async def bank(request: HTTPConnection): login_form = LoginForm() transfer_form = TransferForm() current_user = request.cookies.get("username") return templates.TemplateResponse( "bank.j2", { "request": request, "login_form": login_form, "transfer_form": transfer_form, "login_url": request.url_for("bank_login"), "transfer_url": request.url_for("bank_transfer"), "current_user": current_user, "transactions": [] if current_user is None else transactions[current_user], }, )
async def post(self, request: HTTPConnection): id = request.path_params["id"] blog = await Blog.get(id) if blog is None: return abort(404, "Blog not found") form = await request.form() form = PostForm(form) if form.validate(): await blog.update_auto(title=form.title.data, tags=form.tags.data, content=form.content.data).apply() url = request.url_for("blog_view", slug=blog.slug) return redirect_response(url=url) images = await encoded_existing_images(request) tags = orjson.dumps(await get_all_tags()) return templates.TemplateResponse( "blog/edit.j2", { "request": request, "form": form, "blog": blog, "existing_images": images, "existing_tags": tags, }, )
async def post(self, request: HTTPConnection): form = await request.form() form = PostForm(form) is_valid = form.validate() if (await Blog.query.where(Blog.title == form.title.data).gino.first() is not None): is_valid = False form.title.errors.append( f"A blog with the title '{form.title.data}' already exists.") if is_valid: blog = await Blog.create_auto(title=form.title.data, tags=form.tags.data, content=form.content.data) url = request.url_for("blog_view", slug=blog.slug) return redirect_response(url=url) images = await encoded_existing_images(request) tags = orjson.dumps(await get_all_tags()) return templates.TemplateResponse( "blog/new.j2", { "request": request, "form": form, "existing_images": images, "existing_tags": tags, }, )
async def bank_login(request: HTTPConnection): form = await request.form() form = LoginForm(form) r = redirect_response(url=request.url_for("bank")) r.set_cookie("username", form.user.data) return r
async def post(self, request: HTTPConnection): form = await request.form() form = ChallengeForm(form) is_valid = form.validate() if not slug(form.title.data): is_valid = False form.title.errors.append( "A valid url-safe name cannot be generated for this title.") if (await Challenge.query.where( sa.or_( Challenge.title == form.title.data, Challenge.slug == slug(form.title.data), )).gino.first() is not None): is_valid = False form.title.errors.append( f"A challenge with the title conflicting with '{form.title.data}' already exists." ) if is_valid: f_a = form.flag_or_answer.data flag, answer = (f_a, None) if form.is_flag.data else (None, f_a) challenge = await Challenge.create_auto( title=form.title.data, content=form.content.data, flag=flag, answer=answer, hidden=form.hidden.data, depreciated=form.depreciated.data, points=form.points.data, tags=form.tags.data, ) url = request.url_for("challenge_view", slug=challenge.slug) if not challenge.hidden: await log_create("challenge", challenge.title, request.user.username, url) return redirect_response(url=url) images = await encoded_existing_images(request) tags = orjson.dumps(await get_all_tags(include_hidden=True)) return templates.TemplateResponse( "challenge/new.j2", { "request": request, "form": form, "existing_images": images, "existing_tags": tags, }, )
async def encoded_existing_images(request: HTTPConnection) -> bytes: images = await get_existing_images(request.user.discord_id) images = [ { "filename": f"{id}.{ext}", "path": request.url_for("images", file_name=(id, ext)), } for (id, ext) in images ] return orjson.dumps(images)
async def post(self, request: HTTPConnection): id = request.path_params["id"] blog = await Blog.get(id) if blog is None: return abort(404, "Blog not found") if not can_edit(request, blog.author_id): return abort(400) form = await request.form() form = PostForm(form) is_valid = form.validate() if not slug(form.title.data): is_valid = False form.title.errors.append( "A valid url-safe name cannot be generated for this title.") if blog.title != blog.title.data: if (await Blog.query.where( sa.or_(Blog.title == form.title.data, Blog.slug == slug(form.title.data))).gino.first() is not None): is_valid = False form.title.errors.append( f"A blog with the title '{form.title.data}' already exists." ) if is_valid: await blog.update_auto(title=form.title.data, tags=form.tags.data, content=form.content.data).apply() url = request.url_for("blog_view", slug=blog.slug) await log_edit("blog", blog.title, request.user.username, url) return redirect_response(url=url) images = await encoded_existing_images(request) tags = orjson.dumps(await get_all_tags()) return templates.TemplateResponse( "blog/edit.j2", { "request": request, "form": form, "blog": blog, "existing_images": images, "existing_tags": tags, }, )
async def blog_delete(request: HTTPConnection): id = request.path_params["id"] blog = await Blog.get(id) if blog is None: return abort(404, "Blog not found") await blog.delete() return redirect_response(url=request.url_for("blog_index"))
async def post(self, request: HTTPConnection): form = await request.form() form = WriteupForm(form) is_valid = form.validate() if not slug(form.title.data): is_valid = False form.title.errors.append( "A valid url-safe name cannot be generated for this title." ) if ( await Writeup.query.where( sa.or_( Writeup.title == form.title.data, Writeup.slug == slug(form.title.data), ) ).gino.first() is not None ): is_valid = False form.title.errors.append( f"A writeup with the title conflicting with '{form.title.data}' already exists." ) if is_valid: writeup = await Writeup.create_auto( author_id=request.user.discord_id, title=form.title.data, tags=form.tags.data, content=form.content.data, private=form.private.data, ) url = request.url_for("writeups_view", slug=writeup.slug) await log_create("writeup", writeup.title, request.user.username, url) return redirect_response(url=url) images = await encoded_existing_images(request) tags = orjson.dumps(await get_all_tags(True)) return templates.TemplateResponse( "writeups/new.j2", { "request": request, "form": form, "existing_images": images, "existing_tags": tags, }, )
async def bank_transfer(request: HTTPConnection): form = TransferForm(request.query_params) if not form.validate(): login_form = LoginForm() current_user = request.cookies.get("username") return templates.TemplateResponse( "bank.j2", { "request": request, "login_form": login_form, "transfer_form": form, "login_url": request.url_for("bank_login"), "transfer_url": request.url_for("bank_transfer"), "current_user": current_user, "transactions": [] if current_user is None else transactions[current_user], }, ) from_ = request.cookies.get("username") if from_ is None: raise HTTPException(status_code=401, detail="Not logged in") transaction = (from_, form.dest.data, form.amount.data) print(transaction) transactions[form.dest.data].append(transaction) transactions[from_].append(transaction) return redirect_response(url=request.url_for("bank"))
async def challenge_delete(request: HTTPConnection): id = request.path_params["id"] challenge = await Challenge.get(id) if challenge is None: return abort(404, "Challenge not found") if not can_edit(request): return abort(400) await challenge.delete() await log_delete("challenge", challenge.title, request.user.username) return redirect_response(url=request.url_for("challenge_index"))
async def blog_delete(request: HTTPConnection): id = request.path_params["id"] blog = await Blog.get(id) if blog is None: return abort(404, "Blog not found") if not can_edit(request): return abort(400) await blog.delete() await log_delete("blog", blog.name, request.user.username) return RedirectResponse(url=request.url_for("blog_index"))
async def writeups_delete(request: HTTPConnection): id = request.path_params["id"] writeup = await Writeup.get(id) if writeup is None: return abort(404, "Writeup not found") if not can_edit(request, writeup.author_id): return abort(400) await writeup.delete() await log_delete("writeup", writeup.title, request.user.username) return redirect_response(url=request.url_for("writeups_index"))
async def index(request: HTTPConnection): posts = request.session.get("posts") if posts is None: posts = [] request.session["posts"] = posts form = PostForm() return templates.TemplateResponse( "main.j2", { "request": request, "form": form, "posts": posts, "post_create": request.url_for("post"), }, )
async def writeups_view(request: HTTPConnection): slug = request.path_params["slug"] writeup = await Writeup.load(author=User).where(Writeup.slug == slug).gino.first() if writeup is None: return abort(404, "Writeup not found") if should_skip_writeup(writeup, request.user.is_authed): return redirect_response(url=request.url_for("need_auth")) rendered = highlight_markdown(writeup.content) return templates.TemplateResponse( "writeups/view.j2", {"writeup": writeup, "request": request, "rendered": rendered}, )
async def post(self, request: HTTPConnection): id = request.path_params["id"] writeup = await Writeup.get(id) if writeup is None: return abort(404, "Writeup not found") if not can_edit(request, writeup.author_id): return abort(400) form = await request.form() form = PostForm(form) if form.validate(): await writeup.update_auto( author_id=request.user.discord_id, title=form.title.data, tags=form.tags.data, content=form.content.data, ).apply() url = request.url_for("writeups_view", slug=writeup.slug) await log_edit("writeup", writeup.title, request.user.username, url) return RedirectResponse(url=url) images = await encoded_existing_images(request) tags = ujson.dumps(await get_all_tags()) return templates.TemplateResponse( "writeups/edit.j2", { "request": request, "form": form, "writeup": writeup, "existing_images": images, "existing_tags": tags, }, )
async def post(self, request: HTTPConnection): form = await request.form() form = PostForm(form) is_valid = form.validate() if (await Writeup.query.where(Writeup.title == form.title.data ).gino.first() is not None): is_valid = False form.errors.setdefault("title", []).append( f"A writeup with the title '{form.title.data}' already exists." ) if is_valid: writeup = await Writeup.create_auto( author_id=request.user.discord_id, title=form.title.data, tags=form.tags.data, content=form.content.data, ) url = request.url_for("writeups_view", slug=writeup.slug) await log_create("writeup", writeup.title, request.user.username, url) return RedirectResponse(url=url) images = await encoded_existing_images(request) tags = ujson.dumps(await get_all_tags()) return templates.TemplateResponse( "writeups/new.j2", { "request": request, "form": form, "existing_images": images, "existing_tags": tags, }, )
async def post(request: HTTPConnection): form = await request.form() form = PostForm(form) name = form.name.data message = form.message.data posts = request.session.get("posts") if posts is None: posts = [] request.session["posts"] = posts posts.append((name, message)) return templates.TemplateResponse( "main.j2", { "request": request, "form": form, "posts": posts, "post_create": request.url_for("post"), }, )
async def post(self, request: HTTPConnection): id = request.path_params["id"] writeup = await Writeup.get(id) if writeup is None: return abort(404, "Writeup not found") if not can_edit(request, writeup.author_id): return abort(400) form = await request.form() form = WriteupForm(form) is_valid = form.validate() if not slug(form.title.data): is_valid = False form.title.errors.append( "A valid url-safe name cannot be generated for this title." ) if writeup.title != form.title.data: if ( await Writeup.query.where( sa.or_( Writeup.title == form.title.data, Writeup.slug == slug(form.title.data), ) ).gino.first() is not None ): is_valid = False form.title.errors.append( f"A writeup with the title conflicting with '{form.title.data}' already exists." ) if is_valid: await writeup.update_auto( title=form.title.data, tags=form.tags.data, content=form.content.data, private=form.private.data, ).apply() url = request.url_for("writeups_view", slug=writeup.slug) await log_edit("writeup", writeup.title, request.user.username, url) return redirect_response(url=url) images = await encoded_existing_images(request) tags = orjson.dumps(await get_all_tags(True)) return templates.TemplateResponse( "writeups/edit.j2", { "request": request, "form": form, "writeup": writeup, "existing_images": images, "existing_tags": tags, }, )
async def challenge_submit_answer(request: HTTPConnection): id = request.path_params["id"] form = await request.form() form = AnswerForm(form) is_valid = form.validate() answer = form.answer.data solves = sa.func.count(CompletedChallenge.challenge_id).label("solves") challenge = await (db.select([Challenge, solves]).select_from( Challenge.outerjoin( CompletedChallenge, (Challenge.id == CompletedChallenge.challenge_id) & (CompletedChallenge.season == CURRENT_SEASON), )).group_by(Challenge.id).where(Challenge.id == id).gino.load( (Challenge, ColumnLoader(solves))).first()) if challenge is None: return abort(404, "Challenge not found") challenge, solves = challenge if should_skip_challenge(challenge, request.user.is_admin): return abort(404, "Challenge not found") if (challenge.answer or challenge.flag) != answer: is_valid = False form.answer.errors.append("Incorrect answer.") # TODO? change this to a flash message if challenge.depreciated: is_valid = False form.answer.errors.append( "Correct, but this challenge is depreciated, sorry.") already_claimed = await CompletedChallenge.query.where( (CompletedChallenge.discord_id == request.user.discord_id) & (CompletedChallenge.challenge_id == challenge.id) & (CompletedChallenge.season == CURRENT_SEASON)).gino.first() if already_claimed is not None: # shouldn't see the form anyway is_valid = False form.answer.errors.append("You've already solved this challenge.") if is_valid: await CompletedChallenge.create( discord_id=request.user.discord_id, challenge_id=challenge.id, season=CURRENT_SEASON, ) return redirect_response( url=request.url_for("challenge_view", slug=challenge.slug)) rendered = highlight_markdown_unsafe(challenge.content) return templates.TemplateResponse( "challenge/view.j2", { "challenge": challenge, "request": request, "rendered": rendered, "solves": solves, "submit_form": form, }, )
async def sign_in(request: HTTPConnection): redirect_uri = request.url_for("auth_cb") return await oauth.discord.authorize_redirect(request, redirect_uri)
async def sign_out(request: HTTPConnection): request.session.pop("token", None) return RedirectResponse(url=request.url_for("index"))