From 85a66c663c88225bcd967bf1c5ae45fbec96245c Mon Sep 17 00:00:00 2001
From: Pascal Vizeli <pvizeli@syshack.ch>
Date: Thu, 11 Mar 2021 14:23:08 +0100
Subject: [PATCH] Cache hits on pwned (#2712)

* Cache hits on pwned

* address comments
---
 supervisor/utils/pwned.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/supervisor/utils/pwned.py b/supervisor/utils/pwned.py
index 29c00e0b8..a605980f8 100644
--- a/supervisor/utils/pwned.py
+++ b/supervisor/utils/pwned.py
@@ -10,13 +10,21 @@ from ..exceptions import PwnedConnectivityError, PwnedError
 _LOGGER: logging.Logger = logging.getLogger(__name__)
 _API_CALL = "https://api.pwnedpasswords.com/range/{hash}"
 
+_CACHE = set()
+
 
 async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str) -> bool:
     """Check if password is pwned."""
     sha1_pw = sha1_pw.upper()
+
+    # Chech hit cache
+    sha1_short = sha1_pw[:5]
+    if sha1_short in _CACHE:
+        return True
+
     try:
         async with websession.get(
-            _API_CALL.format(hash=sha1_pw[:5]), timeout=aiohttp.ClientTimeout(total=10)
+            _API_CALL.format(hash=sha1_short), timeout=aiohttp.ClientTimeout(total=10)
         ) as request:
             if request.status != 200:
                 raise PwnedError()
@@ -26,6 +34,7 @@ async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str)
         for line in buffer:
             if not sha1_pw.endswith(line.split(":")[0]):
                 continue
+            _CACHE.add(sha1_short)
             return True
 
     except (aiohttp.ClientError, asyncio.TimeoutError) as err: