Skip to content

Commit

Permalink
update to conform with flake8/PEP8 | #47 (#50)
Browse files Browse the repository at this point in the history
  • Loading branch information
eshaan7 authored Apr 12, 2020
1 parent b59cfa2 commit 054bde9
Show file tree
Hide file tree
Showing 17 changed files with 230 additions and 131 deletions.
1 change: 1 addition & 0 deletions .lgtm.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
queries:
- exclude: py/similar-function
- exclude: py/empty-except
- exclude: py/call-to-non-callable
- include: py/undefined-placeholder-variable
- include: py/uninitialized-local-variable
- include: py/request-without-cert-validation
Expand Down
7 changes: 0 additions & 7 deletions .pylintrc

This file was deleted.

13 changes: 5 additions & 8 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,13 @@
---
env: SKIP_INTERPRETER=true

branches:
only:
- master
#branches:
# only:
# - master

language: python
python:
- "3.7.3"
- "3.8.1"
- "3.8.2"

env:
global:
Expand All @@ -20,9 +19,7 @@ before_install:

install:
- "pip install -r src/requirements.txt"
- pip install --no-cache-dir pytest-flake8
- "python src/create_db.py"


script:
- pytest --lint-only --flake8
- pytest --flake8
18 changes: 9 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ The main purpose of this project is to serve as a scoring engine and CTF manager

### Requirements

* `Python 3.7.3` or atleast `> 3.6`.
* Tested on `Python 3.8.2`
* Python Packages: [`src/requirements.txt`](src/requirements.txt).
* OS Packages: PostgreSQL version 11 or greater, `libpq-dev`, `python3-dev` packages. Please refer [here](https://tutorials.technology/solved_errors/9-Error-pg_config-executable-not-found.html).

Expand Down Expand Up @@ -138,41 +138,41 @@ Bonus: You can manage the database CRUD operations from admin views GUI as well
</a>
</p>

Please see: [Issues](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues) and the below To-do list.
Keeping to a consistent code style throughout the project makes it easier to contribute and collaborate. Please stick to the guidelines in PEP8 and the Google Style Guide unless there’s a very good reason not to.
Please see: [Issues](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues) and the following To-do list.

> Note: All PRs within the GSSoC'20 period will be merged in the `gssoc20-dev` branch.
#### 👨 Project Owner
##### 👨 Project Owner

- Eshaan Bansal ([github](https://github.com/eshaan7),[linkedin](https://www.linkedin.com/in/eshaan7/))

#### 👬 Mentors
##### 👬 Mentors

- Sombuddha Chakravarty ([github](https://github.com/sammy1997),[linkedin](https://www.linkedin.com/in/sombuddha-chakravarty-9482b5131/))

Feel free to ask your queries!! 🙌

#### Slack Channel
##### Slack Channel

- [#proj_root-the-box-ctf-framework](https://app.slack.com/client/TRN1H1V43/CUC71PDD2)


## To-do

- [ ] Freeze Scoreboard automatically past running time specified (Issue: [#3](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/3))
- [ ] Ideas for additional logging techniques to prevent flag sharing, cheating and such. (Issue: [#7](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/7))
- [ ] Support for *n* number of boxes (accordions? seperate route?). (Issue: [#17](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/17))
- [ ] Rating system: Average Box rating - input, calculate, output. (Issue: [#14](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/14))
- [ ] Adding a `Deploy to Heroku` button. (Issue: [#15](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/15))
- [ ] Dark theme for `admin control` panel. (Issue: [#16](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/16))
- [ ] Adding CI, Linting, Formatting specs. (Issue: [#18](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/18))
- [ ] Testing Password reset functionality, the mail-server setup, etc.
- [ ] More info on `home.html`
- [ ] Support for more hashes per box (not a priority)
- [ ] Need to implement `account.html` (not a priority)

<hr/>

- [x] Freeze Scoreboard automatically past running time specified (Issue: [#3](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/3))
- [x] Adding a `Deploy to Heroku` button. (Issue: [#15](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/15))
- [x] Adding CI, Linting, Formatting specs. (Issue: [#18](https://github.com/abs0lut3pwn4g3/RTB-CTF-Framework/issues/18))
- [x] db relationship between User and Score Tables (priority | issue: #5)
- [x] isAdmin column in User table and Admin views (priority)
- [x] Notifications
Expand Down
5 changes: 3 additions & 2 deletions src/FlaskRTBCTF/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,9 @@ def create_app(config_class=Config):
mail.init_app(app)

from flask_sslify import SSLify
if 'DYNO' in os.environ: # only trigger SSLify if the app is running on Heroku
_sslify = SSLify(app)
# only trigger SSLify if the app is running on Heroku
if 'DYNO' in os.environ:
_ = SSLify(app)

from FlaskRTBCTF.users.routes import users
from FlaskRTBCTF.ctf.routes import ctf
Expand Down
9 changes: 5 additions & 4 deletions src/FlaskRTBCTF/admin/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,15 @@
from flask_login import current_user
from flask_admin.contrib.sqla import ModelView


class MyModelView(ModelView):

column_exclude_list = ( 'password' )
column_exclude_list = ('password',)

def is_accessible(self):
if not current_user.is_authenticated or not current_user.isAdmin:
# permission denied
abort(403)
# permission denied
abort(403)
if current_user.isAdmin:
return True
return False
Expand All @@ -23,5 +24,5 @@ def _handle_view(self, name, **kwargs):
"""
if not self.is_accessible():
if current_user.is_authenticated:
#permission denied
# permission denied
abort(403)
40 changes: 22 additions & 18 deletions src/FlaskRTBCTF/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,54 +3,58 @@
import pytz


''' Flask related Configurations. Note: DO NOT FORGET TO CHANGE 'SECRET_KEY' ! '''
''' Flask related Configurations
Note: DO NOT FORGET TO CHANGE 'SECRET_KEY' ! '''


class Config:
SECRET_KEY = os.environ.get('SECRET_KEY') or 'you-will-never-guess'
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or 'sqlite:///site.db'
# For local use, one can simply use SQLlite with: 'sqlite:///site.db'
# For deployment on Heroku use: `os.environ.get('DATABASE_URL')`
SECRET_KEY = os.environ.get('SECRET_KEY') or 'you-will-never-guess'
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') \
or 'sqlite:///site.db'
# For local use, one can simply use SQLlite with: 'sqlite:///site.db'
# For deployment on Heroku use: `os.environ.get('DATABASE_URL')`
# in all other cases: `os.environ.get('SQLALCHEMY_DATABASE_URI')`
SQLALCHEMY_TRACK_MODIFICATIONS = False
DEBUG = False # Turn DEBUG OFF before deployment
SQLALCHEMY_TRACK_MODIFICATIONS = False
DEBUG = False # Turn DEBUG OFF before deployment
MAIL_SERVER = 'smtp.googlemail.com'
MAIL_PORT = 587
MAIL_USE_TLS = True
MAIL_USERNAME = os.environ.get('EMAIL_USER')
MAIL_PASSWORD = os.environ.get('EMAIL_PASS')


''' CTF related Configuration '''


# Add some information about organization and specify CTF name

organization = {
"ctfname": "RootTheBox CTF",
"name": "Abs0lut3Pwn4g3",
"website": {
"website": {
"url": "https://Abs0lut3Pwn4g3.github.io/",
"name": "Official Abs0lut3Pwn4g3 Website"
},
"website_2": {
},
"website_2": {
"url": "https://twitter.com/abs0lut3pwn4g3",
"name": "Twitter"
},
"website_3": {
},
"website_3": {
"url": "https://github.com/abs0lut3pwn4g3",
"name": "Github"
}
}
}

# Specify CTFs Running Time

RunningTime = {
"from": datetime(2019,7,7,15,00,00,0, pytz.utc),
"to": datetime(2030,7,8,0,00,00,0, pytz.utc),
RunningTime = {
"from": datetime(2019, 7, 7, 15, 00, 00, 0, pytz.utc),
"to": datetime(2030, 7, 8, 0, 00, 00, 0, pytz.utc),
"TimeZone": "UTC"
} # We do not recommend changing the Timezone.
} # We do not recommend changing the Timezone.

# Logging: Set to 'True' to enable Logging in Admin Views.

LOGGING = True # We recommend to leave it on. It is more than just errors ;)
LOGGING = True # We recommend to leave it on. It is more than just errors ;)

# NOTE: CHANGE DEFAULT ADMIN CREDENTIALS in create_db.py !!!
18 changes: 15 additions & 3 deletions src/FlaskRTBCTF/ctf/forms.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,22 @@
from wtforms import StringField, SubmitField
from wtforms.validators import DataRequired, Length


class UserHashForm(FlaskForm):
userHash = StringField('User hash', validators=[DataRequired(), Length(min=32, max=32)])
userHash = StringField('User hash',
validators=[
DataRequired(),
Length(min=32, max=32)
]
)
submit = SubmitField('Submit')


class RootHashForm(FlaskForm):
rootHash = StringField('Root hash', validators=[DataRequired(), Length(min=32, max=32)])
submit = SubmitField('Submit')
rootHash = StringField('Root hash',
validators=[
DataRequired(),
Length(min=32, max=32)
]
)
submit = SubmitField('Submit')
58 changes: 36 additions & 22 deletions src/FlaskRTBCTF/ctf/routes.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,10 @@
from FlaskRTBCTF import db
from FlaskRTBCTF.config import organization, LOGGING, RunningTime
from FlaskRTBCTF.models import User, Score, Machine
from FlaskRTBCTF.ctf.forms import UserHashForm, RootHashForm

if LOGGING:
from FlaskRTBCTF.models import Logs
from FlaskRTBCTF.ctf.forms import UserHashForm, RootHashForm


ctf = Blueprint('ctf', __name__)
Expand All @@ -27,11 +28,12 @@ def scoreboard():
userNameScoreList = []
for score in scores:
userNameScoreList.append({
'username': User.query.get(score.user_id).username,
'score' :score.points
'username': User.query.get(score.user_id).username,
'score': score.points
})

return render_template('scoreboard.html', scores=userNameScoreList, organization=organization)
return render_template('scoreboard.html', scores=userNameScoreList,
organization=organization)


''' Machine Info '''
Expand All @@ -40,19 +42,21 @@ def scoreboard():
@ctf.route("/machine")
@login_required
def machine():
box = Machine.query.filter(Machine.ip=="127.0.0.1").first()
box = Machine.query.filter(Machine.ip == "127.0.0.1").first()
if LOGGING:
log = Logs.query.get(current_user.id)
if log.visitedMachine is False:
log.visitedMachine = True
log.machineVisitTime = datetime.now(pytz.utc)
log.machineVisitTime = datetime.utcnow()
db.session.commit()
userHashForm = UserHashForm()
rootHashForm = RootHashForm()
end_date_time = RunningTime["to"]
current_date_time = datetime.now(pytz.utc)
return render_template('machine.html', userHashForm=userHashForm,
rootHashForm=rootHashForm, organization=organization, box=box, current=current_date_time, end=end_date_time)
rootHashForm=rootHashForm,
organization=organization, box=box,
current=current_date_time, end=end_date_time)


''' Hash Submission Management '''
Expand All @@ -61,12 +65,12 @@ def machine():
@ctf.route("/validateRootHash", methods=['POST'])
@login_required
def validateRootHash():
box = Machine.query.filter(Machine.ip=="127.0.0.1").first()
box = Machine.query.filter(Machine.ip == "127.0.0.1").first()
userHashForm = UserHashForm()
rootHashForm = RootHashForm()
end_date_time = RunningTime["to"]
current_date_time = datetime.now(pytz.utc)
if rootHashForm.validate_on_submit():
if rootHashForm.validate_on_submit():
if current_date_time > end_date_time:
flash("Sorry! Contest has ended", "danger")
elif rootHashForm.rootHash.data == box.root_hash:
Expand All @@ -80,28 +84,34 @@ def validateRootHash():
if LOGGING:
log = Logs.query.get(current_user.id)
log.rootSubmissionIP = request.access_route[0]
log.rootSubmissionTime = datetime.now(pytz.utc)
log.rootOwnTime = str(log.rootSubmissionTime - log.machineVisitTime)
log.rootSubmissionTime = datetime.utcnow()
log.rootOwnTime = str(
log.rootSubmissionTime - log.machineVisitTime
)
db.session.commit()
flash("Congrats! correct system hash.", "success")
else:
flash("Sorry! Wrong system hash", "danger")
return render_template('machine.html', userHashForm=userHashForm,
rootHashForm=rootHashForm, organization=organization, box=box, current=current_date_time, end=end_date_time)
rootHashForm=rootHashForm, box=box,
organization=organization,
current=current_date_time, end=end_date_time)
else:
return render_template('machine.html', userHashForm=userHashForm,
rootHashForm=rootHashForm, organization=organization, box=box, current=current_date_time, end=end_date_time)
rootHashForm=rootHashForm, box=box,
organization=organization,
current=current_date_time, end=end_date_time)


@ctf.route("/validateUserHash", methods=['POST'])
@login_required
def validateUserHash():
box = Machine.query.filter(Machine.ip=="127.0.0.1").first()
box = Machine.query.filter(Machine.ip == "127.0.0.1").first()
userHashForm = UserHashForm()
rootHashForm = RootHashForm()
end_date_time = RunningTime["to"]
current_date_time =datetime.now(pytz.utc)
if userHashForm.validate_on_submit():
current_date_time = datetime.now(pytz.utc)
if userHashForm.validate_on_submit():
if current_date_time > end_date_time:
flash("Sorry! Contest has ended", "danger")
elif userHashForm.userHash.data == box.user_hash:
Expand All @@ -115,16 +125,20 @@ def validateUserHash():
if LOGGING:
log = Logs.query.get(current_user.id)
log.userSubmissionIP = request.access_route[0]
log.userSubmissionTime = datetime.now(pytz.utc)
log.userOwnTime = str(log.userSubmissionTime - log.machineVisitTime)
log.userSubmissionTime = datetime.utcnow()
log.userOwnTime = str(
log.userSubmissionTime - log.machineVisitTime
)
db.session.commit()
flash("Congrats! correct user hash.", "success")
else:
flash("Sorry! Wrong user hash", "danger")
return render_template('machine.html', userHashForm=userHashForm,
rootHashForm=rootHashForm, organization=organization, box=box, current=current_date_time, end=end_date_time)
rootHashForm=rootHashForm,
organization=organization, box=box,
current=current_date_time, end=end_date_time)
else:
return render_template('machine.html', userHashForm=userHashForm,
rootHashForm=rootHashForm, organization=organization, box=box, current=current_date_time, end=end_date_time)


rootHashForm=rootHashForm,
organization=organization, box=box,
current=current_date_time, end=end_date_time)
Loading

0 comments on commit 054bde9

Please sign in to comment.