Replacing hardcoded redirects with url_for()

selenium-screenshot-testing
CodeKevin 2016-01-08 21:28:45 -05:00
parent 23d9a57809
commit ac6e5b8c4f
5 changed files with 32 additions and 25 deletions

View File

@ -34,10 +34,10 @@ def admin_view():
session['admin'] = True
session['nonce'] = sha512(os.urandom(10))
db.session.close()
return redirect('/admin/graphs')
return redirect(url_for('admin.admin_graphs'))
if is_admin():
return redirect('/admin/graphs')
return redirect(url_for('admin.admin_graphs'))
return render_template('admin/login.html')
@ -90,7 +90,7 @@ def admin_config():
db.session.add(db_end)
db.session.commit()
return redirect('/admin/config')
return redirect(url_for('admin.admin_config'))
ctf_name = get_config('ctf_name')
if not ctf_name:
@ -173,11 +173,11 @@ def admin_pages(route):
page.route = route
page.html = html
db.session.commit()
return redirect('/admin/pages')
return redirect(url_for('admin.admin_pages'))
page = Pages(route, html)
db.session.add(page)
db.session.commit()
return redirect('/admin/pages')
return redirect(url_for('admin.admin_pages'))
pages = Pages.query.all()
return render_template('admin/pages.html', routes=pages, css=get_config('css'))
@ -305,7 +305,7 @@ def admin_files(chalid):
db.session.commit()
db.session.close()
return redirect('/admin/chals')
return redirect(url_for('admin.admin_chals'))
@admin.route('/admin/teams', defaults={'page':'1'})
@ -395,7 +395,7 @@ def ban(teamid):
user = Teams.query.filter_by(id=teamid).first()
user.banned = 1
db.session.commit()
return redirect('/admin/scoreboard')
return redirect(url_for('admin.admin_scoreboard'))
@admin.route('/admin/team/<teamid>/unban', methods=['POST'])
@ -404,7 +404,7 @@ def unban(teamid):
user = Teams.query.filter_by(id=teamid).first()
user.banned = None
db.session.commit()
return redirect('/admin/scoreboard')
return redirect(url_for('admin.admin_scoreboard'))
@admin.route('/admin/team/<teamid>/delete', methods=['POST'])
@ -591,7 +591,7 @@ def admin_create_chal():
db.session.commit()
db.session.close()
return redirect('/admin/chals')
return redirect(url_for('admin.admin_chals'))
@admin.route('/admin/chal/delete', methods=['POST'])
@ -625,4 +625,4 @@ def admin_update_chal():
db.session.add(challenge)
db.session.commit()
db.session.close()
return redirect('/admin/chals')
return redirect(url_for('admin.admin_chals'))

View File

@ -29,7 +29,7 @@ def reset_password(data=None):
team.password = bcrypt_sha256.encrypt(request.form['password'].strip())
db.session.commit()
db.session.close()
return redirect('/login')
return redirect(url_for('auth.login'))
if request.method == 'POST':
email = request.form['email'].strip()
@ -54,7 +54,7 @@ Did you initiate a password reset?
@auth.route('/register', methods=['POST', 'GET'])
def register():
if not can_register():
return redirect('/login')
return redirect(url_for('auth.login'))
if request.method == 'POST':
errors = []
name = request.form['name']
@ -88,6 +88,13 @@ def register():
team = Teams(name, email, password)
db.session.add(team)
db.session.commit()
db.session.flush()
session['username'] = team.name
session['id'] = team.id
session['admin'] = team.admin
session['nonce'] = sha512(os.urandom(10))
if mailserver():
sendmail(request.form['email'], "You've successfully registered for the CTF")
@ -95,7 +102,7 @@ def register():
logger = logging.getLogger('regs')
logger.warn("[{0}] {1} registered with {2}".format(time.strftime("%m/%d/%Y %X"), request.form['name'].encode('utf-8'), request.form['email'].encode('utf-8')))
return redirect('/login')
return redirect(url_for('challenges.challenges_view'))
else:
return render_template('register.html')
@ -120,9 +127,9 @@ def login():
logger = logging.getLogger('logins')
logger.warn("[{0}] {1} logged in".format(time.strftime("%m/%d/%Y %X"), session['username'].encode('utf-8')))
# if request.args.get('next') and is_safe_url(request.args.get('next')):
# return redirect(request.args.get('next'))
return redirect('/team/{0}'.format(team.id))
if request.args.get('next') and is_safe_url(request.args.get('next')):
return redirect(request.args.get('next'))
return redirect(url_for('challenges.challenges_view'))
else:
errors.append("That account doesn't seem to exist")
db.session.close()

View File

@ -22,7 +22,7 @@ def challenges_view():
if can_view_challenges():
return render_template('chals.html', ctftime=ctftime())
else:
return redirect('/login')
return redirect(url_for('auth.login', next='challenges'))
@challenges.route('/chals', methods=['GET'])
@ -45,7 +45,7 @@ def chals():
return jsonify(json)
else:
db.session.close()
return redirect('/login')
return redirect(url_for('auth.login', next='chals'))
@challenges.route('/chals/solves')
@ -56,7 +56,7 @@ def chals_per_solves():
for chal, count in solves:
json[chal.chal.name] = count
return jsonify(json)
return redirect('/login')
return redirect(url_for('auth.login', next='chals/solves'))
@challenges.route('/solves')
@ -108,7 +108,7 @@ def who_solved(chalid):
@challenges.route('/chal/<chalid>', methods=['POST'])
def chal(chalid):
if not ctftime():
return redirect('/challenges')
return redirect(url_for('challenges.challenges_view'))
if authed():
fails = WrongKeys.query.filter_by(team=session['id'], chalid=chalid).count()
logger = logging.getLogger('keys')

View File

@ -96,7 +96,7 @@ def init_utils(app):
if request.path == '/setup' or request.path.startswith('/static'):
return
if not is_setup():
return redirect('/setup')
return redirect(url_for('views.setup'))
def ctf_name():
@ -140,7 +140,7 @@ def admins_only(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if session.get('admin', None) is None:
return redirect('/login')
return redirect(url_for('auth.login'))
return f(*args, **kwargs)
return decorated_function

View File

@ -40,7 +40,7 @@ def redirect_setup():
if request.path == "/static/css/style.css":
return
if not is_setup() and request.path != "/setup":
return redirect('/setup')
return redirect(url_for('views.setup'))
@views.route('/setup', methods=['GET', 'POST'])
@ -207,7 +207,7 @@ def profile():
team.country = country
db.session.commit()
db.session.close()
return redirect('/profile')
return redirect(url_for('views.profile'))
else:
user = Teams.query.filter_by(id=session['id']).first()
name = user.name
@ -219,4 +219,4 @@ def profile():
return render_template('profile.html', name=name, email=email, website=website, affiliation=affiliation,
country=country, prevent_name_change=prevent_name_change)
else:
return redirect('/login')
return redirect(url_for('auth.login'))