A modern, secure web application for monitoring email data breaches. Built with React, Node.js, and the HaveIBeenPwned API to help users stay informed about cybersecurity threats and protect their digital privacy.
- Check any email address against millions of compromised accounts
- Real-time breach data from HaveIBeenPwned database
- Detailed breach information with affected data types
- Comprehensive breach history tracking
- Security statistics and trends
- Real-time breach monitoring for registered users
- Rate limiting and input validation
- No password storage - secure email-based authentication
- Privacy-focused design with minimal data retention
- React with TypeScript
- Vite for fast development and building
- TailwindCSS for modern, responsive UI
- React Router for navigation
- React Hook Form for form handling
- Axios for API communication
- Node.js with Express.js
- TypeScript for type safety
- PostgreSQL with Prisma ORM
- JWT for authentication
- Helmet for security headers
- Rate limiting with express-rate-limit
- Input validation with express-validator
- HaveIBeenPwned API for breach data
POST /api/auth/register- Register with emailPOST /api/auth/login- Login with emailGET /api/auth/verify- Verify JWT token
POST /api/breaches/check- Check email for breachesGET /api/breaches/history/:email- Get breach historyGET /api/breaches/all- Get all known breaches
GET /api/dashboard- Get user dashboard dataGET /api/dashboard/stats- Get detailed statistics
- Rate Limiting: Prevents API abuse
- Input Validation: Sanitizes all user inputs
- CORS Protection: Configurable origins
- Helmet: Security headers
- JWT Authentication: Stateless auth tokens
- Email Validation: MX record verification
- No Password Storage: Email-only authentication
Note: The app can work in demo mode without an API key, but with limited functionality.