mirror of
https://github.com/home-assistant/supervisor.git
synced 2025-07-16 21:56:29 +00:00
Fix k-anonymity handling (#2627)
This commit is contained in:
parent
752068bb56
commit
a4c4b39ba8
@ -13,6 +13,7 @@ _API_CALL = "https://api.pwnedpasswords.com/range/{hash}"
|
||||
|
||||
async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str) -> bool:
|
||||
"""Check if password is pwned."""
|
||||
sha1_pw = sha1_pw.upper()
|
||||
try:
|
||||
async with websession.get(
|
||||
_API_CALL.format(hash=sha1_pw[:5]), timeout=aiohttp.ClientTimeout(total=10)
|
||||
@ -23,7 +24,7 @@ async def check_pwned_password(websession: aiohttp.ClientSession, sha1_pw: str)
|
||||
|
||||
buffer = io.StringIO(data)
|
||||
for line in buffer:
|
||||
if sha1_pw != line.split(":")[0]:
|
||||
if not sha1_pw.endswith(line.split(":")[0]):
|
||||
continue
|
||||
return True
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user