Documentation ¶
Overview ¶
Package p4ssw0rd evaluates password strength utilizing the haveibeenpwned database
https://haveibeenpwned.com/API/v3#SearchingPwnedPasswordsByRange
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrMinLengthNotSatisfied indicates that a password does not meet the // minimum length requirements ErrMinLengthNotSatisfied = errors.New("minimum password length not satisfied") // ErrBreachLimitExceeded indicates that the password's breach limit has // been exceeded ErrBreachLimitExceeded = errors.New("password breach limit exceeded") // ErrMissingUserAgent is returned when a UserAgent is not specified ErrMissingUserAgent = errors.New("UserAgent was not specified") // ErrTooManyRequests occurs when have i been pwned returns a 429 this // shouldn't happen per the docs: "There are 1,048,576 different hash // prefixes between 00000 and FFFFF (16^5) and every single one will return // HTTP 200; there is no circumstance in which the API should return HTTP // 404." ErrTooManyRequests = errors.New("error: too many requests — the rate limit has been exceeded") // service is not available ErrServiceUnavailable = errors.New("error: service unavailable") )
Functions ¶
This section is empty.
Types ¶
type BreachLimitError ¶
type BreachLimitError struct { BreachCount uint32 // contains filtered or unexported fields }
func (*BreachLimitError) Error ¶
func (e *BreachLimitError) Error() string
type Config ¶
type Config struct { // minimum length of a password to be checked. // // default: 6 MinPasswordLength uint16 // The max number of times a password is found in data breaches before // becoming invalid (or returning an error with Validate) // // default: 10 BreachLimit uint32 // Maximum number of attempts to retry reaching haveibeenpwned before // returning an error. p4ssw0rd employs exponential backoff. // // default: 3 MaxPwnedRequestAttempts uint8 UserAgent string // This is not required, per the HaveIBeenPwned API documentation: // // "Authorization is required for all APIs that enable searching HIBP by // email address, namely retrieving all breaches for an account and // retrieving all pastes for an account." // // Leaving it as a config option for those with keys that would like to // future-proof in the event their policy changes. // // // https://haveibeenpwned.com/API/v3#Authorisation APIKey string // see https://haveibeenpwned.com/API/v3#PwnedPasswordsPadding AddPadding bool }
Config parameters when creating a new P4ssw0rd instance
type Evaluation ¶
type Evaluation struct { BreachCount uint32 `json:"breachCount"` Notes string `json:"notes"` Allowed bool `json:"allowed"` }
Evaluation is a non-error summary of whether a password would be valid.
type Evaluator ¶ added in v0.1.7
type Evaluator interface {
Evaluate(ctx context.Context, password string) (Evaluation, error)
}
Evaluator defines the single func Evaluate which returns an Evaluation or an error if the minimum length requirements are not satisfied.
type EvaluatorValidator ¶ added in v0.1.9
EvaluatorValidator is an interface comprised of both Validator and Evaluator
type MinLengthError ¶
type MinLengthError struct { MinRequired uint16 Length uint16 // contains filtered or unexported fields }
func (*MinLengthError) Error ¶
func (e *MinLengthError) Error() string
type P4ssw0rd ¶
type P4ssw0rd struct { Config // contains filtered or unexported fields }
Click to show internal directories.
Click to hide internal directories.