nickurt / laravel-pwned-passwords
PwnedPasswords for Laravel 10.x/11.x
Installs: 5 284
Dependents: 0
Suggesters: 0
Security: 0
Stars: 18
Watchers: 3
Forks: 2
Open Issues: 0
Requires
- php: ^8.2
- guzzlehttp/guzzle: ^7.8.1
- laravel/framework: ^10.0|^11.0
Requires (Dev)
- orchestra/testbench: ^8.0|^9.0
- phpunit/phpunit: ^10.5.12
README
Installation
Install this package with composer:
composer require nickurt/laravel-pwned-passwords
Copy the config files for the PwnedPasswords-plugin
php artisan vendor:publish --provider="nickurt\PwnedPasswords\ServiceProvider" --tag="config"
Examples
Validation Rule - IsPwnedPassword
// FormRequest ... public function rules() { return [ 'password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)] ]; } // Manually ... $validator = validator()->make(request()->all(), ['password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)]]);
The IsPwnedPassword-rule has one optional paramter frequency (default 10) to validate the request.
Manually Usage - IsPwnedPassword
$isPwnedPassword = \PwnedPasswords::setFrequency(20) ->setPassword('laravel-pwned-passwords') ->isPwnedPassword();
Events
You can listen to the IsPwnedPassword event, e.g. if you want to log the IsPwnedPassword-requests in your application
IsPwnedPassword Event
This event will be fired when the password is above the frequency of pwned passwords
nickurt\PwnedPasswords\Events\IsPwnedPassword
Tests
composer test