forked from tsg-ut/ctfd-plugin-tsgctf
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path__init__.py
136 lines (116 loc) · 4.48 KB
/
__init__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
import glob
import hashlib
import hmac
import importlib
import os.path
from flask import send_file, jsonify
from flask.helpers import safe_join
from CTFd.models import Challenges, Solves, Pages, db
from CTFd.schemas.pages import PageSchema
from CTFd.utils import get_config
from CTFd.utils.modes import get_model
from CTFd.utils.dates import ctf_ended, ctf_started
from CTFd.utils.user import is_verified, is_admin, get_current_team
from CTFd.utils.decorators import during_ctf_time_only, authed_only, require_team
from sqlalchemy.sql import and_
def load(app):
# Load all the subcomponents (which resides in this directory)
this_dir = os.path.abspath(os.path.dirname(__file__))
modules = sorted(glob.glob(this_dir + '/*.py'))
blacklist = {'__pycache__', '__init__.py'}
for mod in modules:
mod = os.path.basename(mod)
if mod in blacklist: continue
mod = '.' + mod[:-3]
mod = importlib.import_module(mod, package=__package__)
mod.load(app)
print(' * pbctf: Loaded subcomponent, %s' % mod)
def nonce():
from flask import session
return session.get('nonce')
app.jinja_env.globals.update(nonce=nonce)
#@app.route("/OneSignalSDKWorker.js", methods=["GET"])
#def worker():
# filename = safe_join(app.root_path, 'themes', 'tsgctf', 'static', 'OneSignalSDKWorker.js')
# return send_file(filename)
@app.route("/api/v1/dates", methods=["GET"])
def dates():
start = get_config('start')
end = get_config('end')
is_started = ctf_started()
is_ended = ctf_ended()
return jsonify({
'success': True,
'data': {
'start': start,
'end': end,
'is_started': is_started,
'is_ended': is_ended,
'is_verified': is_verified() or is_admin(),
},
})
@app.route("/api/v1/rules", methods=["GET"])
def rules():
page = Pages.query.filter_by(route='rules', auth_required=False).first_or_404()
schema = PageSchema()
response = schema.dump(page)
if response.errors:
return {"success": False, "errors": response.errors}, 400
return {"success": True, "data": response.data}
@app.route("/api/v1/sponsors", methods=["GET"])
def sponsors():
page = Pages.query.filter_by(route='sponsors', auth_required=False).first_or_404()
schema = PageSchema()
response = schema.dump(page)
if response.errors:
return {"success": False, "errors": response.errors}, 400
return {"success": True, "data": response.data}
@app.route("/api/v1/challenges/solves", methods=["GET"])
@during_ctf_time_only
def solves():
chals = (
Challenges.query.filter(
and_(Challenges.state != "hidden", Challenges.state != "locked")
)
.order_by(Challenges.value)
.all()
)
Model = get_model()
solves_sub = (
db.session.query(
Solves.challenge_id, db.func.count(Solves.challenge_id).label("solves")
)
.join(Model, Solves.account_id == Model.id)
.filter(Model.banned == False, Model.hidden == False)
.group_by(Solves.challenge_id)
.subquery()
)
solves = (
db.session.query(
solves_sub.columns.challenge_id,
solves_sub.columns.solves,
Challenges.name,
)
.join(Challenges, solves_sub.columns.challenge_id == Challenges.id)
.all()
)
response = []
has_solves = []
for challenge_id, count, name in solves:
challenge = {"id": challenge_id, "name": name, "solves": count}
response.append(challenge)
has_solves.append(challenge_id)
for c in chals:
if c.id not in has_solves:
challenge = {"id": c.id, "name": c.name, "solves": 0}
response.append(challenge)
db.session.close()
return {"success": True, "data": response}
@app.route("/api/v1/teams/me/team_code", methods=["GET"])
@authed_only
@require_team
def team_code():
team = get_current_team()
HMAC_KEY = b'5116723a36f9e8cd6ab7341be44ca04abd2fe54866bc16cff20c79b787f16934'
code = hmac.new(HMAC_KEY, str(team.id).encode(), hashlib.sha256).hexdigest()
return {"success": True, "data": {"team_code": code}}