Swiftpack.co - ezfe/pwnedpasswords as Swift Package

Swiftpack.co is a collection of thousands of indexed Swift packages. Search packages.
See all packages published by ezfe.
ezfe/pwnedpasswords v2.0.3
Package for testing a password against Pwned Passwords V2 API in Vapor
⭐️ 1
🕓 3 weeks ago
.package(url: "https://github.com/ezfe/pwnedpasswords.git", from: "v2.0.3")

Vapor PwnedPasswords Provider

Swift Vapor

This packages provides an easy way to test a password against https://haveibeenpwned.com/API/v2#PwnedPasswords in your Vapor app.

This package is a fork of joscdk/pwnedpasswords-provider

Getting started

Vapor 3

In your Package.swift add:

.package(url: "https://github.com/ezfe/pwnedpasswords-provider.git", .from: "1.0.0")

Then to test a password, run e.g.:

import PwnedPasswords

router.get("password") { req -> String in        
	try PwnedPasswords().test(password: "password", with: req.client()).map { breached in
		if breached {
			print("Password breached")
		} else {
			print("Password is not breached")

You need to parse the password in as plaintext.

Security note

No passwords will ever leave the server in plaintext.

Pwned Passwords V2 uses https://en.wikipedia.org/wiki/K-anonymity to protect passwords. You can read more about it here: https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/



  • ☐ Better documentation, and security information


Stars: 1
Last commit: 3 weeks ago
jonrohan Something's broken? Yell at me @ptrpavlik. Praise and feedback (and money) is also welcome.


Release Notes

2 years ago

Swiftpack is being maintained by Petr Pavlik | @ptrpavlik | @swiftpackco | API | Analytics