This package provides a Laravel validation rule that checks if a password has been exposed in a data breach. It uses the haveibeenpwned.com passwords API via the divineomega/password_exposed library.
To install, just run the following Composer command.
composer require divineomega/laravel-password-exposed-validation-rule
Please note that this package requires Laravel 5.1 or above.
The following code snippet shows an example of how to use the password exposed validation rule.
use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;
$request->validate([
'password' => ['required', new PasswordExposed()],
]);If you wish, you can also set a custom validation message, as shown below.
use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;
$request->validate([
'password' => ['required', (new PasswordExposed())->setMessage('This password is not secure.')],
]);