forked from mozilla/blurts-server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhibp.js
46 lines (36 loc) · 1.25 KB
/
hibp.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
"use strict";
const got = require("got");
const AppConstants = require("./app-constants");
const DBUtils = require("./db/utils");
const pkg = require("./package.json");
const getSha1 = require("./sha1-utils");
const HIBP_USER_AGENT = `${pkg.name}/${pkg.version}`;
const HIBP = {
async getBreachesForEmail(email) {
let foundBreaches = [];
const sha1 = getSha1(email);
const sha1Prefix = sha1.slice(0, 6);
const url = `${AppConstants.HIBP_STAGE_API_ROOT}/range/${sha1Prefix}?code=${encodeURIComponent(AppConstants.HIBP_STAGE_API_TOKEN)}`;
const headers = {
"User-Agent": HIBP_USER_AGENT,
};
console.info(`Fetching ${url}...`);
try {
const response = await got(url, {headers, json: true});
// Parse response body, format:
// [
// {"HashSuffix":<suffix>,"Websites":[<breach1Name>,...]},
// {"HashSuffix":<suffix>,"Websites":[<breach1Name>,...]},
// ]
for (const breachedAccount of response.body) {
if (sha1.toUpperCase() === sha1Prefix + breachedAccount.HashSuffix) {
foundBreaches = await DBUtils.getBreachesByNames(breachedAccount.Websites);
}
}
} catch (error) {
console.error(error);
}
return foundBreaches;
},
};
module.exports = HIBP;