Merge branch 'master' of https://www.github.com/failedxyz/easyctf

2016-01-02 12:45:47 -06:00 · 2016-01-02 12:45:47 -06:00 · d47f6274d9
commit d47f6274d9
parent 668ebf8456 3fd098226f
9 changed files with 80 additions and 65 deletions
--- a/server/api/decorators.py
+++ b/server/api/decorators.py
@ -6,25 +6,14 @@ from flask import session
 class WebException(Exception): pass
 def login_required(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        return f(*args, **kwargs)
    return decorated_function
 def admins_only(f):
    @wraps(f)
    def decorated_function(*args, **kwargs):
        if "admin" not in session and not session["admin"]:
            return { "success": 0, "message": "Not authorized." }
        return f(*args, **kwargs)
    return decorated_function
 def check_csrf(f):
    @wraps(f)
    @login_required
    def wrapper(*args, **kwds):
        return f(*args, **kwds)
    return wrapper
 def api_wrapper(f):
    @wraps(f)
    def wrapper(*args, **kwds):
--- a/server/api/problem.py
+++ b/server/api/problem.py
@ -4,7 +4,7 @@ from flask import Blueprint, session, request
 from flask import current_app as app
 from models import db, Problems, Solves, Teams
-from decorators import admins_only, api_wrapper, login_required
+from decorators import admins_only, api_wrapper
 blueprint = Blueprint("problem", __name__)
@ -72,7 +72,6 @@ def problem_update():
@blueprint.route("/submit", methods=["POST"])
@api_wrapper
@login_required
 def problem_submit():
    pid = request.form["pid"]
    flag = request.form["flag"]
--- a/server/api/user.py
+++ b/server/api/user.py
@ -59,7 +59,8 @@ def user_login():
    if utils.check_password(user.password, password):
        session["username"] = user.username
-        session["admin"] = user.admin
+        if user.admin:
            session["admin"] = True
        session["logged_in"] = True
        return { "success": 1, "message": "Success!" }
    else:
--- a/web/js/admin/problem.js
+++ b/web/js/admin/problem.js
@ -0,0 +1,11 @@
 function add_problem(name, category, description, hint, flag, value) {
    $.post("/api/problem/add", {
        name: name,
        category: category,
        hint: hint,
        flag: flag,
        value: value
    }, function(data) {
    })
 }
--- a/web/js/easyctf.js
+++ b/web/js/easyctf.js
@ -49,3 +49,12 @@ app.config(function($routeProvider, $locationProvider) {
 app.controller("mainController", function($scope) {
 });
 function display_message(containerId, alertType, message, callback) {
    $("#" + containerId).html('<div class="alert alert-' + alertType + '">' + message + '</div>');
    $("#" + containerId).hide().slideDown("fast", "swing", function() {
        window.setTimeout(function () {
            $("#" + containerId).slideUp("fast", "swing", callback);
        });
    }, 2000);
 }
--- a/web/js/login.js
+++ b/web/js/login.js
@ -4,13 +4,16 @@ $("#login-form").on("submit", function(e) {
 });
 function login(email, password) {
    $("#login").attr("disabled", "disabled");
    $.post("/api/user/login", {
        email: email,
        password: password
    }, function(data) {
        $("#status").text(data.message);
        if (data.success == 1) {
            display_message("status", "success", "Success!", function() {$("#login").removeAttr("disabled");});
            // wait then redirect or whatever
        } else {
            display_message("status", "danger", data.message, function() {$("#login").removeAttr("disabled");});
        }
    });
 }
--- a/web/js/register.js
+++ b/web/js/register.js
@ -4,6 +4,7 @@ $("#registration-form").on("submit", function(e) {
 });
 function register(name, username, password, password_confirm, email, captcha_response) {
    $("#register").attr("disabled", "disabled");
    $.post("/api/user/register", {
        name: name,
        username: username,
@ -14,8 +15,10 @@ function register(name, username, password, password_confirm, email, captcha_res
    }, function(data) {
        $("#status").text(data.message);
        if (data.success == 1) {
            display_message("status", "success", "Success!", function() {$("#register").removeAttr("disabled")});
            // wait then redirect or whatever
        } else {
            display_message("status", "danger", data.message, function() {$("#register").removeAttr("disabled")});
            grecaptcha.reset();
        }
    });
--- a/web/pages/login.html
+++ b/web/pages/login.html
@ -4,7 +4,7 @@
 		<form id="login-form">
 			<input type="text" class="form-control" placeholder="Email" id="email">
 			<input type="password" id="password" name="password" placeholder="Password" class="form-control">
-			<input type="submit" class="btn btn-lg btn-success" value="Login">
+			<input id="login" type="submit" class="btn btn-lg btn-success" value="Login">
 		</form>
 	</div>
 	<div id="status"></div>
--- a/web/pages/register.html
+++ b/web/pages/register.html
@ -51,14 +51,14 @@
 					<br>
 				</div>
 				<div id="status"></div>
 				<label>I have read and I agree to <a href="/rules" target="_blank">EasyCTF Rules</a>.</label>
 				<br>
 				<br>
 				<input class="style2" type="checkbox" class="form-control" value="didRead">
 				<br>
-				<input class="style3" type="submit" class="btn btn-lg btn-success" value="Register">
+				<input id="register" class="style3" type="submit" class="btn btn-lg btn-success" value="Register">
 			</div>
 		</form>
 		<div id="status"></div>
 	</div>
 </div>