashBuffer)); hash = hashArray.map(b => b.toString(16).padStart(2, '0')).join('').toUpperCase(); } return hash; }; const pwnedUrl = 'https://api.pwnedpasswords.com/range/'; const defaultNetworkErrorHandler = _error => { return false; }; var haveIBeenPwned = (async (password, { universalFetch, url = pwnedUrl, networkErrorHandler = defaultNetworkErrorHandler }) => { // we don't need to check passwords with a length smaller 2 which can happen for repeat matcher or if we don't have a fetch function if (!universalFetch || password.length < 2) { return null; } const passwordHash = (await digestMessage(password)).toUpperCase(); const range = passwordHash.slice(0, 5); const suffix = passwordHash.slice(5); const response = await universalFetch(`${url}${range}`, { method: 'GET', headers: { 'Add-Padding': 'true' } }).catch(error => { return networkErrorHandler(error); }); if (typeof response === 'boolean') { return false; } if (response.status >= 400) { return networkErrorHandler(response); } const result = await response.text(); const resultArray = result.split('\r\n'); return resultArray.find(entry => { const passwordHasPart = entry.split(':')[0]; return passwordHasPart === suffix; }); }); module.exports = haveIBeenPwned; //# sourceMappingURL=haveIBeenPwned.js.map