laravel-pwned-passwords
laravel-pwned-passwords copied to clipboard
Published
20 hours ago •
nickurt
nickurt
PwnedPasswords-plugin for Laravel 10.x/11.x
Laravel Pwned Passwords
Installation
Install this package with composer:
composer require nickurt/laravel-pwned-passwords
Copy the config files for the PwnedPasswords-plugin
php artisan vendor:publish --provider="nickurt\PwnedPasswords\ServiceProvider" --tag="config"
Examples
Validation Rule - IsPwnedPassword
// FormRequest ...
public function rules()
{
return [
'password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)]
];
}
// Manually ...
$validator = validator()->make(request()->all(), ['password' => ['required', new \nickurt\PwnedPasswords\Rules\IsPwnedPassword(20)]]);
The IsPwnedPassword-rule has one optional paramter frequency (default 10) to validate the request.
Manually Usage - IsPwnedPassword
$isPwnedPassword = \PwnedPasswords::setFrequency(20)
->setPassword('laravel-pwned-passwords')
->isPwnedPassword();
Events
You can listen to the IsPwnedPassword event, e.g. if you want to log the IsPwnedPassword-requests in your application
IsPwnedPassword Event
This event will be fired when the password is above the frequency of pwned passwords
nickurt\PwnedPasswords\Events\IsPwnedPassword
Tests
composer test
nickurt