library laravel-pwned-passwords

nickurt/laravel-pwned-passwords

PwnedPasswords for Laravel 5

Laravel Pwned Passwords

, _(*1)

Installation

Install this package with composer:, _(*2)

composer require nickurt/laravel-pwned-passwords

Copy the config files for the PwnedPasswords-plugin, _(*3)

php artisan vendor:publish --provider="nickurt\PwnedPasswords\ServiceProvider" --tag="config"

Examples

Validation Rule - IsPwnedPassword

// FormRequest ...

public function rules()
{
    return [
        'password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)]
    ];
}

// Manually ...

$validator = validator()->make(request()->all(), ['password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)]]);

The IsPwnedPassword-rule has one optional paramter frequency (default 10) to validate the request., _(*4)

Manually Usage - IsPwnedPassword

$isPwnedPassword = \PwnedPasswords::setFrequency(20)
    ->setPassword('laravel-pwned-passwords')
    ->isPwnedPassword();

Events

You can listen to the IsPwnedPassword event, e.g. if you want to log the IsPwnedPassword-requests in your application, _(*5)

IsPwnedPassword Event

This event will be fired when the password is above the frequency of pwned passwords nickurt\PwnedPasswords\Events\IsPwnedPassword, _(*6)

Tests

composer test