diff --git a/src/FlaskRTBCTF/config.py b/src/FlaskRTBCTF/config.py index 4d9d71b..f6da71e 100644 --- a/src/FlaskRTBCTF/config.py +++ b/src/FlaskRTBCTF/config.py @@ -39,10 +39,10 @@ class Config: # Specify CTFs Running Time RunningTime = { - "from": datetime(2019,7,7,15,00,00,0, pytz.timezone('Asia/Calcutta')), - "to": datetime(2019,7,8,0,00,00,0, pytz.timezone('Asia/Calcutta')), - "TimeZone": "IST" -} # Use `pytz.utc` for UTC timezone + "from": datetime(2019,7,7,15,00,00,0, pytz.utc), + "to": datetime(2019,7,8,0,00,00,0, pytz.utc), + "TimeZone": "UTC" +} # We do not recommended changing the Timezone. # Specify Your Pwnable Box/Machine settings @@ -61,7 +61,8 @@ class Config: userScore = 10 rootScore = 20 -# Logging: Set to 'True' to enable Logging in Admin Views +# Logging: Set to 'True' to enable Logging in Admin Views. + +LOGGING = True # We recommend to leave it on. -LOGGING = False # NOTE: CHANGE DEFAULT ADMIN CREDENTIALS in create_db.py !!! diff --git a/src/FlaskRTBCTF/ctf/routes.py b/src/FlaskRTBCTF/ctf/routes.py index 8265acf..7cd12de 100644 --- a/src/FlaskRTBCTF/ctf/routes.py +++ b/src/FlaskRTBCTF/ctf/routes.py @@ -32,12 +32,12 @@ def scoreboard(): @login_required def machine(): user = User.query.get(current_user.id) - if user.visitedMachine is False and user.isAdmin is False: - user.visitedMachine = True - if LOGGING: - log = Logs.query.get(current_user.id) + if LOGGING: + log = Logs.query.get(current_user.id) + if log.visitedMachine is False: + log.visitedMachine = True log.machineVisitTime = datetime.utcnow() - db.session.commit() + db.session.commit() userHashForm = UserHashForm() rootHashForm = RootHashForm() return render_template('machine.html', userHashForm=userHashForm, diff --git a/src/FlaskRTBCTF/models.py b/src/FlaskRTBCTF/models.py index c72516c..cb83580 100644 --- a/src/FlaskRTBCTF/models.py +++ b/src/FlaskRTBCTF/models.py @@ -18,9 +18,7 @@ class User(db.Model, UserMixin): username = db.Column(db.String(40), unique=True, nullable=False) email = db.Column(db.String(120), unique=True, nullable=False) password = db.Column(db.String(60), nullable=False) - confirmed_at = db.Column(db.DateTime(), default=datetime.utcnow) isAdmin = db.Column(db.Boolean, default=False) - visitedMachine = db.Column(db.Boolean, default=False) score = db.relationship('Score', backref='user', lazy=True, uselist=False) if LOGGING: logs = db.relationship('Logs', backref='user', lazy=True, uselist=False) @@ -39,7 +37,7 @@ def verify_reset_token(token): return User.query.get(user_id) def __repr__(self): - return f"User('{self.username}', '{self.email}') | Score('{self.score}')" + return f"User('{self.username}', '{self.email}'))" ''' Score Table ''' @@ -52,7 +50,6 @@ class Score(db.Model): points = db.Column(db.Integer) timestamp = db.Column(db.DateTime(), default=datetime.utcnow) - def __repr__(self): return f"Score('{self.user_id}', '{self.points}')" @@ -70,10 +67,12 @@ def __repr__(self): ''' Logging Table ''' + if LOGGING: class Logs(db.Model): user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False, primary_key=True) accountCreationTime = db.Column(db.DateTime, nullable=False) + visitedMachine = db.Column(db.Boolean, default=False) machineVisitTime = db.Column(db.DateTime, nullable=True) userSubmissionTime = db.Column(db.DateTime, nullable=True) rootSubmissionTime = db.Column(db.DateTime, nullable=True) diff --git a/src/FlaskRTBCTF/users/routes.py b/src/FlaskRTBCTF/users/routes.py index 5a15afd..ab633ce 100644 --- a/src/FlaskRTBCTF/users/routes.py +++ b/src/FlaskRTBCTF/users/routes.py @@ -2,7 +2,6 @@ from flask_login import login_user, current_user, logout_user, login_required from FlaskRTBCTF import db, bcrypt from FlaskRTBCTF.config import organization, LOGGING -from datetime import datetime from FlaskRTBCTF.models import User, Score if LOGGING: from FlaskRTBCTF.models import Logs @@ -10,6 +9,8 @@ RequestResetForm, ResetPasswordForm) from FlaskRTBCTF.users.utils import send_reset_email +from datetime import datetime + users = Blueprint('users', __name__) ''' User management ''' @@ -24,10 +25,10 @@ def register(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, - email=form.email.data, password=hashed_password, visitedMachine=False) + email=form.email.data, password=hashed_password) score = Score(user=user, userHash=False, rootHash=False, points=0) if LOGGING: - log = Logs(user=user, accountCreationTime=datetime.utcnow(), machineVisitTime=None, userSubmissionTime=None, + log = Logs(user=user, accountCreationTime=datetime.utcnow(), visitedMachine=False, machineVisitTime=None, userSubmissionTime=None, rootSubmissionTime=None, userSubmissionIP=None, rootSubmissionIP=None) db.session.add(log) db.session.add(user)