From b3297bcf1cc70609940e7f3463d5393f9b873969 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 18 Jan 2024 15:17:54 +0000
Subject: [PATCH 1/6] Bump uvicorn[standard] from 0.23.1 to 0.26.0 in /app

Bumps [uvicorn[standard]](https://github.com/encode/uvicorn) from 0.23.1 to 0.26.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.23.1...0.26.0)

---
updated-dependencies:
- dependency-name: uvicorn[standard]
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 app/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/requirements.txt b/app/requirements.txt
index 4c30584..72f12b0 100644
--- a/app/requirements.txt
+++ b/app/requirements.txt
@@ -1,7 +1,7 @@
 python-gvm==24.1.0
 fastapi==0.105.0
 python-multipart==0.0.6
-uvicorn[standard]==0.23.1
+uvicorn[standard]==0.26.0
 passlib[bcrypt]==1.7.4
 python-jose[cryptography]==3.3.0
 redis[hiredis]==5.0.1
\ No newline at end of file

From 534a428c178de86f75ac9d24eb750f6a335ba870 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 18 Jan 2024 15:17:54 +0000
Subject: [PATCH 2/6] Bump fastapi from 0.105.0 to 0.109.0 in /app

Bumps [fastapi](https://github.com/tiangolo/fastapi) from 0.105.0 to 0.109.0.
- [Release notes](https://github.com/tiangolo/fastapi/releases)
- [Commits](https://github.com/tiangolo/fastapi/compare/0.105.0...0.109.0)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 app/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/requirements.txt b/app/requirements.txt
index 4c30584..d45f49f 100644
--- a/app/requirements.txt
+++ b/app/requirements.txt
@@ -1,5 +1,5 @@
 python-gvm==24.1.0
-fastapi==0.105.0
+fastapi==0.109.0
 python-multipart==0.0.6
 uvicorn[standard]==0.23.1
 passlib[bcrypt]==1.7.4

From aabb07997115d7a41b938c39fa81f9add96b5cae Mon Sep 17 00:00:00 2001
From: Oliver Scotten <revi99@me.com>
Date: Thu, 18 Jan 2024 19:03:44 +0000
Subject: [PATCH 3/6] Update dev-compose.yml

---
 dev-compose.yml | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/dev-compose.yml b/dev-compose.yml
index 29c6cfd..704f291 100644
--- a/dev-compose.yml
+++ b/dev-compose.yml
@@ -186,13 +186,14 @@ services:
     ports:
       - 8000:8000
     environment:
-      - VERSION=3.0.0
+      - VERSION=0.0.0
       - PROD=False # Used for Dev Only
       - USERNAME=admin # DEFAULT USERNAME 'admin'
       - PASSWORD=${PASSWORD:-admin} # SET ADMIN PASSWORD
     depends_on:
       - gvmd
       - redis-db
+      - rest-api-latest-release
     volumes:
       - gvmd_socket_vol:/run/gvmd
       - api_logs_vol:/logs
@@ -204,7 +205,7 @@ services:
     ports:
       - 8001:8000
     environment:
-      - PROD=True # Used for Dev Only
+      - PROD=False # Used for Dev Only
       - USERNAME=admin # DEFAULT USERNAME 'admin'
       - PASSWORD=${PASSWORD:-admin} # SET ADMIN PASSWORD
     depends_on:
@@ -214,15 +215,17 @@ services:
       - gvmd_socket_vol:/run/gvmd
       - api_logs_vol:/logs
 
-# Redis Database for Rest API
+# Redis Database for Dev Rest API
   redis-db:
-    image: redis:latest
-    command: "redis-server --appendonly yes"
+    image: redis/redis-stack:latest
     restart: on-failure
-    expose:
-      - 6379:6379
+    environment:
+      - REDIS_ARGS=--appendonly yes
+    ports:
+      - 6378:6379
+      - 8002:8001
     volumes:
-      - redis_data:/data
+      - redis_dev_data:/data
 
 volumes:
   gpg_data_vol:
@@ -238,4 +241,4 @@ volumes:
   ospd_openvas_socket_vol:
   redis_socket_vol:
   api_logs_vol:
-  redis_data:
\ No newline at end of file
+  redis_dev_data:
\ No newline at end of file

From 5c6a1889cbb2817252e8ffa9c24eee205f2a5162 Mon Sep 17 00:00:00 2001
From: Oliver Scotten <revi99@me.com>
Date: Thu, 18 Jan 2024 19:04:15 +0000
Subject: [PATCH 4/6] Fix Env Variables for DB_HOST and DB_PORT

---
 app/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index 61f8fa8..b63ab69 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -25,12 +25,12 @@
 else:
     VERSION = '0.0.0'
 
-if os.getenv("REDIS_HOST") != None:
+if os.getenv("DB_HOST") != None:
     DB_HOST = os.getenv("DB_HOST")
 else:
     DB_HOST = 'redis-db'
 
-if os.getenv("REDIS_PORT") != None:
+if os.getenv("DB_PORT") != None:
     DB_PORT = os.getenv("DB_PORT")
 else:
     DB_PORT = 6379

From df6a87dff6fb9eca891c263175806abc8b378d41 Mon Sep 17 00:00:00 2001
From: Oliver Scotten <revi99@me.com>
Date: Thu, 18 Jan 2024 19:04:24 +0000
Subject: [PATCH 5/6] Settings Changes

---
 .vscode/settings.json | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 9b38853..4753737 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -3,5 +3,8 @@
         "tests"
     ],
     "python.testing.unittestEnabled": false,
-    "python.testing.pytestEnabled": true
+    "python.testing.pytestEnabled": true,
+    "githubPullRequests.ignoredPullRequestBranches": [
+        "main"
+    ]
 }
\ No newline at end of file

From 734871241bc02cfe4cf1d27c3509ab94c54d0959 Mon Sep 17 00:00:00 2001
From: Oliver Scotten <revi99@me.com>
Date: Thu, 18 Jan 2024 20:24:11 +0000
Subject: [PATCH 6/6] Replace passlib with bcrypt

---
 app/requirements.txt |  2 +-
 app/utils/auth.py    | 10 ++++------
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/app/requirements.txt b/app/requirements.txt
index 41359e4..479c6a3 100644
--- a/app/requirements.txt
+++ b/app/requirements.txt
@@ -2,6 +2,6 @@ python-gvm==24.1.0
 fastapi==0.109.0
 python-multipart==0.0.6
 uvicorn[standard]==0.26.0
-passlib[bcrypt]==1.7.4
+bcrypt==4.1.2
 python-jose[cryptography]==3.3.0
 redis[hiredis]==5.0.1
\ No newline at end of file
diff --git a/app/utils/auth.py b/app/utils/auth.py
index e1dbd51..2129a62 100644
--- a/app/utils/auth.py
+++ b/app/utils/auth.py
@@ -3,7 +3,7 @@
 from fastapi import Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer
 from jose import JWTError, jwt
-from passlib.context import CryptContext
+import bcrypt
 from pydantic import BaseModel
 import logging
 from app import LOGGING_PREFIX, USERNAME, PASSWORD
@@ -24,7 +24,7 @@
         "admin": {
             "username": USERNAME,
             "password": PASSWORD,
-            "hashed_password": CryptContext(schemes=["bcrypt"], deprecated="auto").hash(PASSWORD),
+            "hashed_password": bcrypt.hashpw(PASSWORD.encode('utf-8'), bcrypt.gensalt()),
             "disabled": False,
         }
     }
@@ -52,17 +52,15 @@ class User(BaseModel):
     class UserInDB(User):
         hashed_password: str
 
-    pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
     oauth2_scheme = OAuth2PasswordBearer(tokenUrl="authenticate")
 
     def verify_password(plain_password, hashed_password):
         LOGGER.debug("Verfying Password")
-        return Auth.pwd_context.verify(plain_password, hashed_password)
+        return bcrypt.checkpw(plain_password.encode('utf-8'), hashed_password.encode('utf-8'))
 
     def get_password_hash(password):
         LOGGER.debug("Getting Password Hash")
-        return Auth.pwd_context.hash(password)
+        return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
     
     # I hate this, its terrible and it should be changed to make something actually secure and not stupid.
     def get_admin_password():