예제 #1
0
def create_user():
    data = json.loads(request.data)
    if len(g.db.get_specific_user(data['id'])) != 0:
        return create_error_response("Exists",  "A user with the id '{}' already exists".format(data['id']))
    if data['role'] in ('administrator', 'organizer', 'attacker'):
        g.db.create_user(data['id'], hash_password(data['password']), data['email'], data['role'])
        resp = redirect(url_for(".get_user", user_id=data['id']), code=201)
        return resp
    elif data['role'] == 'team':
        if 'team' not in data:
            return create_error_response('IllegalParameter', 'Users with role "team" must have the "team" parameter.')
        else:
            g.db.create_user(data['id'], hash_password(data['password']), data['email'], data['role'], team=data['team'])
            resp = redirect(url_for(".get_user", user_id=data['id']), code=201)
            return resp
    else:
        return create_error_response('InvalidRole', 'Users can only have roles "administrator", "organizer", "attacker", or "team".')
예제 #2
0
def create_new_session():
    data = json.loads(request.data)
    data["password"] = hash_password(data["password"])
    if g.db.get_specific_user(data["username"], data["password"]) == []:
        return create_error_response("IncorrectLogin", "Either the user does not exist or password is incorrect.")
    try:
        login_user(User(data["username"]), remember=True)
    except BaseException, e:
        return create_error_response(type(e).__name__, e.message)
예제 #3
0
def create_app(_config_dir=None, _config_filename='settings.cfg', _configspec_filename='configspec.cfg'):
    # Create Flask app
    global app
    app = Flask("CheshireCat")

    if _config_dir is not None:
        default_config_dirs.insert(0, _config_dir)

    configspec_path = get_first_file_that_exists(default_config_dirs, _configspec_filename)
    config_path = get_first_file_that_exists(default_config_dirs, _config_filename)

    if configspec_path is None:
        raise FileNotFound('configspec', default_config_dirs, _configspec_filename)
    if config_path is None:
        raise FileNotFound('config', default_config_dirs, _config_filename)

    # Load configuration file
    configspec = ConfigObj(configspec_path, list_values=False)
    config = ConfigObj(config_path, configspec=configspec)
    test = config.validate(Validator(), copy=True)
    for key in config['CORE']:
        app.config[key] = config['CORE'][key]

    # Change the session interface to be more secure and portalble than the default
    # which is provided by Werkzeug.
    # These break the engine currently. I don't know why.
    #app.session_interface = RedisSignedSessionInterface()
    #app.session_interface = ItsdangerousSessionInterface()

    # Flask-Login manages user sessions for us, but we need to set it up first, so
    # we'll do so here.
    global login_manager
    login_manager = LoginManager()
    login_manager.init_app(app)

    # Initialize our database
    dbconfig = config['CORE']['DATABASE']
    db = MongoDBWrapper(dbconfig['HOST'], int(dbconfig['PORT']), dbconfig['DB_NAME'])
    db.init_db()
    if len(db.get_all_users_with_role('administrator')) == 0:
        db.create_user('admin', hash_password('admin'), '*****@*****.**', 'administrator')

    # Initialize CheshireCat
    # Import the views, to apply the decorators which use the global app object.
    from . import views
예제 #4
0
def modify_current_user():
    user = current_user.get_id()
    data = json.loads(request.data)
    data["password"] = hash_password(data["password"])
    g.db.modify_user(user, **data)
    return Response(status=204)