Express.js security middleware for checking user password safety with Have I Been Pwned (HIBP) API.
npm i express-pwnd-pw
Or find help from:
"use strict";
var express = require('express');
var app = express();
var pwndPw = require('express-pwnd-pw');
app.use(pwndPw()); // use default settings
app.post('/foo', function (req, res) {
if (Object.keys(req.pwndPw) > 0) {
// It's a popular password! (rock)
}
res.send('Hello World!');
});
app.get('/bar', function (req, res) {
// ...
let vuln = pwndPw.password('12345');
if (Object.keys(vuln) > 0) {
// It's a popular password! (rock)
}
})
app.listen(3000);
"use strict";
var express = require('express');
var app = express();
var pwndPw = require('express-pwnd-pw');
app.use(pwndPw()); // use default settings
app.post('/foo', function (req, res) {
if (Object.keys(req.pwndPw) > 0) {
// It's a popular password! (rock)
// { '8cb2237d0679ca88db6464eac60da96345513964': 2333232 }
}
res.send('Hello World!');
});
app.listen(3000);
var pwndPw = require('express-pwnd-pw');
let vuln = pwndPw.password(['12345', '67890']);
if (Object.keys(vuln) > 0) {
// It's a popular password! (rock)
// {
// '8cb2237d0679ca88db6464eac60da96345513964': 2333232,
// '230991abcd77e8173edb0af392e1f11120051e29': 6638
// }
}
PRs welcome!
If you use/like this module, please don't hesitate to give me a Star. I'll be happy whole day!
Hope this module can save your time, a tree, and a kitten.