diff --git a/securityquiz/urls.py b/securityquiz/urls.py index f46e288..500d194 100644 --- a/securityquiz/urls.py +++ b/securityquiz/urls.py @@ -14,6 +14,7 @@ urlpatterns = patterns('', url(r'^admin/', include(admin.site.urls)), url(r'^save$', 'views.save'), url(r'^sign$', 'views.sign'), + url(r'^graderhelper$', 'views.graderhelper'), url(r'^letsencrypt$', 'views.letsencrypt'), url(r'^\.well-known/acme-challenge/(.+)', 'views.letsencrypt_challenge'), url(r'^(.*)$', 'views.home', name='home'), diff --git a/views.py b/views.py index 55c4f60..9d7e683 100644 --- a/views.py +++ b/views.py @@ -6,6 +6,7 @@ from django.views.decorators.csrf import csrf_exempt from django.contrib.auth import authenticate, login, logout from django.contrib.auth.models import User from django.contrib import messages +from django.db import connection from quiz.models import Answer, LetsEncryptChallenge import oauth2 as oauth, cgi, json, base64, urlparse, subprocess from oauth2_provider.views.generic import ProtectedResourceView @@ -263,4 +264,21 @@ tq9DcELddZK2gJXaXpL1wOL+Ex5RzzRmjqKmmkkn1//ikn+nrZU= response['Content-Disposition'] = 'attachment; filename=signed-certificaat.crt' return response - return render(request, 'sign.html') \ No newline at end of file + return render(request, 'sign.html') + +def graderhelper(request): + cursor = connection.cursor() + if request.GET['mode'] == 'oauth_app': + cursor.execute("SELECT COUNT(id) FROM oauth2_provider_application WHERE client_id = %s", [request.GET['answer']]) + return HttpResponse(cursor.fetchone()) + + elif request.GET['mode'] == 'access_token': + cursor.execute("SELECT COUNT(id) FROM oauth2_provider_accesstoken WHERE token = %s", [request.GET['answer']]) + return HttpResponse(cursor.fetchone()) + + elif request.GET['mode'] == 'auth_code': + cursor.execute("SELECT COUNT(id) FROM oauth2_provider_grant WHERE code = %s", [request.GET['answer']]) + return HttpResponse(cursor.fetchone()) + + + return HttpResponse('404') \ No newline at end of file