diff options
| author | maride <maride@darknebu.la> | 2018-08-14 23:24:40 +0200 |
|---|---|---|
| committer | maride <maride@darknebu.la> | 2018-08-14 23:24:40 +0200 |
| commit | 83537a94d26509be51e4458e6c9c09df5970de93 (patch) | |
| tree | 66aa4e7c1f1184a5adab0d6123471d0f20602e40 /src/http.go | |
| parent | 00c520f9653a72314a2e9ac2311e68421281688f (diff) | |
Add submit functionality for flags, and keep track of wrong tries
Diffstat (limited to 'src/http.go')
| -rw-r--r-- | src/http.go | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/src/http.go b/src/http.go index 2f25a38..210d8b3 100644 --- a/src/http.go +++ b/src/http.go @@ -9,6 +9,8 @@ import ( "io/ioutil" "time" "log" + "encoding/json" + "strconv" ) var ( @@ -28,6 +30,7 @@ func runHTTPServer() (error) { r.HandleFunc("/login", loginPostHandler).Methods("POST") r.HandleFunc("/logout", logoutHandler).Methods("POST") r.HandleFunc("/api/getChallenges", getChallengesHandler).Methods("GET") + r.HandleFunc("/api/submitFlag", submitFlagHandler).Methods("POST") address := fmt.Sprintf(":%d", *port) return http.ListenAndServe(address, r) @@ -162,3 +165,51 @@ func getChallengesHandler(w http.ResponseWriter, r *http.Request) { } } } + +func submitFlagHandler(w http.ResponseWriter, r *http.Request) { + r.ParseForm() + challengeName := r.Form.Get("challengeName") + flag := r.Form.Get("flag") + session, cookieNotFoundError := r.Cookie("session") + + if cookieNotFoundError != nil || !isValidSession(session.Value) { + // either no session cookie found, or it contains an invalid session token. Redirect. + http.Redirect(w, r, "/login", http.StatusTemporaryRedirect) + } else { + // valid session token found, now search for the requested challenge + + foundChallenge := false + correctFlag := false + + // try to find our challenge + for index, challenge := range challenges { + if challenge.Name == challengeName { + // found challenge, check flags + foundChallenge = true + + if challenge.Flag == flag { + // our user found the flag \o/ + challenges[index].FoundFlag = true + correctFlag = true + } else { + // ow, bummer :( + challenge.FlagTries++ + } + break + } + } + + // if we didn't find the challenge, write an error message + errorString := "" + if !foundChallenge { + errorString = "no such challenge" + } + + // inform our client + jsonAnswer, _ := json.Marshal(map[string]string{ + "correctFlag": strconv.FormatBool(correctFlag), + "error": errorString, + }) + w.Write([]byte(jsonAnswer)) + } +} |
