-
Notifications
You must be signed in to change notification settings - Fork 7
/
index.js
45 lines (40 loc) · 1.21 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
'use strict';
const sha1 = require('js-sha1');
const fetch = require('node-fetch');
/**
* Search for a hash in a list of hashes separately
* @param {string} body - A list of partially matches hashed
* @param {string} hash - A hash to be matched
* @returns {Object} returns { boolean, count }
*/
const search = (body, hash) => {
const result = {pwned: false, count: 0};
// Every password hash is followed by a colon (:) and the password count
const pattern = new RegExp(hash + ':(\\d+)');
const match = body.match(pattern);
if (match) {
result.pwned = true;
result.count = match[1];
}
return result;
};
/**
* Check if a password has appeared in any data breach
* using hibp (https://haveibeenpwned.com/Passwords) API
* @param {string} pass - The password to check
* @returns {Promise<Object>} returns a promise with the result
*/
const checkPassword = pass => {
const hash = sha1(pass).toUpperCase();
const hashPrefix = hash.substring(0, 5);
const hashSuffix = hash.substring(5);
return fetch('https://api.pwnedpasswords.com/range/' + hashPrefix)
.then(res => res.text())
.then(body => search(body, hashSuffix))
.catch(error => {
console.log(error);
});
};
module.exports = {
check: checkPassword
};