sonot
/
PteroTheme
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update routes to use CSRF protection

This commit is contained in:
Dane Everitt 2016-01-12 21:50:43 -05:00
parent 98b3355158
commit 2def94c958
5 changed files with 18 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
app/Http/Routes/AdminRoutes.php
View File

@ -13,7 +13,8 @@ class AdminRoutes {
'as' => 'admin.index', 'as' => 'admin.index',
'middleware' => [ 'middleware' => [
'auth', 'auth',
'admin' 'admin',
'csrf'
], ],
'uses' => 'Admin\BaseController@getIndex' 'uses' => 'Admin\BaseController@getIndex'
]); ]);
@ -22,7 +23,8 @@ class AdminRoutes {
'prefix' => 'admin/accounts', 'prefix' => 'admin/accounts',
'middleware' => [ 'middleware' => [
'auth', 'auth',
'admin' 'admin',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {
@ -66,7 +68,8 @@ class AdminRoutes {
'prefix' => 'admin/servers', 'prefix' => 'admin/servers',
'middleware' => [ 'middleware' => [
'auth', 'auth',
'admin' 'admin',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {
@ -148,7 +151,8 @@ class AdminRoutes {
'prefix' => 'admin/nodes', 'prefix' => 'admin/nodes',
'middleware' => [ 'middleware' => [
'auth', 'auth',
'admin' 'admin',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {
@ -204,7 +208,8 @@ class AdminRoutes {
'prefix' => 'admin/locations', 'prefix' => 'admin/locations',
'middleware' => [ 'middleware' => [
'auth', 'auth',
'admin' 'admin',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {
$router->get('/', [ $router->get('/', [

3
app/Http/Routes/AuthRoutes.php
View File

@ -12,7 +12,8 @@ class AuthRoutes {
$router->group([ $router->group([
'prefix' => 'auth', 'prefix' => 'auth',
'middleware' => [ 'middleware' => [
'guest' 'guest',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {

6
app/Http/Routes/BaseRoutes.php
View File

@ -31,7 +31,8 @@ class BaseRoutes {
$router->group([ $router->group([
'profix' => 'account', 'profix' => 'account',
'middleware' => [ 'middleware' => [
'auth' 'auth',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {
$router->get('account', [ $router->get('account', [
@ -50,7 +51,8 @@ class BaseRoutes {
$router->group([ $router->group([
'prefix' => 'account/totp', 'prefix' => 'account/totp',
'middleware' => [ 'middleware' => [
'auth' 'auth',
'csrf'
] ]
], function () use ($router) { ], function () use ($router) {
$router->get('/', [ $router->get('/', [

31
app/Http/Routes/RestRoutes.php
View File

@ -1,31 +0,0 @@
<?php
namespace Pterodactyl\Http\Routes;
use Illuminate\Routing\Router;
class RestRoutes {
public function map(Router $router) {
$router->group([
'prefix' => 'api/v1',
'middleware' => [
'api'
]
], function () use ($router) {
// Users endpoint for API
$router->group(['prefix' => 'users'], function () use ($router) {
// Returns all users
$router->get('/', [
'uses' => 'API\UserController@getAllUsers'
]);
// Return listing of user [with only specified fields]
$router->get('/{id}/{fields?}', [
'uses' => 'API\UserController@getUser'
])->where('id', '[0-9]+');
});
});
}
}

3
app/Http/Routes/ServerRoutes.php
View File

@ -11,7 +11,8 @@ class ServerRoutes {
'prefix' => 'server/{server}', 'prefix' => 'server/{server}',
'middleware' => [ 'middleware' => [
'auth', 'auth',
'server' 'server',
'csrf'
] ]
], function ($server) use ($router) { ], function ($server) use ($router) {
// Index View for Server // Index View for Server