2015-12-06 18:58:49 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Pterodactyl\Http;
|
|
|
|
|
2017-10-29 20:57:43 +00:00
|
|
|
use Fideloper\Proxy\TrustProxies;
|
|
|
|
use Illuminate\Auth\Middleware\Authorize;
|
|
|
|
use Illuminate\Auth\Middleware\Authenticate;
|
|
|
|
use Pterodactyl\Http\Middleware\TrimStrings;
|
|
|
|
use Illuminate\Session\Middleware\StartSession;
|
|
|
|
use Pterodactyl\Http\Middleware\EncryptCookies;
|
|
|
|
use Pterodactyl\Http\Middleware\VerifyCsrfToken;
|
|
|
|
use Pterodactyl\Http\Middleware\VerifyReCaptcha;
|
|
|
|
use Pterodactyl\Http\Middleware\AdminAuthenticate;
|
|
|
|
use Pterodactyl\Http\Middleware\HMACAuthorization;
|
|
|
|
use Illuminate\Routing\Middleware\ThrottleRequests;
|
|
|
|
use Pterodactyl\Http\Middleware\LanguageMiddleware;
|
2015-12-06 18:58:49 +00:00
|
|
|
use Illuminate\Foundation\Http\Kernel as HttpKernel;
|
2017-09-24 02:45:25 +01:00
|
|
|
use Illuminate\Routing\Middleware\SubstituteBindings;
|
2017-10-28 03:42:53 +01:00
|
|
|
use Pterodactyl\Http\Middleware\AccessingValidServer;
|
2017-10-29 20:57:43 +00:00
|
|
|
use Illuminate\View\Middleware\ShareErrorsFromSession;
|
|
|
|
use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
|
|
|
|
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
|
2017-11-04 22:16:44 +00:00
|
|
|
use Pterodactyl\Http\Middleware\Daemon\DaemonAuthenticate;
|
2017-10-29 20:57:43 +00:00
|
|
|
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
2017-10-29 17:37:25 +00:00
|
|
|
use Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser;
|
2017-10-19 04:32:19 +01:00
|
|
|
use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer;
|
2017-10-29 20:57:43 +00:00
|
|
|
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
|
2017-10-19 04:32:19 +01:00
|
|
|
use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer;
|
|
|
|
use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer;
|
2017-10-29 20:57:43 +00:00
|
|
|
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
|
2017-11-04 22:16:44 +00:00
|
|
|
use Pterodactyl\Http\Middleware\DaemonAuthenticate as OldDaemonAuthenticate;
|
2015-12-06 18:58:49 +00:00
|
|
|
|
|
|
|
class Kernel extends HttpKernel
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* The application's global HTTP middleware stack.
|
|
|
|
*
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $middleware = [
|
2017-10-29 20:57:43 +00:00
|
|
|
CheckForMaintenanceMode::class,
|
|
|
|
EncryptCookies::class,
|
|
|
|
AddQueuedCookiesToResponse::class,
|
|
|
|
TrimStrings::class,
|
2017-02-01 19:31:24 +00:00
|
|
|
|
2017-04-02 02:01:10 +01:00
|
|
|
/*
|
|
|
|
* Custom middleware applied to all routes.
|
|
|
|
*/
|
2017-10-29 20:57:43 +00:00
|
|
|
TrustProxies::class,
|
2015-12-06 18:58:49 +00:00
|
|
|
];
|
|
|
|
|
2016-09-03 22:09:00 +01:00
|
|
|
/**
|
|
|
|
* The application's route middleware groups.
|
|
|
|
*
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $middlewareGroups = [
|
|
|
|
'web' => [
|
2017-10-29 20:57:43 +00:00
|
|
|
EncryptCookies::class,
|
|
|
|
AddQueuedCookiesToResponse::class,
|
|
|
|
StartSession::class,
|
|
|
|
ShareErrorsFromSession::class,
|
|
|
|
VerifyCsrfToken::class,
|
|
|
|
SubstituteBindings::class,
|
|
|
|
LanguageMiddleware::class,
|
|
|
|
RequireTwoFactorAuthentication::class,
|
2016-09-03 22:09:00 +01:00
|
|
|
],
|
|
|
|
'api' => [
|
2017-10-29 20:57:43 +00:00
|
|
|
HMACAuthorization::class,
|
2016-09-03 22:09:00 +01:00
|
|
|
'throttle:60,1',
|
|
|
|
'bindings',
|
|
|
|
],
|
2017-09-24 02:45:25 +01:00
|
|
|
'daemon' => [
|
|
|
|
SubstituteBindings::class,
|
2017-11-04 22:16:44 +00:00
|
|
|
DaemonAuthenticate::class,
|
2017-09-24 02:45:25 +01:00
|
|
|
],
|
2016-09-03 22:09:00 +01:00
|
|
|
];
|
|
|
|
|
2015-12-06 18:58:49 +00:00
|
|
|
/**
|
|
|
|
* The application's route middleware.
|
|
|
|
*
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected $routeMiddleware = [
|
2017-10-29 20:57:43 +00:00
|
|
|
'auth' => Authenticate::class,
|
|
|
|
'auth.basic' => AuthenticateWithBasicAuth::class,
|
|
|
|
'guest' => RedirectIfAuthenticated::class,
|
2017-10-28 03:42:53 +01:00
|
|
|
'server' => AccessingValidServer::class,
|
2017-10-29 17:37:25 +00:00
|
|
|
'subuser.auth' => AuthenticateAsSubuser::class,
|
2017-10-29 20:57:43 +00:00
|
|
|
'admin' => AdminAuthenticate::class,
|
2017-11-04 22:16:44 +00:00
|
|
|
'daemon-old' => OldDaemonAuthenticate::class,
|
2017-10-29 20:57:43 +00:00
|
|
|
'csrf' => VerifyCsrfToken::class,
|
|
|
|
'throttle' => ThrottleRequests::class,
|
|
|
|
'can' => Authorize::class,
|
|
|
|
'bindings' => SubstituteBindings::class,
|
|
|
|
'recaptcha' => VerifyReCaptcha::class,
|
2017-10-19 04:32:19 +01:00
|
|
|
|
|
|
|
// Server specific middleware (used for authenticating access to resources)
|
|
|
|
//
|
|
|
|
// These are only used for individual server authentication, and not gloabl
|
|
|
|
// actions from other resources. They are defined in the route files.
|
|
|
|
'server..database' => DatabaseBelongsToServer::class,
|
|
|
|
'server..subuser' => SubuserBelongsToServer::class,
|
|
|
|
'server..schedule' => ScheduleBelongsToServer::class,
|
2015-12-06 18:58:49 +00:00
|
|
|
];
|
|
|
|
}
|