search

nodeSolidServer / node-solid-server

Solid server on top of the file-system in NodeJS
https://solidproject.org/for-developers/pod-server
Other
1.78k stars 297 forks source link

Lookup in Have I Been Pwned? database #904

Open Ryuno-Ki opened 5 years ago

Ryuno-Ki commented 5 years ago

This came up in https://github.com/solid/node-solid-server/pull/893#discussion_r230898095

Basically, the check in /lib/requests/create-account-request.js#L134 could be extended by looking the email up in Troy Hunt's database. There are packages to do this.

Some measures were already taken in https://github.com/solid/node-solid-server/pull/859 it seems.

If you would want to go fancy, you could look at WebAuthn API :-D

kjetilk commented 5 years ago

We did this, didn't we?

Ryuno-Ki commented 5 years ago

Can't tell. I'm currently not following along but only with the (plenty of) issues around solid :-(