code.gitea.io/gitea@v1.22.3/modules/auth/password/pwn.go

code.gitea.io/gitea@v1.22.3/modules/auth/password/pwn.go (about)

     1  // Copyright 2020 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package password
     5  
     6  import (
     7  	"context"
     8  	"errors"
     9  	"fmt"
    10  
    11  	"code.gitea.io/gitea/modules/auth/password/pwn"
    12  	"code.gitea.io/gitea/modules/setting"
    13  )
    14  
    15  var ErrIsPwned = errors.New("password has been pwned")
    16  
    17  type ErrIsPwnedRequest struct {
    18  	err error
    19  }
    20  
    21  func IsErrIsPwnedRequest(err error) bool {
    22  	_, ok := err.(ErrIsPwnedRequest)
    23  	return ok
    24  }
    25  
    26  func (err ErrIsPwnedRequest) Error() string {
    27  	return fmt.Sprintf("using Have-I-Been-Pwned service failed: %v", err.err)
    28  }
    29  
    30  func (err ErrIsPwnedRequest) Unwrap() error {
    31  	return err.err
    32  }
    33  
    34  // IsPwned checks whether a password has been pwned
    35  // If a password has not been pwned, no error is returned.
    36  func IsPwned(ctx context.Context, password string) error {
    37  	if !setting.PasswordCheckPwn {
    38  		return nil
    39  	}
    40  
    41  	client := pwn.New(pwn.WithContext(ctx))
    42  	count, err := client.CheckPassword(password, true)
    43  	if err != nil {
    44  		return ErrIsPwnedRequest{err}
    45  	}
    46  
    47  	if count > 0 {
    48  		return ErrIsPwned
    49  	}
    50  
    51  	return nil
    52  }