Merge pull request #204 from Shield-Cyber/dev

Minor: Dependency Updates / Replacement

.vscode/settings.json

@@ -3,5 +3,8 @@
         "tests"
     ],
     "python.testing.unittestEnabled": false,
-    "python.testing.pytestEnabled": true
+    "python.testing.pytestEnabled": true,
+    "githubPullRequests.ignoredPullRequestBranches": [
+        "main"
+    ]
 }

app/__init__.py

@@ -25,12 +25,12 @@
 else:
     VERSION = '0.0.0'
 
-if os.getenv("REDIS_HOST") != None:
+if os.getenv("DB_HOST") != None:
     DB_HOST = os.getenv("DB_HOST")
 else:
     DB_HOST = 'redis-db'
 
-if os.getenv("REDIS_PORT") != None:
+if os.getenv("DB_PORT") != None:
     DB_PORT = os.getenv("DB_PORT")
 else:
     DB_PORT = 6379

app/requirements.txt

@@ -1,7 +1,7 @@
 python-gvm==24.1.0
-fastapi==0.105.0
+fastapi==0.109.0
 python-multipart==0.0.6
-uvicorn[standard]==0.23.1
-passlib[bcrypt]==1.7.4
+uvicorn[standard]==0.26.0
+bcrypt==4.1.2
 python-jose[cryptography]==3.3.0
 redis[hiredis]==5.0.1

app/utils/auth.py

@@ -3,7 +3,7 @@
 from fastapi import Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer
 from jose import JWTError, jwt
-from passlib.context import CryptContext
+import bcrypt
 from pydantic import BaseModel
 import logging
 from app import LOGGING_PREFIX, USERNAME, PASSWORD
@@ -24,7 +24,7 @@
         "admin": {
             "username": USERNAME,
             "password": PASSWORD,
-            "hashed_password": CryptContext(schemes=["bcrypt"], deprecated="auto").hash(PASSWORD),
+            "hashed_password": bcrypt.hashpw(PASSWORD.encode('utf-8'), bcrypt.gensalt()),
             "disabled": False,
         }
     }
@@ -52,17 +52,15 @@ class User(BaseModel):
     class UserInDB(User):
         hashed_password: str
 
-    pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
     oauth2_scheme = OAuth2PasswordBearer(tokenUrl="authenticate")
 
     def verify_password(plain_password, hashed_password):
         LOGGER.debug("Verfying Password")
-        return Auth.pwd_context.verify(plain_password, hashed_password)
+        return bcrypt.checkpw(plain_password.encode('utf-8'), hashed_password.encode('utf-8'))
 
     def get_password_hash(password):
         LOGGER.debug("Getting Password Hash")
-        return Auth.pwd_context.hash(password)
+        return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
 
     # I hate this, its terrible and it should be changed to make something actually secure and not stupid.
     def get_admin_password():

dev-compose.yml

@@ -186,13 +186,14 @@ services:
     ports:
       - 8000:8000
     environment:
-      - VERSION=3.0.0
+      - VERSION=0.0.0
       - PROD=False # Used for Dev Only
       - USERNAME=admin # DEFAULT USERNAME 'admin'
       - PASSWORD=${PASSWORD:-admin} # SET ADMIN PASSWORD
     depends_on:
       - gvmd
       - redis-db
+      - rest-api-latest-release
     volumes:
       - gvmd_socket_vol:/run/gvmd
       - api_logs_vol:/logs
@@ -204,7 +205,7 @@ services:
     ports:
       - 8001:8000
     environment:
-      - PROD=True # Used for Dev Only
+      - PROD=False # Used for Dev Only
       - USERNAME=admin # DEFAULT USERNAME 'admin'
       - PASSWORD=${PASSWORD:-admin} # SET ADMIN PASSWORD
     depends_on:
@@ -214,15 +215,17 @@ services:
       - gvmd_socket_vol:/run/gvmd
       - api_logs_vol:/logs
 
-# Redis Database for Rest API
+# Redis Database for Dev Rest API
   redis-db:
-    image: redis:latest
-    command: "redis-server --appendonly yes"
+    image: redis/redis-stack:latest
     restart: on-failure
-    expose:
-      - 6379:6379
+    environment:
+      - REDIS_ARGS=--appendonly yes
+    ports:
+      - 6378:6379
+      - 8002:8001
     volumes:
-      - redis_data:/data
+      - redis_dev_data:/data
 
 volumes:
   gpg_data_vol:
@@ -238,4 +241,4 @@ volumes:
   ospd_openvas_socket_vol:
   redis_socket_vol:
   api_logs_vol:
-  redis_data:
+  redis_dev_data: