ColdCore/app.py

from flask import Flask, render_template, session, redirect, url_for, request, g, flash, jsonify

import redis
import socket
import logging

import config

from utils import misc, select

from data.database import db
import data

# Blueprints
from routes import api, admin, teams, users, challenges, tickets, scoreboard

if config.production:
    logging.basicConfig(level=logging.INFO)
else:
    logging.basicConfig(level=logging.DEBUG)

app = Flask(__name__)
app.secret_key = config.secret.key


app.register_blueprint(api.api)
app.register_blueprint(admin.admin)
app.register_blueprint(teams.teams)
app.register_blueprint(users.users)
app.register_blueprint(challenges.challenges)
app.register_blueprint(tickets.tickets)
app.register_blueprint(scoreboard.scoreboard)


@app.before_request
def make_info_available():
    if "user_id" in session:
        g.logged_in = True
        current_user = data.user.get_user(id=session["user_id"])
        if current_user is not None:
            g.user = current_user
            g.user_restricts = g.user.restricts.split(",")
            g.team = g.user.team
            g.team_restricts = g.team.restricts.split(",")
        else:
            g.logged_in = False
            session.pop("user_id")
            return render_template("login.html")
    else:
        g.logged_in = False


@app.context_processor
def scoreboard_variables():
    var = dict(config=config, select=select)
    if "user_id" in session:
        var["logged_in"] = True
        var["user"] = g.user
        var["team"] = g.team
        var["notifications"] = data.notification.get_notifications()
    else:
        var["logged_in"] = False
        var["notifications"] = []

    return var


@app.route('/')
def root():
    if g.logged_in:
        return redirect(url_for('team.dashboard'))
    return redirect(url_for('users.register'))


@app.route('/chat/')
def chat():
    return render_template("chat.html")


# Debug
@app.route('/debug/')
def debug_app():
    return jsonify(hostname=socket.gethostname())


# Manage Peewee database sessions and Redis
@app.before_request
def before_request():
    db.connect()
    g.redis = redis.StrictRedis(host=config.redis.host, port=config.redis.port, db=config.redis.db)
    g.connected = True


@app.teardown_request
def teardown_request(exc):
    if getattr(g, 'connected', False):
        db.close()
        g.redis.connection_pool.disconnect()


# CSRF things
@app.before_request
def csrf_protect():
    csrf_exempt = ['/teamconfirm/']

    if request.method == "POST":
        token = session.get('_csrf_token', None)
        if (not token or token != request.form["_csrf_token"]) and request.path not in csrf_exempt:
            return "Invalid CSRF token!"


def generate_csrf_token():
    if '_csrf_token' not in session:
        session['_csrf_token'] = misc.generate_random_string(64)
    return session['_csrf_token']


app.jinja_env.globals['csrf_token'] = generate_csrf_token

if __name__ == '__main__':
    app.run(debug=True, port=8001)
imports are hard 2016-03-14 03:17:21 +00:00			`from flask import Flask, render_template, session, redirect, url_for, request, g, flash, jsonify`
refactor utils 2015-11-10 16:51:45 +00:00
initial commit 2015-11-08 06:10:26 +00:00			`import redis`
add debug 2016-03-14 03:15:15 +00:00			`import socket`
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`import logging`
initial commit 2015-11-08 06:10:26 +00:00
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`import config`

			`from utils import misc, select`

			`from data.database import db`
			`import data`

			`# Blueprints`
			`from routes import api, admin, teams, users, challenges, tickets, scoreboard`
secret key -> secrets file 2015-11-29 02:40:11 +00:00
added production settings 2016-07-15 20:37:03 +00:00			`if config.production:`
			`logging.basicConfig(level=logging.INFO)`
			`else:`
			`logging.basicConfig(level=logging.DEBUG)`
initial commit 2015-11-08 06:10:26 +00:00
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`app = Flask(__name__)`
			`app.secret_key = config.secret.key`


			`app.register_blueprint(api.api)`
			`app.register_blueprint(admin.admin)`
			`app.register_blueprint(teams.teams)`
			`app.register_blueprint(users.users)`
			`app.register_blueprint(challenges.challenges)`
			`app.register_blueprint(tickets.tickets)`
			`app.register_blueprint(scoreboard.scoreboard)`


initial commit 2015-11-08 06:10:26 +00:00			`@app.before_request`
			`def make_info_available():`
Rewrote login system (may ruin everything) 2016-07-11 22:27:53 +00:00			`if "user_id" in session:`
in case of errors 2016-07-15 21:23:19 +00:00			`g.logged_in = True`
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`current_user = data.user.get_user(id=session["user_id"])`
			`if current_user is not None:`
			`g.user = current_user`
Registration works now 2016-07-11 23:57:43 +00:00			`g.user_restricts = g.user.restricts.split(",")`
separated team and user dashboards 2016-07-12 12:03:04 +00:00			`g.team = g.user.team`
			`g.team_restricts = g.team.restricts.split(",")`
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`else:`
whoops 2016-07-15 21:18:14 +00:00			`g.logged_in = False`
added edit user and team pages 2016-07-12 14:24:19 +00:00			`session.pop("user_id")`
Registration works now 2016-07-11 23:57:43 +00:00			`return render_template("login.html")`
fixed redirect 2016-07-15 21:14:53 +00:00			`else:`
			`g.logged_in = False`
initial commit 2015-11-08 06:10:26 +00:00
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00
initial commit 2015-11-08 06:10:26 +00:00			`@app.context_processor`
			`def scoreboard_variables():`
added edit user and team pages 2016-07-12 14:24:19 +00:00			`var = dict(config=config, select=select)`
Rewrote login system (may ruin everything) 2016-07-11 22:27:53 +00:00			`if "user_id" in session:`
initial commit 2015-11-08 06:10:26 +00:00			`var["logged_in"] = True`
Rewrote login system (may ruin everything) 2016-07-11 22:27:53 +00:00			`var["user"] = g.user`
separated team and user dashboards 2016-07-12 12:03:04 +00:00			`var["team"] = g.team`
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`var["notifications"] = data.notification.get_notifications()`
initial commit 2015-11-08 06:10:26 +00:00			`else:`
			`var["logged_in"] = False`
finish trouble tickets, notification infrastructure, challenge filtering 2015-12-01 04:05:17 +00:00			`var["notifications"] = []`
initial commit 2015-11-08 06:10:26 +00:00
			`return var`


			`@app.route('/')`
			`def root():`
fixed redirect 2016-07-15 21:14:53 +00:00			`if g.logged_in:`
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`return redirect(url_for('team.dashboard'))`
			`return redirect(url_for('users.register'))`

initial commit 2015-11-08 06:10:26 +00:00
add chat 2016-04-17 17:18:44 +00:00			`@app.route('/chat/')`
			`def chat():`
			`return render_template("chat.html")`

finish trouble tickets, notification infrastructure, challenge filtering 2015-12-01 04:05:17 +00:00
add debug 2016-03-14 03:15:15 +00:00			`# Debug`
			`@app.route('/debug/')`
			`def debug_app():`
			`return jsonify(hostname=socket.gethostname())`

initial commit 2015-11-08 06:10:26 +00:00
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`# Manage Peewee database sessions and Redis`
initial commit 2015-11-08 06:10:26 +00:00			`@app.before_request`
			`def before_request():`
			`db.connect()`
added production settings 2016-07-15 20:37:03 +00:00			`g.redis = redis.StrictRedis(host=config.redis.host, port=config.redis.port, db=config.redis.db)`
moved connected 2016-07-15 21:55:09 +00:00			`g.connected = True`
initial commit 2015-11-08 06:10:26 +00:00
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00
initial commit 2015-11-08 06:10:26 +00:00			`@app.teardown_request`
			`def teardown_request(exc):`
added database error checking 2016-07-12 15:27:39 +00:00			`if getattr(g, 'connected', False):`
			`db.close()`
			`g.redis.connection_pool.disconnect()`
initial commit 2015-11-08 06:10:26 +00:00

moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`# CSRF things`
initial commit 2015-11-08 06:10:26 +00:00			`@app.before_request`
			`def csrf_protect():`
CSRF exemption for teamconfirm 2016-05-16 01:20:48 +00:00			`csrf_exempt = ['/teamconfirm/']`

initial commit 2015-11-08 06:10:26 +00:00			`if request.method == "POST":`
breakthrough points, challenge solves 2015-12-03 23:18:00 +00:00			`token = session.get('_csrf_token', None)`
moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00			`if (not token or token != request.form["_csrf_token"]) and request.path not in csrf_exempt:`
initial commit 2015-11-08 06:10:26 +00:00			`return "Invalid CSRF token!"`

moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00
initial commit 2015-11-08 06:10:26 +00:00			`def generate_csrf_token():`
			`if '_csrf_token' not in session:`
refactor utils 2015-11-10 16:51:45 +00:00			`session['_csrf_token'] = misc.generate_random_string(64)`
initial commit 2015-11-08 06:10:26 +00:00			`return session['_csrf_token']`

moved so much stuff around and rewrote the api 2016-07-31 17:27:20 +00:00
initial commit 2015-11-08 06:10:26 +00:00			`app.jinja_env.globals['csrf_token'] = generate_csrf_token`

			`if __name__ == '__main__':`
			`app.run(debug=True, port=8001)`