aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2026-01-16 20:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
927 Commits 18 Branches 43 Tags
a162f295d10e665bd9bb56c71e9f7418468e8161
Commit Graph

927 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kevin Chung
a162f295d1 Fix circular import 2020-06-03 11:06:31 -04:00
Kevin Chung
04b6fc070b Remove direct usage of Markup function 2020-06-03 10:52:52 -04:00
Kevin Chung
463fa97a61 Remove deprecated function usage 2020-06-03 10:49:05 -04:00
Kevin Chung
255b97498f Remove more legacy functions 2020-06-03 10:42:40 -04:00
Kevin Chung
52c65ced55 Remove keys from session and inject Session class into Jinja (#1456) 
* Closes #1362
* Reduces the session object to just an id, nonce, and security hash
 2020-06-03 02:09:48 -04:00
Kevin Chung
2a8d7ed349 Remove some attrs 2020-06-03 01:42:08 -04:00
Kevin Chung
e5ab35c8b0 Clean up login.html 2020-06-03 01:41:09 -04:00
Kevin Chung
69b24f75e8 Clean up register.html 2020-06-03 01:39:14 -04:00
Kevin Chung
423cbf8dc0 Remove usage of get_config in core theme 2020-06-03 01:15:45 -04:00
Kevin Chung
8313ccb443 1234 error components (#1465) 
Start cleaning up a lot of the core theme. 
Extract pieces into components that can be included into overarching templates. 
Work on #1234
 2020-06-03 00:17:18 -04:00
Kevin Chung
97f0beb9ca User pagination pages (#1464) 
* Replace user facing pagination with Flask SQLAlchemy Pagination objects
* Closes #1353

I think this is a big improvement but I feel like this is harder to create a theme construct around.
 2020-06-02 21:12:24 -04:00
Kevin Chung
d04ef66365 Closes #1307 2020-05-30 22:40:18 -04:00
Kevin Chung
0afd25ed39 1215 dockerfile improvements (#1461) 
* Switch Dockerfile from alpine to debian. Switch entrypoint from sh to bash
* Closes #1215
 2020-05-30 17:24:03 -04:00
Kevin Chung
712e43aea4 Closes #1027 (#1457) 
* Closes #1027 
* Default to using the non-root user in `docker-compose`
 2020-05-30 13:32:25 -04:00
Kevin Chung
76e5ad08a8 820 python 3 only (#1454) 
* Remove Python 2 specific code
* Require imports to have a proper isort-supported order
* Only test/lint on Python 3
* Bump most dependencies to latest supported version
 2020-05-30 02:43:49 -04:00
Kevin Chung
72be918e06 Remove yarn lint for now 2020-05-29 17:58:00 -04:00
Kevin Chung
3c151b9ebc Add yarn lint to make lint. Closes #1245 2020-05-29 17:14:16 -04:00
Kevin Chung
d88c529367 GFM without the tagfilter extension 2020-05-29 17:11:18 -04:00
Kevin Chung
48d6890cf7 Switch to only commonmark for now 2020-05-29 17:04:04 -04:00
Kevin Chung
ebcb35a395 Refer to right DispatcherMiddleware 2020-05-29 16:48:13 -04:00
Kevin Chung
256fd9725f Refer to correct DispatcherMiddleware 2020-05-29 16:45:06 -04:00
Kevin Chung
4768ea0e2e Merge remote-tracking branch 'origin/2.5.0-dev' into 3.0.0-dev 2020-05-29 16:05:44 -04:00
Kevin Chung
338910d52d Switch from mistune to cmarkgfm (#1414) 
* Switch from mistune to cmarkgfm
* Starts work on #1317
* Update markdown test to be commonmark compliant
 2020-05-29 16:00:59 -04:00
Ernesto Serrano
05ee4acad8 Added github actions workflow (#1394) 
* Added github actions workflow
 2020-05-29 16:00:14 -04:00
Kevin Chung
bfec529605 Update Flask-Migrate and regenerate the migration env (#1452) 
* Update Flask-Migrate to 2.5.3
* Regenerate the `env.py` file for migrations and delete useless README file
* Supercedes #1447
 2020-05-29 15:58:30 -04:00
Kevin Chung
9db9ecc0e6 Update CHANGELOG 2020-05-29 14:42:57 -04:00
Kevin Chung
27d8d82c17 Add CHANGELOG and mark 2.5.0 2020-05-29 14:42:04 -04:00
Kevin Chung
83fd7d1865 Closes #1441 2020-05-29 14:33:00 -04:00
Kevin Chung
90adffcbdd Add a session invalidation strategy inspired by Django (#1449) 
* Use a session invalidation strategy inspired by Django. https://docs.djangoproject.com/en/3.0/topics/auth/default/#session-invalidation-on-password-change
* Closes #1430
 2020-05-29 14:01:21 -04:00
Kevin Chung
50f75be5eb 1423 model filter bypass (#1451) 
* Add `view=admin` GET param to `/api/v1/users`, `/api/v1/teams`, and `/api/v1/challenges` to bypass filtering for admins
* Closes #1423 #1445
* Related to #1165
 2020-05-29 11:06:04 -04:00
Kevin Chung
970e1ca65e 1402 sqlalchemy optimization exploration (#1450) 
* Experimental ideas to make SQLAlchemy queries faster by switching them to SQLAlchemy Core
* Starts work on #1402
 2020-05-29 00:55:40 -04:00
Kevin Chung
f2dc702681 Add REVERSE_PROXY configuration to docker-compose 2020-05-28 23:44:17 -04:00
Kevin Chung
05ce2b05d0 Add newline 2020-05-28 23:42:59 -04:00
Kevin Chung
9cc4175303 Add nginx configuration. Closes #1405 2020-05-28 23:40:11 -04:00
fjh1997
1a85658678 Update docker-compose.yml (#1443) 
* Pin MariaDB to 10.4.12 in `docker-compose.yml`
 2020-05-25 11:37:01 -04:00
Kevin Chung
d9a0d78b75 Mark 2.4.3 (#1440) 
2.4.3 / 2020-05-24
==================

**Miscellaneous**
* Notifications/Events endpoint will now immediately send a ping instead of waiting a few seconds.
* Upgrade `gunicorn` dependency to `19.10.0`
* Upgrade `boto3` dependency to `1.13.9`
* Improve `import_ctf()` reliability by closing all connections before dropping & recreating database
* Close database session in IP tracking code in failure situations to avoid potential dangling database connections
* Don't allow backups to be imported if they do not have a `db` folder
* Change `import_ctf()` process slightly to import built-in tables first and then plugin tables
* Handle exception where a regex Flag is invalid

**API**
* File deletion endpoint (`DELETE /api/v1/files/[file_id]`) will now correctly delete the associated file

**Plugins**
* Add `CTFd.plugins.get_plugin_names()` to get a list of available plugins
* Add `CTFd.plugins.migrations.current()` to get the current revision of a plugin migration
* Improve `CTFd.plugins.migrations.upgrade()` to be able to upgrade to a specific plugin migration
* Run plugin migrations during import process

**Themes**
* Update jQuery to v3.5.1 to fix mobile hamburger menu
* Upgrade some dependencies in yarn lockfile
* Fix invalid team link being generated in `scoreboard.js`

**Admin Panel**
* Fix sending of user creation notification email
* Fix button to remove users from teams
2.4.3 		2020-05-24 20:59:17 -04:00
Nomuken
a9bcaeffc7 fixed incorrect generating team link (#1439) 2020-05-24 16:18:13 -04:00
Kevin Chung
e643834a0c Fix button to remove users from teams in Admin Panel (#1437) 
* Fix admin panel button to remove users from teams. 
* Add the data-href attribute to td as well as tr. 
* Closes #1435
 2020-05-24 02:06:02 -04:00
Kevin Chung
80df88f25d Revert "Use a ThreadPoolExecutor to concurrently store files dut string import (#1427)" (#1428) 
This reverts commit 2245df85f4.
 2020-05-21 02:15:16 -04:00
Kevin Chung
2245df85f4 Use a ThreadPoolExecutor to concurrently store files during import (#1427) 
* Use a `ThreadPoolExecutor` to concurrently store files during import
 2020-05-20 22:03:35 -04:00
Kevin Chung
d3f8441993 Catch situation where Regex flag fails (#1426) 
* Catch an exception where a user supplied regex Flag can fail to parse
* Starts on #1425
 2020-05-20 19:24:58 -04:00
Kevin Chung
ba887e8952 1422 block imports without db folder (#1424) 
* Don't allow backups to be imported if they do not have a `db` folder
* Closes #1422
 2020-05-20 15:52:09 -04:00
Kevin Chung
5618f0d04c 1406 plugin migrations improvements (#1420) 
* Handle plugin migrations during CTF import
* Closes #1406
 2020-05-19 21:21:31 -04:00
Kevin Chung
148bdccf26 Improve import_ctf reliability (#1419) 
* Improve `import_ctf()` reliability by closing all connections before dropping & recreating database
* Close database session in IP tracking code in failure situations
 2020-05-18 11:46:15 -04:00
Kevin Chung
ac24b83a86 Update deps in yarn.lock to appease Github security alerts (#1417) 
* Update deps in yarn.lock to appease Github security alerts
 2020-05-18 03:02:21 -04:00
Kevin Chung
b3987f7ead Bump boto3 version to 1.13.9 and install pipdeptree for development (#1415) 
* Bump boto3 version to 1.13.9
 2020-05-14 15:01:02 -04:00
socketz
a8a7a983e3 fix: requirements.txt to reduce vulnerabilities (#1412) 
* Upgrade gunicorn to version 19.10.0
 2020-05-14 13:29:38 -04:00
Kevin Chung
03051e8d99 Fix user creation email notification (#1408) 
* Fixes user creation email notification
* Closes #1398
 2020-05-14 12:20:59 -04:00
Kevin Chung
7a3028857c Update jquery and rebuild assets (#1409) 
* Update jQuery to v3.5.1 to fix mobile menu bar
* Closes #1401
 2020-05-14 10:46:00 -04:00
Ernesto Serrano
912016f6f8 Fix file deletion. Related to #1393 (#1396) 
* Delete files when the database reference is also deleted Related to #1393
 2020-05-13 21:35:46 -04:00