import httpx
import hashlib

async def check_password_breached(password: str) -> int:
    sha1_hash = hashlib.sha1(password.encode()).hexdigest().upper()
    prefix = sha1_hash[:5]
    suffix = sha1_hash[5:]
    
    async with httpx.AsyncClient() as client:
        response = await client.get(f"https://api.pwnedpasswords.com/range/{prefix}")
    
    hashes = (line.split(':') for line in response.text.splitlines())
    count = next((int(count) for hash_suffix, count in hashes if hash_suffix == suffix), 0)
    return count  # 0 = not breached, >0 = times breached

count = await check_password_breached("P@ssw0rd1!")
if count > 0:
    raise ValueError(f"Password has been breached {count} times — choose another")

Authentication & Authorization — OAuth, JWT, MFA, SSO

Authentication & Authorization — OAuth, JWT, MFA, SSO

Authentication & Authorization — OAuth, JWT, MFA, SSO