diff --git a/server/api/decorators.py b/server/api/decorators.py index 546ff55..44552cf 100644 --- a/server/api/decorators.py +++ b/server/api/decorators.py @@ -6,25 +6,14 @@ from flask import session class WebException(Exception): pass -def login_required(f): - @wraps(f) - def decorated_function(*args, **kwargs): - return f(*args, **kwargs) - return decorated_function - def admins_only(f): @wraps(f) def decorated_function(*args, **kwargs): + if "admin" not in session and not session["admin"]: + return { "success": 0, "message": "Not authorized." } return f(*args, **kwargs) return decorated_function -def check_csrf(f): - @wraps(f) - @login_required - def wrapper(*args, **kwds): - return f(*args, **kwds) - return wrapper - def api_wrapper(f): @wraps(f) def wrapper(*args, **kwds): diff --git a/server/api/problem.py b/server/api/problem.py index d55a1f5..5aa9820 100644 --- a/server/api/problem.py +++ b/server/api/problem.py @@ -4,7 +4,7 @@ from flask import Blueprint, session, request from flask import current_app as app from models import db, Problems, Solves, Teams -from decorators import admins_only, api_wrapper, login_required +from decorators import admins_only, api_wrapper blueprint = Blueprint("problem", __name__) @@ -72,7 +72,6 @@ def problem_update(): @blueprint.route("/submit", methods=["POST"]) @api_wrapper -@login_required def problem_submit(): pid = request.form["pid"] flag = request.form["flag"] diff --git a/server/api/user.py b/server/api/user.py index 1cdbe45..9a07f05 100644 --- a/server/api/user.py +++ b/server/api/user.py @@ -59,7 +59,8 @@ def user_login(): if utils.check_password(user.password, password): session["username"] = user.username - session["admin"] = user.admin + if user.admin: + session["admin"] = True session["logged_in"] = True return { "success": 1, "message": "Success!" } else: diff --git a/web/js/admin/problem.js b/web/js/admin/problem.js new file mode 100644 index 0000000..2adbfb1 --- /dev/null +++ b/web/js/admin/problem.js @@ -0,0 +1,11 @@ +function add_problem(name, category, description, hint, flag, value) { + $.post("/api/problem/add", { + name: name, + category: category, + hint: hint, + flag: flag, + value: value + }, function(data) { + + }) +} diff --git a/web/js/easyctf.js b/web/js/easyctf.js index 3f42a83..1237680 100644 --- a/web/js/easyctf.js +++ b/web/js/easyctf.js @@ -1,51 +1,60 @@ var app = angular.module("easyctf", [ "ngRoute" ]); app.config(function($routeProvider, $locationProvider) { - $routeProvider.when("/", { - templateUrl: "pages/home.html", - controller: "mainController" - }) - .when("/about", { - templateUrl: "pages/about.html", - controller: "mainController" - }) - .when("/register", { - templateUrl: "pages/register.html", - controller: "mainController" - }) - .when("/login", { - templateUrl: "pages/login.html", - controller: "mainController" - }) - .when("/chat", { - templateUrl: "pages/chat.html", - controller: "mainController" - }) - .when("/updates", { - templateUrl: "pages/updates.html", - controller: "mainController" - }) - .when("/problems", { - templateUrl: "pages/problems.html", - controller: "mainController" - }) - .when("/programming", { - templateUrl: "pages/programming.html", - controller: "mainController" - }) - .when("/shell", { - templateUrl: "pages/shell.html", - controller: "mainController" - }) - .when("/rules", { - templateUrl: "pages/rules.html", - controller: "mainController" - }) - .when("/scoreboard", { - templateUrl: "pages/scoreboard.html", - controller: "mainController" - }); - $locationProvider.html5Mode(true); + $routeProvider.when("/", { + templateUrl: "pages/home.html", + controller: "mainController" + }) + .when("/about", { + templateUrl: "pages/about.html", + controller: "mainController" + }) + .when("/register", { + templateUrl: "pages/register.html", + controller: "mainController" + }) + .when("/login", { + templateUrl: "pages/login.html", + controller: "mainController" + }) + .when("/chat", { + templateUrl: "pages/chat.html", + controller: "mainController" + }) + .when("/updates", { + templateUrl: "pages/updates.html", + controller: "mainController" + }) + .when("/problems", { + templateUrl: "pages/problems.html", + controller: "mainController" + }) + .when("/programming", { + templateUrl: "pages/programming.html", + controller: "mainController" + }) + .when("/shell", { + templateUrl: "pages/shell.html", + controller: "mainController" + }) + .when("/rules", { + templateUrl: "pages/rules.html", + controller: "mainController" + }) + .when("/scoreboard", { + templateUrl: "pages/scoreboard.html", + controller: "mainController" + }); + $locationProvider.html5Mode(true); }); app.controller("mainController", function($scope) { }); + +function display_message(containerId, alertType, message, callback) { + $("#" + containerId).html('
' + message + '
'); + $("#" + containerId).hide().slideDown("fast", "swing", function() { + window.setTimeout(function () { + $("#" + containerId).slideUp("fast", "swing", callback); + }); + }, 2000); +} diff --git a/web/js/login.js b/web/js/login.js index f0335cb..fc6e65e 100644 --- a/web/js/login.js +++ b/web/js/login.js @@ -4,13 +4,16 @@ $("#login-form").on("submit", function(e) { }); function login(email, password) { + $("#login").attr("disabled", "disabled"); $.post("/api/user/login", { email: email, password: password }, function(data) { - $("#status").text(data.message); if (data.success == 1) { + display_message("status", "success", "Success!", function() {$("#login").removeAttr("disabled");}); // wait then redirect or whatever + } else { + display_message("status", "danger", data.message, function() {$("#login").removeAttr("disabled");}); } }); } diff --git a/web/js/register.js b/web/js/register.js index be3fb03..bf1fcf4 100644 --- a/web/js/register.js +++ b/web/js/register.js @@ -4,6 +4,7 @@ $("#registration-form").on("submit", function(e) { }); function register(name, username, password, password_confirm, email, captcha_response) { + $("#register").attr("disabled", "disabled"); $.post("/api/user/register", { name: name, username: username, @@ -14,8 +15,10 @@ function register(name, username, password, password_confirm, email, captcha_res }, function(data) { $("#status").text(data.message); if (data.success == 1) { + display_message("status", "success", "Success!", function() {$("#register").removeAttr("disabled")}); // wait then redirect or whatever } else { + display_message("status", "danger", data.message, function() {$("#register").removeAttr("disabled")}); grecaptcha.reset(); } }); diff --git a/web/pages/login.html b/web/pages/login.html index 388e6a6..d968590 100644 --- a/web/pages/login.html +++ b/web/pages/login.html @@ -4,7 +4,7 @@
- +
diff --git a/web/pages/register.html b/web/pages/register.html index 8556dae..a991da4 100644 --- a/web/pages/register.html +++ b/web/pages/register.html @@ -51,14 +51,14 @@
-



- + +