EFSU-UOM · NipunSGeeTH · Sep 20, 2025 · Sep 20, 2025 · Sep 20, 2025 · Copilot
diff --git a/package-lock.json b/package-lock.json
diff --git a/resources/views/components/layouts/public.blade.php b/resources/views/components/layouts/public.blade.php
@@ -170,6 +170,31 @@ class="w-10 h-10 rounded-full bg-primary text-primary-content flex items-center
         </div>
     </header>
 
+    <!-- Password Breach Warning Alert -->
+<div
+    x-data="{ show: true }"
+    x-show="show"
+    x-init="setTimeout(() => show = false, 20000)"
+    class="bg-warning/20 border-l-4 border-warning text-warning-content dark:text-warning-content-light rounded shadow-md mb-4 transition-all duration-500"
+    role="alert"
+>
+    <div class="container mx-auto px-4 sm:px-6 lg:px-8 py-3 flex items-center justify-between">
+        <div class="flex items-center">
+            <x-mary-icon name="o-exclamation-triangle" class="h-5 w-5 mr-3 text-warning" />
+            <span class="text-sm font-medium text-black dark:text-warning-content">
+                {{ session('password_breach_warning') }}
+            </span>
+        </div>
+        <button
+            @click="show = false"
+            class="text-warning hover:text-warning-focus font-bold focus:outline-none"
+        >
+            ✖
+        </button>
+    </div>
+</div>
+
+
     <!-- Main Content -->
     <main class="min-h-screen">
         {{ $slot }}

diff --git a/resources/views/livewire/auth/login.blade.php b/resources/views/livewire/auth/login.blade.php
@@ -2,6 +2,7 @@
 
 use Illuminate\Auth\Events\Lockout;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\RateLimiter;
 use Illuminate\Support\Facades\Route;
 use Illuminate\Support\Facades\Session;
@@ -40,6 +41,11 @@ public function login(): void
         RateLimiter::clear($this->throttleKey());
         Session::regenerate();
 
+        if ($this->isPasswordPwned($this->password)) {
+            // Flash a warning message after successful login
+            session()->flash('password_breach_warning', '⚠️ Your password has appeared in a data breach. For your safety, please change it soon.');
+        }
+
         $this->redirectIntended(default: route('home', absolute: false), navigate: true);
     }
 
@@ -71,6 +77,39 @@ protected function throttleKey(): string
     {
         return Str::transliterate(Str::lower($this->email).'|'.request()->ip());
     }
+
+
+
+
-
-
+    protected function isPasswordPwned(string $password): bool
+    {
+        $sha1 = strtoupper(sha1($password));
+        $prefix = substr($sha1, 0, 5);
+        $suffix = substr($sha1, 5);
+
+        $response = Http::get("https://api.pwnedpasswords.com/range/{$prefix}");
+        if ($response->failed()) {
+            return false; // fail-safe
+        }
+
+        foreach (explode("\n", $response->body()) as $line) {
+            [$hashSuffix, $count] = explode(':', $line);
+            if ($suffix === trim($hashSuffix)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
 }; ?>
 
 <div class="flex flex-col gap-6">
@@ -79,11 +118,13 @@ protected function throttleKey(): string
         <p class="mt-1 text-sm text-base-content/70">{{ __('Enter your email and password below to log in') }}</p>
     </div>
 
-    @if (session('status'))
-        <x-mary-alert color="info" class="text-center">
-            {{ session('status') }}
-        </x-mary-alert>
-    @endif
+  @if (session('status'))
+    <x-mary-alert color="warning" class="text-center">
+        {{ session('status') }}
+    </x-mary-alert>
+@endif
+
+
 
-    
-    
     <form method="POST" wire:submit="login" class="flex flex-col gap-6">
         <x-mary-input