Merge branch 'master' of https://www.github.com/failedxyz/easyctf
This commit is contained in:
commit
f85b55e19b
5 changed files with 71 additions and 12 deletions
|
@ -6,14 +6,6 @@ from flask import session
|
||||||
|
|
||||||
class WebException(Exception): pass
|
class WebException(Exception): pass
|
||||||
|
|
||||||
def admins_only(f):
|
|
||||||
@wraps(f)
|
|
||||||
def decorated_function(*args, **kwargs):
|
|
||||||
if "admin" not in session and not session["admin"]:
|
|
||||||
return { "success": 0, "message": "Not authorized." }
|
|
||||||
return f(*args, **kwargs)
|
|
||||||
return decorated_function
|
|
||||||
|
|
||||||
def api_wrapper(f):
|
def api_wrapper(f):
|
||||||
@wraps(f)
|
@wraps(f)
|
||||||
def wrapper(*args, **kwds):
|
def wrapper(*args, **kwds):
|
||||||
|
@ -30,3 +22,21 @@ def api_wrapper(f):
|
||||||
web_result = { "success": 0, "message": "Something went wrong! Please notify us about this immediately.", str(error): traceback.format_exc() }
|
web_result = { "success": 0, "message": "Something went wrong! Please notify us about this immediately.", str(error): traceback.format_exc() }
|
||||||
return json.dumps(web_result), response, { "Content-Type": "application/json; charset=utf-8" }
|
return json.dumps(web_result), response, { "Content-Type": "application/json; charset=utf-8" }
|
||||||
return wrapper
|
return wrapper
|
||||||
|
|
||||||
|
import user # Must go below api_wrapper to prevent import loops
|
||||||
|
|
||||||
|
def login_required(f):
|
||||||
|
@wraps(f)
|
||||||
|
def decorated_function(*args, **kwargs):
|
||||||
|
if not user.is_logged_in():
|
||||||
|
return { "success": 0, "message": "Not logged in." }
|
||||||
|
return f(*args, **kwargs)
|
||||||
|
return decorated_function
|
||||||
|
|
||||||
|
def admins_only(f):
|
||||||
|
@wraps(f)
|
||||||
|
def decorated_function(*args, **kwargs):
|
||||||
|
if not user.is_admin():
|
||||||
|
return { "success": 0, "message": "Not authorized." }
|
||||||
|
return f(*args, **kwargs)
|
||||||
|
return decorated_function
|
||||||
|
|
|
@ -4,7 +4,7 @@ from flask import Blueprint, session, request
|
||||||
from flask import current_app as app
|
from flask import current_app as app
|
||||||
|
|
||||||
from models import db, Problems, Solves, Teams
|
from models import db, Problems, Solves, Teams
|
||||||
from decorators import admins_only, api_wrapper
|
from decorators import admins_only, api_wrapper, login_required
|
||||||
|
|
||||||
blueprint = Blueprint("problem", __name__)
|
blueprint = Blueprint("problem", __name__)
|
||||||
|
|
||||||
|
@ -72,6 +72,7 @@ def problem_update():
|
||||||
|
|
||||||
@blueprint.route("/submit", methods=["POST"])
|
@blueprint.route("/submit", methods=["POST"])
|
||||||
@api_wrapper
|
@api_wrapper
|
||||||
|
@login_required
|
||||||
def problem_submit():
|
def problem_submit():
|
||||||
pid = request.form["pid"]
|
pid = request.form["pid"]
|
||||||
flag = request.form["flag"]
|
flag = request.form["flag"]
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from flask import Blueprint, session, request
|
from flask import Blueprint, session, request, redirect, url_for
|
||||||
from flask import current_app as app
|
from flask import current_app as app
|
||||||
|
|
||||||
from models import db, Users
|
from models import db, Users
|
||||||
|
@ -66,6 +66,22 @@ def user_login():
|
||||||
else:
|
else:
|
||||||
return { "success": 0, "message": "Invalid credentials." }
|
return { "success": 0, "message": "Invalid credentials." }
|
||||||
|
|
||||||
|
@blueprint.route("/status", methods=["POST"])
|
||||||
|
@api_wrapper
|
||||||
|
def user_status():
|
||||||
|
status = {
|
||||||
|
"logged_in": is_logged_in(),
|
||||||
|
"admin": is_admin(),
|
||||||
|
"username": session["username"] if is_logged_in() else "",
|
||||||
|
}
|
||||||
|
return status
|
||||||
|
|
||||||
|
def is_logged_in():
|
||||||
|
return "logged_in" in session and session["logged_in"]
|
||||||
|
|
||||||
|
def is_admin():
|
||||||
|
return "admin" in session and session["admin"]
|
||||||
|
|
||||||
def add_user(name, username, email, password):
|
def add_user(name, username, email, password):
|
||||||
user = Users(name, username, email, password)
|
user = Users(name, username, email, password)
|
||||||
db.session.add(user)
|
db.session.add(user)
|
||||||
|
|
|
@ -66,14 +66,22 @@
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<li>
|
<li id="login_link" style="display:none">
|
||||||
<a href="/login">
|
<a href="/login">
|
||||||
<span class="fa fa-sign-in"></span> Login</a>
|
<span class="fa fa-sign-in"></span> Login</a>
|
||||||
</li>
|
</li>
|
||||||
<li>
|
<li id="register_link" style="display:none">
|
||||||
<a href="/register">
|
<a href="/register">
|
||||||
<span class="fa fa-pencil"></span> Register</a>
|
<span class="fa fa-pencil"></span> Register</a>
|
||||||
</li>
|
</li>
|
||||||
|
<li id="account_link" style="display:none">
|
||||||
|
<a href="/account">
|
||||||
|
<span class="fa fa-pencil"></span> Account</a>
|
||||||
|
</li>
|
||||||
|
<li id="logout" style="display:none">
|
||||||
|
<a href="/api/user/logout">
|
||||||
|
<span class="fa fa-pencil"></span> Logout</a>
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -58,3 +58,27 @@ function display_message(containerId, alertType, message, callback) {
|
||||||
});
|
});
|
||||||
}, 2000);
|
}, 2000);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function load_navbar() {
|
||||||
|
$.post("/api/user/status", {
|
||||||
|
},
|
||||||
|
function(data) {
|
||||||
|
if (data.logged_in) {
|
||||||
|
$("#logout").show();
|
||||||
|
$("#account_link").show();
|
||||||
|
} else {
|
||||||
|
$("#login_link").show();
|
||||||
|
$("#register_link").show();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
$("#logout").click(function(e) {
|
||||||
|
e.preventDefault();
|
||||||
|
$.post("/api/user/logout", {
|
||||||
|
}, function (data) {
|
||||||
|
window.location = "/";
|
||||||
|
});
|
||||||
|
})
|
||||||
|
|
||||||
|
$(document).ready( load_navbar() );
|
||||||
|
|
Loading…
Reference in a new issue