def register():
if current_user.is_authenticated:
flash('Already Authenticated', 'info')
return redirect(url_for('main.home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data, password=hashed_password)
score = Score(userid=user.id, userHash=False, rootHash=False, score=0)
db.session.add(user)
db.session.add(score)
db.session.commit()
flash('Your account has been created! You are now able to log in.', 'success')
return redirect(url_for('users.login'))
return render_template('register.html', title='Register', form=form, ctfname=ctfname)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user.password = hashed_password
db.session.commit()
flash('Your password has been updated! You are now able to log in', 'success')
return redirect(url_for('users.login'))
return render_template('reset_token.html', title='Reset Password', form=form, organization=organization)
def register():
if current_user.is_authenticated:
flash('Already Authenticated', 'info')
return redirect(url_for('main.home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data, password=hashed_password)
score = Score(user=user, userHash=False, rootHash=False, points=0)
if LOGGING:
log = Logs(user=user, accountCreationTime=datetime.utcnow(), visitedMachine=False, machineVisitTime=None, userSubmissionTime=None,
rootSubmissionTime=None, userSubmissionIP=None, rootSubmissionIP=None)
db.session.add(log)
db.session.add(user)
db.session.add(score)
db.session.commit()
flash('Your account has been created! You are now able to log in.', 'success')
return redirect(url_for('users.login'))
return render_template('register.html', title='Register', form=form, organization=organization)
default_time = datetime.now(pytz.utc)
box = Machine(name="My Awesome Pwnable Box",
user_hash='A' * 32,
root_hash='B' * 32,
user_points=10,
root_points=20,
os="Linux",
ip="127.0.0.1",
hardness="You tell")
db.session.add(box)
# NOTE: CHANGE DEFAULT CREDENTIALS !!!
admin_user = User(
username='******',
email='*****@*****.**',
password=bcrypt.generate_password_hash('admin').decode('utf-8'),
isAdmin=True)
admin_score = Score(user=admin_user,
userHash=False,
rootHash=False,
points=0,
machine=box)
db.session.add(admin_user)
db.session.add(admin_score)
notif = Notification(title=f"Welcome to {organization['ctfname']}",
body="The CTF is live now. Please read rules!")
db.session.add(notif)
test_user = User(