about summary refs log tree commit diff
path: root/src/http.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/http.go')
-rw-r--r--src/http.go51
1 files changed, 51 insertions, 0 deletions
diff --git a/src/http.go b/src/http.go
index 2f25a38..210d8b3 100644
--- a/src/http.go
+++ b/src/http.go
@@ -9,6 +9,8 @@ import (
 	"io/ioutil"
 	"time"
 	"log"
+	"encoding/json"
+	"strconv"
 )
 
 var (
@@ -28,6 +30,7 @@ func runHTTPServer() (error) {
 	r.HandleFunc("/login", loginPostHandler).Methods("POST")
 	r.HandleFunc("/logout", logoutHandler).Methods("POST")
 	r.HandleFunc("/api/getChallenges", getChallengesHandler).Methods("GET")
+	r.HandleFunc("/api/submitFlag", submitFlagHandler).Methods("POST")
 
 	address := fmt.Sprintf(":%d", *port)
 	return http.ListenAndServe(address, r)
@@ -162,3 +165,51 @@ func getChallengesHandler(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 }
+
+func submitFlagHandler(w http.ResponseWriter, r *http.Request) {
+	r.ParseForm()
+	challengeName := r.Form.Get("challengeName")
+	flag := r.Form.Get("flag")
+	session, cookieNotFoundError := r.Cookie("session")
+
+	if cookieNotFoundError != nil || !isValidSession(session.Value) {
+		// either no session cookie found, or it contains an invalid session token. Redirect.
+		http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
+	} else {
+		// valid session token found, now search for the requested challenge
+
+		foundChallenge := false
+		correctFlag := false
+
+		// try to find our challenge
+		for index, challenge := range challenges {
+			if challenge.Name == challengeName {
+				// found challenge, check flags
+				foundChallenge = true
+
+				if challenge.Flag == flag {
+					// our user found the flag \o/
+					challenges[index].FoundFlag = true
+					correctFlag = true
+				} else {
+					// ow, bummer :(
+					challenge.FlagTries++
+				}
+				break
+			}
+		}
+
+		// if we didn't find the challenge, write an error message
+		errorString := ""
+		if !foundChallenge {
+			errorString = "no such challenge"
+		}
+
+		// inform our client
+		jsonAnswer, _ := json.Marshal(map[string]string{
+			"correctFlag": strconv.FormatBool(correctFlag),
+			"error": errorString,
+		})
+		w.Write([]byte(jsonAnswer))
+	}
+}
generated by cgit-pink 1.4.1
rss feed of @hanemile@chaos.social mastodon lieu webring search engine XXIIVV webring activitypub