2016-03-14 03:17:21 +00:00
|
|
|
from flask import Flask, render_template, session, redirect, url_for, request, g, flash, jsonify
|
2015-11-10 16:51:45 +00:00
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
import redis
|
2016-03-14 03:15:15 +00:00
|
|
|
import socket
|
2016-07-31 17:27:20 +00:00
|
|
|
import logging
|
2015-11-08 06:10:26 +00:00
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
import config
|
|
|
|
|
|
|
|
from utils import misc, select
|
|
|
|
|
|
|
|
from data.database import db
|
|
|
|
import data
|
|
|
|
|
|
|
|
# Blueprints
|
2016-08-12 11:19:18 +00:00
|
|
|
from routes import api, admin, teams, users, challenges, tickets, scoreboard, shell
|
2015-11-29 02:40:11 +00:00
|
|
|
|
2016-07-15 20:37:03 +00:00
|
|
|
if config.production:
|
|
|
|
logging.basicConfig(level=logging.INFO)
|
|
|
|
else:
|
|
|
|
logging.basicConfig(level=logging.DEBUG)
|
2015-11-08 06:10:26 +00:00
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
app = Flask(__name__)
|
|
|
|
app.secret_key = config.secret.key
|
|
|
|
|
|
|
|
|
|
|
|
app.register_blueprint(api.api)
|
|
|
|
app.register_blueprint(admin.admin)
|
|
|
|
app.register_blueprint(teams.teams)
|
|
|
|
app.register_blueprint(users.users)
|
|
|
|
app.register_blueprint(challenges.challenges)
|
|
|
|
app.register_blueprint(tickets.tickets)
|
|
|
|
app.register_blueprint(scoreboard.scoreboard)
|
2016-08-12 11:19:18 +00:00
|
|
|
app.register_blueprint(shell.shell)
|
2016-07-31 17:27:20 +00:00
|
|
|
|
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
@app.before_request
|
|
|
|
def make_info_available():
|
2016-07-11 22:27:53 +00:00
|
|
|
if "user_id" in session:
|
2016-07-15 21:23:19 +00:00
|
|
|
g.logged_in = True
|
2016-07-31 17:27:20 +00:00
|
|
|
current_user = data.user.get_user(id=session["user_id"])
|
|
|
|
if current_user is not None:
|
|
|
|
g.user = current_user
|
2016-07-11 23:57:43 +00:00
|
|
|
g.user_restricts = g.user.restricts.split(",")
|
2016-07-12 12:03:04 +00:00
|
|
|
g.team = g.user.team
|
|
|
|
g.team_restricts = g.team.restricts.split(",")
|
2016-07-31 17:27:20 +00:00
|
|
|
else:
|
2016-07-15 21:18:14 +00:00
|
|
|
g.logged_in = False
|
2016-07-12 14:24:19 +00:00
|
|
|
session.pop("user_id")
|
2016-07-11 23:57:43 +00:00
|
|
|
return render_template("login.html")
|
2016-07-15 21:14:53 +00:00
|
|
|
else:
|
|
|
|
g.logged_in = False
|
2015-11-08 06:10:26 +00:00
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
@app.context_processor
|
|
|
|
def scoreboard_variables():
|
2016-07-12 14:24:19 +00:00
|
|
|
var = dict(config=config, select=select)
|
2016-07-11 22:27:53 +00:00
|
|
|
if "user_id" in session:
|
2015-11-08 06:10:26 +00:00
|
|
|
var["logged_in"] = True
|
2016-07-11 22:27:53 +00:00
|
|
|
var["user"] = g.user
|
2016-07-12 12:03:04 +00:00
|
|
|
var["team"] = g.team
|
2016-08-03 21:48:04 +00:00
|
|
|
var["notifications"] = data.notification.get_notifications(team=g.team)
|
2015-11-08 06:10:26 +00:00
|
|
|
else:
|
|
|
|
var["logged_in"] = False
|
2015-12-01 04:05:17 +00:00
|
|
|
var["notifications"] = []
|
2015-11-08 06:10:26 +00:00
|
|
|
|
|
|
|
return var
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/')
|
|
|
|
def root():
|
2016-07-15 21:14:53 +00:00
|
|
|
if g.logged_in:
|
2016-08-04 12:30:16 +00:00
|
|
|
return redirect(url_for('teams.dashboard'))
|
2016-07-31 17:27:20 +00:00
|
|
|
return redirect(url_for('users.register'))
|
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
|
2016-04-17 17:18:44 +00:00
|
|
|
@app.route('/chat/')
|
|
|
|
def chat():
|
|
|
|
return render_template("chat.html")
|
|
|
|
|
2015-12-01 04:05:17 +00:00
|
|
|
|
2016-03-14 03:15:15 +00:00
|
|
|
# Debug
|
|
|
|
@app.route('/debug/')
|
|
|
|
def debug_app():
|
|
|
|
return jsonify(hostname=socket.gethostname())
|
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
# Manage Peewee database sessions and Redis
|
2015-11-08 06:10:26 +00:00
|
|
|
@app.before_request
|
|
|
|
def before_request():
|
|
|
|
db.connect()
|
2016-07-15 20:37:03 +00:00
|
|
|
g.redis = redis.StrictRedis(host=config.redis.host, port=config.redis.port, db=config.redis.db)
|
2016-07-15 21:55:09 +00:00
|
|
|
g.connected = True
|
2015-11-08 06:10:26 +00:00
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
@app.teardown_request
|
|
|
|
def teardown_request(exc):
|
2016-07-12 15:27:39 +00:00
|
|
|
if getattr(g, 'connected', False):
|
|
|
|
db.close()
|
|
|
|
g.redis.connection_pool.disconnect()
|
2015-11-08 06:10:26 +00:00
|
|
|
|
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
# CSRF things
|
2015-11-08 06:10:26 +00:00
|
|
|
@app.before_request
|
|
|
|
def csrf_protect():
|
2016-05-16 01:20:48 +00:00
|
|
|
csrf_exempt = ['/teamconfirm/']
|
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
if request.method == "POST":
|
2015-12-03 23:18:00 +00:00
|
|
|
token = session.get('_csrf_token', None)
|
2016-07-31 17:27:20 +00:00
|
|
|
if (not token or token != request.form["_csrf_token"]) and request.path not in csrf_exempt:
|
2015-11-08 06:10:26 +00:00
|
|
|
return "Invalid CSRF token!"
|
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
def generate_csrf_token():
|
|
|
|
if '_csrf_token' not in session:
|
2015-11-10 16:51:45 +00:00
|
|
|
session['_csrf_token'] = misc.generate_random_string(64)
|
2015-11-08 06:10:26 +00:00
|
|
|
return session['_csrf_token']
|
|
|
|
|
2016-07-31 17:27:20 +00:00
|
|
|
|
2015-11-08 06:10:26 +00:00
|
|
|
app.jinja_env.globals['csrf_token'] = generate_csrf_token
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
app.run(debug=True, port=8001)
|