docker-compose fixes and redirection bug fixed

Author: eshaan7

docker-compose.yml

@@ -5,10 +5,8 @@ services:
     build: .
     container_name: rtb_gunicorn
     restart: unless-stopped
-    ports:
-      - "80:8000"
     expose:
-      - 8000
+      - "8000"
     environment:
       - DEBUG=False
       - SECRET_KEY=changeme
@@ -41,15 +39,15 @@ services:
       - "6379"
 
 
-  # nginx:
-  #   image: library/nginx:1.16.1-alpine
-  #   container_name: rtb_nginx
-  #   restart: unless-stopped
-  #   hostname: nginx
-  #   volumes:
-  #     - ./rtb_nginx_http:/etc/nginx/conf.d/default.conf
-  #   ports:
-  #     - "80:80"
-  #     - "443:443"
-  #   depends_on:
-  #     - rtbctf
+  nginx:
+    image: library/nginx:1.16.1-alpine
+    container_name: rtb_nginx
+    restart: unless-stopped
+    hostname: nginx
+    volumes:
+      - ./rtb_nginx_http:/etc/nginx/conf.d/default.conf
+    ports:
+      - "80:80"
+      - "443:443"
+    depends_on:
+      - rtbctf

rtb_nginx_http

@@ -1,6 +1,6 @@
 # the upstream component nginx needs to connect to
 upstream flask {
-    server rtbctf:8000 fail_timeout=30s;
+    server rtbctf:8000 fail_timeout=60s;
 }
 
 
@@ -10,7 +10,10 @@ server {
     server_name rtbctf.com;
 
     location / {
-        proxy_pass http://localhost:8000/
+        proxy_pass http://flask;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $host;
+        proxy_redirect off;
    }
 
 }

src/FlaskRTBCTF/helpers.py

@@ -1,4 +1,4 @@
-from flask import render_template, Blueprint, redirect, url_for, request, flash
+from flask import render_template, Blueprint, redirect, url_for, request
 
 from .models import Notification, Settings, Website
 from .forms import SettingsForm, WebsiteForm
@@ -7,20 +7,6 @@
 main = Blueprint("main", __name__)
 
 
-""" Before app request processor """
-
-
-@main.before_app_request
-def needs_setup():
-    settings = Settings.get_settings()
-    if settings.dummy:
-        if request.endpoint not in ("main.setup", "users.login", "static"):
-            flash("Please setup the CTF, before accessing any routes.", "info")
-            return redirect(url_for("main.setup"))
-    else:
-        return
-
-
 """ Index page """
 
 

src/FlaskRTBCTF/main/routes.py

@@ -4,6 +4,8 @@
 import secrets
 from datetime import datetime
 
+from flask import flash
+
 from .cache import cache
 from ..main.models import Settings, Website
 
@@ -32,6 +34,8 @@ def handle_admin_email(default="[email protected]"):
 def inject_app_context():
     settings = Settings.get_settings()
     websites = Website.get_websites()
+    if settings.dummy:
+        flash("Please setup the CTF by going to /setup.", "info")
 
     return dict(settings=settings, websites=websites)
 

src/FlaskRTBCTF/models.py

@@ -17,10 +17,10 @@ def admin_only(f):
 
     @wraps(f)
     def decorated_function(*args, **kwargs):
-        if current_user.is_authenticated and current_user.isAdmin:
-            return f(*args, **kwargs)
-        else:
-            flash("You are not authorized to perform this operation.", "danger")
-            return redirect("/")
+        if current_user:
+            if current_user.is_authenticated and current_user.isAdmin:
+                return f(*args, **kwargs)
+        flash("You are not authorized to perform this operation.", "danger")
+        return redirect("/login")
 
     return decorated_function