From 21cd0688e0bb8904ead0d1b9e9b9cd206ee8dc16 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Sat, 10 Mar 2018 15:18:24 -0600
Subject: [PATCH] Added giant warning message if you attempt to change an
 encryption key once one has been set.

---
 CHANGELOG.md                                  |  1 +
 .../Commands/Overrides/KeyGenerateCommand.php | 28 +++++++++++++++++++
 resources/lang/en/command/messages.php        |  5 ++++
 3 files changed, 34 insertions(+)
 create mode 100644 app/Console/Commands/Overrides/KeyGenerateCommand.php

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e8a60ce46..d7357ca1b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 
 ### Added
 * Added ability for end users to change the name of their server through the UI. This option is only open to the server owner or an admin.
+* Added giant warning message if you attempt to change an encryption key once one has been set.
 
 ### Changed
 * Panel now throws proper 504: Gateway Timeout errors on server listing when daemon is offline.
diff --git a/app/Console/Commands/Overrides/KeyGenerateCommand.php b/app/Console/Commands/Overrides/KeyGenerateCommand.php
new file mode 100644
index 000000000..aa9294999
--- /dev/null
+++ b/app/Console/Commands/Overrides/KeyGenerateCommand.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace Pterodactyl\Console\Commands\Overrides;
+
+use Illuminate\Foundation\Console\KeyGenerateCommand as BaseKeyGenerateCommand;
+
+class KeyGenerateCommand extends BaseKeyGenerateCommand
+{
+    /**
+     * Override the default Laravel key generation command to throw a warning to the user
+     * if it appears that they have already generated an application encryption key.
+     */
+    public function handle()
+    {
+        if (! empty(config('app.key')) && $this->input->isInteractive()) {
+            $this->output->warning(trans('command/messages.key.warning'));
+            if (! $this->confirm(trans('command/messages.key.confirm'))) {
+                return;
+            }
+
+            if (! $this->confirm(trans('command/messages.key.final_confirm'))) {
+                return;
+            }
+        }
+
+        parent::handle();
+    }
+}
diff --git a/resources/lang/en/command/messages.php b/resources/lang/en/command/messages.php
index 4a5250327..1fd706a8b 100644
--- a/resources/lang/en/command/messages.php
+++ b/resources/lang/en/command/messages.php
@@ -1,6 +1,11 @@
 <?php
 
 return [
+    'key' => [
+        'warning' => 'It appears you have already configured an application encryption key. Continuing with this process with overwrite that key and cause data corruption for any existing encrypted data. DO NOT CONTINUE UNLESS YOU KNOW WHAT YOU ARE DOING.',
+        'confirm' => 'I understand the consequences of performing this command and accept all responsibility for the loss of encrypted data.',
+        'final_confirm' => 'Are you sure you wish to continue? Changing the application encryption key WILL CAUSE DATA LOSS.',
+    ],
     'location' => [
         'no_location_found' => 'Could not locate a record matching the provided short code.',
         'ask_short' => 'Location Short Code',