def register(): # register
def error(msg):
return {"success": False, "data": msg}
name = request.json.get("name", "").strip()
email_address = request.json.get("email", "").strip().lower()
password = request.json.get("password", "").strip()
name_len = len(name) == 0
names = Users.query.add_columns(
"name", "id").filter_by(name=name).first()
emails = (
Users.query.add_columns("email", "id")
.filter_by(email=email_address)
.first()
)
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(email_address)
team_name_email_check = validators.validate_email(name)
if not valid_email:
return error("Please enter a valid email address")
if email.check_email_is_whitelisted(email_address) is False:
return error("Only email addresses under {domains} may register".format(
domains=get_config("domain_whitelist")
))
if names:
return error("That user name is already taken")
if team_name_email_check is True:
return error("Your user name cannot be an email address")
if emails:
return error("That email has already been used")
if pass_short:
return error("Pick a longer password")
if pass_long:
return error("Pick a shorter password")
if name_len:
return error("Pick a longer user name")
with app.app_context():
user = Users(name=name, email=email_address, password=password)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config(
"verify_emails"
):
email.verify_email_address(user.email)
db.session.close()
return {"success": True, "data": url_for("auth.confirm")}
else:
if (config.can_send_mail()):
email.successful_registration_notification(user.email)
db.session.close()
return {"success": True, "data": None}
def login():
errors = get_errors()
if request.method == "POST":
name = request.form["name"]
# Check if the user submitted an email address or a team name
if validators.validate_email(name) is True:
user = Users.query.filter_by(email=name).first()
else:
user = Users.query.filter_by(name=name).first()
if user:
if user.password is None:
errors.append(
"Your account was registered with a 3rd party authentication provider. "
"Please try logging in with a configured authentication provider."
)
return render_template("login.html", errors=errors)
if user and verify_password(request.form["password"],
user.password):
session.regenerate()
login_user(user)
log("logins",
"[{date}] {ip} - {name} logged in",
name=user.name)
db.session.close()
if request.args.get("next") and validators.is_safe_url(
request.args.get("next")):
return redirect(request.args.get("next"))
return redirect(url_for("challenges.listing"))
else:
# This user exists but the password is wrong
log(
"logins",
"[{date}] {ip} - submitted invalid password for {name}",
name=user.name,
)
errors.append("用户名或密码错误")
db.session.close()
return render_template("login.html", errors=errors)
else:
# This user just doesn't exist
log("logins",
"[{date}] {ip} - submitted invalid account information")
errors.append("用户名或密码错误")
db.session.close()
return render_template("login.html", errors=errors)
else:
db.session.close()
return render_template("login.html", errors=errors)
def login():
errors = get_errors()
if request.method == "POST":
name = request.form["name"]
# Check if the user submitted an email address or a team name
if validators.validate_email(name) is True:
user = Users.query.filter_by(email=name).first()
else:
user = Users.query.filter_by(name=name).first()
if user:
if user and verify_password(request.form["password"],
user.password):
session.regenerate()
login_user(user)
log("logins", "[{date}] {ip} - {name} logged in")
db.session.close()
#if request.args.get("next") and validators.is_safe_url(
# request.args.get("next")
#):
#return redirect(request.args.get("next"))
return redirect(url_for("challenges.listing"))
else:
# This user exists but the password is wrong
log("logins",
"[{date}] {ip} - submitted invalid password for {name}")
errors.append("Your username or password is incorrect")
db.session.close()
return render_template("login.html", errors=errors)
else:
# This user just doesn't exist
log("logins",
"[{date}] {ip} - submitted invalid account information")
errors.append("Your username or password is incorrect")
db.session.close()
return render_template("login.html", errors=errors)
else:
db.session.close()
return render_template("login.html", errors=errors)
def login():
errors = get_errors()
if request.method == 'POST':
name = request.form['name']
# Check if the user submitted an email address or a team name
if validators.validate_email(name) is True:
user = Users.query.filter_by(email=name).first()
else:
user = Users.query.filter_by(name=name).first()
if user:
if user and bcrypt_sha256.verify(request.form['password'],
user.password):
session.regenerate()
login_user(user)
log('logins', "[{date}] {ip} - {name} logged in")
db.session.close()
if request.args.get('next') and validators.is_safe_url(
request.args.get('next')):
return redirect(request.args.get('next'))
return redirect(url_for('challenges.listing'))
else:
# This user exists but the password is wrong
log('logins',
"[{date}] {ip} - submitted invalid password for {name}")
errors.append("Your username or password is incorrect")
db.session.close()
return render_template('login.html', errors=errors)
else:
# This user just doesn't exist
log('logins',
"[{date}] {ip} - submitted invalid account information")
errors.append("Your username or password is incorrect")
db.session.close()
return render_template('login.html', errors=errors)
else:
db.session.close()
return render_template('login.html', errors=errors)
def login(): # login
req = request.json
if 'name' not in req or 'password' not in req:
return {"success": False, "data": None}
name = req['name']
if validators.validate_email(name) is True:
user = Users.query.filter_by(email=name).first()
else:
user = Users.query.filter_by(name=name).first()
if user and verify_password(request.json["password"], user.password):
session.regenerate()
login_user(user)
db.session.close()
return {
"success": True, "data": {
"nonce": session["nonce"],
}}
else:
db.session.close()
return {"success": False, "data": "Your username or password is incorrect"}
def setup():
errors = get_errors()
if not config.is_setup():
if not session.get("nonce"):
session["nonce"] = generate_nonce()
if request.method == "POST":
# General
ctf_name = request.form.get("ctf_name")
ctf_description = request.form.get("ctf_description")
user_mode = request.form.get("user_mode", USERS_MODE)
set_config("ctf_name", ctf_name)
set_config("ctf_description", ctf_description)
set_config("user_mode", user_mode)
# Style
ctf_logo = request.files.get("ctf_logo")
if ctf_logo:
f = upload_file(file=ctf_logo)
set_config("ctf_logo", f.location)
ctf_small_icon = request.files.get("ctf_small_icon")
if ctf_small_icon:
f = upload_file(file=ctf_small_icon)
set_config("ctf_small_icon", f.location)
theme = request.form.get("ctf_theme", DEFAULT_THEME)
set_config("ctf_theme", theme)
theme_color = request.form.get("theme_color")
theme_header = get_config("theme_header")
if theme_color and bool(theme_header) is False:
# Uses {{ and }} to insert curly braces while using the format method
css = (
'<style id="theme-color">\n'
":root {{--theme-color: {theme_color};}}\n"
".navbar{{background-color: var(--theme-color) !important;}}\n"
".jumbotron{{background-color: var(--theme-color) !important;}}\n"
"</style>\n"
).format(theme_color=theme_color)
set_config("theme_header", css)
# DateTime
start = request.form.get("start")
end = request.form.get("end")
set_config("start", start)
set_config("end", end)
set_config("freeze", None)
# Administration
name = request.form["name"]
email = request.form["email"]
password = request.form["password"]
name_len = len(name) == 0
names = Users.query.add_columns("name", "id").filter_by(name=name).first()
emails = (
Users.query.add_columns("email", "id").filter_by(email=email).first()
)
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form["email"])
team_name_email_check = validators.validate_email(name)
if not valid_email:
errors.append("Please enter a valid email address")
if names:
errors.append("That user name is already taken")
if team_name_email_check is True:
errors.append("Your user name cannot be an email address")
if emails:
errors.append("That email has already been used")
if pass_short:
errors.append("Pick a longer password")
if pass_long:
errors.append("Pick a shorter password")
if name_len:
errors.append("Pick a longer user name")
if len(errors) > 0:
return render_template(
"setup.html",
errors=errors,
name=name,
email=email,
password=password,
state=serialize(generate_nonce()),
)
admin = Admins(
name=name, email=email, password=password, type="admin", hidden=True
)
# Create an empty index page
page = Pages(title=None, route="index", content="", draft=False)
# Upload banner
default_ctf_banner_location = url_for("views.themes", path="img/logo.png")
ctf_banner = request.files.get("ctf_banner")
if ctf_banner:
f = upload_file(file=ctf_banner, page_id=page.id)
default_ctf_banner_location = url_for("views.files", path=f.location)
# Splice in our banner
index = f"""<div class="row">
<div class="col-md-6 offset-md-3">
<img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="{default_ctf_banner_location}" />
<h3 class="text-center">
<p>A cool CTF platform from <a href="https://ctfd.io">ctfd.io</a></p>
<p>Follow us on social media:</p>
<a href="https://twitter.com/ctfdio"><i class="fab fa-twitter fa-2x" aria-hidden="true"></i></a>
<a href="https://facebook.com/ctfdio"><i class="fab fa-facebook fa-2x" aria-hidden="true"></i></a>
<a href="https://github.com/ctfd"><i class="fab fa-github fa-2x" aria-hidden="true"></i></a>
</h3>
<br>
<h4 class="text-center">
<a href="admin">Click here</a> to login and setup your CTF
</h4>
</div>
</div>"""
page.content = index
# Visibility
set_config(
ConfigTypes.CHALLENGE_VISIBILITY, ChallengeVisibilityTypes.PRIVATE
)
set_config(
ConfigTypes.REGISTRATION_VISIBILITY, RegistrationVisibilityTypes.PUBLIC
)
set_config(ConfigTypes.SCORE_VISIBILITY, ScoreVisibilityTypes.PUBLIC)
set_config(ConfigTypes.ACCOUNT_VISIBILITY, AccountVisibilityTypes.PUBLIC)
# Verify emails
set_config("verify_emails", None)
set_config("mail_server", None)
set_config("mail_port", None)
set_config("mail_tls", None)
set_config("mail_ssl", None)
set_config("mail_username", None)
set_config("mail_password", None)
set_config("mail_useauth", None)
# Set up default emails
set_config("verification_email_subject", DEFAULT_VERIFICATION_EMAIL_SUBJECT)
set_config("verification_email_body", DEFAULT_VERIFICATION_EMAIL_BODY)
set_config(
"successful_registration_email_subject",
DEFAULT_SUCCESSFUL_REGISTRATION_EMAIL_SUBJECT,
)
set_config(
"successful_registration_email_body",
DEFAULT_SUCCESSFUL_REGISTRATION_EMAIL_BODY,
)
set_config(
"user_creation_email_subject", DEFAULT_USER_CREATION_EMAIL_SUBJECT
)
set_config("user_creation_email_body", DEFAULT_USER_CREATION_EMAIL_BODY)
set_config("password_reset_subject", DEFAULT_PASSWORD_RESET_SUBJECT)
set_config("password_reset_body", DEFAULT_PASSWORD_RESET_BODY)
set_config(
"password_change_alert_subject",
"Password Change Confirmation for {ctf_name}",
)
set_config(
"password_change_alert_body",
(
"Your password for {ctf_name} has been changed.\n\n"
"If you didn't request a password change you can reset your password here: {url}"
),
)
set_config("setup", True)
try:
db.session.add(admin)
db.session.commit()
except IntegrityError:
db.session.rollback()
try:
db.session.add(page)
db.session.commit()
except IntegrityError:
db.session.rollback()
login_user(admin)
db.session.close()
with app.app_context():
cache.clear()
return redirect(url_for("views.static_html"))
try:
return render_template("setup.html", state=serialize(generate_nonce()))
except TemplateNotFound:
# Set theme to default and try again
set_config("ctf_theme", DEFAULT_THEME)
return render_template("setup.html", state=serialize(generate_nonce()))
return redirect(url_for("views.static_html"))
def setup():
errors = get_errors()
if not config.is_setup():
if not session.get("nonce"):
session["nonce"] = generate_nonce()
if request.method == "POST":
# General
ctf_name = request.form.get("ctf_name")
ctf_description = request.form.get("ctf_description")
user_mode = request.form.get("user_mode", USERS_MODE)
set_config("ctf_name", ctf_name)
set_config("ctf_description", ctf_description)
set_config("user_mode", user_mode)
# Style
theme = request.form.get("ctf_theme", "core")
set_config("ctf_theme", theme)
theme_color = request.form.get("theme_color")
if theme_color:
# Uses {{ and }} to insert curly braces while using the format method
css = (
":root {{--theme-color: {theme_color};}}\n"
".navbar{{background-color: var(--theme-color) !important;}}\n"
".jumbotron{{background-color: var(--theme-color) !important;}}\n"
).format(theme_color=theme_color)
set_config("css", css)
# DateTime
start = request.form.get("start")
end = request.form.get("end")
set_config("start", start)
set_config("end", end)
set_config("freeze", None)
# Administration
name = request.form["name"]
email = request.form["email"]
password = request.form["password"]
name_len = len(name) == 0
names = Users.query.add_columns("name",
"id").filter_by(name=name).first()
emails = (Users.query.add_columns(
"email", "id").filter_by(email=email).first())
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form["email"])
team_name_email_check = validators.validate_email(name)
if not valid_email:
errors.append("Please enter a valid email address")
if names:
errors.append("That user name is already taken")
if team_name_email_check is True:
errors.append("Your user name cannot be an email address")
if emails:
errors.append("That email has already been used")
if pass_short:
errors.append("Pick a longer password")
if pass_long:
errors.append("Pick a shorter password")
if name_len:
errors.append("Pick a longer user name")
if len(errors) > 0:
return render_template(
"setup.html",
errors=errors,
name=name,
email=email,
password=password,
state=serialize(generate_nonce()),
)
admin = Admins(name=name,
email=email,
password=password,
type="admin",
hidden=True)
# Index page
index = """<div class="row">
<div class="col-md-6 offset-md-3">
<img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.png" />
<h3 class="text-center">
<p>A cool CTF platform from <a href="https://ctfd.io">ctfd.io</a></p>
<p>Follow us on social media:</p>
<a href="https://twitter.com/ctfdio"><i class="fab fa-twitter fa-2x" aria-hidden="true"></i></a>
<a href="https://facebook.com/ctfdio"><i class="fab fa-facebook fa-2x" aria-hidden="true"></i></a>
<a href="https://github.com/ctfd"><i class="fab fa-github fa-2x" aria-hidden="true"></i></a>
</h3>
<br>
<h4 class="text-center">
<a href="admin">Click here</a> to login and setup your CTF
</h4>
</div>
</div>""".format(request.script_root)
page = Pages(title=None, route="index", content=index, draft=False)
# Visibility
set_config("challenge_visibility", "private")
set_config("registration_visibility", "public")
set_config("score_visibility", "public")
set_config("account_visibility", "public")
# Verify emails
set_config("verify_emails", None)
set_config("mail_server", None)
set_config("mail_port", None)
set_config("mail_tls", None)
set_config("mail_ssl", None)
set_config("mail_username", None)
set_config("mail_password", None)
set_config("mail_useauth", None)
set_config("setup", True)
try:
db.session.add(admin)
db.session.commit()
except IntegrityError:
db.session.rollback()
try:
db.session.add(page)
db.session.commit()
except IntegrityError:
db.session.rollback()
login_user(admin)
db.session.close()
with app.app_context():
cache.clear()
return redirect(url_for("views.static_html"))
return render_template(
"setup.html",
nonce=session.get("nonce"),
state=serialize(generate_nonce()),
themes=config.get_themes(),
)
return redirect(url_for("views.static_html"))
def register():
errors = get_errors()
if current_user.authed():
return redirect(url_for("challenges.listing"))
if request.method == "POST":
name = request.form.get("name", "").strip()
email_address = request.form.get("email", "").strip().lower()
password = request.form.get("password", "").strip()
website = request.form.get("website")
affiliation = request.form.get("affiliation")
country = request.form.get("country")
registration_code = request.form.get("registration_code", "")
name_len = len(name) == 0
names = Users.query.add_columns("name",
"id").filter_by(name=name).first()
emails = (Users.query.add_columns(
"email", "id").filter_by(email=email_address).first())
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(email_address)
team_name_email_check = validators.validate_email(name)
if get_config("registration_code"):
if (registration_code.lower() != get_config("registration_code",
default="").lower()):
errors.append(
"The registration code you entered was incorrect")
# Process additional user fields
fields = {}
for field in UserFields.query.all():
fields[field.id] = field
entries = {}
for field_id, field in fields.items():
value = request.form.get(f"fields[{field_id}]", "").strip()
if field.required is True and (value is None or value == ""):
errors.append("Please provide all required fields")
break
# Handle special casing of existing profile fields
if field.name.lower() == "affiliation":
affiliation = value
break
elif field.name.lower() == "website":
website = value
break
if field.field_type == "boolean":
entries[field_id] = bool(value)
else:
entries[field_id] = value
if country:
try:
validators.validate_country_code(country)
valid_country = True
except ValidationError:
valid_country = False
else:
valid_country = True
if website:
valid_website = validators.validate_url(website)
else:
valid_website = True
if affiliation:
valid_affiliation = len(affiliation) < 128
else:
valid_affiliation = True
if not valid_email:
errors.append("Please enter a valid email address")
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Only email addresses under {domains} may register".format(
domains=get_config("domain_whitelist")))
if names:
errors.append("该用户名已被使用")
if team_name_email_check is True:
errors.append("您的用户名不能是电子邮件地址")
if emails:
errors.append("电子邮件地址已被使用")
if pass_short:
errors.append("密码长度不够")
if pass_long:
errors.append("密码过长")
if name_len:
errors.append("用户名长度不够")
if valid_website is False:
errors.append("Blog/网站 必须是以http或https开头的正确URL")
if valid_country is False:
errors.append("无效的地区")
if valid_affiliation is False:
errors.append("单位/组织 过长")
if len(errors) > 0:
return render_template(
"register.html",
errors=errors,
name=request.form["name"],
email=request.form["email"],
password=request.form["password"],
)
else:
with app.app_context():
user = Users(name=name, email=email_address, password=password)
if website:
user.website = website
if affiliation:
user.affiliation = affiliation
if country:
user.country = country
db.session.add(user)
db.session.commit()
db.session.flush()
for field_id, value in entries.items():
entry = UserFieldEntries(field_id=field_id,
value=value,
user_id=user.id)
db.session.add(entry)
db.session.commit()
login_user(user)
if request.args.get("next") and validators.is_safe_url(
request.args.get("next")):
return redirect(request.args.get("next"))
if config.can_send_mail() and get_config(
"verify_emails"
): # Confirming users is enabled and we can send email.
log(
"registrations",
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}",
name=user.name,
email=user.email,
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for("auth.confirm"))
else: # Don't care about confirming users
if (
config.can_send_mail()
): # We want to notify the user that they have registered.
email.successful_registration_notification(user.email)
log(
"registrations",
format="[{date}] {ip} - {name} registered with {email}",
name=user.name,
email=user.email,
)
db.session.close()
if is_teams_mode():
return redirect(url_for("teams.private"))
return redirect(url_for("challenges.listing"))
else:
return render_template("register.html", errors=errors)
def setup():
errors = get_errors()
if not config.is_setup():
if not session.get("nonce"):
session["nonce"] = generate_nonce()
if request.method == "POST":
# General
ctf_name = request.form.get("ctf_name")
ctf_description = request.form.get("ctf_description")
user_mode = request.form.get("user_mode", USERS_MODE)
set_config("ctf_name", ctf_name)
set_config("ctf_description", ctf_description)
set_config("user_mode", user_mode)
# Style
theme = request.form.get("ctf_theme", "core")
set_config("ctf_theme", theme)
theme_color = request.form.get("theme_color")
theme_header = get_config("theme_header")
if theme_color and bool(theme_header) is False:
# Uses {{ and }} to insert curly braces while using the format method
css = (
'<style id="theme-color">\n'
":root {{--theme-color: {theme_color};}}\n"
".navbar{{background-color: var(--theme-color) !important;}}\n"
".jumbotron{{background-color: var(--theme-color) !important;}}\n"
"</style>\n"
).format(theme_color=theme_color)
set_config("theme_header", css)
# DateTime
start = request.form.get("start")
end = request.form.get("end")
set_config("start", start)
set_config("end", end)
set_config("freeze", None)
# Administration
name = request.form["name"]
email = request.form["email"]
password = request.form["password"]
name_len = len(name) == 0
names = Users.query.add_columns("name", "id").filter_by(name=name).first()
emails = (
Users.query.add_columns("email", "id").filter_by(email=email).first()
)
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form["email"])
team_name_email_check = validators.validate_email(name)
if not valid_email:
errors.append("Please enter a valid email address")
if names:
errors.append("That user name is already taken")
if team_name_email_check is True:
errors.append("Your user name cannot be an email address")
if emails:
errors.append("That email has already been used")
if pass_short:
errors.append("Pick a longer password")
if pass_long:
errors.append("Pick a shorter password")
if name_len:
errors.append("Pick a longer user name")
if len(errors) > 0:
return render_template(
"setup.html",
errors=errors,
name=name,
email=email,
password=password,
state=serialize(generate_nonce()),
)
admin = Admins(
name=name, email=email, password=password, type="admin", hidden=True
)
# Index page
index = """<div class="row">
<div class="col-md-6 offset-md-3">
<img class="w-100 mx-auto d-block" style="max-width: 500px;padding: 50px;padding-top: 14vh;" src="themes/core/static/img/logo.png" />
<h3 class="text-center">
<p>CTF</p>
</h3>
<br>
<h4 class="text-center">
<a href="admin">Click here</a> to login and setup your CTF
</h4>
</div>
</div>""".format(
request.script_root
)
page = Pages(title=None, route="index", content=index, draft=False)
# Visibility
set_config("challenge_visibility", "private")
set_config("registration_visibility", "public")
set_config("score_visibility", "public")
set_config("account_visibility", "public")
# Verify emails
set_config("verify_emails", None)
set_config("mail_server", None)
set_config("mail_port", None)
set_config("mail_tls", None)
set_config("mail_ssl", None)
set_config("mail_username", None)
set_config("mail_password", None)
set_config("mail_useauth", None)
# Set up default emails
set_config("verification_email_subject", DEFAULT_VERIFICATION_EMAIL_SUBJECT)
set_config("verification_email_body", DEFAULT_VERIFICATION_EMAIL_BODY)
set_config(
"successful_registration_email_subject",
DEFAULT_SUCCESSFUL_REGISTRATION_EMAIL_SUBJECT,
)
set_config(
"successful_registration_email_body",
DEFAULT_SUCCESSFUL_REGISTRATION_EMAIL_BODY,
)
set_config(
"user_creation_email_subject", DEFAULT_USER_CREATION_EMAIL_SUBJECT
)
set_config("user_creation_email_body", DEFAULT_USER_CREATION_EMAIL_BODY)
set_config("password_reset_subject", DEFAULT_PASSWORD_RESET_SUBJECT)
set_config("password_reset_body", DEFAULT_PASSWORD_RESET_BODY)
set_config(
"password_change_alert_subject",
"Password Change Confirmation for {ctf_name}",
)
set_config(
"password_change_alert_body",
(
"Your password for {ctf_name} has been changed.\n\n"
"If you didn't request a password change you can reset your password here: {url}"
),
)
set_config("setup", True)
try:
db.session.add(admin)
db.session.commit()
except IntegrityError:
db.session.rollback()
try:
db.session.add(page)
db.session.commit()
except IntegrityError:
db.session.rollback()
login_user(admin)
db.session.close()
with app.app_context():
cache.clear()
return redirect(url_for("views.static_html"))
return render_template(
"setup.html",
nonce=session.get("nonce"),
state=serialize(generate_nonce()),
themes=config.get_themes(),
)
return redirect(url_for("views.static_html"))
def login():
errors = get_errors()
if request.method == "POST":
login_info = {
'username': request.form["name"],
'password': request.form["password"]
}
# Check if the user submitted an email address or username
if validators.validate_email(login_info['username']) is True:
user = Users.query.filter_by(email=login_info['username']).first()
# If this is the first time logging inn you need to use your username
errors.append("Use your username instead of email for first login")
else:
user = Users.query.filter_by(name=login_info['username']).first()
# Ldap credentials prep
login = login_info["username"].strip().lower()
login_dn = 'uid=' + login + ',' + settings['type_dn'] + ',' + settings['base_dn']
password = login_info["password"]
if password.rstrip() == "":
errors.append("Empty passwordfield")
db.session.close()
return render_template("login.html", errors=errors)
try:
# Connect to the ldap
print("connection to ldap")
server = ldap3.Server(settings['host'], port=settings['port'], use_ssl=settings["encryption"] == 'ssl', get_info=ldap3.ALL)
conn = ldap3.Connection(server, user=login_dn, password=password, auto_bind='NONE', version=3, authentication='SIMPLE', client_strategy='SYNC', auto_referrals=True, check_names=True, read_only=False, lazy=False, raise_exceptions=False)
# Start tls for confidentiality
conn.start_tls()
# Check authenticity of credentials
if not conn.bind():
# I'll leave this print for troubleshooting with login. Tip: if login isn't working check 'type_dn' in settings. I assume all people are registered as 'ou=people' in the system
# print("ERROR ", conn.result)
errors.append("Your username or password is incorrect")
log("logins", "[{date}] {ip} - submitted invalid password for {name}")
db.session.close()
return render_template("login.html", errors=errors)
print("Connected")
except Exception as e:
errors.append("Can't initialze connection to " + settings['host'] + ': ' + str(e))
db.session.close()
return render_template("login.html", errors=errors)
# If we have gotten to this point it means that the user credentials matched an entry in ldap
# Check if user has logged inn before
if user:
session.regenerate()
login_user(user)
log("logins", "[{date}] {ip} - {name} logged in")
db.session.close()
if request.args.get("next") and validators.is_safe_url(request.args.get("next")):
return redirect(request.args.get("next"))
return redirect(url_for("challenges.listing"))
else:
# Register the user in our system
# First we get email from ldap
try:
ldap_request = settings["request"].format(login)
conn.search(settings["base_dn"], ldap_request, attributes=["cn", "mail"])
response = conn.response
except Exception as ex:
errors.append("Can't get user data : " + str(ex))
conn.unbind()
db.session.close()
return render_template("login.html", errors=errors)
try:
# In some systems users have multiple entries on the same username, we search for one that has an email attribute.
for entry in response:
if entry["attributes"]["mail"] != []:
email = entry["attributes"]["mail"][0]
break
conn.unbind()
except KeyError as e:
errors.append("Can't get field " + str(e) + " from your LDAP server")
db.session.close()
return render_template("login.html", errors=errors)
except Exception as e:
errors.append("Can't get some user fields", e)
db.session.close()
return render_template("login.html", errors=errors)
# Add the new user to the DB
with app.app_context():
# We create a random password, this won't be used and is simply here because it is required in CTFd
# It is random so the account cannot be accessed by conventional loggin
dummy_password = randomString(28)
user = Users(name=login, email=email, password=dummy_password)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
log("registrations", "[{date}] {ip} - {name} registered with {email}")
db.session.close()
if is_teams_mode():
return redirect(url_for("teams.private"))
return redirect(url_for("challenges.listing"))
else:
db.session.close()
return render_template("login.html", errors=errors)
def register():
errors = get_errors()
if request.method == 'POST':
name = request.form['name']
email_address = request.form['email']
password = request.form['password']
name_len = len(name) == 0
names = Users.query.add_columns('name', 'id').filter_by(name=name).first()
emails = Users.query.add_columns('email', 'id').filter_by(email=email_address).first()
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form['email'])
team_name_email_check = validators.validate_email(name)
local_id, _, domain = email_address.partition('@')
domain_whitelist = get_config('domain_whitelist')
if not valid_email:
errors.append("Please enter a valid email address")
if domain_whitelist:
domain_whitelist = domain_whitelist.split(',')
if domain not in domain_whitelist:
errors.append(
"Only email addresses under {domains} may register".format(
domains=', '.join(domain_whitelist))
)
if names:
errors.append('That team name is already taken')
if team_name_email_check is True:
errors.append('Your team name cannot be an email address')
if emails:
errors.append('That email has already been used')
if pass_short:
errors.append('Pick a longer password')
if pass_long:
errors.append('Pick a shorter password')
if name_len:
errors.append('Pick a longer team name')
if len(errors) > 0:
return render_template(
'register.html',
errors=errors,
name=request.form['name'],
email=request.form['email'],
password=request.form['password']
)
else:
with app.app_context():
user = Users(
name=name.strip(),
email=email_address.lower(),
password=password.strip()
)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config('verify_emails'): # Confirming users is enabled and we can send email.
log('registrations', format="[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}")
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for('auth.confirm'))
else: # Don't care about confirming users
if config.can_send_mail(): # We want to notify the user that they have registered.
email.sendmail(
request.form['email'],
"You've successfully registered for {}".format(get_config('ctf_name'))
)
log('registrations', "[{date}] {ip} - {name} registered with {email}")
db.session.close()
return redirect(url_for('challenges.listing'))
else:
return render_template('register.html', errors=errors)
def register():
errors = get_errors()
if request.method != "POST":
return render_template("register.html", errors=errors)
else:
name = request.form['name']
email_address = request.form['email']
password = request.form['password']
fname = request.form['fname']
lname = request.form['lname']
name_len = len(name) == 0
fname_len = len(fname) == 0
lname_len = len(lname) == 0
names = Users.query.add_columns('name',
'id').filter_by(name=name).first()
emails = Users.query.add_columns(
'email', 'id').filter_by(email=email_address).first()
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form['email'])
team_name_email_check = validators.validate_email(name)
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Only email addresses under {domains} may register".format(
domains=get_config('domain_whitelist')))
if names:
errors.append('That user name is already taken')
if team_name_email_check is True:
errors.append('Your user name cannot be an email address')
if emails:
errors.append('That email has already been used')
if pass_short:
errors.append('Pick a longer password')
if pass_long:
errors.append('Pick a shorter password')
if name_len:
errors.append('Pick a longer user name')
if fname_len:
errors.append('Pick a longer user first name')
if lname_len:
errors.append('Pick a longer last name')
if len(errors) > 0:
return render_template('register.html',
errors=errors,
fname=request.form['fname'],
lname=request.form['lname'],
name=request.form['name'],
email=request.form['email'],
password=request.form['password'])
else:
with app.app_context():
user = Users(name=name.strip(),
email=email_address.lower(),
password=password.strip())
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
# do custom registration work here
fname = fname.strip()
lname = lname.strip()
user_email = email_address.lower()
# end custom registration work
if config.can_send_mail() and get_config(
'verify_emails'
): # Confirming users is enabled and we can send email.
log('registrations',
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}"
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for('auth.confirm'))
else: # Don't care about confirming users
if config.can_send_mail(
): # We want to notify the user that they have registered.
email.sendmail(
request.form['email'],
"You've successfully registered for {}".format(
get_config('ctf_name')))
log('registrations', "[{date}] {ip} - {name} registered with {email}")
db.session.close()
return redirect(request.url_root + "getStarted" + "?result=" +
urllib.parse.quote_plus(web_request.text))
def register():
errors = get_errors()
if request.method == 'POST':
name = request.form['name']
email_address = request.form['email']
password = request.form['password']
name_len = len(name) == 0
names = Users.query.add_columns('name', 'id').filter_by(name=name).first()
emails = Users.query.add_columns('email', 'id').filter_by(email=email_address).first()
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form['email'])
team_name_email_check = validators.validate_email(name)
local_id, _, domain = email_address.partition('@')
domain_whitelist = get_config('domain_whitelist')
if not valid_email:
errors.append("Пожалуйста, введите действующий адрес электронной почты")
if domain_whitelist:
domain_whitelist = [d.strip() for d in domain_whitelist.split(',')]
if domain not in domain_whitelist:
errors.append(
"Only email addresses under {domains} may register".format(
domains=', '.join(domain_whitelist))
)
if names:
errors.append('Это название команды уже занято')
if team_name_email_check is True:
errors.append('Название команды не может быть адресом электронной почты')
if emails:
errors.append('Эта почта уже используется')
if pass_short:
errors.append('Выберите пароль подлиннее')
if pass_long:
errors.append('Выберите пароль покороче')
if name_len:
errors.append('Выберите более длинное название команды')
if len(errors) > 0:
return render_template(
'register.html',
errors=errors,
name=request.form['name'],
email=request.form['email'],
password=request.form['password']
)
else:
with app.app_context():
user = Users(
name=name.strip(),
email=email_address.lower(),
password=password.strip()
)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config('verify_emails'): # Confirming users is enabled and we can send email.
log('registrations', format="[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}")
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for('auth.confirm'))
else: # Don't care about confirming users
if config.can_send_mail(): # We want to notify the user that they have registered.
email.sendmail(
request.form['email'],
"You've successfully registered for {}".format(get_config('ctf_name'))
)
log('registrations', "[{date}] {ip} - {name} registered with {email}")
db.session.close()
return redirect(url_for('challenges.listing'))
else:
return render_template('register.html', errors=errors)
def register():
errors = get_errors()
if request.method == "POST":
name = request.form.get("name", "").strip()
email_address = request.form.get("email", "").strip().lower()
password = request.form.get("password", "").strip()
website = request.form.get("website")
affiliation = request.form.get("affiliation")
country = request.form.get("country")
name_len = len(name) == 0
names = Users.query.add_columns("name",
"id").filter_by(name=name).first()
emails = (Users.query.add_columns(
"email", "id").filter_by(email=email_address).first())
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(email_address)
team_name_email_check = validators.validate_email(name)
# Process additional user fields
fields = {}
for field in UserFields.query.all():
fields[field.id] = field
entries = {}
for field_id, field in fields.items():
value = request.form.get(f"fields[{field_id}]", "").strip()
if field.required is True and (value is None or value == ""):
errors.append("Please provide all required fields")
break
# Handle special casing of existing profile fields
if field.name.lower() == "affiliation":
affiliation = value
break
elif field.name.lower() == "website":
website = value
break
if field.field_type == "boolean":
entries[field_id] = bool(value)
else:
entries[field_id] = value
if country:
try:
validators.validate_country_code(country)
valid_country = True
except ValidationError:
valid_country = False
else:
valid_country = True
if website:
valid_website = validators.validate_url(website)
else:
valid_website = True
if affiliation:
valid_affiliation = len(affiliation) < 128
else:
valid_affiliation = True
if not valid_email:
errors.append(
"Пожалуйста, введите действительный адрес электронной почты")
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Только адреса электронной почты ниже {domains} могут быть зарегистрированы"
.format(domains=get_config("domain_whitelist")))
if names:
errors.append("Этот никнейм уже используется")
if team_name_email_check is True:
errors.append(
"Ваше имя пользователя не может быть адресом электронной почты"
)
if emails:
errors.append("Этот адрес электронной почты уже был использован")
if pass_short:
errors.append("Введите более длинный пароль")
if pass_long:
errors.append("Введите более короткий пароль")
if name_len:
errors.append("Введите более длинное имя пользователя")
if valid_website is False:
errors.append(
"Сайт должен иметь правильный URL, начинающийся с http или https."
)
if valid_country is False:
errors.append("Введите существующую страна")
if valid_affiliation is False:
errors.append("Укажите более короткое название учреждения")
if len(errors) > 0:
return render_template(
"register.html",
errors=errors,
name=request.form["name"],
email=request.form["email"],
password=request.form["password"],
)
else:
with app.app_context():
user = Users(name=name, email=email_address, password=password)
if website:
user.website = website
if affiliation:
user.affiliation = affiliation
if country:
user.country = country
db.session.add(user)
db.session.commit()
db.session.flush()
for field_id, value in entries.items():
entry = UserFieldEntries(field_id=field_id,
value=value,
user_id=user.id)
db.session.add(entry)
db.session.commit()
login_user(user)
if config.can_send_mail() and get_config(
"verify_emails"
): # Confirming users is enabled and we can send email.
log(
"registrations",
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}",
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for("auth.confirm"))
else: # Don't care about confirming users
if (
config.can_send_mail()
): # We want to notify the user that they have registered.
email.successful_registration_notification(user.email)
log("registrations", "[{date}] {ip} - {name} registered with {email}")
db.session.close()
if is_teams_mode():
return redirect(url_for("teams.private"))
return redirect(url_for("challenges.listing"))
else:
return render_template("register.html", errors=errors)
def register():
errors = get_errors()
if request.method == "POST":
name = request.form.get("name", "").strip()
email_address = request.form.get("email", "").strip().lower()
password = request.form.get("password", "").strip()
website = request.form.get("website")
affiliation = request.form.get("affiliation")
country = request.form.get("country")
name_len = len(name) == 0
names = Users.query.add_columns("name",
"id").filter_by(name=name).first()
emails = (Users.query.add_columns(
"email", "id").filter_by(email=email_address).first())
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(email_address)
team_name_email_check = validators.validate_email(name)
if country:
try:
validators.validate_country_code(country)
valid_country = True
except ValidationError:
valid_country = False
else:
valid_country = True
if website:
valid_website = validators.validate_url(website)
else:
valid_website = True
if affiliation:
valid_affiliation = len(affiliation) < 128
else:
valid_affiliation = True
if not valid_email:
errors.append("Please enter a valid email address")
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Only email addresses under {domains} may register".format(
domains=get_config("domain_whitelist")))
if names:
errors.append("That user name is already taken")
if team_name_email_check is True:
errors.append("Your user name cannot be an email address")
if emails:
errors.append("That email has already been used")
if pass_short:
errors.append("Pick a longer password")
if pass_long:
errors.append("Pick a shorter password")
if name_len:
errors.append("Pick a longer user name")
if valid_website is False:
errors.append(
"Websites must be a proper URL starting with http or https")
if valid_country is False:
errors.append("Invalid country")
if valid_affiliation is False:
errors.append("Please provide a shorter affiliation")
if len(errors) > 0:
return render_template(
"register.html",
errors=errors,
name=request.form["name"],
email=request.form["email"],
password=request.form["password"],
)
else:
with app.app_context():
user = Users(name=name, email=email_address, password=password)
if website:
user.website = website
if affiliation:
user.affiliation = affiliation
if country:
user.country = country
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config(
"verify_emails"
): # Confirming users is enabled and we can send email.
log(
"registrations",
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}",
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for("auth.confirm"))
else: # Don't care about confirming users
if (
config.can_send_mail()
): # We want to notify the user that they have registered.
email.successful_registration_notification(user.email)
log("registrations", "[{date}] {ip} - {name} registered with {email}")
db.session.close()
if is_teams_mode():
return redirect(url_for("teams.private"))
return redirect(url_for("challenges.listing"))
else:
return render_template("register.html", errors=errors)
def register():
errors = get_errors()
if request.method == "POST":
name = request.form.get("name", "").strip()
email_address = request.form.get("email", "").strip().lower()
password = request.form.get("password", "").strip()
phone = request.form.get("phone", "").strip()
student_id = request.form.get("student_id", "").strip()
realname = request.form.get("realname", "").strip()
name_len = len(name) == 0
names = Users.query.add_columns("name",
"id").filter_by(name=name).first()
emails = (Users.query.add_columns(
"email", "id").filter_by(email=email_address).first())
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(email_address)
team_name_email_check = validators.validate_email(name)
phone_valid = len(phone) == 11
student_id_exist = Users.query.add_columns(
'student_id', 'id').filter_by(student_id=student_id).first()
student_id_valid = StudentID.query.add_columns(
'student_id', 'id').filter_by(student_id=student_id).first()
phone_exist = Users.query.add_columns(
'phone', 'id').filter_by(phone=phone).first()
realname_empty = len(realname) == 0
if not valid_email:
errors.append("Please enter a valid email address")
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Only email addresses under {domains} may register".format(
domains=get_config("domain_whitelist")))
if names:
errors.append("That user name is already taken")
if team_name_email_check is True:
errors.append("Your user name cannot be an email address")
if emails:
errors.append("That email has already been used")
if pass_short:
errors.append("Pick a longer password")
if pass_long:
errors.append("Pick a shorter password")
if name_len:
errors.append("Pick a longer user name")
if not phone_valid:
errors.append("Wrong phone number format")
if not student_id_valid:
errors.append("Invalid student id")
if realname_empty:
errors.append("Realname can't be empty")
if student_id_exist:
errors.append("That student id is already taken")
if phone_exist:
errors.append("That phone number is already taken")
if len(errors) > 0:
return render_template("register.html",
errors=errors,
name=request.form["name"],
email=request.form["email"],
password=request.form["password"],
student_id=student_id,
realname=realname,
phone=phone)
else:
with app.app_context():
user = Users(name=name,
email=email_address,
password=password,
student_id=student_id,
realname=realname,
phone=phone)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config(
"verify_emails"
): # Confirming users is enabled and we can send email.
log(
"registrations",
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}",
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for("auth.confirm"))
else: # Don't care about confirming users
if (
config.can_send_mail()
): # We want to notify the user that they have registered.
email.successful_registration_notification(user.email)
log("registrations", "[{date}] {ip} - {name} registered with {email}")
db.session.close()
if is_teams_mode():
return redirect(url_for("teams.private"))
return redirect(url_for("challenges.listing"))
else:
return render_template("register.html", errors=errors)
def test_validate_email():
"""Test that the check_email_format() works properly"""
assert validate_email("*****@*****.**") is True
assert validate_email("*****@*****.**") is True
assert validate_email("*****@*****.**") is True
assert validate_email("[email protected]") is True
assert validate_email("user.period1234@b") is False
assert validate_email("no.ampersand") is False
assert validate_email("user@") is False
assert validate_email("@ctfd.io") is False
assert validate_email("user.io@ctfd") is False
assert validate_email("user\\@ctfd") is False
for invalid_email in ["*****@*****.**", "*****@*****.**", "*****@*****.**"]:
try:
assert validate_email(invalid_email) is False
except AssertionError:
print(invalid_email, "did not pass validation")
def register():
errors = get_errors()
if request.method == 'POST':
name = request.form['name']
email_address = request.form['email']
password = request.form['password']
name_len = len(name) == 0
names = Users.query.add_columns('name',
'id').filter_by(name=name).first()
emails = Users.query.add_columns(
'email', 'id').filter_by(email=email_address).first()
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form['email'])
team_name_email_check = validators.validate_email(name)
if not valid_email:
errors.append("Please enter a valid email address")
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Only email addresses under {domains} may register".format(
domains=get_config('domain_whitelist')))
if names:
errors.append('That team name is already taken')
if team_name_email_check is True:
errors.append('Your team name cannot be an email address')
if emails:
errors.append('That email has already been used')
if pass_short:
errors.append('Pick a longer password')
if pass_long:
errors.append('Pick a shorter password')
if name_len:
errors.append('Pick a longer team name')
if ' ' in name:
errors.append('Your User name should not contain space')
if len(errors) > 0:
return render_template('register.html',
errors=errors,
name=request.form['name'],
email=request.form['email'],
password=request.form['password'])
else:
with app.app_context():
user = Users(name=name.strip(),
email=email_address.lower(),
password=password.strip())
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
# system("docker exec server-skr useradd -m %s -s /bin/bash" % name.strip())
# system('''docker exec server-skr bash -c 'echo "%s:%s" | chpasswd' ''' % (name.strip(),password.strip()))
# system("docker exec server-skr chmod 700 /home/%s" % name.strip())
# system("docker exec server-skr cp -r /home/user/. /home/%s/" % name.strip())
# system("docker exec server-skr chmod 4755 /home/%s/challenges/binary1/overflow" % name.strip())
# system("docker exec server-skr chmod 4755 /home/%s/challenges/binary2/overflow2" % name.strip())
# system("docker exec server-skr chmod 4755 /home/%s/challenges/format-string/format-string" % name.strip())
if config.can_send_mail() and get_config(
'verify_emails'
): # Confirming users is enabled and we can send email.
log('registrations',
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}"
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for('auth.confirm'))
else: # Don't care about confirming users
if config.can_send_mail(
): # We want to notify the user that they have registered.
email.sendmail(
request.form['email'],
"You've successfully registered for {}".format(
get_config('ctf_name')))
log('registrations', "[{date}] {ip} - {name} registered with {email}")
db.session.close()
return redirect(url_for('challenges.listing'))
else:
return render_template('register.html', errors=errors)
def register():
errors = get_errors()
if request.method == "POST":
name = request.form["name"]
email_address = request.form["email"]
password = request.form["password"]
name_len = len(name) == 0
names = Users.query.add_columns("name",
"id").filter_by(name=name).first()
emails = (Users.query.add_columns(
"email", "id").filter_by(email=email_address).first())
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form["email"])
team_name_email_check = validators.validate_email(name)
if not valid_email:
errors.append("Please enter a valid email address")
if email.check_email_is_whitelisted(email_address) is False:
errors.append(
"Only email addresses under {domains} may register".format(
domains=get_config("domain_whitelist")))
if names:
errors.append("That user name is already taken")
if team_name_email_check is True:
errors.append("Your user name cannot be an email address")
if emails:
errors.append("That email has already been used")
if pass_short:
errors.append("Pick a longer password")
if pass_long:
errors.append("Pick a shorter password")
if name_len:
errors.append("Pick a longer user name")
if len(errors) > 0:
return render_template(
"register.html",
errors=errors,
name=request.form["name"],
email=request.form["email"],
password=request.form["password"],
)
else:
with app.app_context():
user = Users(
name=name.strip(),
email=email_address.lower(),
password=password.strip(),
)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config(
"verify_emails"
): # Confirming users is enabled and we can send email.
log(
"registrations",
format=
"[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}",
)
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for("auth.confirm"))
else: # Don't care about confirming users
if (
config.can_send_mail()
): # We want to notify the user that they have registered.
email.sendmail(
request.form["email"],
"You've successfully registered for {}".format(
get_config("ctf_name")),
)
log("registrations", "[{date}] {ip} - {name} registered with {email}")
db.session.close()
if is_teams_mode():
return redirect(url_for("teams.private"))
return redirect(url_for("challenges.listing"))
else:
return render_template("register.html", errors=errors)
def register():
errors = get_errors()
if request.method == 'POST':
name = request.form['name']
email_address = request.form['email']
password = request.form['password']
name_len = len(name) == 0
names = Users.query.add_columns('name', 'id').filter_by(name=name).first()
emails = Users.query.add_columns('email', 'id').filter_by(email=email_address).first()
pass_short = len(password) == 0
pass_long = len(password) > 128
valid_email = validators.validate_email(request.form['email'])
team_name_email_check = validators.validate_email(name)
#accepted_rules = request.form.get("accept")
local_id, _, domain = email_address.partition('@')
domain_whitelist = get_config('domain_whitelist')
if not valid_email:
errors.append("Veuillez entrer un courriel valide")
if domain_whitelist:
domain_whitelist = [d.strip() for d in domain_whitelist.split(',')]
if domain not in domain_whitelist:
errors.append(
"Seuls les addresses sous {domains} peuvent s'enregistrer".format(
domains=', '.join(domain_whitelist))
)
if names:
errors.append('Ce nom d\'équipe est pris')
if team_name_email_check is True:
errors.append('Votre nom d\'équipe ne peut être une addresse courriel')
if emails:
errors.append('Cette addresse courriel est déjà utilisée')
if pass_short:
errors.append('Votre mot de passe est trop petit')
if pass_long:
errors.append('Votre mot de passe est trop long')
if name_len:
errors.append('Votre nom d\'équipe est trop petit')
#if not accepted_rules:
# errors.append("Vous devez lire et accepter le règlement & code de conduite")
if len(errors) > 0:
return render_template(
'register.html',
errors=errors,
name=request.form['name'],
email=request.form['email'],
password=request.form['password']
)
else:
with app.app_context():
user = Users(
name=name.strip(),
email=email_address.lower(),
password=password.strip()
)
db.session.add(user)
db.session.commit()
db.session.flush()
login_user(user)
if config.can_send_mail() and get_config('verify_emails'): # Confirming users is enabled and we can send email.
log('registrations', format="[{date}] {ip} - {name} registered (UNCONFIRMED) with {email}")
email.verify_email_address(user.email)
db.session.close()
return redirect(url_for('auth.confirm'))
else: # Don't care about confirming users
if config.can_send_mail(): # We want to notify the user that they have registered.
email.sendmail(
request.form['email'],
"You've successfully registered for {}".format(get_config('ctf_name'))
)
log('registrations', "[{date}] {ip} - {name} registered with {email}")
db.session.close()
return redirect(url_for('challenges.listing'))
else:
return render_template('register.html', errors=errors)