Giters

klaudiuszbed / cve-rest

REST API for CVE from years '99-2022.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

cvedataflaskmongodbpythonrestrest-apiapijwtmarshmallowdockerdocker-compose

CVE PRO - REST

This project is a REST API designed to quickly fetch & follow Common Vulnerabilities and Exposures from years 1999-2022. It aims to make accessing CVE data as quickly and easily as possible.

Integrate it with your existing project(s) or use it for data visualization and analysis. Available to anyone for any kind of purpose.

Warning This application is not meant to be run and used in production! Development and study environment only.

Installation & Setup

For every approach you need to clone the repository.

> git clone https://github.com/Vicariss/cve-rest.git

Docker

  1. Create and start containers using docker compose. Run this command from root level of the app where docker-compose.yml resides.
> docker compose up
  1. Get a bash shell in active container and run unit tests to see if everything works as supposed.
> docker exec -it rest_api /bin/bash
> pytest -v

... or run one command inside the container without interactive shell.

> docker exec rest_api pytest v

Windows

  1. Create virtualenv, activate it and install requirements from file.
> virtualenv venv
> .\venv\scripts\activate
> pip install -r requirements.txt
  1. Setup & populate MongoDB.
> mongorestore --db cve <path_to_dump_folder>
  1. Run unit tests to ensure that everything works properly.
> pytest -v
  1. Run the application using flask cli:

Note Since all flask environment variables are already specified in .flaskenv file, we don't have to assign them manually.

> flask run
# by default, flask's built in server run on port 5000, you can change it to whatever port you want
> flask run -p 8080

Usage Example - cURL

In order to request CVE, register new user and then log in to obtain access token.

# REGISTER 
> curl -X POST -i -H "Content-Type: application/json" -d "{""username"": ""..."", ""password"": ""...""}" http://ip:port/user/register

# LOG IN 
> curl -X POST -i -H "Content-Type: application/json" -d "{""username"": ""..."", ""password"": ""...""}" http://ip:port/user/login

# REQUEST CVE 
> curl -X GET -i -H "token: <token_id>" http://ip:port/cve?amount=5

# DELETE USER 
> curl -X DELETE -i -H "Content-Type: application/json" -d "{""username"":""..."", ""password"":""...""}" http://ip:port/user/delete

# UPDATE USERNAME 
> curl -X PATCH -i -H "Content-Type: application/json" -d "{""username"":""..."", ""password"":""..."", ""new_username"":""...""}" http://ip:port/user/update

Contribution

Any kind of contribution/idea is welcome and appreciated. Create new ticket via GitHub Issues or contact by e-mail.

About

REST API for CVE from years '99-2022.

cvedataflaskmongodbpythonrestrest-apiapijwtmarshmallowdockerdocker-compose

Languages

Language:Python 97.8%Language:Shell 1.1%Language:Dockerfile 1.1%