easyctf/easyctf-2017
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge branch 'master' of https://www.github.com/failedxyz/easyctf

Browse source
This commit is contained in:
Thomas 2016-01-02 13:43:25 -06:00
parent d2322480c0 44473e2fe6
commit f85b55e19b
5 changed files with 71 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
server/api/decorators.py
View file

@ -6,14 +6,6 @@ from flask import session
class WebException(Exception): pass
def admins_only(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if "admin" not in session and not session["admin"]:
return { "success": 0, "message": "Not authorized." }
return f(*args, **kwargs)
return decorated_function
def api_wrapper(f):
@wraps(f)
def wrapper(*args, **kwds):
@ -30,3 +22,21 @@ def api_wrapper(f):
web_result = { "success": 0, "message": "Something went wrong! Please notify us about this immediately.", str(error): traceback.format_exc() }
return json.dumps(web_result), response, { "Content-Type": "application/json; charset=utf-8" }
return wrapper
import user # Must go below api_wrapper to prevent import loops
def login_required(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if not user.is_logged_in():
return { "success": 0, "message": "Not logged in." }
return f(*args, **kwargs)
return decorated_function
def admins_only(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if not user.is_admin():
return { "success": 0, "message": "Not authorized." }
return f(*args, **kwargs)
return decorated_function

3
server/api/problem.py
View file

@ -4,7 +4,7 @@ from flask import Blueprint, session, request
from flask import current_app as app
from models import db, Problems, Solves, Teams
from decorators import admins_only, api_wrapper
from decorators import admins_only, api_wrapper, login_required
blueprint = Blueprint("problem", __name__)
@ -72,6 +72,7 @@ def problem_update():
@blueprint.route("/submit", methods=["POST"])
@api_wrapper
@login_required
def problem_submit():
pid = request.form["pid"]
flag = request.form["flag"]

18
server/api/user.py
View file

@ -1,4 +1,4 @@
from flask import Blueprint, session, request
from flask import Blueprint, session, request, redirect, url_for
from flask import current_app as app
from models import db, Users
@ -66,6 +66,22 @@ def user_login():
else:
return { "success": 0, "message": "Invalid credentials." }
@blueprint.route("/status", methods=["POST"])
@api_wrapper
def user_status():
status = {
"logged_in": is_logged_in(),
"admin": is_admin(),
"username": session["username"] if is_logged_in() else "",
}
return status
def is_logged_in():
return "logged_in" in session and session["logged_in"]
def is_admin():
return "admin" in session and session["admin"]
def add_user(name, username, email, password):
user = Users(name, username, email, password)
db.session.add(user)

12
web/index.html
View file

@ -66,14 +66,22 @@
</li>
</ul>
</li>
<li>
<li id="login_link" style="display:none">
<a href="/login">
<span class="fa fa-sign-in"></span>&nbsp;&nbsp;Login</a>
</li>
<li>
<li id="register_link" style="display:none">
<a href="/register">
<span class="fa fa-pencil"></span>&nbsp;&nbsp;Register</a>
</li>
<li id="account_link" style="display:none">
<a href="/account">
<span class="fa fa-pencil"></span>&nbsp;&nbsp;Account</a>
</li>
<li id="logout" style="display:none">
<a href="/api/user/logout">
<span class="fa fa-pencil"></span>&nbsp;&nbsp;Logout</a>
</li>
</ul>
</div>
</div>

24
web/js/easyctf.js
View file

@ -58,3 +58,27 @@ function display_message(containerId, alertType, message, callback) {
});
}, 2000);
}
function load_navbar() {
$.post("/api/user/status", {
},
function(data) {
if (data.logged_in) {
$("#logout").show();
$("#account_link").show();
} else {
$("#login_link").show();
$("#register_link").show();
}
});
}
$("#logout").click(function(e) {
e.preventDefault();
$.post("/api/user/logout", {
}, function (data) {
window.location = "/";
});
})
$(document).ready( load_navbar() );