Metadata-Version: 2.0
Name: django-pwned-validator
Version: 0.0.2
Summary: A Pwned Passwords validator for Django
Home-page: https://github.com/craigloftus/django-pwned-validator
Author: Craig Loftus
Author-email: craigloftus@gmail.com
License: MIT License
Description-Content-Type: UNKNOWN
Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Framework :: Django
Classifier: Framework :: Django :: 1.11
Classifier: Framework :: Django :: 2.0
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3 :: Only
Requires-Python: >=3.5
Requires-Dist: requests
Provides-Extra: test
Requires-Dist: django (<2.1); extra == 'test'
Requires-Dist: pytest; extra == 'test'
Requires-Dist: pytest-cov; extra == 'test'
Requires-Dist: pytest-django; extra == 'test'
Requires-Dist: pytest-vcr; extra == 'test'

Django Pwned Passwords Validator
================================

This package provides a password validator for Django that checks submitted
passwords against the `Pwned Passwords API <https://haveibeenpwned.com/API/v2>`_.

To protect the security of the password being checked a range search is used. Specifically,
only the first 5 characters of a SHA-1 password hash are sent to the API. The
validator then locally looks for the full hash in the range returned.

Installation
~~~~~~~~~~~~

.. code-block:: sh

    pip install django-pwned-validator

Modify your `settings.py` to install the app and enable the validator:

.. code-block:: python

    INSTALLED_APPS = [
        'pwned',
        ...
    ]

    AUTH_PASSWORD_VALIDATORS = [
        {
            'NAME': 'pwned.validators.PwnedValidator',
        },
        ...
    ]


Compatibility
~~~~~~~~~~~~
Supports Django 1.11.x and 2.0 on Python 3.5 and 3.6.


