Beispiel #1
0
async def bank(request: HTTPConnection):
    login_form = LoginForm()
    transfer_form = TransferForm()

    current_user = request.cookies.get("username")

    return templates.TemplateResponse(
        "bank.j2",
        {
            "request":
            request,
            "login_form":
            login_form,
            "transfer_form":
            transfer_form,
            "login_url":
            request.url_for("bank_login"),
            "transfer_url":
            request.url_for("bank_transfer"),
            "current_user":
            current_user,
            "transactions":
            [] if current_user is None else transactions[current_user],
        },
    )
Beispiel #2
0
    async def post(self, request: HTTPConnection):
        id = request.path_params["id"]

        blog = await Blog.get(id)

        if blog is None:
            return abort(404, "Blog not found")

        form = await request.form()

        form = PostForm(form)

        if form.validate():
            await blog.update_auto(title=form.title.data,
                                   tags=form.tags.data,
                                   content=form.content.data).apply()

            url = request.url_for("blog_view", slug=blog.slug)

            return redirect_response(url=url)

        images = await encoded_existing_images(request)
        tags = orjson.dumps(await get_all_tags())

        return templates.TemplateResponse(
            "blog/edit.j2",
            {
                "request": request,
                "form": form,
                "blog": blog,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
Beispiel #3
0
    async def post(self, request: HTTPConnection):
        form = await request.form()

        form = PostForm(form)

        is_valid = form.validate()

        if (await Blog.query.where(Blog.title == form.title.data).gino.first()
                is not None):
            is_valid = False
            form.title.errors.append(
                f"A blog with the title '{form.title.data}' already exists.")

        if is_valid:
            blog = await Blog.create_auto(title=form.title.data,
                                          tags=form.tags.data,
                                          content=form.content.data)

            url = request.url_for("blog_view", slug=blog.slug)

            return redirect_response(url=url)

        images = await encoded_existing_images(request)
        tags = orjson.dumps(await get_all_tags())

        return templates.TemplateResponse(
            "blog/new.j2",
            {
                "request": request,
                "form": form,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
Beispiel #4
0
async def bank_login(request: HTTPConnection):
    form = await request.form()
    form = LoginForm(form)

    r = redirect_response(url=request.url_for("bank"))
    r.set_cookie("username", form.user.data)

    return r
    async def post(self, request: HTTPConnection):
        form = await request.form()

        form = ChallengeForm(form)

        is_valid = form.validate()

        if not slug(form.title.data):
            is_valid = False
            form.title.errors.append(
                "A valid url-safe name cannot be generated for this title.")

        if (await Challenge.query.where(
                sa.or_(
                    Challenge.title == form.title.data,
                    Challenge.slug == slug(form.title.data),
                )).gino.first() is not None):
            is_valid = False
            form.title.errors.append(
                f"A challenge with the title conflicting with '{form.title.data}' already exists."
            )

        if is_valid:
            f_a = form.flag_or_answer.data
            flag, answer = (f_a, None) if form.is_flag.data else (None, f_a)

            challenge = await Challenge.create_auto(
                title=form.title.data,
                content=form.content.data,
                flag=flag,
                answer=answer,
                hidden=form.hidden.data,
                depreciated=form.depreciated.data,
                points=form.points.data,
                tags=form.tags.data,
            )

            url = request.url_for("challenge_view", slug=challenge.slug)

            if not challenge.hidden:
                await log_create("challenge", challenge.title,
                                 request.user.username, url)

            return redirect_response(url=url)

        images = await encoded_existing_images(request)
        tags = orjson.dumps(await get_all_tags(include_hidden=True))

        return templates.TemplateResponse(
            "challenge/new.j2",
            {
                "request": request,
                "form": form,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
async def encoded_existing_images(request: HTTPConnection) -> bytes:
    images = await get_existing_images(request.user.discord_id)
    images = [
        {
            "filename": f"{id}.{ext}",
            "path": request.url_for("images", file_name=(id, ext)),
        }
        for (id, ext) in images
    ]
    return orjson.dumps(images)
Beispiel #7
0
    async def post(self, request: HTTPConnection):
        id = request.path_params["id"]

        blog = await Blog.get(id)

        if blog is None:
            return abort(404, "Blog not found")

        if not can_edit(request, blog.author_id):
            return abort(400)

        form = await request.form()

        form = PostForm(form)

        is_valid = form.validate()

        if not slug(form.title.data):
            is_valid = False
            form.title.errors.append(
                "A valid url-safe name cannot be generated for this title.")

        if blog.title != blog.title.data:
            if (await Blog.query.where(
                    sa.or_(Blog.title == form.title.data,
                           Blog.slug == slug(form.title.data))).gino.first()
                    is not None):
                is_valid = False
                form.title.errors.append(
                    f"A blog with the title '{form.title.data}' already exists."
                )

        if is_valid:
            await blog.update_auto(title=form.title.data,
                                   tags=form.tags.data,
                                   content=form.content.data).apply()

            url = request.url_for("blog_view", slug=blog.slug)
            await log_edit("blog", blog.title, request.user.username, url)

            return redirect_response(url=url)

        images = await encoded_existing_images(request)
        tags = orjson.dumps(await get_all_tags())

        return templates.TemplateResponse(
            "blog/edit.j2",
            {
                "request": request,
                "form": form,
                "blog": blog,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
Beispiel #8
0
async def blog_delete(request: HTTPConnection):
    id = request.path_params["id"]

    blog = await Blog.get(id)

    if blog is None:
        return abort(404, "Blog not found")

    await blog.delete()

    return redirect_response(url=request.url_for("blog_index"))
    async def post(self, request: HTTPConnection):
        form = await request.form()

        form = WriteupForm(form)

        is_valid = form.validate()

        if not slug(form.title.data):
            is_valid = False
            form.title.errors.append(
                "A valid url-safe name cannot be generated for this title."
            )

        if (
            await Writeup.query.where(
                sa.or_(
                    Writeup.title == form.title.data,
                    Writeup.slug == slug(form.title.data),
                )
            ).gino.first()
            is not None
        ):
            is_valid = False
            form.title.errors.append(
                f"A writeup with the title conflicting with '{form.title.data}' already exists."
            )

        if is_valid:
            writeup = await Writeup.create_auto(
                author_id=request.user.discord_id,
                title=form.title.data,
                tags=form.tags.data,
                content=form.content.data,
                private=form.private.data,
            )

            url = request.url_for("writeups_view", slug=writeup.slug)
            await log_create("writeup", writeup.title, request.user.username, url)

            return redirect_response(url=url)

        images = await encoded_existing_images(request)
        tags = orjson.dumps(await get_all_tags(True))

        return templates.TemplateResponse(
            "writeups/new.j2",
            {
                "request": request,
                "form": form,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
Beispiel #10
0
async def bank_transfer(request: HTTPConnection):
    form = TransferForm(request.query_params)

    if not form.validate():
        login_form = LoginForm()

        current_user = request.cookies.get("username")

        return templates.TemplateResponse(
            "bank.j2",
            {
                "request":
                request,
                "login_form":
                login_form,
                "transfer_form":
                form,
                "login_url":
                request.url_for("bank_login"),
                "transfer_url":
                request.url_for("bank_transfer"),
                "current_user":
                current_user,
                "transactions":
                [] if current_user is None else transactions[current_user],
            },
        )

    from_ = request.cookies.get("username")
    if from_ is None:
        raise HTTPException(status_code=401, detail="Not logged in")

    transaction = (from_, form.dest.data, form.amount.data)

    print(transaction)

    transactions[form.dest.data].append(transaction)
    transactions[from_].append(transaction)

    return redirect_response(url=request.url_for("bank"))
async def challenge_delete(request: HTTPConnection):
    id = request.path_params["id"]

    challenge = await Challenge.get(id)

    if challenge is None:
        return abort(404, "Challenge not found")

    if not can_edit(request):
        return abort(400)

    await challenge.delete()
    await log_delete("challenge", challenge.title, request.user.username)

    return redirect_response(url=request.url_for("challenge_index"))
Beispiel #12
0
async def blog_delete(request: HTTPConnection):
    id = request.path_params["id"]

    blog = await Blog.get(id)

    if blog is None:
        return abort(404, "Blog not found")

    if not can_edit(request):
        return abort(400)

    await blog.delete()
    await log_delete("blog", blog.name, request.user.username)

    return RedirectResponse(url=request.url_for("blog_index"))
async def writeups_delete(request: HTTPConnection):
    id = request.path_params["id"]

    writeup = await Writeup.get(id)

    if writeup is None:
        return abort(404, "Writeup not found")

    if not can_edit(request, writeup.author_id):
        return abort(400)

    await writeup.delete()

    await log_delete("writeup", writeup.title, request.user.username)

    return redirect_response(url=request.url_for("writeups_index"))
Beispiel #14
0
async def index(request: HTTPConnection):
    posts = request.session.get("posts")
    if posts is None:
        posts = []
        request.session["posts"] = posts

    form = PostForm()

    return templates.TemplateResponse(
        "main.j2",
        {
            "request": request,
            "form": form,
            "posts": posts,
            "post_create": request.url_for("post"),
        },
    )
async def writeups_view(request: HTTPConnection):
    slug = request.path_params["slug"]

    writeup = await Writeup.load(author=User).where(Writeup.slug == slug).gino.first()

    if writeup is None:
        return abort(404, "Writeup not found")

    if should_skip_writeup(writeup, request.user.is_authed):
        return redirect_response(url=request.url_for("need_auth"))

    rendered = highlight_markdown(writeup.content)

    return templates.TemplateResponse(
        "writeups/view.j2",
        {"writeup": writeup, "request": request, "rendered": rendered},
    )
    async def post(self, request: HTTPConnection):
        id = request.path_params["id"]

        writeup = await Writeup.get(id)

        if writeup is None:
            return abort(404, "Writeup not found")

        if not can_edit(request, writeup.author_id):
            return abort(400)

        form = await request.form()

        form = PostForm(form)

        if form.validate():
            await writeup.update_auto(
                author_id=request.user.discord_id,
                title=form.title.data,
                tags=form.tags.data,
                content=form.content.data,
            ).apply()

            url = request.url_for("writeups_view", slug=writeup.slug)
            await log_edit("writeup", writeup.title, request.user.username,
                           url)

            return RedirectResponse(url=url)

        images = await encoded_existing_images(request)
        tags = ujson.dumps(await get_all_tags())

        return templates.TemplateResponse(
            "writeups/edit.j2",
            {
                "request": request,
                "form": form,
                "writeup": writeup,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
    async def post(self, request: HTTPConnection):
        form = await request.form()

        form = PostForm(form)

        is_valid = form.validate()

        if (await Writeup.query.where(Writeup.title == form.title.data
                                      ).gino.first() is not None):
            is_valid = False
            form.errors.setdefault("title", []).append(
                f"A writeup with the title '{form.title.data}' already exists."
            )

        if is_valid:
            writeup = await Writeup.create_auto(
                author_id=request.user.discord_id,
                title=form.title.data,
                tags=form.tags.data,
                content=form.content.data,
            )

            url = request.url_for("writeups_view", slug=writeup.slug)
            await log_create("writeup", writeup.title, request.user.username,
                             url)

            return RedirectResponse(url=url)

        images = await encoded_existing_images(request)
        tags = ujson.dumps(await get_all_tags())

        return templates.TemplateResponse(
            "writeups/new.j2",
            {
                "request": request,
                "form": form,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
Beispiel #18
0
async def post(request: HTTPConnection):
    form = await request.form()
    form = PostForm(form)

    name = form.name.data
    message = form.message.data

    posts = request.session.get("posts")
    if posts is None:
        posts = []
        request.session["posts"] = posts

    posts.append((name, message))

    return templates.TemplateResponse(
        "main.j2",
        {
            "request": request,
            "form": form,
            "posts": posts,
            "post_create": request.url_for("post"),
        },
    )
    async def post(self, request: HTTPConnection):
        id = request.path_params["id"]

        writeup = await Writeup.get(id)

        if writeup is None:
            return abort(404, "Writeup not found")

        if not can_edit(request, writeup.author_id):
            return abort(400)

        form = await request.form()

        form = WriteupForm(form)

        is_valid = form.validate()

        if not slug(form.title.data):
            is_valid = False
            form.title.errors.append(
                "A valid url-safe name cannot be generated for this title."
            )

        if writeup.title != form.title.data:
            if (
                await Writeup.query.where(
                    sa.or_(
                        Writeup.title == form.title.data,
                        Writeup.slug == slug(form.title.data),
                    )
                ).gino.first()
                is not None
            ):
                is_valid = False
                form.title.errors.append(
                    f"A writeup with the title conflicting with '{form.title.data}' already exists."
                )

        if is_valid:
            await writeup.update_auto(
                title=form.title.data,
                tags=form.tags.data,
                content=form.content.data,
                private=form.private.data,
            ).apply()

            url = request.url_for("writeups_view", slug=writeup.slug)
            await log_edit("writeup", writeup.title, request.user.username, url)

            return redirect_response(url=url)

        images = await encoded_existing_images(request)
        tags = orjson.dumps(await get_all_tags(True))

        return templates.TemplateResponse(
            "writeups/edit.j2",
            {
                "request": request,
                "form": form,
                "writeup": writeup,
                "existing_images": images,
                "existing_tags": tags,
            },
        )
async def challenge_submit_answer(request: HTTPConnection):
    id = request.path_params["id"]

    form = await request.form()
    form = AnswerForm(form)

    is_valid = form.validate()

    answer = form.answer.data

    solves = sa.func.count(CompletedChallenge.challenge_id).label("solves")

    challenge = await (db.select([Challenge, solves]).select_from(
        Challenge.outerjoin(
            CompletedChallenge,
            (Challenge.id == CompletedChallenge.challenge_id)
            & (CompletedChallenge.season == CURRENT_SEASON),
        )).group_by(Challenge.id).where(Challenge.id == id).gino.load(
            (Challenge, ColumnLoader(solves))).first())

    if challenge is None:
        return abort(404, "Challenge not found")

    challenge, solves = challenge

    if should_skip_challenge(challenge, request.user.is_admin):
        return abort(404, "Challenge not found")

    if (challenge.answer or challenge.flag) != answer:
        is_valid = False
        form.answer.errors.append("Incorrect answer.")

    # TODO? change this to a flash message
    if challenge.depreciated:
        is_valid = False
        form.answer.errors.append(
            "Correct, but this challenge is depreciated, sorry.")

    already_claimed = await CompletedChallenge.query.where(
        (CompletedChallenge.discord_id == request.user.discord_id)
        & (CompletedChallenge.challenge_id == challenge.id)
        & (CompletedChallenge.season == CURRENT_SEASON)).gino.first()

    if already_claimed is not None:
        # shouldn't see the form anyway
        is_valid = False
        form.answer.errors.append("You've already solved this challenge.")

    if is_valid:
        await CompletedChallenge.create(
            discord_id=request.user.discord_id,
            challenge_id=challenge.id,
            season=CURRENT_SEASON,
        )

        return redirect_response(
            url=request.url_for("challenge_view", slug=challenge.slug))

    rendered = highlight_markdown_unsafe(challenge.content)

    return templates.TemplateResponse(
        "challenge/view.j2",
        {
            "challenge": challenge,
            "request": request,
            "rendered": rendered,
            "solves": solves,
            "submit_form": form,
        },
    )
Beispiel #21
0
async def sign_in(request: HTTPConnection):
    redirect_uri = request.url_for("auth_cb")
    return await oauth.discord.authorize_redirect(request, redirect_uri)
async def sign_out(request: HTTPConnection):
    request.session.pop("token", None)

    return RedirectResponse(url=request.url_for("index"))