This repository has been archived by the owner on Oct 5, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.py
95 lines (75 loc) · 2.51 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
import databases
import sqlalchemy
from fastapi import FastAPI, Query
from pydantic import BaseModel
from typing import List
DATABASE_URL = "sqlite:///./cves.db"
database = databases.Database(DATABASE_URL)
metadata = sqlalchemy.MetaData()
cves = sqlalchemy.Table(
"cves",
metadata,
sqlalchemy.Column("cve_id", sqlalchemy.String),
sqlalchemy.Column("description_eng", sqlalchemy.String),
sqlalchemy.Column("affects", sqlalchemy.JSON),
sqlalchemy.Column("cve_data_meta", sqlalchemy.JSON),
sqlalchemy.Column("description", sqlalchemy.JSON),
sqlalchemy.Column("problemtype", sqlalchemy.JSON),
sqlalchemy.Column("cve_references", sqlalchemy.JSON),
sqlalchemy.Column("data_format", sqlalchemy.String),
sqlalchemy.Column("data_type", sqlalchemy.String),
sqlalchemy.Column("data_version", sqlalchemy.String),
)
engine = sqlalchemy.create_engine(
DATABASE_URL, connect_args={"check_same_thread": False}
)
metadata.create_all(engine)
# This was probably overkill, but I chose to split out the DB like this incase I want to do some graphql
class CVE(BaseModel):
cve_id: str
description_eng: str
affects: dict
cve_data_meta: dict
description: dict
problemtype: dict
cve_references: dict
data_format: str
data_type: str
data_version: str
# The output model removes cve_id and description_eng because I just use them to make life easier in db queries
class CVEOut(BaseModel):
affects: dict
cve_data_meta: dict
description: dict
problemtype: dict
cve_references: dict
data_format: str
data_type: str
data_version: str
app = FastAPI(
title="Simple CVE API",
description="Provides a simple API to query cvelist data",
version="1.0.0",
)
@app.on_event("startup")
async def startup():
await database.connect()
@app.on_event("shutdown")
async def shutdown():
await database.disconnect()
@app.get("/v1/cve/{cve_id}", response_model=List[CVEOut])
async def cve_id_search(cve_id: str):
query = cves.select().where(cves.c.cve_id == cve_id)
return await database.fetch_all(query)
@app.get("/v1/search/", response_model=List[CVEOut])
async def cve_description_search(
q: str = Query(
...,
title="Query string",
description="Wraps parameter in wildcards and searches the eng CVE descriptions. 100 result limit",
min_length=1,
)
):
wildcard_q = "%{0}%".format(q)
query = cves.select().where(cves.c.description.like(wildcard_q)).limit(100)
return await database.fetch_all(query)