name = gen_name()
if name not in used:
used.append(name)
try:
user = Users(name=name,
email=gen_email(),
password="******")
user.verified = True
if random_chance():
user.affiliation = gen_affiliation()
if random_chance():
oauth_id = random.randint(1, 1000)
while oauth_id in used_oauth_ids:
oauth_id = random.randint(1, 1000)
used_oauth_ids.append(oauth_id)
user.oauth_id = oauth_id
if mode == "teams":
user.team_id = random.randint(1, TEAM_AMOUNT)
db.session.add(user)
db.session.flush()
track = Tracking(ip=gen_ip(), user_id=user.id)
db.session.add(track)
db.session.flush()
count += 1
except Exception:
pass
db.session.commit()
if mode == "teams":
def oauth_redirect():
oauth_code = request.args.get("code")
state = request.args.get("state")
if session["nonce"] != state:
log("logins", "[{date}] {ip} - OAuth State validation mismatch")
error_for(endpoint="auth.login",
message="OAuth State validation mismatch.")
return redirect(url_for("auth.login"))
if oauth_code:
url = (get_app_config("OAUTH_TOKEN_ENDPOINT")
or get_config("oauth_token_endpoint")
or "https://auth.majorleaguecyber.org/oauth/token")
client_id = get_app_config("OAUTH_CLIENT_ID") or get_config(
"oauth_client_id")
client_secret = get_app_config("OAUTH_CLIENT_SECRET") or get_config(
"oauth_client_secret")
headers = {"content-type": "application/x-www-form-urlencoded"}
data = {
"code": oauth_code,
"client_id": client_id,
"client_secret": client_secret,
"grant_type": "authorization_code",
}
token_request = requests.post(url, data=data, headers=headers)
if token_request.status_code == requests.codes.ok:
token = token_request.json()["access_token"]
user_url = (get_app_config("OAUTH_API_ENDPOINT")
or get_config("oauth_api_endpoint")
or "https://api.majorleaguecyber.org/user")
headers = {
"Authorization": "Bearer " + str(token),
"Content-type": "application/json",
}
api_data = requests.get(url=user_url, headers=headers).json()
user_id = api_data["id"]
user_name = api_data["name"]
user_email = api_data["email"]
user = Users.query.filter_by(email=user_email).first()
if user is None:
# Check if we are allowing registration before creating users
if registration_visible():
user = Users(
name=user_name,
email=user_email,
oauth_id=user_id,
verified=True,
)
db.session.add(user)
db.session.commit()
else:
log("logins",
"[{date}] {ip} - Public registration via MLC blocked")
error_for(
endpoint="auth.login",
message=
"Public registration is disabled. Please try again later.",
)
return redirect(url_for("auth.login"))
if get_config("user_mode") == TEAMS_MODE:
team_id = api_data["team"]["id"]
team_name = api_data["team"]["name"]
team = Teams.query.filter_by(oauth_id=team_id).first()
if team is None:
team = Teams(name=team_name,
oauth_id=team_id,
captain_id=user.id)
db.session.add(team)
db.session.commit()
team.members.append(user)
db.session.commit()
if user.oauth_id is None:
user.oauth_id = user_id
user.verified = True
db.session.commit()
login_user(user)
return redirect(url_for("challenges.listing"))
else:
log("logins", "[{date}] {ip} - OAuth token retrieval failure")
error_for(endpoint="auth.login",
message="OAuth token retrieval failure.")
return redirect(url_for("auth.login"))
else:
log("logins", "[{date}] {ip} - Received redirect without OAuth code")
error_for(endpoint="auth.login",
message="Received redirect without OAuth code.")
return redirect(url_for("auth.login"))
def oauth_redirect():
oauth_code = request.args.get("code")
state = request.args.get("state")
if session["nonce"] != state:
log("logins", "[{date}] {ip} - OAuth State validation mismatch")
error_for(endpoint="auth.login",
message="OAuth State validation mismatch.")
return redirect(url_for("auth.login"))
if oauth_code:
url = (get_app_config("OAUTH_TOKEN_ENDPOINT")
or get_config("oauth_token_endpoint")
or "https://auth.majorleaguecyber.org/oauth/token")
client_id = get_app_config("OAUTH_CLIENT_ID") or get_config(
"oauth_client_id")
client_secret = get_app_config("OAUTH_CLIENT_SECRET") or get_config(
"oauth_client_secret")
headers = {"content-type": "application/x-www-form-urlencoded"}
data = {
"code": oauth_code,
"client_id": client_id,
"client_secret": client_secret,
"grant_type": "authorization_code",
}
token_request = requests.post(url, data=data, headers=headers)
if token_request.status_code == requests.codes.ok:
token = token_request.json()["access_token"]
user_url = (get_app_config("OAUTH_API_ENDPOINT")
or get_config("oauth_api_endpoint")
or "https://api.majorleaguecyber.org/user")
headers = {
"Authorization": "Bearer " + str(token),
"Content-type": "application/json",
}
api_data = requests.get(url=user_url, headers=headers).json()
user_id = api_data["id"]
user_name = api_data["name"]
user_email = api_data["email"]
user = Users.query.filter_by(email=user_email).first()
if user is None:
# Check if we are allowing registration before creating users
if registration_visible() or mlc_registration():
user = Users(
name=user_name,
email=user_email,
oauth_id=user_id,
verified=True,
)
db.session.add(user)
db.session.commit()
else:
log("logins",
"[{date}] {ip} - Public registration via MLC blocked")
error_for(
endpoint="auth.login",
message=
"Public registration is disabled. Please try again later.",
)
return redirect(url_for("auth.login"))
if get_config("user_mode") == TEAMS_MODE:
team_id = api_data["team"]["id"]
team_name = api_data["team"]["name"]
team = Teams.query.filter_by(oauth_id=team_id).first()
if team is None:
num_teams_limit = int(get_config("num_teams", default=0))
num_teams = Teams.query.filter_by(banned=False,
hidden=False).count()
if num_teams_limit and num_teams >= num_teams_limit:
abort(
403,
description=
f"Reached the maximum number of teams ({num_teams_limit}). Please join an existing team.",
)
team = Teams(name=team_name,
oauth_id=team_id,
captain_id=user.id)
db.session.add(team)
db.session.commit()
clear_team_session(team_id=team.id)
team_size_limit = get_config("team_size", default=0)
if team_size_limit and len(team.members) >= team_size_limit:
plural = "" if team_size_limit == 1 else "s"
size_error = "Teams are limited to {limit} member{plural}.".format(
limit=team_size_limit, plural=plural)
error_for(endpoint="auth.login", message=size_error)
return redirect(url_for("auth.login"))
team.members.append(user)
db.session.commit()
if user.oauth_id is None:
user.oauth_id = user_id
user.verified = True
db.session.commit()
clear_user_session(user_id=user.id)
login_user(user)
return redirect(url_for("challenges.listing"))
else:
log("logins", "[{date}] {ip} - OAuth token retrieval failure")
error_for(endpoint="auth.login",
message="OAuth token retrieval failure.")
return redirect(url_for("auth.login"))
else:
log("logins", "[{date}] {ip} - Received redirect without OAuth code")
error_for(endpoint="auth.login",
message="Received redirect without OAuth code.")
return redirect(url_for("auth.login"))