diff --git a/server/api/decorators.py b/server/api/decorators.py index 44552cf..27565ce 100644 --- a/server/api/decorators.py +++ b/server/api/decorators.py @@ -6,14 +6,6 @@ from flask import session class WebException(Exception): pass -def admins_only(f): - @wraps(f) - def decorated_function(*args, **kwargs): - if "admin" not in session and not session["admin"]: - return { "success": 0, "message": "Not authorized." } - return f(*args, **kwargs) - return decorated_function - def api_wrapper(f): @wraps(f) def wrapper(*args, **kwds): @@ -30,3 +22,21 @@ def api_wrapper(f): web_result = { "success": 0, "message": "Something went wrong! Please notify us about this immediately.", str(error): traceback.format_exc() } return json.dumps(web_result), response, { "Content-Type": "application/json; charset=utf-8" } return wrapper + +import user # Must go below api_wrapper to prevent import loops + +def login_required(f): + @wraps(f) + def decorated_function(*args, **kwargs): + if not user.is_logged_in(): + return { "success": 0, "message": "Not logged in." } + return f(*args, **kwargs) + return decorated_function + +def admins_only(f): + @wraps(f) + def decorated_function(*args, **kwargs): + if not user.is_admin(): + return { "success": 0, "message": "Not authorized." } + return f(*args, **kwargs) + return decorated_function diff --git a/server/api/problem.py b/server/api/problem.py index 5aa9820..d55a1f5 100644 --- a/server/api/problem.py +++ b/server/api/problem.py @@ -4,7 +4,7 @@ from flask import Blueprint, session, request from flask import current_app as app from models import db, Problems, Solves, Teams -from decorators import admins_only, api_wrapper +from decorators import admins_only, api_wrapper, login_required blueprint = Blueprint("problem", __name__) @@ -72,6 +72,7 @@ def problem_update(): @blueprint.route("/submit", methods=["POST"]) @api_wrapper +@login_required def problem_submit(): pid = request.form["pid"] flag = request.form["flag"] diff --git a/server/api/user.py b/server/api/user.py index 9a07f05..048115e 100644 --- a/server/api/user.py +++ b/server/api/user.py @@ -1,4 +1,4 @@ -from flask import Blueprint, session, request +from flask import Blueprint, session, request, redirect, url_for from flask import current_app as app from models import db, Users @@ -66,6 +66,22 @@ def user_login(): else: return { "success": 0, "message": "Invalid credentials." } +@blueprint.route("/status", methods=["POST"]) +@api_wrapper +def user_status(): + status = { + "logged_in": is_logged_in(), + "admin": is_admin(), + "username": session["username"] if is_logged_in() else "", + } + return status + +def is_logged_in(): + return "logged_in" in session and session["logged_in"] + +def is_admin(): + return "admin" in session and session["admin"] + def add_user(name, username, email, password): user = Users(name, username, email, password) db.session.add(user) diff --git a/web/index.html b/web/index.html index 128d79a..ec80906 100644 --- a/web/index.html +++ b/web/index.html @@ -66,14 +66,22 @@ -