jeans/supervisor
jeans/supervisor
1
0
Fork 0
mirror of https://github.com/home-assistant/supervisor.git synced 2025-07-26 18:46:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix k-anonymity handling (#2627)

Browse Source
This commit is contained in:
Pascal Vizeli 2021-02-25 18:16:20 +01:00 committed by GitHub
parent 752068bb56
commit a4c4b39ba8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
supervisor/utils/pwned.py
View File

@ -13,6 +13,7 @@ _API_CALL = "https://api.pwnedpasswords.com/range/{hash}"
async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str) -> bool:
"""Check if password is pwned."""
sha1_pw = sha1_pw.upper()
try:
async with websession.get(
_API_CALL.format(hash=sha1_pw[:5]), timeout=aiohttp.ClientTimeout(total=10)
@ -23,7 +24,7 @@ async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str)
buffer = io.StringIO(data)
for line in buffer:
if sha1_pw != line.split(":")[0]:
if not sha1_pw.endswith(line.split(":")[0]):
continue
return True