├── .gitignore ├── app ├── __init__.py ├── admin.py ├── apps.py ├── management │ └── commands │ │ └── init.py ├── migrations │ └── __init__.py ├── models.py ├── templates │ └── app │ │ ├── base.html │ │ ├── index.html │ │ └── profile.html ├── tests.py ├── urls.py └── views.py ├── db.sqlite3 ├── manage.py ├── openlug ├── __init__.py ├── settings.py ├── urls.py └── wsgi.py └── requirements.txt /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__ 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /app/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openlug/django-common/e9b69800c7e1229c867beb2120ef6702a95080e4/app/__init__.py -------------------------------------------------------------------------------- /app/admin.py: -------------------------------------------------------------------------------- 1 | from django.contrib import admin 2 | 3 | # Register your models here. 4 | -------------------------------------------------------------------------------- /app/apps.py: -------------------------------------------------------------------------------- 1 | from django.apps import AppConfig 2 | 3 | 4 | class AppConfig(AppConfig): 5 | name = 'app' 6 | -------------------------------------------------------------------------------- /app/management/commands/init.py: -------------------------------------------------------------------------------- 1 | from django.core.management.base import BaseCommand 2 | from django.contrib.auth.models import User 3 | import os 4 | 5 | 6 | class Command(BaseCommand): 7 | help = 'Create admin & guest user' 8 | 9 | def handle(self, *args, **options): 10 | def create_user(name, password=None): 11 | user = User.objects.create_user(name, 12 | password=os.urandom(1024) if password is None else password) 13 | user.is_superuser = False 14 | user.is_staff = False 15 | user.save() 16 | 17 | create_user("admin") 18 | create_user("guest", "guest") -------------------------------------------------------------------------------- /app/migrations/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openlug/django-common/e9b69800c7e1229c867beb2120ef6702a95080e4/app/migrations/__init__.py -------------------------------------------------------------------------------- /app/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | 3 | # Create your models here. 4 | -------------------------------------------------------------------------------- /app/templates/app/base.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | {% block title %}{% endblock %} 7 | 8 | 9 | 10 | 11 |

12 | {% block content %} 13 | {% endblock %} 14 |

15 | 16 | -------------------------------------------------------------------------------- /app/templates/app/index.html: -------------------------------------------------------------------------------- 1 | {% extends "app/base.html" %} 2 | 3 | {% block title %}{{ name }}{% endblock %} 4 | 5 | {% block content %} 6 |

7 | 20 |
21 |

你可以使用 guest 用户（密码为 guest）体验。

22 | {% endblock %} -------------------------------------------------------------------------------- /app/templates/app/profile.html: -------------------------------------------------------------------------------- 1 | {% extends "app/base.html" %} 2 | 3 | {% block title %}{{ name }} - 个人信息 {% endblock %} 4 | 5 | {% block content %} 6 |

{{ name }} - 个人信息

7 |

欢迎您，{{ username }}！

8 |

9 | 10 |

退出账户

11 | 12 |

Debug - Your cookie

13 | 14 | 15 | 18 | {% endblock %} -------------------------------------------------------------------------------- /app/tests.py: -------------------------------------------------------------------------------- 1 | from django.test import TestCase 2 | 3 | # Create your tests here. 4 | -------------------------------------------------------------------------------- /app/urls.py: -------------------------------------------------------------------------------- 1 | from django.urls import path 2 | 3 | from . import views 4 | 5 | urlpatterns = [ 6 | path('', views.index, name='index'), 7 | path('profile', views.profile, name='profile'), 8 | path('logout', views.log_out, name='logout') 9 | ] 10 | -------------------------------------------------------------------------------- /app/views.py: -------------------------------------------------------------------------------- 1 | from django.contrib.auth import authenticate, login, logout 2 | from django.contrib.auth.decorators import login_required 3 | from django.shortcuts import render, redirect 4 | from django.urls import reverse 5 | from django.views.decorators.csrf import csrf_exempt 6 | 7 | name = "Rabbit House 成员管理系统" 8 | 9 | 10 | def index(request): 11 | if request.method == "GET": 12 | if request.user.is_authenticated: 13 | return redirect(reverse("profile")) 14 | return render(request, 'app/index.html', { 15 | "name": name 16 | }) 17 | elif request.method == "POST": 18 | username = request.POST["username"] 19 | password = request.POST["password"] 20 | user = authenticate(request, username=username, password=password) 21 | if user is not None: 22 | login(request, user) 23 | return redirect(reverse("profile")) 24 | else: 25 | return redirect(reverse("index")) 26 | 27 | 28 | @login_required 29 | def profile(request): 30 | if request.user.username == "admin": 31 | user_profile = "flag redacted. login as admin on server to get flag." 32 | else: 33 | user_profile = "仅 admin 用户可阅览 flag。" 34 | return render(request, 'app/profile.html', { 35 | "name": name, 36 | "username": request.user, 37 | "profile": user_profile 38 | }) 39 | 40 | 41 | def log_out(request): 42 | logout(request) 43 | return redirect(reverse("index")) 44 | 45 | 46 | from django.contrib.auth import models 47 | 48 | 49 | def update_last_login(sender, user, **kwargs): 50 | pass 51 | 52 | 53 | models.update_last_login = update_last_login 54 | -------------------------------------------------------------------------------- /db.sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openlug/django-common/e9b69800c7e1229c867beb2120ef6702a95080e4/db.sqlite3 -------------------------------------------------------------------------------- /manage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | """Django's command-line utility for administrative tasks.""" 3 | import os 4 | import sys 5 | 6 | 7 | def main(): 8 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'openlug.settings') 9 | try: 10 | from django.core.management import execute_from_command_line 11 | except ImportError as exc: 12 | raise ImportError( 13 | "Couldn't import Django. Are you sure it's installed and " 14 | "available on your PYTHONPATH environment variable? Did you " 15 | "forget to activate a virtual environment?" 16 | ) from exc 17 | execute_from_command_line(sys.argv) 18 | 19 | 20 | if __name__ == '__main__': 21 | main() 22 | -------------------------------------------------------------------------------- /openlug/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openlug/django-common/e9b69800c7e1229c867beb2120ef6702a95080e4/openlug/__init__.py -------------------------------------------------------------------------------- /openlug/settings.py: -------------------------------------------------------------------------------- 1 | """ 2 | Django settings for openlug project. 3 | 4 | Generated by 'django-admin startproject' using Django 2.2.5. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/2.2/topics/settings/ 8 | 9 | For the full list of settings and their values, see 10 | https://docs.djangoproject.com/en/2.2/ref/settings/ 11 | """ 12 | 13 | import os 14 | 15 | # Build paths inside the project like this: os.path.join(BASE_DIR, ...) 16 | BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 17 | 18 | 19 | # Quick-start development settings - unsuitable for production 20 | # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/ 21 | 22 | # SECURITY WARNING: keep the secret key used in production non-secret! 23 | SECRET_KEY = 'd7um#o19q+v24!vkgzrxme41wz5#_h0#f_6u62fx0m@k&uwe39' 24 | 25 | # SECURITY WARNING: don't run with debug turned on in production! 26 | DEBUG = False 27 | 28 | ALLOWED_HOSTS = ["*"] 29 | 30 | 31 | # Application definition 32 | 33 | INSTALLED_APPS = [ 34 | # 'django.contrib.admin', 35 | 'django.contrib.auth', 36 | 'django.contrib.contenttypes', 37 | 'django.contrib.sessions', 38 | 'django.contrib.messages', 39 | 'django.contrib.staticfiles', 40 | 'app' 41 | ] 42 | 43 | MIDDLEWARE = [ 44 | 'django.middleware.security.SecurityMiddleware', 45 | 'django.contrib.sessions.middleware.SessionMiddleware', 46 | 'django.middleware.common.CommonMiddleware', 47 | # we're going to be RESTful in the future, 48 | # to prevent inconvenience, just turn csrf off. 49 | # 'django.middleware.csrf.CsrfViewMiddleware', 50 | 'django.contrib.auth.middleware.AuthenticationMiddleware', 51 | 'django.contrib.messages.middleware.MessageMiddleware', 52 | 'django.middleware.clickjacking.XFrameOptionsMiddleware', 53 | ] 54 | 55 | ROOT_URLCONF = 'openlug.urls' 56 | # for database performance 57 | SESSION_ENGINE = 'django.contrib.sessions.backends.signed_cookies' 58 | # javascript code can get document.cookie, debug 59 | SESSION_COOKIE_HTTPONLY = False 60 | 61 | TEMPLATES = [ 62 | { 63 | 'BACKEND': 'django.template.backends.django.DjangoTemplates', 64 | 'DIRS': [], 65 | 'APP_DIRS': True, 66 | 'OPTIONS': { 67 | 'context_processors': [ 68 | 'django.template.context_processors.debug', 69 | 'django.template.context_processors.request', 70 | 'django.contrib.auth.context_processors.auth', 71 | 'django.contrib.messages.context_processors.messages', 72 | ], 73 | }, 74 | }, 75 | ] 76 | 77 | WSGI_APPLICATION = 'openlug.wsgi.application' 78 | 79 | 80 | # Database 81 | # https://docs.djangoproject.com/en/2.2/ref/settings/#databases 82 | 83 | DATABASES = { 84 | 'default': { 85 | 'ENGINE': 'django.db.backends.sqlite3', 86 | 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), 87 | } 88 | } 89 | 90 | 91 | # Password validation 92 | # https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators 93 | 94 | AUTH_PASSWORD_VALIDATORS = [ 95 | { 96 | 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', 97 | }, 98 | { 99 | 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', 100 | }, 101 | { 102 | 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', 103 | }, 104 | { 105 | 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', 106 | }, 107 | ] 108 | 109 | 110 | # Internationalization 111 | # https://docs.djangoproject.com/en/2.2/topics/i18n/ 112 | 113 | LANGUAGE_CODE = 'zh-Hans' 114 | 115 | TIME_ZONE = 'Asia/Shanghai' 116 | 117 | USE_I18N = True 118 | 119 | USE_L10N = True 120 | 121 | USE_TZ = True 122 | 123 | 124 | # Static files (CSS, JavaScript, Images) 125 | # https://docs.djangoproject.com/en/2.2/howto/static-files/ 126 | 127 | STATIC_URL = '/static/' 128 | 129 | LOGIN_URL = '/' 130 | -------------------------------------------------------------------------------- /openlug/urls.py: -------------------------------------------------------------------------------- 1 | """openlug URL Configuration 2 | 3 | The `urlpatterns` list routes URLs to views. For more information please see: 4 | https://docs.djangoproject.com/en/2.2/topics/http/urls/ 5 | Examples: 6 | Function views 7 | 1. Add an import: from my_app import views 8 | 2. Add a URL to urlpatterns: path('', views.home, name='home') 9 | Class-based views 10 | 1. Add an import: from other_app.views import Home 11 | 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home') 12 | Including another URLconf 13 | 1. Import the include() function: from django.urls import include, path 14 | 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) 15 | """ 16 | from django.contrib import admin 17 | from django.urls import path, include 18 | 19 | urlpatterns = [ 20 | # path('admin/', admin.site.urls), 21 | path('', include('app.urls')), 22 | ] 23 | -------------------------------------------------------------------------------- /openlug/wsgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | WSGI config for openlug project. 3 | 4 | It exposes the WSGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/2.2/howto/deployment/wsgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.wsgi import get_wsgi_application 13 | 14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'openlug.settings') 15 | 16 | application = get_wsgi_application() 17 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | Django==2.2.5 2 | pytz==2019.2 3 | sqlparse==0.3.0 4 | --------------------------------------------------------------------------------