def tracker(): if request.endpoint == "views.themes": return if authed(): user_ips = get_current_user_recent_ips() ip = get_ip() track = None if (ip not in user_ips) or (request.method != "GET"): track = Tracking.query.filter_by( ip=get_ip(), user_id=session["id"]).first() if track: track.date = datetime.datetime.utcnow() else: track = Tracking(ip=get_ip(), user_id=session["id"]) db.session.add(track) if track: try: db.session.commit() except (InvalidRequestError, IntegrityError): db.session.rollback() db.session.close() logout_user() else: clear_user_recent_ips(user_id=session["id"])
def reset(): if request.method == "POST": require_setup = False logout = False next_url = url_for("admin.statistics") data = request.form if data.get("pages"): _pages = Pages.query.all() for p in _pages: for f in p.files: delete_file(file_id=f.id) Pages.query.delete() if data.get("notifications"): Notifications.query.delete() if data.get("challenges"): _challenges = Challenges.query.all() for c in _challenges: for f in c.files: delete_file(file_id=f.id) Challenges.query.delete() if data.get("accounts"): Users.query.delete() Teams.query.delete() require_setup = True logout = True if data.get("submissions"): Solves.query.delete() Submissions.query.delete() Awards.query.delete() Unlocks.query.delete() Tracking.query.delete() if require_setup: set_config("setup", False) cache.clear() logout_user() next_url = url_for("views.setup") db.session.commit() clear_pages() clear_standings() clear_config() if logout is True: cache.clear() logout_user() db.session.close() return redirect(next_url) return render_template("admin/reset.html")
def get_current_user(): if authed(): user = Users.query.filter_by(id=session["id"]).first() # Check if the session is still valid session_hash = session.get("hash") if session_hash: if session_hash != hmac(user.password): logout_user() abort(redirect(url_for("auth.login", next=request.full_path))) return user else: return None
def reset(): if request.method == 'POST': # Truncate Users, Teams, Submissions, Solves, Notifications, Awards, Unlocks, Tracking Tracking.query.delete() Solves.query.delete() Submissions.query.delete() Awards.query.delete() Unlocks.query.delete() Users.query.delete() Teams.query.delete() set_config('setup', False) db.session.commit() cache.clear() logout_user() db.session.close() return redirect(url_for('views.setup')) return render_template('admin/reset.html')
def tracker(): if request.endpoint == "views.themes": return if authed(): track = Tracking.query.filter_by(ip=get_ip(), user_id=session["id"]).first() if not track: visit = Tracking(ip=get_ip(), user_id=session["id"]) db.session.add(visit) else: track.date = datetime.datetime.utcnow() try: db.session.commit() except (InvalidRequestError, IntegrityError): db.session.rollback() logout_user() if authed(): user = get_current_user() team = get_current_team() #level = get_level() if request.path.startswith("/themes") is False: if user and user.banned: return ( render_template( "errors/403.html", error="You have been banned from this CTF", ), 403, ) if team and team.banned: return ( render_template( "errors/403.html", error="Your team has been banned from this CTF", ), 403, ) db.session.close()
def logout(): if current_user.authed(): logout_user() return redirect(url_for("views.static_html"))
def logout(): if current_user.authed(): logout_user() return {"success": True, "data": None}