This commit is contained in:
Thomas 2016-01-02 12:45:47 -06:00
commit d47f6274d9
9 changed files with 80 additions and 65 deletions

View file

@ -6,25 +6,14 @@ from flask import session
class WebException(Exception): pass
def login_required(f):
@wraps(f)
def decorated_function(*args, **kwargs):
return f(*args, **kwargs)
return decorated_function
def admins_only(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if "admin" not in session and not session["admin"]:
return { "success": 0, "message": "Not authorized." }
return f(*args, **kwargs)
return decorated_function
def check_csrf(f):
@wraps(f)
@login_required
def wrapper(*args, **kwds):
return f(*args, **kwds)
return wrapper
def api_wrapper(f):
@wraps(f)
def wrapper(*args, **kwds):

View file

@ -4,7 +4,7 @@ from flask import Blueprint, session, request
from flask import current_app as app
from models import db, Problems, Solves, Teams
from decorators import admins_only, api_wrapper, login_required
from decorators import admins_only, api_wrapper
blueprint = Blueprint("problem", __name__)
@ -72,7 +72,6 @@ def problem_update():
@blueprint.route("/submit", methods=["POST"])
@api_wrapper
@login_required
def problem_submit():
pid = request.form["pid"]
flag = request.form["flag"]

View file

@ -59,7 +59,8 @@ def user_login():
if utils.check_password(user.password, password):
session["username"] = user.username
session["admin"] = user.admin
if user.admin:
session["admin"] = True
session["logged_in"] = True
return { "success": 1, "message": "Success!" }
else:

11
web/js/admin/problem.js Normal file
View file

@ -0,0 +1,11 @@
function add_problem(name, category, description, hint, flag, value) {
$.post("/api/problem/add", {
name: name,
category: category,
hint: hint,
flag: flag,
value: value
}, function(data) {
})
}

View file

@ -1,51 +1,60 @@
var app = angular.module("easyctf", [ "ngRoute" ]);
app.config(function($routeProvider, $locationProvider) {
$routeProvider.when("/", {
templateUrl: "pages/home.html",
controller: "mainController"
})
.when("/about", {
templateUrl: "pages/about.html",
controller: "mainController"
})
.when("/register", {
templateUrl: "pages/register.html",
controller: "mainController"
})
.when("/login", {
templateUrl: "pages/login.html",
controller: "mainController"
})
.when("/chat", {
templateUrl: "pages/chat.html",
controller: "mainController"
})
.when("/updates", {
templateUrl: "pages/updates.html",
controller: "mainController"
})
.when("/problems", {
templateUrl: "pages/problems.html",
controller: "mainController"
})
.when("/programming", {
templateUrl: "pages/programming.html",
controller: "mainController"
})
.when("/shell", {
templateUrl: "pages/shell.html",
controller: "mainController"
})
.when("/rules", {
templateUrl: "pages/rules.html",
controller: "mainController"
})
.when("/scoreboard", {
templateUrl: "pages/scoreboard.html",
controller: "mainController"
});
$locationProvider.html5Mode(true);
$routeProvider.when("/", {
templateUrl: "pages/home.html",
controller: "mainController"
})
.when("/about", {
templateUrl: "pages/about.html",
controller: "mainController"
})
.when("/register", {
templateUrl: "pages/register.html",
controller: "mainController"
})
.when("/login", {
templateUrl: "pages/login.html",
controller: "mainController"
})
.when("/chat", {
templateUrl: "pages/chat.html",
controller: "mainController"
})
.when("/updates", {
templateUrl: "pages/updates.html",
controller: "mainController"
})
.when("/problems", {
templateUrl: "pages/problems.html",
controller: "mainController"
})
.when("/programming", {
templateUrl: "pages/programming.html",
controller: "mainController"
})
.when("/shell", {
templateUrl: "pages/shell.html",
controller: "mainController"
})
.when("/rules", {
templateUrl: "pages/rules.html",
controller: "mainController"
})
.when("/scoreboard", {
templateUrl: "pages/scoreboard.html",
controller: "mainController"
});
$locationProvider.html5Mode(true);
});
app.controller("mainController", function($scope) {
});
function display_message(containerId, alertType, message, callback) {
$("#" + containerId).html('<div class="alert alert-' + alertType + '">' + message + '</div>');
$("#" + containerId).hide().slideDown("fast", "swing", function() {
window.setTimeout(function () {
$("#" + containerId).slideUp("fast", "swing", callback);
});
}, 2000);
}

View file

@ -4,13 +4,16 @@ $("#login-form").on("submit", function(e) {
});
function login(email, password) {
$("#login").attr("disabled", "disabled");
$.post("/api/user/login", {
email: email,
password: password
}, function(data) {
$("#status").text(data.message);
if (data.success == 1) {
display_message("status", "success", "Success!", function() {$("#login").removeAttr("disabled");});
// wait then redirect or whatever
} else {
display_message("status", "danger", data.message, function() {$("#login").removeAttr("disabled");});
}
});
}

View file

@ -4,6 +4,7 @@ $("#registration-form").on("submit", function(e) {
});
function register(name, username, password, password_confirm, email, captcha_response) {
$("#register").attr("disabled", "disabled");
$.post("/api/user/register", {
name: name,
username: username,
@ -14,8 +15,10 @@ function register(name, username, password, password_confirm, email, captcha_res
}, function(data) {
$("#status").text(data.message);
if (data.success == 1) {
display_message("status", "success", "Success!", function() {$("#register").removeAttr("disabled")});
// wait then redirect or whatever
} else {
display_message("status", "danger", data.message, function() {$("#register").removeAttr("disabled")});
grecaptcha.reset();
}
});

View file

@ -4,7 +4,7 @@
<form id="login-form">
<input type="text" class="form-control" placeholder="Email" id="email">
<input type="password" id="password" name="password" placeholder="Password" class="form-control">
<input type="submit" class="btn btn-lg btn-success" value="Login">
<input id="login" type="submit" class="btn btn-lg btn-success" value="Login">
</form>
</div>
<div id="status"></div>

View file

@ -51,14 +51,14 @@
<br>
</div>
<div id="status"></div>
<label>I have read and I agree to <a href="/rules" target="_blank">EasyCTF Rules</a>.</label>
<br>
<br>
<input class="style2" type="checkbox" class="form-control" value="didRead">
<br>
<input class="style3" type="submit" class="btn btn-lg btn-success" value="Register">
<input id="register" class="style3" type="submit" class="btn btn-lg btn-success" value="Register">
</div>
</form>
<div id="status"></div>
</div>
</div>