# README

Pwned Passwords API in Go

This library implements the HaveIBeenPwned.org's Pwned Passwords v3 API in Go.

Features:

No external dependencies to reduce the likelihood of supply-chain attacks.
Cache support, as API responses can sometimes be huge.
Concurrent request optimization. Sharing a single request for password hash prefix.
Efficient memory use, no large allocations.

Example:

import (
	"github.com/supabase/hibp"
)

func main() {
	pwnedClient := hibp.PwnedClient{
		// please always set a User-Agent identifying your project
		UserAgent: "my-super-cool-project",
	}

	isPwned, err := pwnedClient.Check(context.Background(), "password1")
	if err != nil {
		if ur, ok := err.(*hibp.ErrorUnknownResponse); ok {
			// any non-200 response available in ur.Response
		}

		panic(err)
	}

	fmt.Print("Your password is ")
	if isPwned {
		fmt.Print("pwned!\n")
	} else {
		fmt.Print("safe for now!\n")
	}
}

License

Maintained by the Auth team at Supabase. Licensed under the MIT License.

# Functions

PwnedPasswordsURL

PwnedPasswordsURL returns the URL for the prefix.

# Variables

DefaultUserAgent

DefaultUserAgent is the User-Agent header sent to the Pwned Passwords API if it has not been explicitly set.

# Structs

ErrorUnexpectedResponse

ErrorUnexpectedResponse is an error returned if the response from the HaveIBeenPwned.org API was not expected.

PwnedClient

PwnedClient can be used to send requests to the Pwned Passwords API.

# Interfaces

PwnedCache

PwnedCache is the interface with which you can cache responses from the Pwned Passwords API.