This package provides a Laravel validation rule that checks if a password has been exposed in a data breach. It uses the haveibeenpwned.com passwords API via the divineomega/password_exposed library.

To install, just run the following Composer command.

composer require divineomega/laravel-password-exposed-validation-rule

Please note that this package requires Laravel 5.1 or above.

The following code snippet shows an example of how to use the password exposed validation rule.

use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;

$request->validate([
    'password' => ['required', new PasswordExposed()],
]);

If you wish, you can also set a custom validation message, as shown below.

use DivineOmega\LaravelPasswordExposedValidationRule\PasswordExposed;

$request->validate([
    'password' => ['required', (new PasswordExposed())->setMessage('This password is not secure.')],
]);