Prompt Details
Model
Chat - (gpt-5.5)
Token size
538
Example input
[PASTE YOUR API CODE, ENDPOINT DEFINITIONS, OR AUTHENTICATION FLOW HERE]: Review this FastAPI authentication endpoint for security vulnerabilities. Python 3.11, SQLAlchemy 2.0: @app.post("/login") async def login(username: str, password: str, db: Session = Depends(get_db)): user = db.query(User).filter(User.username == username).first() if user and user.password == password: token = jwt.encode({"sub": user.id}, "secret", algorithm="HS256") return {"token": token} raise HTTPException(status_code=401)
Example output
## Security Audit — FastAPI Login Endpoint
### 🔴 CRITICAL — Plaintext Password Comparison
**OWASP:** API2 Broken Authentication | **CWE-256**
**Location:** `if user and user.password == password`
**Issue:** Password compared in plaintext — database stores raw passwords.
**Fix:**
from passlib.context import CryptContext
pwd_context = CryptContext(schemes=["bcrypt"])
if user and pwd_context.verify(password, user.hashed_password):
By purchasing this prompt, you agree to our terms of service
GPT-5.5
Audit your REST API for security vulnerabilities. Covers OWASP API Top 10 (2023), JWT misconfigurations, SQL injection, broken auth, and rate limiting gaps. Returns prioritized remediation list with code fixes. Supports FastAPI, Django, Express, Spring Boot.
...more
Updated 3 weeks ago
