admin.py (3781B)
1 from flask import Blueprint, render_template, request, redirect, url_for 2 from blueprints.utils import database 3 from blueprints.utils import crypto 4 import logging 5 6 admin_bp = Blueprint('admin', __name__, template_folder='templates', static_folder='static', 7 static_url_path='/static/admin') 8 9 10 @admin_bp.route("/") 11 @crypto.require_token 12 def index(jwt_data): 13 logging.warning(f"Unauthorized user {jwt_data['username']} accessed admin panel") 14 if jwt_data["isAdmin"] != 1: 15 16 return redirect(url_for("terminal.index")) 17 18 logging.info(f"User {jwt_data['username']} accessed admin panel") 19 return render_template("admin/index.html", username=jwt_data["username"], logged_in_users=database.get_all_logged_in_users()) 20 21 22 @admin_bp.route("/usermanagement") 23 @crypto.require_token 24 def user_management(jwt_data): 25 if jwt_data["isAdmin"] != 1: 26 logging.warning(f"User {jwt_data['username']} tried to access user management") 27 return redirect(url_for("terminal.index")) 28 29 logging.info(f"User {jwt_data['username']} accessed user management") 30 return render_template("admin/user_management.html", headings=["ID", "Username", "Logged In", "Is Admin", "Banned"], 31 users=database.get_all_users()) 32 33 34 @admin_bp.route("/usermanagement/ban/<user_id>") 35 @crypto.require_token 36 def ban_user(user_id, jwt_data): 37 if jwt_data["isAdmin"] != 1: 38 logging.warning(f"Unauthorized user {jwt_data['username']} tried to ban user {user_id}") 39 return redirect(url_for("terminal.index")) 40 41 database.ban_user(user_id) 42 logging.info(f"User {user_id} banned by {jwt_data['username']}") 43 return redirect(url_for("admin.user_management")) 44 45 46 @admin_bp.route("/usermanagement/unban/<user_id>") 47 @crypto.require_token 48 def unban_user(user_id, jwt_data): 49 if jwt_data["isAdmin"] != 1: 50 logging.warning(f"Unauthorized user {jwt_data['username']} tried to unban user {user_id}") 51 return redirect(url_for("terminal.index")) 52 53 database.unban_user(user_id) 54 55 logging.info(f"User {user_id} unbanned by {jwt_data['username']}") 56 return redirect(url_for("admin.user_management")) 57 58 59 @admin_bp.route("/challengemanagement") 60 @crypto.require_token 61 def challenge_management(jwt_data): 62 if jwt_data["isAdmin"] != 1: 63 logging.warning(f"Unauthorized user {jwt_data['username']} tried to access challenge management") 64 return redirect(url_for("terminal.index")) 65 66 logging.info(f"User {jwt_data['username']} accessed challenge management") 67 return render_template("admin/challenge_management.html", headings=["ID", "Flag", "Enabled"], challenges=database.get_all_challenges(), headings_solved=["User ID", "Challenge ID"], solved=database.get_solved_challenges()) 68 69 70 @admin_bp.route("/challengemanagement/enable/<challenge_id>") 71 @crypto.require_token 72 def enable_challenge(challenge_id, jwt_data): 73 if jwt_data["isAdmin"] != 1: 74 logging.warning(f"Unauthorized user {jwt_data['username']} tried to enable challenge {challenge_id}") 75 return redirect(url_for("terminal.index")) 76 77 database.enable_challenge(challenge_id) 78 logging.info(f"Challenge {challenge_id} enabled by {jwt_data['username']}") 79 return redirect(url_for("admin.challenge_management")) 80 81 82 @admin_bp.route("/challengemanagement/disable/<challenge_id>") 83 @crypto.require_token 84 def disable_challenge(challenge_id, jwt_data): 85 if jwt_data["isAdmin"] != 1: 86 logging.warning(f"Unauthorized user {jwt_data['username']} tried to disable challenge {challenge_id}") 87 return redirect(url_for("terminal.index")) 88 89 database.disable_challenge(challenge_id) 90 logging.info(f"Challenge {challenge_id} disabled by {jwt_data['username']}") 91 return redirect(url_for("admin.challenge_management"))