{ "info": { "author": "Jamie Counsell", "author_email": "jamiecounsell@me.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Framework :: Django", "Framework :: Django :: 1.10", "Framework :: Django :: 1.11", "Framework :: Django :: 1.9", "Framework :: Django :: 2.0", "Framework :: Django :: 2.1", "Intended Audience :: Developers", "License :: OSI Approved :: BSD License", "Natural Language :: English", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7" ], "description": "======================\nDjango PWNED Passwords\n======================\n\n.. image:: https://badge.fury.io/py/django-pwned-passwords.svg\n :target: https://badge.fury.io/py/django-pwned-passwords\n\n.. image:: https://travis-ci.org/jamiecounsell/django-pwned-passwords.svg?branch=master\n :target: https://travis-ci.org/jamiecounsell/django-pwned-passwords\n\n.. image:: https://codecov.io/gh/jamiecounsell/django-pwned-passwords/branch/master/graph/badge.svg\n :target: https://codecov.io/gh/jamiecounsell/django-pwned-passwords\n\ndjango-pwned-passwords is a Django password validator that checks Troy Hunt's PWNED Passwords API to see if a password has been involved in a major security breach before.\n\n**Note: This app currently sends a portion of a user's hashed password to a third party. Before using this application, you should understand how that impacts you.**\n\nDocumentation\n-------------\n\nThe full documentation is at https://django-pwned-passwords.readthedocs.io.\n\nRequirements\n------------\n\n* Django [1.9, 2.1]\n* Python 2.7, [3.5, 3.6, 3.7]\n\nQuickstart\n----------\n\nInstall django-pwned-passwords::\n\n pip install django-pwned-passwords\n\nAdd it to your `INSTALLED_APPS`:\n\n.. code-block:: python\n\n INSTALLED_APPS = (\n ...\n 'django_pwned_passwords',\n ...\n )\n\nAdd django-pwned-passwords's PWNEDPasswordValidator:\n\n.. code-block:: python\n\n AUTH_PASSWORD_VALIDATORS = [\n ...\n {\n 'NAME': 'django_pwned_passwords.password_validation.PWNEDPasswordValidator'\n }\n ]\n\n\nFeatures\n--------\n\nThis password validator returns a ValidationError if the PWNED Passwords API\ndetects the password in its data set. Note that the API is heavily rate-limited,\nso there is a timeout (:code:`PWNED_VALIDATOR_TIMEOUT`).\n\nIf :code:`PWNED_VALIDATOR_FAIL_SAFE` is True, anything besides an API-identified bad password\nwill pass, including a timeout. If :code:`PWNED_VALIDATOR_FAIL_SAFE` is False, anything\nbesides a good password will fail and raise a ValidationError.\n\n\nSettings\n--------\n\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| Setting | Description | Default |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_TIMEOUT` | The timeout in seconds. The validator will not wait longer than this for a response from the API. | :code:`2` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_FAIL_SAFE` | If the API fails to get a valid response, should we fail safe and allow the password through? | :code:`True` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_URL` | The URL for the API in a string format. | :code:`https://haveibeenpwned.com/api/v2/pwnedpassword/{short_hash}` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_ERROR` | The error message for an invalid password. | :code:`\"Your password was determined to have been involved in a major security breach.\"` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_ERROR_FAIL` | The error message when the API fails. Note: this will only display if :code:`PWNED_VALIDATOR_FAIL_SAFE` is `False`. | :code:`\"We could not validate the safety of this password. This does not mean the password is invalid. Please try again later.\"` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_HELP_TEXT` | The help text for this password validator. | :code:`\"Your password must not have been detected in a major security breach.\"` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n| :code:`PWNED_VALIDATOR_MINIMUM_BREACHES` | The minimum number of breaches needed to raise an error | :code:`1` |\n+-------------------------------------------+---------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+\n\n\nRate Limiting\n-------------\n\nHistorically, requests to the API were rate limited. However, with the new k-anonymity model-based API, there are no such rate limits.\n\nRunning Tests\n-------------\n\n::\n\n source /bin/activate\n (myenv) $ pip install tox\n (myenv) $ tox\n\nCredits\n-------\n\nTools used in rendering this package:\n\n* Cookiecutter_\n* `cookiecutter-djangopackage`_\n\n.. _Cookiecutter: https://github.com/audreyr/cookiecutter\n.. _`cookiecutter-djangopackage`: https://github.com/pydanny/cookiecutter-djangopackage\n\n\n\n\nHistory\n-------\n\nSee Github Releases\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/jamiecounsell/django-pwned-passwords", "keywords": "django-pwned-passwords", "license": "MIT", "maintainer": "", "maintainer_email": "", "name": "django-pwned-passwords", "package_url": "https://pypi.org/project/django-pwned-passwords/", "platform": "", "project_url": "https://pypi.org/project/django-pwned-passwords/", "project_urls": { "Homepage": "https://github.com/jamiecounsell/django-pwned-passwords" }, "release_url": "https://pypi.org/project/django-pwned-passwords/4.1.0/", "requires_dist": null, "requires_python": "", "summary": "A Django password validator that checks Troy Hunt's PWNED Passwords API to see if a password has been involved in a major security breach before.", "version": "4.1.0" }, "last_serial": 5647815, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "d747bde6ce7ca689f5a49ee999424969", "sha256": "f348906bfafb427d43e0f7ea13c95e4f8e479cd4073701cbaa80a63d401d9d62" }, "downloads": -1, "filename": "django-pwned-passwords-0.0.1.tar.gz", "has_sig": false, "md5_digest": "d747bde6ce7ca689f5a49ee999424969", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6144, "upload_time": "2017-08-05T02:53:17", "url": "https://files.pythonhosted.org/packages/21/ba/c7a8e6874c6c09d3c71db5f5ffec70c93faaf503389ea3d2e73a7a2f0153/django-pwned-passwords-0.0.1.tar.gz" } ], "0.1.0": [ { "comment_text": "", "digests": { "md5": "92757e9e81bb96c3a0013bea84e1c719", "sha256": "b58b886ae72ad76b2280d769a4c8ee57da79c4b122472858bfc4252e47238dc7" }, "downloads": -1, "filename": "django_pwned_passwords-0.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "92757e9e81bb96c3a0013bea84e1c719", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 7606, "upload_time": "2017-08-05T21:06:39", "url": "https://files.pythonhosted.org/packages/fb/6e/1e16a800b742e53ef366876c4d93d3abbfc4ebdf644cf172ee3c58758a90/django_pwned_passwords-0.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "a6b9ee575d00f4963521f7a4801a4d50", "sha256": "2969a4ee57870d08354467656b40d7f7e92bededf3f6d320bd2bd0373b6fdcca" }, "downloads": -1, "filename": "django-pwned-passwords-0.1.0.tar.gz", "has_sig": false, "md5_digest": "a6b9ee575d00f4963521f7a4801a4d50", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6978, "upload_time": "2017-08-05T21:06:37", "url": "https://files.pythonhosted.org/packages/4e/7a/272ae33f8fa3feb85476a4d952d6da4a0ac695f1e25fcd18db6a773fa09c/django-pwned-passwords-0.1.0.tar.gz" } ], "2.0.0": [ { "comment_text": "", "digests": { "md5": "348ea8739a354601a2140b1851374f30", "sha256": "85a5e5daa310d42d5cedec652146b5696c71f0a2395aea648f78948d6ec02b3e" }, "downloads": -1, "filename": "django_pwned_passwords-2.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "348ea8739a354601a2140b1851374f30", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 7909, "upload_time": "2018-03-07T01:27:49", "url": "https://files.pythonhosted.org/packages/eb/4f/1a5ec4b0560eb0285a12c850828d15ab68e2db053d7c4dffbddba51a0f96/django_pwned_passwords-2.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "5ba89a5e5fa02904e8ef1e3c74007e4f", "sha256": "39351a8ce66c675dfd5899b69d5329f2b169bb6218a24230e351e5327dce36b8" }, "downloads": -1, "filename": "django-pwned-passwords-2.0.0.tar.gz", "has_sig": false, "md5_digest": "5ba89a5e5fa02904e8ef1e3c74007e4f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7192, "upload_time": "2018-03-07T01:27:46", "url": "https://files.pythonhosted.org/packages/4b/d1/7a77a84d0ad640dcce1db318bf2f78016fc8e7eb6b158b9a2c9deaf86f55/django-pwned-passwords-2.0.0.tar.gz" } ], "2.0.1": [ { "comment_text": "", "digests": { "md5": "b01410e45c180a4baf9050159efde524", "sha256": "12754008edcad006ca936fcacada68e7634955e8156f4c884c8fb39289b8c2ff" }, "downloads": -1, "filename": "django_pwned_passwords-2.0.1-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "b01410e45c180a4baf9050159efde524", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 7728, "upload_time": "2018-11-05T23:42:48", "url": "https://files.pythonhosted.org/packages/fc/20/b4565f308a34fdd1ec44c7362aeb016ee983dc4874ec3d7a8dd31dcc0f2d/django_pwned_passwords-2.0.1-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "74a418d5706179457eb7ce5ca2b368f6", "sha256": "d93975401d63d98eb7caa85da3930c929d1f193d2c362d657ada91899625edf3" }, "downloads": -1, "filename": "django-pwned-passwords-2.0.1.tar.gz", "has_sig": false, "md5_digest": "74a418d5706179457eb7ce5ca2b368f6", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7065, "upload_time": "2018-11-05T23:42:45", "url": "https://files.pythonhosted.org/packages/1e/37/d3c9e411e5ad490d1b8825f7cc2f16367cc456cc5132d3af510c1e9405f7/django-pwned-passwords-2.0.1.tar.gz" } ], "2.1.0": [ { "comment_text": "", "digests": { "md5": "ea95706b013ecd5061dd83c157d264e0", "sha256": "a23026d69bd56e599b5197793ba0f44f22d5bd49e7b4bf794988f1869c76750d" }, "downloads": -1, "filename": "django_pwned_passwords-2.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "ea95706b013ecd5061dd83c157d264e0", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 7733, "upload_time": "2019-02-04T00:41:18", "url": "https://files.pythonhosted.org/packages/a3/24/47eca78da84eacc54bbf3478b713d1dda1ddfa00c9bd05136f660eeffe82/django_pwned_passwords-2.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "43e3bb1fdbda4ab88d302536402d11a8", "sha256": "df43e1ccba25414e5c69821d620d3450f74d423ab2349d34b9d6b3a1e21f1180" }, "downloads": -1, "filename": "django-pwned-passwords-2.1.0.tar.gz", "has_sig": false, "md5_digest": "43e3bb1fdbda4ab88d302536402d11a8", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7083, "upload_time": "2019-02-04T00:41:16", "url": "https://files.pythonhosted.org/packages/15/11/9ffc1ca29d23980968b5f2fbaeabc5c81c3229d3462b2f56d8b3f71ad193/django-pwned-passwords-2.1.0.tar.gz" } ], "3.0.0": [ { "comment_text": "", "digests": { "md5": "6fcdc75701e8b14b51146ed62e30c8ae", "sha256": "5b8d8033fbd767152cc02944973ba923de0199ca4ad4bea5ee40b43869f1ee1f" }, "downloads": -1, "filename": "django_pwned_passwords-3.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "6fcdc75701e8b14b51146ed62e30c8ae", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 8007, "upload_time": "2019-02-18T17:33:50", "url": "https://files.pythonhosted.org/packages/dd/66/7653c185fe8cd0f8848be9d3b08c13d49256e6ab6b260c0683ace8c98816/django_pwned_passwords-3.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "1ea8f396c7de8f2fdc7f5f6a6ce65263", "sha256": "dd64bc13c1b025f7699898e5de70fc18e15b330513bfba1938b9f74cc15220b0" }, "downloads": -1, "filename": "django-pwned-passwords-3.0.0.tar.gz", "has_sig": false, "md5_digest": "1ea8f396c7de8f2fdc7f5f6a6ce65263", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7278, "upload_time": "2019-02-18T17:33:48", "url": "https://files.pythonhosted.org/packages/f4/75/3033140602d9c6261789ddcdc07b510a8fc72b2e2527678f4a5f23db99c1/django-pwned-passwords-3.0.0.tar.gz" } ], "4.0.0": [ { "comment_text": "", "digests": { "md5": "3bbfabaf0a13449dad5b54c8c2cd4945", "sha256": "0aea6764e2001d1ec9449d24fbf2305f15965aba9651fdfafa9f1c3c19af02b3" }, "downloads": -1, "filename": "django_pwned_passwords-4.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "3bbfabaf0a13449dad5b54c8c2cd4945", "packagetype": "bdist_wheel", "python_version": "3.6", "requires_python": null, "size": 7581, "upload_time": "2019-08-08T01:53:21", "url": "https://files.pythonhosted.org/packages/c6/ad/eb2131d5ae49fb01eb5c749945c1390975a420dcdc09b84243d7cc307fcf/django_pwned_passwords-4.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "06625bf8a62e4b876f3c02a2b9cf58f1", "sha256": "92a1e73c18c15313c6c387b9b396d5a37f75935edc96d546317b9342b1a6d6d1" }, "downloads": -1, "filename": "django-pwned-passwords-4.0.0.tar.gz", "has_sig": false, "md5_digest": "06625bf8a62e4b876f3c02a2b9cf58f1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7023, "upload_time": "2019-08-08T01:53:17", "url": "https://files.pythonhosted.org/packages/72/fc/5396afaa2ec446049569edd30e975746426a939bb16ef0f70090098bbe03/django-pwned-passwords-4.0.0.tar.gz" } ], "4.1.0": [ { "comment_text": "", "digests": { "md5": "e884da7874ac4e00c3af98188be2db9d", "sha256": "62f198ced2570ea4a21bb595ac6e46b8192b97a2064fbed95c9d550adf16dbaa" }, "downloads": -1, "filename": "django_pwned_passwords-4.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "e884da7874ac4e00c3af98188be2db9d", "packagetype": "bdist_wheel", "python_version": "3.6", "requires_python": null, "size": 7587, "upload_time": "2019-08-08T02:31:24", "url": "https://files.pythonhosted.org/packages/0a/c9/65cb61f64d822a638b0831bef4c20f411f3dce4864034e6dbddcce6c5731/django_pwned_passwords-4.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "3ae30c57a13bdb62c04b91e16069da41", "sha256": "a75aa7b584dcfd7874c49deb2fd303cc2356f7bf39cf63cbb22b575b242c7a34" }, "downloads": -1, "filename": "django-pwned-passwords-4.1.0.tar.gz", "has_sig": false, "md5_digest": "3ae30c57a13bdb62c04b91e16069da41", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7026, "upload_time": "2019-08-08T02:31:21", "url": "https://files.pythonhosted.org/packages/f9/52/035938b4c793aded4dfcee816fb35b8d332d7efb5a593b5d98493a5ba5dd/django-pwned-passwords-4.1.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "e884da7874ac4e00c3af98188be2db9d", "sha256": "62f198ced2570ea4a21bb595ac6e46b8192b97a2064fbed95c9d550adf16dbaa" }, "downloads": -1, "filename": "django_pwned_passwords-4.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "e884da7874ac4e00c3af98188be2db9d", "packagetype": "bdist_wheel", "python_version": "3.6", "requires_python": null, "size": 7587, "upload_time": "2019-08-08T02:31:24", "url": "https://files.pythonhosted.org/packages/0a/c9/65cb61f64d822a638b0831bef4c20f411f3dce4864034e6dbddcce6c5731/django_pwned_passwords-4.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "3ae30c57a13bdb62c04b91e16069da41", "sha256": "a75aa7b584dcfd7874c49deb2fd303cc2356f7bf39cf63cbb22b575b242c7a34" }, "downloads": -1, "filename": "django-pwned-passwords-4.1.0.tar.gz", "has_sig": false, "md5_digest": "3ae30c57a13bdb62c04b91e16069da41", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7026, "upload_time": "2019-08-08T02:31:21", "url": "https://files.pythonhosted.org/packages/f9/52/035938b4c793aded4dfcee816fb35b8d332d7efb5a593b5d98493a5ba5dd/django-pwned-passwords-4.1.0.tar.gz" } ] }