diff --git a/CTFd/utils/initialization/__init__.py b/CTFd/utils/initialization/__init__.py index 158cb87..c10e3b2 100644 --- a/CTFd/utils/initialization/__init__.py +++ b/CTFd/utils/initialization/__init__.py @@ -164,6 +164,32 @@ def init_request_processors(app): else: return redirect(url_for("views.setup")) + @app.before_request + def banned(): + if request.endpoint == "views.themes": + return + + if authed(): + user = get_current_user() + team = get_current_team() + + if user and user.banned: + return ( + render_template( + "errors/403.html", error="You have been banned from this CTF" + ), + 403, + ) + + if team and team.banned: + return ( + render_template( + "errors/403.html", + error="Your team has been banned from this CTF", + ), + 403, + ) + @app.before_request def tracker(): if request.endpoint == "views.themes": @@ -183,29 +209,6 @@ def init_request_processors(app): db.session.rollback() logout_user() - if authed(): - user = get_current_user() - team = get_current_team() - - if request.path.startswith("/themes") is False: - if user and user.banned: - return ( - render_template( - "errors/403.html", - error="You have been banned from this CTF", - ), - 403, - ) - - if team and team.banned: - return ( - render_template( - "errors/403.html", - error="Your team has been banned from this CTF", - ), - 403, - ) - db.session.close() @app.before_request