def register(): if current_user.is_authenticated: flash('Already Authenticated', 'info') return redirect(url_for('main.home')) form = RegistrationForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) score = Score(userid=user.id, userHash=False, rootHash=False, score=0) db.session.add(user) db.session.add(score) db.session.commit() flash('Your account has been created! You are now able to log in.', 'success') return redirect(url_for('users.login')) return render_template('register.html', title='Register', form=form, ctfname=ctfname)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('main.home')) user = User.verify_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('users.reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash('Your password has been updated! You are now able to log in', 'success') return redirect(url_for('users.login')) return render_template('reset_token.html', title='Reset Password', form=form, organization=organization)
def register(): if current_user.is_authenticated: flash('Already Authenticated', 'info') return redirect(url_for('main.home')) form = RegistrationForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) score = Score(user=user, userHash=False, rootHash=False, points=0) if LOGGING: log = Logs(user=user, accountCreationTime=datetime.utcnow(), visitedMachine=False, machineVisitTime=None, userSubmissionTime=None, rootSubmissionTime=None, userSubmissionIP=None, rootSubmissionIP=None) db.session.add(log) db.session.add(user) db.session.add(score) db.session.commit() flash('Your account has been created! You are now able to log in.', 'success') return redirect(url_for('users.login')) return render_template('register.html', title='Register', form=form, organization=organization)
default_time = datetime.now(pytz.utc) box = Machine(name="My Awesome Pwnable Box", user_hash='A' * 32, root_hash='B' * 32, user_points=10, root_points=20, os="Linux", ip="127.0.0.1", hardness="You tell") db.session.add(box) # NOTE: CHANGE DEFAULT CREDENTIALS !!! admin_user = User( username='******', email='*****@*****.**', password=bcrypt.generate_password_hash('admin').decode('utf-8'), isAdmin=True) admin_score = Score(user=admin_user, userHash=False, rootHash=False, points=0, machine=box) db.session.add(admin_user) db.session.add(admin_score) notif = Notification(title=f"Welcome to {organization['ctfname']}", body="The CTF is live now. Please read rules!") db.session.add(notif) test_user = User(