born2discover · May 11, 2021 22:53
diff --git a/pwned.py b/pwned.py
 def pwned(password):
    """
    Check password against pwnedpasswords API using k-Anonymity.
    https://haveibeenpwned.com/API/v3
    :return: Count of password in DB (0 means hasn't been compromised)
    Can raise HTTPError
    .. versionadded:: 3.4.0
    """

    def convert_password_tuple(value):
        hash_suffix, count = value.split(":")
        return hash_suffix, int(count)

    sha1 = hashlib.sha1(password.encode("utf8")).hexdigest()

    req = urllib.request.Request(
        url=f"https://api.pwnedpasswords.com/range/{sha1[:5].upper()}",
        headers={"User-Agent": "Flask-Security (Python)"},
    )
    # Might raise HTTPError
    with urllib.request.urlopen(req) as f:
        response = f.read()

    raw = response.decode("utf-8-sig")

    entries = dict(map(convert_password_tuple, raw.upper().split("\r\n")))
    return entries.get(sha1[5:].upper(), 0)
	def pwned(password):
	"""
	Check password against pwnedpasswords API using k-Anonymity.
	https://haveibeenpwned.com/API/v3
	:return: Count of password in DB (0 means hasn't been compromised)
	Can raise HTTPError
	.. versionadded:: 3.4.0
	"""

	def convert_password_tuple(value):
	hash_suffix, count = value.split(":")
	return hash_suffix, int(count)

	sha1 = hashlib.sha1(password.encode("utf8")).hexdigest()

	req = urllib.request.Request(
	url=f"https://api.pwnedpasswords.com/range/{sha1[:5].upper()}",
	headers={"User-Agent": "Flask-Security (Python)"},
	)
	# Might raise HTTPError
	with urllib.request.urlopen(req) as f:
	response = f.read()

	raw = response.decode("utf-8-sig")

	entries = dict(map(convert_password_tuple, raw.upper().split("\r\n")))
	return entries.get(sha1[5:].upper(), 0)