2018-02-28 21:15:10 +01:00
|
|
|
import { AuditService as AuditServiceAbstraction } from '../abstractions/audit.service';
|
2018-02-28 16:52:35 +01:00
|
|
|
import { CryptoService } from '../abstractions/crypto.service';
|
|
|
|
|
|
|
|
const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
|
|
|
|
|
2018-02-28 21:15:10 +01:00
|
|
|
export class AuditService implements AuditServiceAbstraction {
|
2018-02-28 16:52:35 +01:00
|
|
|
constructor(private cryptoService: CryptoService) {
|
|
|
|
}
|
|
|
|
|
|
|
|
async passwordLeaked(password: string): Promise<number> {
|
|
|
|
const hash = (await this.cryptoService.sha1(password)).toUpperCase();
|
2018-02-28 16:58:34 +01:00
|
|
|
const hashStart = hash.substr(0, 5);
|
|
|
|
const hashEnding = hash.substr(5);
|
2018-02-28 16:52:35 +01:00
|
|
|
|
2018-02-28 16:58:34 +01:00
|
|
|
const response = await fetch(PwnedPasswordsApi + hashStart);
|
2018-02-28 16:52:35 +01:00
|
|
|
const leakedHashes = await response.text();
|
|
|
|
|
2018-02-28 16:58:34 +01:00
|
|
|
const match = leakedHashes.split(/\r?\n/).find((v) => {
|
|
|
|
return v.split(':')[0] === hashEnding;
|
|
|
|
});
|
2018-02-28 16:52:35 +01:00
|
|
|
|
2018-02-28 16:58:34 +01:00
|
|
|
return match != null ? parseInt(match.split(':')[1], 10) : 0;
|
2018-02-28 16:52:35 +01:00
|
|
|
}
|
|
|
|
}
|