Class: Pwned::Password

Inherits:

Object

• Object
• Pwned::Password

Defined in:

lib/pwned/password.rb

Overview

This class represents a password. It does all the work of talking to the Pwned Passwords API to find out if the password has been pwned.

See Also:

• https://haveibeenpwned.com/API/v2#PwnedPasswords

Constant Summary

API_URL =

The base URL for the Pwned Passwords API

"https://api.pwnedpasswords.com/range/"

HASH_PREFIX_LENGTH =

The number of characters from the start of the hash of the password that are used to search for the range of passwords.

5

SHA1_LENGTH =

The total length of a SHA1 hash

40

DEFAULT_REQUEST_OPTIONS =

The default request options that are used to make HTTP requests to the API. A user agent is provided as requested in the documentation.

See Also:

• https://haveibeenpwned.com/API/v2#UserAgent

{
  "User-Agent" => "Ruby Pwned::Password #{Pwned::VERSION}"
}.freeze

Instance Attribute Summary

• #password ⇒ String readonly

  The password that is being checked.

Instance Method Summary

• #hashed_password ⇒ String

  Returns the full SHA1 hash of the given password in uppercase.

• #initialize(password, request_options = {}) ⇒ Boolean constructor

  Creates a new password object.

• #pwned? ⇒ Boolean

  true when the password has been pwned.

• #pwned_count ⇒ Integer

  The number of times the password has been pwned.

Constructor Details

#initialize(password, request_options = {}) ⇒ Boolean

Creates a new password object.

Examples:

A simple password with the default request options

password = Pwned::Password.new("password")

Setting the user agent and the read timeout of the reques

password = Pwned::Password.new("password", "User-Agent" => "My user agent", :read_timout => 10)

Parameters:

• password (String) —

  The password you want to check against the API.

• request_options (Hash) (defaults to: {}) —

  Options that can be passed to open when calling the API

Options Hash (request_options):

• 'User-Agent' (String) — default: "Ruby Pwned::Password #{Pwned::VERSION}" —

  The user agent used when making an API request.

Raises:

• (TypeError) —

  if the password is not a string.

Since:

• 1.1.0

# File 'lib/pwned/password.rb', line 54

def initialize(password, request_options={})
  raise TypeError, "password must be of type String" unless password.is_a? String
  @password = password
  @request_options = DEFAULT_REQUEST_OPTIONS.merge(request_options)
end

Instance Attribute Details

#password ⇒ String (readonly)

Returns the password that is being checked.

Returns:

• (String) —

  the password that is being checked.

Since:

• 1.0.0

# File 'lib/pwned/password.rb', line 36

def password
  @password
end

Instance Method Details

#hashed_password ⇒ String

Returns the full SHA1 hash of the given password in uppercase.

Returns:

• (String) —

  The full SHA1 hash of the given password.

Since:

• 1.0.0

# File 'lib/pwned/password.rb', line 64

def hashed_password
  @hashed_password ||= Digest::SHA1.hexdigest(password).upcase
end

#pwned? ⇒ Boolean

Returns true when the password has been pwned.

Examples:

password = Pwned::Password.new("password")
password.pwned? #=> true

Returns:

• (Boolean) —

  true when the password has been pwned.

Raises:

• (Pwned::Error) —

  if there are errors with the HTTP request.

• (Pwned::TimeoutError) —

  if the HTTP request times out.

Since:

• 1.0.0

# File 'lib/pwned/password.rb', line 77

def pwned?
  pwned_count > 0
end

#pwned_count ⇒ Integer

Returns the number of times the password has been pwned.

Examples:

password = Pwned::Password.new("password")
password.pwned_count #=> 3303003

Returns:

• (Integer) —

  the number of times the password has been pwned.

Raises:

• (Pwned::Error) —

  if there are errors with the HTTP request.

• (Pwned::TimeoutError) —

  if the HTTP request times out.

Since:

• 1.0.0

# File 'lib/pwned/password.rb', line 90

def pwned_count
  @pwned_count ||= fetch_pwned_count
end