def initialize(self): self.xid = decode(encode(os.urandom(16), "hex")) if not self.config.use_bots: self.close() else: self.uuid = str(uuid4()) self.opcodes = {"interrogation_response": self.interrogation_response}
def get(self, *args, **kwargs): """ Validates Email and renders login page """ if len(options.mail_host) > 0: error = None info = None try: user_uuid = decode( urlsafe_b64decode(self.get_argument("u", ""))) token = sha256(urlsafe_b64decode(self.get_argument( "t", ""))).hexdigest() except: user_uuid = urlsafe_b64decode( encode(self.get_argument("u", ""))) token = sha256( urlsafe_b64decode(encode(self.get_argument( "t", "")))).hexdigest() user = User.by_uuid(user_uuid) if user: if user.is_email_valid() is True: pass elif user.validate_email(token) is True: info = [ "Successfully validated email for %s" % user.handle ] user.locked = False self.dbsession.add(user) self.dbsession.commit() self.event_manager.user_joined_team(user) else: error = ["Faield to validate email for %s" % user.handle] elif len(user_uuid) > 0 and not user: error = ["Invalid user for email validation"] self.render("public/login.html", info=info, errors=error) else: self.redirect("public/404")
def get(self, *args, **kwargs): """ Get the status of Git """ sp = subprocess.Popen(["git", "fetch"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) out, err = sp.communicate() if err: git = "RTB Updates: Git unable to connect to repository" else: sp = subprocess.Popen( ["git", "status", "-uno"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, ) out, err = sp.communicate() out = decode(out) if "Your branch is behind" in out and "modified:" in out: git = "RTB Updates: Modified files (merge conflicts)" elif "Your branch is" in out: branch = out.split("\n") for line in branch: if "Your branch is" in line: git = "RTB Updates: " + line break else: git = out if git is not None: self.set_header("Content-Type", "text/plain;charset=utf-8") self.set_header("Content-Length", len(git)) self.write(git) self.finish()
def create_reset_message(self, user, token): account = encode(user.uuid) try: account = decode(urlsafe_b64encode(account)) token = decode(urlsafe_b64encode(token)) except: account = urlsafe_b64encode(account) token = urlsafe_b64encode(token) if options.ssl: origin = options.origin.replace("ws://", "https://").replace( "wss://", "https://" ) else: origin = options.origin.replace("ws://", "http://") reset_url = "%s/reset/token?u=%s&p=%s" % (origin, account, token) remote_ip = ( self.request.headers.get("X-Real-IP") or self.request.headers.get("X-Forwarded-For") or self.request.remote_ip ) header = [] header.append("Subject: %s Password Reset" % options.game_name) header.append("From: %s <%s>" % (options.game_name, options.mail_sender)) header.append("To: %s <%s>" % (user.name, user.email)) header.append("MIME-Version: 1.0") header.append('Content-Type: text/html; charset="UTF-8"') header.append("Content-Transfer-Encoding: BASE64") header.append("") f = open("templates/public/reset_email.html", "r") template = ( f.read() .replace("\n", "") .replace("[Product Name]", options.game_name) .replace("{{name}}", user.name) .replace("{{action_url}}", reset_url) .replace("{{remote_ip}}", remote_ip) .replace("https://example.com", origin) ) f.close() try: email_msg = "\n".join(header) + b64encode(template) except: email_msg = "\n".join(header) + decode(b64encode(encode(template))) return email_msg
def edit_level_access(self): """ Update game level access """ try: level = GameLevel.by_uuid(self.get_argument("uuid", "")) if level is None: raise ValidationError("Game level does not exist") else: teams = [] lv_teams = level.teams for team in lv_teams: teams.append(team.uuid) access = self.request.arguments.get("accessList", []) available = self.request.arguments.get("availableList", []) if not isinstance(access, list): access = [access] if not isinstance(available, list): available = [available] for team_uuid in access: if decode(team_uuid) not in teams: team = Team.by_uuid(team_uuid) if team: team.game_levels.append(level) self.dbsession.add(team) self.dbsession.commit() for team_uuid in available: if decode(team_uuid) in teams: team = Team.by_uuid(team_uuid) if team: team.game_levels.remove(level) self.dbsession.add(team) self.dbsession.commit() self.redirect("/admin/view/game_levels") except ValueError: raise ValidationError("That was not a number ...") except ValidationError as error: self.render("admin/view/game_levels.html", errors=[str(error)])
def get(self, *args, **kwargs): """ Renders the Token Reset page """ if len(options.mail_host) > 0: try: user_uuid = decode(urlsafe_b64decode(self.get_argument("u", ""))) token = sha256( urlsafe_b64decode(self.get_argument("p", "")) ).hexdigest() except: user_uuid = urlsafe_b64decode(encode(self.get_argument("u", ""))) token = sha256( urlsafe_b64decode(encode(self.get_argument("p", ""))) ).hexdigest() self.render( "public/reset.html", errors=None, info=None, token=token, uuid=user_uuid ) else: self.redirect("public/404")
def data(self): with open(options.flag_attachment_dir + "/" + self.uuid, "rb") as fp: return decode(fp.read(), "base64")
def data(self): with open(options.source_code_market_dir + "/" + self.uuid, "rb") as fp: return decode(fp.read(), "base64")
def deserialize(datastring): dump = json.loads(decode(datastring, "base64")) dump["expires"] = datetime.strptime(dump["expires"], "%Y-%m-%d %H:%M:%S.%f") return dump
def data(self): with open(options.share_dir + "/" + self.uuid, "rb") as fp: return decode(fp.read(), "base64")