diff --git a/.vscode/settings.json b/.vscode/settings.json index 9b38853..4753737 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -3,5 +3,8 @@ "tests" ], "python.testing.unittestEnabled": false, - "python.testing.pytestEnabled": true + "python.testing.pytestEnabled": true, + "githubPullRequests.ignoredPullRequestBranches": [ + "main" + ] } \ No newline at end of file diff --git a/app/__init__.py b/app/__init__.py index 61f8fa8..b63ab69 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -25,12 +25,12 @@ else: VERSION = '0.0.0' -if os.getenv("REDIS_HOST") != None: +if os.getenv("DB_HOST") != None: DB_HOST = os.getenv("DB_HOST") else: DB_HOST = 'redis-db' -if os.getenv("REDIS_PORT") != None: +if os.getenv("DB_PORT") != None: DB_PORT = os.getenv("DB_PORT") else: DB_PORT = 6379 diff --git a/app/requirements.txt b/app/requirements.txt index 4c30584..479c6a3 100644 --- a/app/requirements.txt +++ b/app/requirements.txt @@ -1,7 +1,7 @@ python-gvm==24.1.0 -fastapi==0.105.0 +fastapi==0.109.0 python-multipart==0.0.6 -uvicorn[standard]==0.23.1 -passlib[bcrypt]==1.7.4 +uvicorn[standard]==0.26.0 +bcrypt==4.1.2 python-jose[cryptography]==3.3.0 redis[hiredis]==5.0.1 \ No newline at end of file diff --git a/app/utils/auth.py b/app/utils/auth.py index e1dbd51..2129a62 100644 --- a/app/utils/auth.py +++ b/app/utils/auth.py @@ -3,7 +3,7 @@ from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from jose import JWTError, jwt -from passlib.context import CryptContext +import bcrypt from pydantic import BaseModel import logging from app import LOGGING_PREFIX, USERNAME, PASSWORD @@ -24,7 +24,7 @@ "admin": { "username": USERNAME, "password": PASSWORD, - "hashed_password": CryptContext(schemes=["bcrypt"], deprecated="auto").hash(PASSWORD), + "hashed_password": bcrypt.hashpw(PASSWORD.encode('utf-8'), bcrypt.gensalt()), "disabled": False, } } @@ -52,17 +52,15 @@ class User(BaseModel): class UserInDB(User): hashed_password: str - pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") - oauth2_scheme = OAuth2PasswordBearer(tokenUrl="authenticate") def verify_password(plain_password, hashed_password): LOGGER.debug("Verfying Password") - return Auth.pwd_context.verify(plain_password, hashed_password) + return bcrypt.checkpw(plain_password.encode('utf-8'), hashed_password.encode('utf-8')) def get_password_hash(password): LOGGER.debug("Getting Password Hash") - return Auth.pwd_context.hash(password) + return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()) # I hate this, its terrible and it should be changed to make something actually secure and not stupid. def get_admin_password(): diff --git a/dev-compose.yml b/dev-compose.yml index 29c6cfd..704f291 100644 --- a/dev-compose.yml +++ b/dev-compose.yml @@ -186,13 +186,14 @@ services: ports: - 8000:8000 environment: - - VERSION=3.0.0 + - VERSION=0.0.0 - PROD=False # Used for Dev Only - USERNAME=admin # DEFAULT USERNAME 'admin' - PASSWORD=${PASSWORD:-admin} # SET ADMIN PASSWORD depends_on: - gvmd - redis-db + - rest-api-latest-release volumes: - gvmd_socket_vol:/run/gvmd - api_logs_vol:/logs @@ -204,7 +205,7 @@ services: ports: - 8001:8000 environment: - - PROD=True # Used for Dev Only + - PROD=False # Used for Dev Only - USERNAME=admin # DEFAULT USERNAME 'admin' - PASSWORD=${PASSWORD:-admin} # SET ADMIN PASSWORD depends_on: @@ -214,15 +215,17 @@ services: - gvmd_socket_vol:/run/gvmd - api_logs_vol:/logs -# Redis Database for Rest API +# Redis Database for Dev Rest API redis-db: - image: redis:latest - command: "redis-server --appendonly yes" + image: redis/redis-stack:latest restart: on-failure - expose: - - 6379:6379 + environment: + - REDIS_ARGS=--appendonly yes + ports: + - 6378:6379 + - 8002:8001 volumes: - - redis_data:/data + - redis_dev_data:/data volumes: gpg_data_vol: @@ -238,4 +241,4 @@ volumes: ospd_openvas_socket_vol: redis_socket_vol: api_logs_vol: - redis_data: \ No newline at end of file + redis_dev_data: \ No newline at end of file