Composer
首页 包列表 提交包 常见问题 关于

承接 oldas/pwned-passwords 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

oldas/pwned-passwords

最新稳定版本:v1.0.1

Composer 安装命令:

composer require oldas/pwned-passwords

包简介

A library to query Troy Hunt's Pwned Passwords service to see whether or not a password has been included in a public breach.

README 文档

README

PwnedPasswords is a library that allows you to query Troy Hunt's Pwned Passwords API to determine if a password has been compromised in a public data breach.

Requirements

  • PHP >= 8.2

Installation

Install PwnedPasswords easily with Composer by running the following command in your project directory:

composer require oldas/pwned-passwords

Usage

First, include the Composer autoload.php to load the library:

require_once('vendor/autoload.php');

Then, use the core service class HaveIBeenPwnedService to interact with the Pwned Passwords API:

use Oldas\PwnedPasswords\HaveIBeenPwnedService;

// Create a service instance
$haveIBeenPwnedService = new HaveIBeenPwnedService();

$plainTextPassword = 'password'; // leaked password

// Check if the password has been compromised
$result = $haveIBeenPwnedService->isPwned($plainTextPassword); 
// Returns: true (if compromised), false (if safe), or null (in case of API timeout)

// Validate the password (throws exceptions for invalid input)
$haveIBeenPwnedService->validatePassword($plainTextPassword);  // Throws InvalidPasswordInputException, otherwise returns void

Methods Explained

isPwned(string $plainTextPassword): ?bool

This method checks whether the given password has been exposed in a public data breach by querying the Pwned Passwords API.

  • Returns:
    • true: The password was found in a breach.
    • false: The password was not found in a breach.
    • null: The API call timed out or failed.

validatePassword(string $plainTextPassword): void

This method ensures the password meets the library's input criteria. If the password is invalid, it throws an exception before performing any further operations.

  • Throws: InvalidPasswordInputException

Notes

  • The library uses the k-anonymity technique to query the API securely without revealing the full password to external services.
  • Ensure proper validation and exception handling in your implementation to cover cases such as API timeout or invalid input.

License

This project is released under the MIT License.

Resources

统计信息

  • 总下载量: 1
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-01-09