updates

2015-12-25 23:48:20 -06:00 · 2015-12-25 23:48:20 -06:00 · e3b20830b5
commit e3b20830b5
parent b7d4196e1b
3 changed files with 54 additions and 48 deletions
--- a/ctf.nginx
+++ b/ctf.nginx
@ -11,6 +11,8 @@ server {
 	# location / {
 	# 	try_files $uri $uri/ =404;
 	# }
 	# Put all the pages here so Angular doesn't fail.
 	location ~^/(about|login|register)$ {
 		default_type text/html;
 		try_files /index.html /index.html;
--- a/3
+++ b/3
@ -3,8 +3,9 @@
 echo "Stopping the server..."
 pkill gunicorn
 sudo service nginx stop
 tmux kill-session -t ctf
 echo "Starting the server..."
 cd /home/vagrant/server
 sudo service nginx start
-gunicorn "app:app" -c /home/vagrant/scripts/gunicorn.py.ini
+tmux new-session -s ctf -d 'gunicorn "app:app" -c /home/vagrant/scripts/gunicorn.py.ini'
--- a/server/api/user.py
+++ b/server/api/user.py
@ -4,6 +4,7 @@ from flask import current_app as app
 from models import db, Users
 from utils import api_wrapper
 import logging
 import requests
 import utils
@ -12,68 +13,70 @@ blueprint = Blueprint("user", __name__)
@blueprint.route("/register", methods=["POST"])
@api_wrapper
 def user_register():
-    if not validate_captcha(request.form):
+	if not validate_captcha(request.form):
-        return { "success": 0, "message": "Please do the captcha." }
+		return { "success": 0, "message": "Please do the captcha." }
-    name = request.form["name"]
+	name = request.form["name"]
-    username = request.form["username"]
+	username = request.form["username"]
-    password = request.form["password"]
+	password = request.form["password"]
-    password_confirm = request.form["password_confirm"]
+	password_confirm = request.form["password_confirm"]
-    email = request.form["email"]
+	email = request.form["email"]
-    username_exists = Users.query.add_columns("name", "uid").filter_by(username_lower=username.lower()).first()
+	username_exists = Users.query.add_columns("name", "uid").filter_by(username_lower=username.lower()).first()
-    email_exists = Users.query.add_columns("name", "uid").filter_by(email=email).first()
+	email_exists = Users.query.add_columns("name", "uid").filter_by(email=email).first()
-    if password != password_confirm:
+	if password != password_confirm:
-        return { "success": 0, "message": "Passwords do not match." }
+		return { "success": 0, "message": "Passwords do not match." }
-    if len(password) > 128:
+	if len(password) > 128:
-        return { "success": 0, "message": "Password is too long." }
+		return { "success": 0, "message": "Password is too long." }
-    if len(password) == 0:
+	if len(password) == 0:
-        return { "success": 0, "message": "Password is too short." }
+		return { "success": 0, "message": "Password is too short." }
-    if len(username) > 64:
+	if len(username) > 64:
-        return { "success": 0, "message": "Username is too long." }
+		return { "success": 0, "message": "Username is too long." }
-    if username_exists:
+	if username_exists:
-        return { "success": 0, "message": "Username is already taken." }
+		return { "success": 0, "message": "Username is already taken." }
-    if email_exists:
+	if email_exists:
-        return { "success": 0, "message": "Email has already been used." }
+		return { "success": 0, "message": "Email has already been used." }
-    add_user(name, username, email, password)
+	add_user(name, username, email, password)
 	logger = logging.getLogger("regs")
 	logger.warn("[{0}] {1} registered with {2}".format(time.strftime("%m/%d/%Y %X"), name.encode("utf-8"), email.encode("utf-8")))
-    return { "success": 1, "message": "Success!" }
+	return { "success": 1, "message": "Success!" }
@blueprint.route("/logout", methods=["POST"])
@api_wrapper
 def user_logout():
-    session.clear()
+	session.clear()
@blueprint.route("/login", methods=["POST"])
@api_wrapper
 def user_login():
-    email = request.form["email"]
+	email = request.form["email"]
-    password = request.form["password"]
+	password = request.form["password"]
-    user = Users.query.filter_by(email=email).first()
+	user = Users.query.filter_by(email=email).first()
-    if user is None:
+	if user is None:
-        return { "success": 0, "message": "Invalid credentials." }
+		return { "success": 0, "message": "Invalid credentials." }
-    if utils.check_password(user.password, password):
+	if utils.check_password(user.password, password):
-        session["username"] = user.username
+		session["username"] = user.username
-        session["admin"] = user.admin
+		session["admin"] = user.admin
-        session["logged_in"] = True
+		session["logged_in"] = True
-        return { "success": 1, "message": "Success!" }
+		return { "success": 1, "message": "Success!" }
-    else:
+	else:
-        return { "success": 0, "message": "Invalid credentials." }
+		return { "success": 0, "message": "Invalid credentials." }
 def add_user(name, username, email, password):
-    user = Users(name, username, email, password)
+	user = Users(name, username, email, password)
-    db.session.add(user)
+	db.session.add(user)
-    db.session.commit()
+	db.session.commit()
 def validate_captcha(form):
-    if "captcha_response" not in form:
+	if "captcha_response" not in form:
-        return False
+		return False
-    captcha_response = form["captcha_response"]
+	captcha_response = form["captcha_response"]
-    data = {"secret": "6Lc4xhMTAAAAACFaG2NyuKoMdZQtSa_1LI76BCEu", "response": captcha_response}
+	data = {"secret": "6Lc4xhMTAAAAACFaG2NyuKoMdZQtSa_1LI76BCEu", "response": captcha_response}
-    response = requests.post("https://www.google.com/recaptcha/api/siteverify", data=data)
+	response = requests.post("https://www.google.com/recaptcha/api/siteverify", data=data)
-    if response.json()["success"]:
+	if response.json()["success"]:
-        return True
+		return True
-    return False
+	return False