feat(package/checker): Conclude implementation for haveibeenpwned module

2024-09-20 14:27:40 +03:00 · 2019-04-16 15:55:16 +01:00 · 2019-04-16 15:55:16 +01:00 · 5a999bc63a
commit 5a999bc63a
parent 61c1b55af5
2 changed files with 64 additions and 10 deletions
--- a/packages/checker/data/answers/en.json
+++ b/packages/checker/data/answers/en.json
@ -26,23 +26,25 @@
 	},
 	"haveibeenpwned": {
 		"no-pwnage": [
-			"Great news, you haven't been pwned."
+			"Great news, %email% hasn't been compromised in a data breach.",
+			"%email% looks good to me!"
+		],
+		"pwned": [
+			"Oops, looks like %email% has been compromised in a breach involving %breach%",
+			"%breach% was involved in a breach. Sadly, %email% was affected.",
+			"Unfortunately, %email% has been exposed in a data breach affecting %breach%."
 		],
-		"pwned": {
-			"multiple": [
-				"More than one email has been compromised. They are;  %email% "
-			],
-			"single": [
-				"Uh oh, it seems %email% has been compromised.",
-				"Unfortunately, it looks like %email% has been exposed in a data breach."
-			]
-		},
 		"checking": [
 			"I'm checking for a compromised email.",
 			"Trying to verify pwnage status"
 		],
 		"no-email": [
 			"Please provide one or more email addresses you need me to check."
+		],
+		"errors": [
+			"I think %website_name% is down at the moment, please try again later.",
+			"I'm having trouble reaching %website_name%. Please check that your internet connection is active.",
+			"Bad news, %website_name% is not responding. Maybe try at a later time?"
 		]
 	}
 }
--- a/packages/checker/haveibeenpwned.py
+++ b/packages/checker/haveibeenpwned.py
@ -0,0 +1,52 @@
+#!/usr/bin/env python
+# -*- coding:utf-8 -*-
+
+import utils
+from time import sleep
+from urllib import parse
+from requests import codes, exceptions
+
+def haveibeenpwned(string, entities):
+    emails = []
+    
+    for item in entities:
+        if item['entity'] == 'email':
+            emails.append(item['resolution']['value'])
+    
+    if not emails:
+        emails = utils.config('emails')
+        if not emails:
+            utils.output('end', 'no-email', utils.translate('no-email'))
+
+    for index, email in enumerate(emails):
+        isLastEmail = index == len(emails) - 1
+        breached = checkForBreach(email)
+        data = { 'email': email }
+
+        if not breached:
+            if isLastEmail:
+                utils.output('end', 'no-pwnage', utils.translate('no-pwnage', data))
+            else:
+                utils.output('inter', 'no-pwnage', utils.translate('no-pwnage', data))
+        else:
+            data['breach'] = breached[0]['Name']
+            if isLastEmail:
+                utils.output('end', '', utils.translate('pwned', data))
+            else:
+                utils.output('inter', 'pwned', utils.translate('pwned', data))
+
+def checkForBreach(email):
+    # Delay for 2 seconds before making request to accomodate API usage policy
+    sleep(2)
+    truncate = '?truncateResponse=true'
+    url = 'https://haveibeenpwned.com/api/v2/breachedaccount/' + parse.quote_plus(email) + truncate
+    
+    try:
+        response = utils.http('GET', url)
+
+        if response.status_code == 404:
+            return None
+        
+        return response.json()
+    except exceptions.RequestException as e:
+        utils.output('end', 'down', utils.translate('errors', { 'website_name': 'HaveIBeenPwned' }))