Custom settings¶
Two optional custom Django settings can be used to customize the behavior of pwned-passwords-django.
-
django.conf.settings.
PWNED_PASSWORDS_API_TIMEOUT
¶ A
float
indicating, in seconds, how long to wait for a response from the Pwned Passwords API before giving up.Defaults to 1.0 (1 second) if not set.
-
django.conf.settings.
PWNED_PASSWORDS_REGEX
¶ A
str
containing a regular expression to use whenPwnedPasswordsMiddleware
is scanning HTTP POST payloads for possible passwords. Will be checked case-insensitively.Defaults to r’PASS’ (thus matching ‘password’, ‘passphrase’, etc.) if not set.