def tracker():
if request.endpoint == "views.themes":
return
if authed():
track = Tracking.query.filter_by(ip=get_ip(),
user_id=session["id"]).first()
if not track:
visit = Tracking(ip=get_ip(), user_id=session["id"])
db.session.add(visit)
else:
track.date = datetime.datetime.utcnow()
try:
db.session.commit()
except (InvalidRequestError, IntegrityError):
db.session.rollback()
logout_user()
if authed():
user = get_current_user()
team = get_current_team()
if request.path.startswith("/themes") is False:
if user and user.banned:
return (
render_template(
"errors/403.html",
error="You have been banned from this CTF",
),
403,
)
if team and team.banned:
return (
render_template(
"errors/403.html",
error="Your team has been banned from this CTF",
),
403,
)
db.session.close()
def log(logger, format, **kwargs):
logger = logging.getLogger(logger)
props = {
"id": session.get("id"),
"name": session.get("name"),
"email": session.get("email"),
"type": session.get("type"),
"date": time.strftime("%m/%d/%Y %X"),
"ip": get_ip(),
}
props.update(kwargs)
msg = format.format(**props)
print(msg)
logger.info(msg)
def fail(user, team, challenge, request):
"""
This method is used to insert Fails into the database in order to mark an answer incorrect.
:param team: The Team object from the database
:param chal: The Challenge object from the database
:param request: The request the user submitted
:return:
"""
data = request.form or request.get_json()
submission = data["submission"].strip()
wrong = Fails(
user_id=user.id,
team_id=team.id if team else None,
challenge_id=challenge.id,
ip=get_ip(request),
provided=submission,
)
db.session.add(wrong)
db.session.commit()
db.session.close()
def solve(user, team, challenge, request):
"""
This method is used to insert Solves into the database in order to mark a challenge as solved.
:param team: The Team object from the database
:param chal: The Challenge object from the database
:param request: The request the user submitted
:return:
"""
data = request.form or request.get_json()
submission = data["submission"].strip()
solve = Solves(
user_id=user.id,
team_id=team.id if team else None,
challenge_id=challenge.id,
ip=get_ip(req=request),
provided=submission,
)
db.session.add(solve)
db.session.commit()
db.session.close()
def ratelimit_function(*args, **kwargs):
ip_address = current_user.get_ip()
key = "{}:{}:{}".format(key_prefix, ip_address, request.endpoint)
current = cache.get(key)
if request.method == method:
if (
current and int(current) > limit - 1
): # -1 in order to align expected limit with the real value
resp = jsonify({
"code":
429,
"message":
"Too many requests. Limit is %s requests in %s seconds"
% (limit, interval),
})
resp.status_code = 429
return resp
else:
if current is None:
cache.set(key, 1, timeout=interval)
else:
cache.set(key, int(current) + 1, timeout=interval)
return f(*args, **kwargs)