bpmcdevitt
a6fb367ed4
- Extract database models from monolithic main.py (2,373 lines) into organized modules - Implement service layer pattern with dedicated business logic classes - Split API endpoints into modular FastAPI routers by functionality - Add centralized configuration management with environment variable handling - Create proper separation of concerns across data, service, and presentation layers **Architecture Changes:** - models/: SQLAlchemy database models (CVE, SigmaRule, RuleTemplate, BulkProcessingJob) - config/: Centralized settings and database configuration - services/: Business logic (CVEService, SigmaRuleService, GitHubExploitAnalyzer) - routers/: Modular API endpoints (cves, sigma_rules, bulk_operations, llm_operations) - schemas/: Pydantic request/response models **Key Improvements:** - 95% reduction in main.py size (2,373 → 120 lines) - Updated 15+ backend files with proper import structure - Eliminated circular dependencies and tight coupling - Enhanced testability with isolated service components - Better code organization for team collaboration **Backward Compatibility:** - All API endpoints maintain same URLs and behavior - Zero breaking changes to existing functionality - Database schema unchanged - Environment variables preserved 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
71 lines
No EOL
2.6 KiB
Python
71 lines
No EOL
2.6 KiB
Python
from typing import List
|
|
from fastapi import APIRouter, HTTPException, Depends
|
|
from sqlalchemy.orm import Session
|
|
|
|
from config.database import get_db
|
|
from models import SigmaRule
|
|
from schemas import SigmaRuleResponse
|
|
from services import SigmaRuleService
|
|
|
|
router = APIRouter(prefix="/api", tags=["sigma-rules"])
|
|
|
|
|
|
@router.get("/sigma-rules", response_model=List[SigmaRuleResponse])
|
|
async def get_sigma_rules(skip: int = 0, limit: int = 50, db: Session = Depends(get_db)):
|
|
"""Get all SIGMA rules with pagination"""
|
|
sigma_service = SigmaRuleService(db)
|
|
rules = sigma_service.get_all_rules(limit=limit, offset=skip)
|
|
|
|
# Convert to response format
|
|
result = []
|
|
for rule in rules:
|
|
rule_dict = {
|
|
'id': str(rule.id),
|
|
'cve_id': rule.cve_id,
|
|
'rule_name': rule.rule_name,
|
|
'rule_content': rule.rule_content,
|
|
'detection_type': rule.detection_type,
|
|
'log_source': rule.log_source,
|
|
'confidence_level': rule.confidence_level,
|
|
'auto_generated': rule.auto_generated,
|
|
'exploit_based': rule.exploit_based or False,
|
|
'github_repos': rule.github_repos or [],
|
|
'exploit_indicators': rule.exploit_indicators,
|
|
'created_at': rule.created_at
|
|
}
|
|
result.append(SigmaRuleResponse(**rule_dict))
|
|
return result
|
|
|
|
|
|
@router.get("/sigma-rules/{cve_id}", response_model=List[SigmaRuleResponse])
|
|
async def get_sigma_rules_by_cve(cve_id: str, db: Session = Depends(get_db)):
|
|
"""Get all SIGMA rules for a specific CVE"""
|
|
sigma_service = SigmaRuleService(db)
|
|
rules = sigma_service.get_rules_by_cve(cve_id)
|
|
|
|
# Convert to response format
|
|
result = []
|
|
for rule in rules:
|
|
rule_dict = {
|
|
'id': str(rule.id),
|
|
'cve_id': rule.cve_id,
|
|
'rule_name': rule.rule_name,
|
|
'rule_content': rule.rule_content,
|
|
'detection_type': rule.detection_type,
|
|
'log_source': rule.log_source,
|
|
'confidence_level': rule.confidence_level,
|
|
'auto_generated': rule.auto_generated,
|
|
'exploit_based': rule.exploit_based or False,
|
|
'github_repos': rule.github_repos or [],
|
|
'exploit_indicators': rule.exploit_indicators,
|
|
'created_at': rule.created_at
|
|
}
|
|
result.append(SigmaRuleResponse(**rule_dict))
|
|
return result
|
|
|
|
|
|
@router.get("/sigma-rule-stats")
|
|
async def get_sigma_rule_stats(db: Session = Depends(get_db)):
|
|
"""Get SIGMA rule statistics"""
|
|
sigma_service = SigmaRuleService(db)
|
|
return sigma_service.get_rule_stats() |