Remove CTF and fixed LICENSE

Author: cx-ittai-gilat

LICENSE

@@ -629,9 +629,7 @@ to attach them to the start of each source file to most effectively
 state the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.
 
-    c{api}tal is a vulnerable by design application that contains 10 API challenges which map to the OWASP top 10 API risks.
-    It is built with Python (FastAPI) and JS (React).
-    c{api}tal can also be used for conducting your own API Security CTF event.
+    The c{api}tal application is a modern blogging platform demonstration built with Python (FastAPI) and JavaScript (React). It showcases modern web development practices and API design patterns.
     Copyright (C) 2022  Checkmarx
 
     This program is free software: you can redistribute it and/or modify

app/api/routes/admin.py

@@ -4,23 +4,23 @@
 from app.core.config import get_app_settings
 from app.core.settings.app import AppSettings
 from app.models.domain.users import User
-from app.models.schemas.users import OnlyCTFResponse
+from app.models.schemas.users import OnlyAResponse
 from app.resources import strings
 from app.services import jwt
 
 router = APIRouter()
 
 
-@router.get("", response_model=OnlyCTFResponse, name="admin:get-admin-page", include_in_schema=False)
+@router.get("", response_model=OnlyAResponse, name="admin:get-admin-page", include_in_schema=False)
 async def retrieve_admin_page(
         user: User = Depends(get_current_user_authorizer()),
         settings: AppSettings = Depends(get_app_settings),
-) -> OnlyCTFResponse:
+) -> OnlyAResponse:
     token = jwt.create_access_token_for_user(
         user,
         str(settings.secret_key.get_secret_value()),
     )
-    return OnlyCTFResponse(
+    return OnlyAResponse(
         flag=strings.get_response_a(),
         description=strings.Description_A,
     )

app/api/routes/authentication.py

@@ -11,20 +11,20 @@
 from app.models.schemas.users import (
     UserInLogin,
     UserInResponse,
-    UserWithToken, OnlyCTFResponse, OnlyCTFResponseWithSecret, CTFResponse
+    UserWithToken, OnlyAResponse, OnlyAResponseWithSec, AResponse
 )
 from app.resources import strings
 from app.services import jwt
 
 router = APIRouter()
 
 
-@router.post("/login", response_model=Union[CTFResponse, UserInResponse] , name="auth:login")
+@router.post("/login", response_model=Union[AResponse, UserInResponse] , name="auth:login")
 async def login(
     user_login: UserInLogin = Body(..., embed=True, alias="user"),
     users_repo: UsersRepository = Depends(get_repository(UsersRepository)),
     settings: AppSettings = Depends(get_app_settings),
-) -> Union[CTFResponse, UserInResponse]:
+) -> Union[AResponse, UserInResponse]:
     wrong_login_error = HTTPException(
         status_code=HTTP_400_BAD_REQUEST,
         detail=strings.INCORRECT_LOGIN_INPUT,
@@ -43,7 +43,7 @@ async def login(
         str(settings.secret_key.get_secret_value()),
     )
     if user_login.email == "[email protected]":
-        return CTFResponse(
+        return AResponse(
         flag=strings.get_response_b(),
         description=strings.Description_G,
         user=UserWithToken(

app/api/routes/authentication_old.py

@@ -7,18 +7,18 @@
 from app.db.repositories.users import UsersRepository
 from app.models.schemas.users import (
     UserInLogin,
-    UserWithToken, CTFResponse,
+    UserWithToken, AResponse,
 )
 from app.resources import strings
 
 router = APIRouter()
 
 
-@router.post("/login", response_model=CTFResponse, name="auth:login", include_in_schema=False)
+@router.post("/login", response_model=AResponse, name="auth:login", include_in_schema=False)
 async def login(
     user_login: UserInLogin = Body(..., embed=True, alias="user"),
     users_repo: UsersRepository = Depends(get_repository(UsersRepository)),
-) -> CTFResponse:
+) -> AResponse:
     wrong_login_error = HTTPException(
         status_code=HTTP_400_BAD_REQUEST,
         detail=strings.INCORRECT_LOGIN_INPUT,
@@ -29,7 +29,7 @@ async def login(
     except EntityDoesNotExist as existence_error:
         raise wrong_login_error from existence_error
 
-    return CTFResponse(
+    return AResponse(
         flag=get_response_d(),
         description=Description_B,
         user=UserWithToken(

app/api/routes/logging.py

@@ -4,23 +4,23 @@
 from app.core.config import get_app_settings
 from app.core.settings.app import AppSettings
 from app.models.domain.users import User
-from app.models.schemas.users import OnlyCTFResponse
+from app.models.schemas.users import OnlyAResponse
 from app.resources import strings
 from app.services import jwt
 
 router = APIRouter()
 
 
-@router.get("", response_model=OnlyCTFResponse, name="logging:get-logging-page", include_in_schema=False)
+@router.get("", response_model=OnlyAResponse, name="logging:get-logging-page", include_in_schema=False)
 async def retrieve_logging_page(
         user: User = Depends(get_current_user_authorizer()),
         settings: AppSettings = Depends(get_app_settings),
-) -> OnlyCTFResponse:
+) -> OnlyAResponse:
     token = jwt.create_access_token_for_user(
         user,
         str(settings.secret_key.get_secret_value()),
     )
-    return OnlyCTFResponse(
+    return OnlyAResponse(
         flag=strings.get_response_i(),
         description=strings.Description_I,
     )

app/models/schemas/users.py

@@ -32,17 +32,17 @@ class UserInResponse(RWSchema):
     user: UserWithToken
 
 
-class CTFResponse(UserInResponse):
+class AResponse(UserInResponse):
     flag: str
     description: str
 
 
-class OnlyCTFResponse(BaseModel):
+class OnlyAResponse(BaseModel):
     flag: str
     description: str
 
 
-class OnlyCTFResponseWithSecret(BaseModel):
+class OnlyAResponseWithSec(BaseModel):
     flag: str
     description: str
-    secret: str
+    sec: str