AuditService (#2)

* Add AuditService. * Change sha1 to use Webcrypto. * Add interface for AuditService. * Move PwnedPasswodsApi constant outside class. * Change FromBufferToHex implementation to simpler code. * Use correct string to array function. * Change auditService interface to abstract class. Add missing type to utils.
2025-12-14 07:13:32 +00:00 · 2018-02-28 16:52:35 +01:00
parent ab00dfd399
commit 1aabb42e47
5 changed files with 49 additions and 0 deletions
--- a/src/services/audit.service.ts
+++ b/src/services/audit.service.ts
@@ -0,0 +1,26 @@
+import { CryptoService } from '../abstractions/crypto.service';
+
+const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
+
+export class AuditService {
+
+    constructor(private cryptoService: CryptoService) {
+    }
+
+    async passwordLeaked(password: string): Promise<number> {
+        const hash = (await this.cryptoService.sha1(password)).toUpperCase();
+
+        const response = await fetch(PwnedPasswordsApi + hash.substr(0, 5));
+        const leakedHashes = await response.text();
+
+        const hashEnding = hash.substr(5);
+
+        const match = leakedHashes
+            .split(/\r?\n/)
+            .find((v) => {
+                return v.split(':')[0] === hashEnding;
+            });
+
+        return match ? parseInt(match.split(':')[1], 10) : 0;
+    }
+}