search

CTFd / ctfcli

ctfcli is a tool to manage Capture The Flag events and challenges
https://ctfd.io/
Apache License 2.0
165 stars 67 forks source link

Add configurable cookies via config file #114

Closed pl4nty closed 1 year ago

pl4nty commented 1 year ago

For example:

[cookies]
site_password = your_password

Allows ctfcli to connect when a site password is configured. Fixes #111

ColdHeat commented 1 year ago

So this is with [cookies] in the global namespace right?

I would rather see cookies as a subsection to config. Would switching to configobj make that work? https://configobj.readthedocs.io/en/latest/index.html

pl4nty commented 1 year ago

This format works, indents aren't required though

[config]
url = https://myctf.ctfd.io
access_token = mytoken

    [[cookies]]
    site_password = mypassword
pl4nty commented 1 year ago

Any progress with this?

ColdHeat commented 1 year ago

Sorry I got caught up with other things and this slipped my mind.

Let me review the format that's getting reviewed here and I'll make any changes needed.

I think what was bugging me was the indent for cookies but I missed that the indent wasn't necessary.

ColdHeat commented 1 year ago

So I would really like if the config format was like: 

[config]
test = test

[challenges]
[[testing]]
location = test
path = asdf
[[testing2]]
location = test
path = asdf

[http]
[[cookies]]
test = test

And configobj is very close but it doesn't seem possible to add newlines at the end of every top level section. It's a minor thing but I'm looking into a solution.

ColdHeat commented 1 year ago

I'm also considering toml perhaps...

pl4nty commented 1 year ago

Have you had any luck with other options? My usecase is preventing public access to my challenge instance until a specific time, but still allowing select people to create accounts

ColdHeat commented 1 year ago

I really don't like this structure but I suppose thats why ctfcli is in beta. Ultimately I felt that while the configobj structure was better, it ran into other issues with the other improvements I wanted to make. And if it wasn't going to be good long term, why even add in the dependency.

I found that TOML supports the structure that we currently use as well as adds more capabilities so long term we will move to TOML as part of #109.

For now, adding cookies into the global namespace is a hack that we will support until we move to TOML.