jeans/supervisor
jeans/supervisor
1
0
Fork 0
mirror of https://github.com/home-assistant/supervisor.git synced 2025-07-25 18:16:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cache hits on pwned (#2712)

Browse Source 
* Cache hits on pwned

* address comments
This commit is contained in:
Pascal Vizeli 2021-03-11 14:23:08 +01:00 committed by GitHub
parent e478e68b70
commit 85a66c663c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
supervisor/utils/pwned.py
View File

@ -10,13 +10,21 @@ from ..exceptions import PwnedConnectivityError, PwnedError
_LOGGER: logging.Logger = logging.getLogger(__name__)
_API_CALL = "https://api.pwnedpasswords.com/range/{hash}"
_CACHE = set()
async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str) -> bool:
"""Check if password is pwned."""
sha1_pw = sha1_pw.upper()
# Chech hit cache
sha1_short = sha1_pw[:5]
if sha1_short in _CACHE:
return True
try:
async with websession.get(
_API_CALL.format(hash=sha1_pw[:5]), timeout=aiohttp.ClientTimeout(total=10)
_API_CALL.format(hash=sha1_short), timeout=aiohttp.ClientTimeout(total=10)
) as request:
if request.status != 200:
raise PwnedError()
@ -26,6 +34,7 @@ async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str)
for line in buffer:
if not sha1_pw.endswith(line.split(":")[0]):
continue
_CACHE.add(sha1_short)
return True
except (aiohttp.ClientError, asyncio.TimeoutError) as err: