aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-18 06:24:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,125 Commits 18 Branches 43 Tags
9ac0bbba6c52171a6a308b4239e8ee54dba75492
Commit Graph

1125 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kevin Chung
9ac0bbba6c Fix issues with backup importing (#2092) 
* Closes #2087 
* Use `python manage.py import_ctf` instead of a new Process to import backups from the Admin Panel. 
    * This avoids a number of issues with gevent and webserver forking/threading models. 
* Add `--delete_import_on_finish` to `python manage.py import_ctf`
* Fix issue where `field_entries` table could not be imported when moving between MySQL and MariaDB
 2022-04-17 18:28:30 -04:00
Kevin Chung
90e81d7298 Fix page preview so that it accounts for the provided format (#2091) 
* Fix page preview so that it accounts for the provided format
* Closes #2089
 2022-04-15 15:17:33 -04:00
Kevin Chung
4efccfc39f Disable caching of get_asset_json if debug mode (#2090) 
* Disable caching of get_asset_json if debug mode
 2022-04-13 18:44:57 -04:00
Isaac
ab4dd902c4 Docker-compose now always uses stable nginx (#2088) 
Fixes #2086
 2022-04-12 17:50:58 -04:00
Kevin Chung
afc55bff75 Add next recommended challenge after solve (#2081) 
* Add a next challenge recommendation to challenges
* Closes #1668
 2022-04-08 23:02:56 -04:00
Kevin Chung
c95591aa16 Speed improvements (#2084) 
* Improve speed of `/api/v1/teams/me/fails`
* Improve speed of `/api/v1/teams/[team_id]/fails`
* Improve speed of `/api/v1/users/me/fails`
* Improve speed of `/api/v1/users/[user_id]/fails`
 2022-04-08 21:21:42 -04:00
Khiem Doan
281ae12a7c Slim down the size of docker image (#2032) 
`python3-dev` is already included in `python:3.7-slim-buster`. So we don't need to install it again.
This helps us reduce more than 100MB.
 2022-04-08 18:34:53 -04:00
Kevin Chung
f24f2a18bb Import backup improvements (#2078) 
* Add progress tracking to import_ctf
* Make imports happen in the background so that we can see status
* Add GET /admin/import to see status of import
* Disable the public interface during imports
* Closes #1980
 2022-04-08 16:52:04 -04:00
Kevin Chung
0c6e28315c Add userName and userEmail to init objects in base.html (#2082) 
* Add `userName` and `userEmail` to the CTFd init object in `base.html`
* Closes #2066
 2022-04-08 15:14:57 -04:00
PinkDraconian
e526d60a6d Remove double printing of log (#2033) 
* Fix double logging in log() function 

Co-authored-by: Kevin Chung <kchung@ctfd.io>
 2022-04-05 17:08:48 -04:00
Kevin Chung
24bf5302c4 Add support for only viewing hints after unlocking another hint (#2074) 
* Add support for only viewing hints after unlocking another hint
* Closes #2007
 2022-04-04 23:17:01 -04:00
Kevin Chung
eb8461cf2f Add code to support integration with a Vite build system for JS/CSS (#2051) 
* Adds the `Assets` constant to access front end assets from Jinja templates
* Adds a `views.themes_beta` route to avoid the `.dev`/`.min` extension being added automatically to frontend asset urls
* Add `count` meta field to `/api/v1/users/me/solves`, `/api/v1/users/me/fails`, `/api/v1/users/me/awards`, `/api/v1/users/[user_id]/solves`, `/api/v1/users/[user_id]/fails`, `/api/v1/users/[user_id]/awards`

* Works on #2049
 2022-04-04 22:59:13 -04:00
Kevin Chung
a2e7a32754 Fix issue where current theme cannot be found in list of themes (#2079) 
* Fix issue where current theme cannot be found in list of themes
 2022-03-30 12:16:34 -04:00
Kevin Chung
00bb891457 Add code to check for the potential of session ID duplication during ID generation (#2075) 
* Add code to check for the potential of session ID duplication during ID generation
 2022-03-29 17:17:59 -04:00
Kevin Chung
fc7516c91f Show admins the email server error message when email sending fails (#2073) 
* Show admins the email server error message when email sending fails
 2022-03-24 14:14:55 -04:00
Kevin Chung
d29102dae8 Add meta and count field to teams endpoints to make it easier to show graphs (#2072) 
* Add meta and count field to teams endpoints to make it easier to show graphs
 2022-03-21 19:46:11 -04:00
Kevin Chung
f39043427b Fix CSV export columns for team & user fields on scoreboard CSV (#2069) 
* Fix issue where custom field entries for Users and Teams would be misaligned in the scoreboard CSV export
 2022-03-19 14:34:31 -04:00
Kevin Chung
c0f171f6bc Fix importing backups that contain challenge topics and custom fields (#2070) 
* Fix issues with importing backups that contain Challenge Topics and Custom Fields
 2022-03-19 11:32:17 -04:00
Kevin Chung
de9f2311eb Add client side vaildation for checking if users upload files that are probably too large (#2067) 
* Add client side vaildation for checking if users upload files that are probably too large
* Closes #1972
 2022-03-11 04:24:59 -05:00
Kevin Chung
262d896a0e Mark 3.4.3 (#2063) 
# 3.4.3 / 2022-03-07

**Security**

- Bump cmarkgfm to 0.8.0 to resolve CVE-2022-24724. Copied entry from 3.4.2 since 3.4.2 introduced a bug that prevented writing raw HTML.

**General**

- Fix issue where raw HTML would not be rendered in markdown
 2022-03-07 19:00:52 -05:00
Kevin Chung
7aea1ce347 Mark 3.4.2 (#2062) 
# 3.4.2 / 2022-03-07

**Security**

- Bump cmarkgfm to 0.8.0 to resolve CVE-2022-24724

**General**

- Fix issue where unauthed users couldn't download challenge files after CTF end but viewing after CTF was enabled
 2022-03-07 15:03:13 -05:00
Allen Guan
a868faffb5 Fix download with auth token fail after ctf (458ce2e) (#2011) 
* Fix issue where unauthed users couldn't download challenge files after CTF end but viewing after CTF was enabled
 2022-03-06 21:25:46 -05:00
Kevin Chung
de6f8e059b Migrate to self hosted mailing list (#2059) 
* Migrate to self hosted mailing list
 2022-03-06 01:29:36 -05:00
Kevin Chung
a8a6db1aeb Bump cmarkgfm to 0.8.0 (#2058) 
* Bump cmarkgfm to 0.8.0
 2022-03-05 20:27:09 -05:00
Kevin Chung
d9813a601f Mark 3.4.1 (#2055) 
# 3.4.1 / 2022-02-19

**General**

- Make session cookies persist in the browser after close
- Fix issue where all-numeric registration codes wouldn't work
- Fix issue where a user's session isn't cleared properly after they are deleted by an admin
- Fix issue where CTF end time couldn't be set during setup

**API**

- Improved speed of the `/api/v1/challenges/[challenge_id]/solves` endpoint
- Document API authentication and `Content-Type` header requirement
- Add nested `UserSchema` and `TeamSchema` to `SubmissionSchema` for easier access to account name

**Admin Panel**

- Improve CSV import error reporting and validation
- Fix non-clickable checkbox label in user creation form in Admin Panel
- Allow submissions per minute ratelimit to be configurable in Admin Panel
- Add a link in the Pages Editor to the [Page Variables documentation page](https://docs.ctfd.io/docs/pages/variables/)

**Themes**

- Fix issue where invalid `theme_settings` can cause broken frontend
- Replace `node-sass` with `sass` and upgrade `sass-loader`

**Deployment**

- Serve all assets from CTFd regardless of internet availability (i.e. fonts and font-awesome)
- Fix regression in `REVERSE_PROXY` to allow comma seperated integers
- Bump `flask-restx` to 0.5.1
- Bump `pybluemonday` to 0.0.9
- Added support for S3 signature version 4 authentication to support alternative S3 buckets (Google Cloud Storage, DigitalOcean Spaces, etc)

**Miscellaneous**

- Add a Github Actions job to publish Docker images to Dockerhub and ghcr
 2022-02-19 02:36:35 -05:00
Kevin Chung
54f0c46662 Bump pybluemonday to 0.0.9 (#2054) 
* Bump pybluemonday to 0.0.9
* Bump python-geoacumen-city
* Use Python 3.7 in testing as Python 3.6 is EOL
 2022-02-18 21:47:56 -05:00
Kevin Chung
69cfc77e94 Have fonts and fontawesome be loaded locally (#2050) 
* Serve all assets from CTFd regardless of internet availability
* Closes #2048
 2022-02-18 18:35:54 -05:00
Kevin Chung
03d65bf542 Have profile notify user to join/create a team (#2053) 
* Have profile notify user to join/create a team (Closes #2013)
 2022-02-18 18:02:41 -05:00
Kevin Chung
52d41bac61 Fix issue where end time couldn't be set during setup (#2052) 
* Fix issue where end time couldn't be set during setup (Closes #2045)
 2022-02-18 17:19:20 -05:00
Kevin Chung
27e77368c8 Improve speed of the ChallengeSolves API endpoint (#2046) 
* Improve speed of the ChallengeSolves API (`/api/v1/challenges/[challenge_id]/solves`) endpoint
 2022-02-09 21:03:44 -05:00
Kevin Chung
f89fcea1e2 Fix boto3 s3 signature (#2041) 2022-01-13 14:27:33 -05:00
Kevin Chung
c1a27176b6 Fix edge case where invalid theme_settings cause broken frontend (#2034) 
* Fix edge case where invalid `theme_settings` cause broken frontend
 2021-12-08 15:47:00 -05:00
nopresearcher
d79f24b2e5 added support for S3 signature version 4 authentication (#1882) 
* added support for S3 signature version 4 authentication
 2021-12-02 22:51:52 -05:00
Maxime P
3550aaf4ea Fixing challenge-desc content overflow (#1994) 
* 🐛 fixing challenge-desc content overflow

Co-authored-by: Kevin Chung <kchung@ctfd.io>
Co-authored-by: Kevin Chung <kchung@nyu.edu>
 2021-11-30 21:38:59 -05:00
Kevin Chung
5599e25fc9 Add nested UserSchema and TeamSchema to SubmissionSchema (#2030) 
* Add nested UserSchema and TeamSchema to SubmissionSchema to allow easier access to a user/team name without issuing another query/API call
* Closes #2005
 2021-11-22 23:28:58 -05:00
Kevin Chung
8e96344817 Fix issue with clearing user's session after deletion (#2029) 
* Fix an issue where a user's session isn't cleared properly after they are deleted by an admin
* Closes #1996
 2021-11-22 22:36:35 -05:00
Kevin Chung
3cbe463dae Change Github Action to run on release (#2028) 
* Change Docker image release script to run on release
 2021-11-22 21:11:00 -05:00
Kevin Chung
a9aa0cab61 Add a Github Actions job to publish Docker images to Dockerhub and ghcr (#2027) 
* Add a Github Actions job to publish Docker images to Dockerhub and ghcr
* Closes #1982
 2021-11-22 19:27:26 -05:00
Kevin Chung
cf743a2778 Add a link to page variables documentation (#2026) 
* Adds a link in the Pages Editor to the Page Variables documentation page at https://docs.ctfd.io/docs/pages/variables/
* Closes #1983
 2021-11-22 19:03:28 -05:00
Kevin Chung
4aa258e290 Fix sass dependencies to fix js build (#2025) 
* Replace `node-sass` with `sass` and upgrade `sass-loader`
* Closes #2023
 2021-11-22 18:26:49 -05:00
Kevin Chung
afb1a54e9b Add a way to configure challenge attempt ratelimiting (#2024) 
* Allow submissions per minute ratelimit to be configurable
* Closes #2014
 2021-11-22 17:16:21 -05:00
Nikita Stupin
a0783c334c Document API authentication (#2021) 
* Document API authentication and Content-Type header requirement
 2021-11-22 05:38:19 -05:00
dependabot[bot]
7fc05bd4e3 Bump pybluemonday from 0.0.7 to 0.0.8 (#2009) 
Bumps [pybluemonday](https://github.com/ColdHeat/pybluemonday) from 0.0.7 to 0.0.8.
- [Release notes](https://github.com/ColdHeat/pybluemonday/releases)
- [Changelog](https://github.com/ColdHeat/pybluemonday/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ColdHeat/pybluemonday/compare/0.0.7...0.0.8)

---
updated-dependencies:
- dependency-name: pybluemonday
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Chung <kchung@ctfd.io>
 2021-10-23 03:25:00 -04:00
cpeter
c9ae55a219 Fixed documentation links in README.md (#2010) 
Co-authored-by: Csaba Peter <cpeter@atlassian.com>
Co-authored-by: Kevin Chung <kchung@ctfd.io>
 2021-10-23 03:06:28 -04:00
Kevin Chung
d2755faba0 Attempt to fix builds (#2012) 
* Update pipdeptree version to 2.2.0
 2021-10-23 00:30:37 -04:00
tom
78b324e577 fix regression in REVERSE_PROXY to allow comma seperated integers (#1999) 
Co-authored-by: Kevin Chung <kchung@ctfd.io>

* Fix issue with REVERSE_PROXY comma separated string configuration
* Closes #1993
 2021-10-11 15:33:08 -04:00
Connor Tumbleson
3e6f635b7b #2003 - All numeric registration codes (#2004) 
* fix: cast registration_code to string during register

* test: add test to confirm numeric registration codes
 2021-10-11 00:33:06 -04:00
dependabot[bot]
514ab2c8bd Bump path-parse from 1.0.6 to 1.0.7 (#1977) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Chung <kchung@ctfd.io>
 2021-09-22 02:42:55 -04:00
dependabot[bot]
6666248b2a Bump flask-restx from 0.2.0 to 0.5.1 (#1984) 
Bumps [flask-restx](https://github.com/python-restx/flask-restx) from 0.2.0 to 0.5.1.
- [Release notes](https://github.com/python-restx/flask-restx/releases)
- [Changelog](https://github.com/python-restx/flask-restx/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/python-restx/flask-restx/compare/0.2.0...0.5.1)

---
updated-dependencies:
- dependency-name: flask-restx
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Chung <kchung@ctfd.io>
 2021-09-22 02:06:11 -04:00
Nick Frost
7d39539883 Make login sessions permanent (#1991) 
* Closes #1990 
* Make session cookies persist in the browser after close
 2021-09-22 01:20:28 -04:00