View on GitHub
Validates the +value+ against the Pwned Passwords API. If the +pwned_count+
is higher than the optional +threshold+ then the record is marked as
In the case of an API error the validator will either mark the
record as valid or invalid. Alternatively it will run an associated proc or
re-raise the original error.
The validation will short circuit and return with no errors added if the
password is blank. The +Pwned::Password+ initializer expects the password to
be a string and will throw a +TypeError+ if it is +nil+. Also, technically
the empty string is not a password that is reported to be found in data
breaches, so returns +false+, short circuiting that using +value.blank?+
saves us a trip to the API.
@param record [ActiveModel::Validations] The object being validated
@param attribute [Symbol] The attribute on the record that is currently
@param value [String] The value of the attribute on the record that is the
subject of the validation
- Describe what "validate_each" returns.
- Add a code example (optional).