Minor refactor

server/api/decorators.py

@@ -40,7 +40,7 @@ def api_wrapper(f):
 		response = make_response(result)
 
 		# Setting CSRF token
-		if "token" not in session:
+		if "csrf_token" not in session:
 			token = utils.generate_string()
 			response.set_cookie("csrf_token", token)
 			session["csrf_token"] = token

server/api/problem.py

@@ -7,7 +7,7 @@ from flask import current_app as app
 from werkzeug import secure_filename
 
 from models import db, Files, Problems, Solves, Teams
-from decorators import admins_only, api_wrapper, login_required
+from decorators import admins_only, api_wrapper, login_required, WebException
 
 blueprint = Blueprint("problem", __name__)
 
@@ -24,7 +24,7 @@ def problem_add():
 
     name_exists = Problems.query.filter_by(name=name).first()
     if name_exists:
-        return { "success": 0, "message": "Problem name already taken." }
+        raise WebException("Problem name already taken.")
     problem = Problems(name, category, description, hint, flag, value)
     db.session.add(problem)
     db.session.commit()
@@ -57,7 +57,7 @@ def problem_delete():
         Problems.query.filter_by(pid=pid).delete()
         db.session.commit()
         return { "success": 1, "message": "Success!" }
-    return { "success": 0, "message": "Problem does not exist!" }
+    raise WebException("Problem does not exist!")
 
 @blueprint.route("/update", methods=["POST"])
 @admins_only
@@ -86,7 +86,7 @@ def problem_update():
         db.session.commit()
 
         return { "success": 1, "message": "Success!" }
-    return { "success": 0, "message": "Problem does not exist!" }
+    raise WebException("Problem does not exist!")
 
 @blueprint.route("/submit", methods=["POST"])
 @api_wrapper
@@ -113,10 +113,10 @@ def problem_submit():
 
         else:
             logger.log("submissions.log", logger.WARNING, "%s has incorrectly submitted %s to %s" % (team.name, flag, problem.name))
-            return { "success": 0, "message": "Incorrect." }
+            raise WebException("Incorrect.")
 
     else:
-        return { "success": 0, "message": "Problem does not exist!" }
+        raise WebException("Problem does not exist!")
 
 @blueprint.route("/data", methods=["POST"])
 #@api_wrapper # Disable atm due to json serialization issues: will fix

server/api/user.py

@@ -27,7 +27,7 @@ def user_forgot_password(token=None):
     if token is not None:
         user = get_user(reset_token=token).first()
         if user is None:
-            return { "success": 0, "message": "Invalid reset token"}
+            raise WebException("Invalid reset token.")
 
         # We are viewing the actual reset form
         if request.method == "GET":
@@ -38,7 +38,7 @@ def user_forgot_password(token=None):
             password = params.get("password")
             confirm_password = params.get("confirm_password")
             if password != confirm_password:
-                return { "success": 0, "message": "Passwords do not match." }
+                raise WebException("Passwords do not match.")
             else:
                 user.password = utils.hash_password(password)
                 user.reset_token = None
@@ -51,7 +51,7 @@ def user_forgot_password(token=None):
 
         user = get_user(email=email).first()
         if user is None:
-            return { "success": 0, "message": "User with that email does not exist." }
+            raise WebException("User with that email does not exist.")
 
         token = utils.generate_string(length=64)
         user.reset_token = token
@@ -66,7 +66,7 @@ def user_forgot_password(token=None):
         if "Queued" in response["message"]:
             return { "success": 1, "message": "Email sent to %s" % email }
         else:
-            return { "success": 0, "message": response["message"] }
+            raise WebException(response["message"])
 
 @blueprint.route("/register", methods=["POST"])
 @api_wrapper