sonot
/
PteroTheme
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'v2' into dane/fiddle-with-new-tables

This commit is contained in:
Dane Everitt 2022-02-26 12:03:49 -05:00
parent bc59ffbf37 134ba508e2
commit eb56be8021
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
38 changed files with 1170 additions and 1552 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/tests.yml vendored
View File

@ -12,7 +12,7 @@ jobs:
strategy:
fail-fast: false
matrix:
php: [ 7.4, 8.0, 8.1 ]
php: [ 8.1 ]
database: [ 'mariadb:10.6', 'mysql:8' ]
services:
database:

3
app/Exceptions/DisplayException.php
View File

@ -7,7 +7,6 @@ use Throwable;
use Psr\Log\LoggerInterface;
use Illuminate\Http\Response;
use Illuminate\Container\Container;
use Prologue\Alerts\AlertsMessageBag;
class DisplayException extends PterodactylException
{
@ -68,8 +67,6 @@ class DisplayException extends PterodactylException
]), method_exists($this, 'getStatusCode') ? $this->getStatusCode() : Response::HTTP_BAD_REQUEST);
}
Container::getInstance()->make(AlertsMessageBag::class)->danger($this->getMessage())->flash();
return redirect()->back()->withInput();
}

6
app/Exceptions/Handler.php
View File

@ -8,7 +8,6 @@ use PDOException;
use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Illuminate\Http\Response;
use Swift_TransportException;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Collection;
use Illuminate\Container\Container;
@ -20,6 +19,7 @@ use Illuminate\Validation\ValidationException;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\Mailer\Exception\TransportException;
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
@ -36,7 +36,7 @@ class Handler extends ExceptionHandler
/**
* A list of the exception types that should not be reported.
*
* @var string[]
* @var array<int, class-string<Throwable>>
*/
protected $dontReport = [
AuthenticationException::class,
@ -88,7 +88,7 @@ class Handler extends ExceptionHandler
$ex = $this->generateCleanedExceptionStack($ex);
});
$this->reportable(function (Swift_TransportException $ex) {
$this->reportable(function (TransportException $ex) {
$ex = $this->generateCleanedExceptionStack($ex);
});
}

8
app/Exceptions/Repository/RecordNotFoundException.php
View File

@ -9,20 +9,16 @@ class RecordNotFoundException extends RepositoryException implements HttpExcepti
{
/**
* Returns the status code.
*
* @return int
*/
public function getStatusCode()
public function getStatusCode(): int
{
return Response::HTTP_NOT_FOUND;
}
/**
* Returns response headers.
*
* @return array
*/
public function getHeaders()
public function getHeaders(): array
{
return [];
}

4
app/Http/Controllers/Base/LocaleController.php
View File

@ -31,8 +31,8 @@ class LocaleController extends Controller
{
$data = $this->translator->getLoader()->load($locale, str_replace('.', '/', $namespace));
return JsonResponse::create($data, 200, [
'E-Tag' => md5(json_encode($data)),
return new JsonResponse($data, 200, [
'E-Tag' => md5(json_encode($data)), // @phpstan-ignore-line
]);
}
}

2
app/Http/Kernel.php
View File

@ -13,7 +13,6 @@ use Pterodactyl\Http\Middleware\VerifyCsrfToken;
use Pterodactyl\Http\Middleware\VerifyReCaptcha;
use Pterodactyl\Http\Middleware\AdminAuthenticate;
use Illuminate\Routing\Middleware\ThrottleRequests;
use Pterodactyl\Http\Middleware\LanguageMiddleware;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Session\Middleware\AuthenticateSession;
@ -62,7 +61,6 @@ class Kernel extends HttpKernel
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
LanguageMiddleware::class,
RequireTwoFactorAuthentication::class,
],
'api' => [

22
app/Http/Middleware/Authenticate.php
View File

@ -2,25 +2,21 @@
namespace Pterodactyl\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
class Authenticate
class Authenticate extends Middleware
{
/**
* Handle an incoming request.
* Get the path the user should be redirected to when they are not authenticated.
*
* @return mixed
* @param \Illuminate\Http\Request $request
*
* @throws \Illuminate\Auth\AuthenticationException
* @return string|null
*/
public function handle(Request $request, Closure $next)
protected function redirectTo($request)
{
if (!$request->user()) {
throw new AuthenticationException();
}
return $next($request);
if (!$request->expectsJson()) {
return '/';
}
}
}

2
app/Http/Middleware/EncryptCookies.php
View File

@ -9,7 +9,7 @@ class EncryptCookies extends BaseEncrypter
/**
* The names of the cookies that should not be encrypted.
*
* @var array
* @var array<int, string>
*/
protected $except = [];
}

35
app/Http/Middleware/LanguageMiddleware.php
View File

@ -1,35 +0,0 @@
<?php
namespace Pterodactyl\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Foundation\Application;
class LanguageMiddleware
{
/**
* @var \Illuminate\Foundation\Application
*/
private $app;
/**
* LanguageMiddleware constructor.
*/
public function __construct(Application $app)
{
$this->app = $app;
}
/**
* Handle an incoming request and set the user's preferred language.
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$this->app->setLocale($request->user()->language ?? config('app.locale', 'en'));
return $next($request);
}
}

31
app/Http/Middleware/RedirectIfAuthenticated.php
View File

@ -4,32 +4,27 @@ namespace Pterodactyl\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Auth\AuthManager;
use Illuminate\Support\Facades\Auth;
use Pterodactyl\Providers\RouteServiceProvider;
class RedirectIfAuthenticated
{
/**
* @var \Illuminate\Auth\AuthManager
*/
private $authManager;
/**
* RedirectIfAuthenticated constructor.
*/
public function __construct(AuthManager $authManager)
{
$this->authManager = $authManager;
}
/**
* Handle an incoming request.
*
* @return mixed
* @param string|null ...$guards
* @phpstan-param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
*
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next, string $guard = null)
public function handle(Request $request, Closure $next, ...$guards)
{
if ($this->authManager->guard($guard)->check()) {
return redirect()->route('index');
$guards = empty($guards) ? [null] : $guards;
foreach ($guards as $guard) {
if (Auth::guard($guard)->check()) {
return redirect(RouteServiceProvider::HOME);
}
}
return $next($request);

14
app/Http/Middleware/RequireTwoFactorAuthentication.php
View File

@ -5,7 +5,6 @@ namespace Pterodactyl\Http\Middleware;
use Closure;
use Illuminate\Support\Str;
use Illuminate\Http\Request;
use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Exceptions\Http\TwoFactorAuthRequiredException;
class RequireTwoFactorAuthentication
@ -19,16 +18,6 @@ class RequireTwoFactorAuthentication
*/
protected string $redirectRoute = '/account';
private AlertsMessageBag $alert;
/**
* RequireTwoFactorAuthentication constructor.
*/
public function __construct(AlertsMessageBag $alert)
{
$this->alert = $alert;
}
/**
* Check the user state on the incoming request to determine if they should be allowed to
* proceed or not. This checks if the Panel is configured to require 2FA on an account in
@ -66,9 +55,6 @@ class RequireTwoFactorAuthentication
throw new TwoFactorAuthRequiredException();
}
// @phpstan-ignore-next-line
$this->alert->danger(trans('auth.2fa_must_be_enabled'))->flash();
return redirect()->to($this->redirectRoute);
}
}

3
app/Http/Middleware/TrimStrings.php
View File

@ -9,9 +9,10 @@ class TrimStrings extends BaseTrimmer
/**
* The names of the attributes that should not be trimmed.
*
* @var array
* @var array<int, string>
*/
protected $except = [
'current_password',
'password',
'password_confirmation',
];

13
app/Http/Middleware/TrustProxies.php
View File

@ -2,15 +2,15 @@
namespace Pterodactyl\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
use Symfony\Component\HttpFoundation\Request;
use Illuminate\Http\Middleware\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
* @var array<int, string>|string|null
*/
protected $proxies;
@ -19,5 +19,10 @@ class TrustProxies extends Middleware
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
protected $headers =
Request::HEADER_X_FORWARDED_FOR |
Request::HEADER_X_FORWARDED_HOST |
Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO |
Request::HEADER_X_FORWARDED_AWS_ELB;
}

3
app/Http/Middleware/VerifyCsrfToken.php
View File

@ -9,11 +9,10 @@ class VerifyCsrfToken extends BaseVerifier
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
* @var array<int, string>
*/
protected $except = [
'remote/*',
'daemon/*',
// 'api/*',
];
}

9
app/Providers/RouteServiceProvider.php
View File

@ -10,6 +10,15 @@ use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvi
class RouteServiceProvider extends ServiceProvider
{
/**
* The path to the "home" route for your application.
*
* This is used by Laravel authentication to redirect users after login.
*
* @var string
*/
public const HOME = '/';
/**
* This namespace is applied to the controller routes in your routes file.
*

5
app/Services/Helpers/AssetHashService.php
View File

@ -4,6 +4,7 @@ namespace Pterodactyl\Services\Helpers;
use Illuminate\Support\Arr;
use Illuminate\Filesystem\FilesystemManager;
use Illuminate\Contracts\Filesystem\FileNotFoundException;
class AssetHashService
{
@ -114,6 +115,10 @@ class AssetHashService
*/
protected function manifest(): array
{
if (!$this->filesystem->exists(self::MANIFEST_PATH)) {
throw new FileNotFoundException('No manifest file was found: ' . self::MANIFEST_PATH);
}
return self::$manifest ?: self::$manifest = json_decode(
$this->filesystem->get(self::MANIFEST_PATH),
true

23
composer.json
View File

@ -11,7 +11,7 @@
}
],
"require": {
"php": "^8.0.0 || ^8.1.0",
"php": "^8.1.0",
"ext-json": "*",
"ext-mbstring": "*",
"ext-pdo": "*",
@ -19,45 +19,44 @@
"ext-zip": "*",
"aws/aws-sdk-php": "^3.209",
"doctrine/dbal": "^3.3.2",
"fideloper/proxy": "^4.4.1",
"guzzlehttp/guzzle": "^7.4.1",
"hashids/hashids": "^4.1.0",
"laracasts/utilities": "^3.2.1",
"laravel/framework": "^8.83.0",
"laravel/framework": "^9.2.0",
"laravel/helpers": "^1.5.0",
"laravel/sanctum": "^2.14.0",
"laravel/sanctum": "^2.14.2",
"laravel/tinker": "^2.7.0",
"laravel/ui": "^3.4.3",
"lcobucci/jwt": "^4.1.5",
"league/flysystem-aws-s3-v3": "^1.0.29",
"league/flysystem-memory": "^1.0.2",
"league/flysystem-aws-s3-v3": "^3.0.9",
"league/flysystem-memory": "^3.0.9",
"matriphe/iso-639": "^1.2.0",
"nyholm/psr7": "^1.5.0",
"pragmarx/google2fa": "^8.0.0",
"predis/predis": "^1.1.10",
"prologue/alerts": "^0.4.8",
"psr/cache": "^1.0.1",
"s1lentium/iptools": "^1.1.1",
"spatie/laravel-fractal": "^5.8.1",
"spatie/laravel-query-builder": "^3.6.2",
"spatie/laravel-fractal": "^6.0.0",
"spatie/laravel-query-builder": "^5.0.0",
"staudenmeir/belongs-to-through": "^2.11.2",
"symfony/psr-http-message-bridge": "^2.1.2",
"symfony/process": "6.0.3 as 5.4.3",
"symfony/yaml": "^6.0.3",
"web-auth/webauthn-lib": "^3.3.11",
"webmozart/assert": "^1.10.0"
},
"require-dev": {
"barryvdh/laravel-ide-helper": "^2.12.2",
"facade/ignition": "^2.17.4",
"fakerphp/faker": "^1.19.0",
"friendsofphp/php-cs-fixer": "^3.0.0",
"mockery/mockery": "^1.4.4",
"nunomaduro/collision": "^5.11.0",
"nunomaduro/collision": "^6.1.0",
"nunomaduro/larastan": "^1.0.3",
"php-mock/php-mock-phpunit": "^2.6.0",
"phpstan/phpstan": "^1.4.6",
"phpstan/phpstan-webmozart-assert": "^1.0.9",
"phpunit/phpunit": "^9.5.13"
"phpunit/phpunit": "^9.5.13",
"spatie/laravel-ignition": "^1.0.6"
},
"autoload": {
"files": [

1905
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

6
config/app.php
View File

@ -182,11 +182,6 @@ return [
Pterodactyl\Providers\RouteServiceProvider::class,
Pterodactyl\Providers\RepositoryServiceProvider::class,
Pterodactyl\Providers\ViewComposerServiceProvider::class,
/*
* Additional Dependencies
*/
Prologue\Alerts\AlertsServiceProvider::class,
],
/*
@ -201,7 +196,6 @@ return [
*/
'aliases' => [
'Alert' => Prologue\Alerts\Facades\Alert::class,
'App' => Illuminate\Support\Facades\App::class,
'Artisan' => Illuminate\Support\Facades\Artisan::class,
'Auth' => Illuminate\Support\Facades\Auth::class,

13
config/auth.php
View File

@ -111,4 +111,17 @@ return [
'expire' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => 10800,
];

31
config/compile.php
View File

@ -1,31 +0,0 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Additional Compiled Classes
|--------------------------------------------------------------------------
|
| Here you may specify additional classes to include in the compiled file
| generated by the `artisan optimize` command. These should be classes
| that are included on basically every request into the application.
|
*/
'files' => [
],
/*
|--------------------------------------------------------------------------
| Compiled File Providers
|--------------------------------------------------------------------------
|
| Here you may list service providers which define a "compiles" function
| that returns additional files that should be compiled, providing an
| easy way to get common files from any packages you are utilizing.
|
*/
'providers' => [
],
];

38
config/filesystems.php
View File

@ -7,26 +7,13 @@ return [
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. A "local" driver, as well as a variety of cloud
| based drivers are available for your choosing. Just store away!
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application. Just store away!
|
*/
'default' => env('FILESYSTEM_DRIVER', 'local'),
/*
|--------------------------------------------------------------------------
| Default Cloud Filesystem Disk
|--------------------------------------------------------------------------
|
| Many applications store files both locally and in the cloud. For this
| reason, you may specify a default "cloud" driver here. This driver
| will be bound as the Cloud disk implementation in the container.
|
*/
'cloud' => env('FILESYSTEM_CLOUD', 's3'),
/*
|--------------------------------------------------------------------------
| Filesystem Disks
@ -34,11 +21,12 @@ return [
|
| Here you may configure as many filesystem "disks" as you wish, and you
| may even configure multiple disks of the same driver. Defaults have
| been setup for each driver as an example of the required options.
| been set up for each driver as an example of the required values.
|
| Supported Drivers: "local", "ftp", "s3", "rackspace"
| Supported Drivers: "local", "ftp", "sftp", "s3"
|
*/
'disks' => [
'local' => [
'driver' => 'local',
@ -58,8 +46,24 @@ return [
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
],
],
/*
|--------------------------------------------------------------------------
| Symbolic Links
|--------------------------------------------------------------------------
|
| Here you may configure the symbolic links that will be created when the
| `storage:link` Artisan command is executed. The array keys should be
| the locations of the links and the values should be their targets.
|
*/
'links' => [
public_path('storage') => storage_path('app/public'),
],
];

6
config/hashing.php
View File

@ -43,8 +43,8 @@ return [
*/
'argon' => [
'memory' => 1024,
'threads' => 2,
'time' => 2,
'memory' => 65536,
'threads' => 1,
'time' => 4,
],
];

44
config/logging.php
View File

@ -2,6 +2,7 @@
use Monolog\Handler\NullHandler;
use Monolog\Handler\StreamHandler;
use Monolog\Handler\SyslogUdpHandler;
return [
/*
@ -17,6 +18,19 @@ return [
'default' => env('LOG_CHANNEL', 'daily'),
/*
|--------------------------------------------------------------------------
| Deprecations Log Channel
|--------------------------------------------------------------------------
|
| This option controls the log channel that should be used to log warnings
| regarding deprecated PHP and library features. This allows you to get
| your application ready for upcoming major versions of dependencies.
|
*/
'deprecations' => env('LOG_DEPRECATIONS_CHANNEL', 'null'),
/*
|--------------------------------------------------------------------------
| Log Channels
@ -36,19 +50,20 @@ return [
'stack' => [
'driver' => 'stack',
'channels' => ['single'],
'ignore_exceptions' => false,
],
'single' => [
'driver' => 'single',
'path' => storage_path('logs/laravel.log'),
'level' => 'debug',
'level' => env('LOG_LEVEL', 'debug'),
],
'daily' => [
'driver' => 'daily',
'path' => storage_path('logs/laravel.log'),
'level' => 'debug',
'days' => 7,
'level' => env('LOG_LEVEL', 'debug'),
'days' => 14,
],
'slack' => [
@ -56,12 +71,25 @@ return [
'url' => env('LOG_SLACK_WEBHOOK_URL'),
'username' => 'Laravel Log',
'emoji' => ':boom:',
'level' => 'critical',
'level' => env('LOG_LEVEL', 'critical'),
],
'papertrail' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => env('LOG_PAPERTRAIL_HANDLER', SyslogUdpHandler::class),
'handler_with' => [
'host' => env('PAPERTRAIL_URL'),
'port' => env('PAPERTRAIL_PORT'),
'connectionString' => 'tls://' . env('PAPERTRAIL_URL') . ':' . env('PAPERTRAIL_PORT'),
],
],
'stderr' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => StreamHandler::class,
'formatter' => env('LOG_STDERR_FORMATTER'),
'with' => [
'stream' => 'php://stderr',
],
@ -69,17 +97,21 @@ return [
'syslog' => [
'driver' => 'syslog',
'level' => 'debug',
'level' => env('LOG_LEVEL', 'debug'),
],
'errorlog' => [
'driver' => 'errorlog',
'level' => 'debug',
'level' => env('LOG_LEVEL', 'debug'),
],
'null' => [
'driver' => 'monolog',
'handler' => NullHandler::class,
],
'emergency' => [
'path' => storage_path('logs/laravel.log'),
],
],
];

153
config/mail.php
View File

@ -3,45 +3,80 @@
return [
/*
|--------------------------------------------------------------------------
| Mail Driver
| Default Mailer
|--------------------------------------------------------------------------
|
| Laravel supports both SMTP and PHP's "mail" function as drivers for the
| sending of e-mail. You may specify which one you're using throughout
| your application here. By default, Laravel is setup for SMTP mail.
|
| Supported: "smtp", "sendmail", "mailgun", "mandrill", "ses",
| "sparkpost", "log", "array"
| This option controls the default mailer that is used to send any email
| messages sent by your application. Alternative mailers may be setup
| and used as needed; however, this mailer will be used by default.
|
*/
'driver' => env('MAIL_DRIVER', 'smtp'),
'default' => env('MAIL_MAILER', env('MAIL_DRIVER', 'smtp')),
/*
|--------------------------------------------------------------------------
| SMTP Host Address
| Mailer Configurations
|--------------------------------------------------------------------------
|
| Here you may provide the host address of the SMTP server used by your
| applications. A default option is provided that is compatible with
| the Mailgun mail service which will provide reliable deliveries.
| Here you may configure all of the mailers used by your application plus
| their respective settings. Several examples have been configured for
| you and you are free to add your own as your application requires.
|
| Laravel supports a variety of mail "transport" drivers to be used while
| sending an e-mail. You will specify which one you are using for your
| mailers below. You are free to add additional mailers as required.
|
| Supported: "smtp", "sendmail", "mailgun", "ses",
| "postmark", "log", "array", "failover"
|
*/
'mailers' => [
'smtp' => [
'transport' => 'smtp',
'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
/*
|--------------------------------------------------------------------------
| SMTP Host Port
|--------------------------------------------------------------------------
|
| This is the SMTP port used by your application to deliver e-mails to
| users of the application. Like the host we have set this value to
| stay compatible with the Mailgun e-mail application by default.
|
*/
'port' => env('MAIL_PORT', 587),
'encryption' => env('MAIL_ENCRYPTION', 'tls'),
'username' => env('MAIL_USERNAME'),
'password' => env('MAIL_PASSWORD'),
'timeout' => null,
],
'ses' => [
'transport' => 'ses',
],
'mailgun' => [
'transport' => 'mailgun',
],
'postmark' => [
'transport' => 'postmark',
],
'sendmail' => [
'transport' => 'sendmail',
'path' => env('MAIL_SENDMAIL_PATH', '/usr/sbin/sendmail -t -i'),
],
'log' => [
'transport' => 'log',
'channel' => env('MAIL_LOG_CHANNEL'),
],
'array' => [
'transport' => 'array',
],
'failover' => [
'transport' => 'failover',
'mailers' => [
'smtp',
'log',
],
],
],
/*
|--------------------------------------------------------------------------
@ -55,75 +90,10 @@ return [
*/
'from' => [
'address' => env('MAIL_FROM'),
'name' => env('MAIL_FROM_NAME', 'Pterodactyl Panel'),
'address' => env('MAIL_FROM_ADDRESS', env('MAIL_FROM', 'hello@example.com')),
'name' => env('MAIL_FROM_NAME', 'Example'),
],
/*
|--------------------------------------------------------------------------
| E-Mail Encryption Protocol
|--------------------------------------------------------------------------
|
| Here you may specify the encryption protocol that should be used when
| the application send e-mail messages. A sensible default using the
| transport layer security protocol should provide great security.
|
*/
'encryption' => env('MAIL_ENCRYPTION', 'tls'),
/*
|--------------------------------------------------------------------------
| SMTP Server Username
|--------------------------------------------------------------------------
|
| If your SMTP server requires a username for authentication, you should
| set it here. This will get used to authenticate with your server on
| connection. You may also set the "password" value below this one.
|
*/
'username' => env('MAIL_USERNAME'),
/*
|--------------------------------------------------------------------------
| SMTP Server Password
|--------------------------------------------------------------------------
|
| Here you may set the password required by your SMTP server to send out
| messages from your application. This will be given to the server on
| connection so that the application will be able to send messages.
|
*/
'password' => env('MAIL_PASSWORD'),
/*
|--------------------------------------------------------------------------
| Sendmail System Path
|--------------------------------------------------------------------------
|
| When using the "sendmail" driver to send e-mails, we will need to know
| the path to where Sendmail lives on this server. A default path has
| been provided here, which will work well on most of your systems.
|
*/
'sendmail' => '/usr/sbin/sendmail -bs',
/*
|--------------------------------------------------------------------------
| Mail "Pretend"
|--------------------------------------------------------------------------
|
| When this option is enabled, e-mail will not actually be sent over the
| web and will instead be written to your application's logs files so
| you may inspect the message. This is great for local development.
|
*/
'pretend' => false,
/*
|--------------------------------------------------------------------------
| Markdown Mail Settings
@ -134,6 +104,7 @@ return [
| of the emails. Or, you may simply stick with the Laravel defaults!
|
*/
'markdown' => [
'theme' => 'default',

37
config/prologue/alerts.php
View File

@ -1,37 +0,0 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Alert Levels
|--------------------------------------------------------------------------
|
| The default sort of alert levels which can be called as functions on the
| AlertsMessageBag class. This gives a convenient way to add certain type's
| of messages.
|
| For example:
|
| Alerts::info($message);
|
*/
'levels' => [
'info',
'warning',
'danger',
'success',
],
/*
|--------------------------------------------------------------------------
| Session Key
|--------------------------------------------------------------------------
|
| The session key which is used to store flashed messages into the current
| session. This can be changed if it conflicts with another key.
|
*/
'session_key' => 'alert_messages',
];

19
config/queue.php
View File

@ -14,7 +14,7 @@ return [
|
*/
'default' => env('QUEUE_CONNECTION', env('QUEUE_DRIVER', 'redis')),
'default' => env('QUEUE_CONNECTION', 'redis'),
/*
|--------------------------------------------------------------------------
@ -41,11 +41,13 @@ return [
'sqs' => [
'driver' => 'sqs',
'key' => env('SQS_KEY'),
'secret' => env('SQS_SECRET'),
'prefix' => env('SQS_QUEUE_PREFIX'),
'queue' => env('QUEUE_STANDARD', 'standard'),
'region' => env('SQS_REGION', 'us-east-1'),
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'),
'queue' => env('SQS_QUEUE', 'default'),
'suffix' => env('SQS_SUFFIX'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'after_commit' => false,
],
'redis' => [
@ -53,6 +55,8 @@ return [
'connection' => 'default',
'queue' => env('QUEUE_STANDARD', 'standard'),
'retry_after' => 90,
'block_for' => null,
'after_commit' => false,
],
],
@ -68,7 +72,8 @@ return [
*/
'failed' => [
'database' => 'mysql',
'driver' => env('QUEUE_FAILED_DRIVER', 'database-uuids'),
'database' => env('DB_CONNECTION', 'mysql'),
'table' => 'failed_jobs',
],
];

20
config/sanctum.php
View File

@ -1,5 +1,7 @@
<?php
use Laravel\Sanctum\Sanctum;
return [
/*
|--------------------------------------------------------------------------
@ -14,10 +16,24 @@ return [
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
'%s%s',
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1,pterodactyl.test',
env('APP_URL') ? ',' . parse_url(env('APP_URL'), PHP_URL_HOST) : ''
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
Sanctum::currentApplicationUrlWithPort()
))),
/*
|--------------------------------------------------------------------------
| Sanctum Guards
|--------------------------------------------------------------------------
|
| This array contains the authentication guards that will be checked when
| Sanctum is trying to authenticate a request. If none of these guards
| are able to authenticate the request, Sanctum will use the bearer
| token that's present on an incoming request for authentication.
|
*/
'guard' => ['web'],
/*
|--------------------------------------------------------------------------
| Expiration Minutes

20
config/services.php
View File

@ -3,20 +3,24 @@
return [
/*
|--------------------------------------------------------------------------
| Third Party Service
| Third Party Services
|--------------------------------------------------------------------------
|
| This file is for storing the credentials for third party services such
| as Stripe, Mailgun, Mandrill, and others. This file provides a sane
| default location for this type of information, allowing packages
| to have a conventional place to find your various credentials.
| as Mailgun, Postmark, AWS and more. This file provides the de facto
| location for this type of information, allowing packages to have
| a conventional file to locate the various service credentials.
|
*/
'mailgun' => [
'domain' => env('MAILGUN_DOMAIN'),
'secret' => env('MAILGUN_SECRET'),
'endpoint' => env('MAILGUN_ENDPOINT'),
'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'),
],
'postmark' => [
'token' => env('POSTMARK_TOKEN'),
],
'mandrill' => [
@ -24,9 +28,9 @@ return [
],
'ses' => [
'key' => env('SES_KEY'),
'secret' => env('SES_SECRET'),
'region' => 'us-east-1',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
],
'sparkpost' => [

11
config/session.php
View File

@ -1,5 +1,7 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
@ -94,7 +96,7 @@ return [
|
*/
'store' => null,
'store' => env('SESSION_STORE'),
/*
|--------------------------------------------------------------------------
@ -120,7 +122,10 @@ return [
|
*/
'cookie' => env('SESSION_COOKIE', str_slug(env('APP_NAME', 'pterodactyl'), '_') . '_session'),
'cookie' => env(
'SESSION_COOKIE',
Str::slug(env('APP_NAME', 'pterodactyl'), '_') . '_session'
),
/*
|--------------------------------------------------------------------------
@ -159,7 +164,7 @@ return [
|
*/
'secure' => env('SESSION_SECURE_COOKIE', false),
'secure' => env('SESSION_SECURE_COOKIE'),
/*
|--------------------------------------------------------------------------

54
config/trustedproxy.php
View File

@ -1,54 +0,0 @@
<?php
return [
/*
* Set trusted proxy IP addresses.
*
* Both IPv4 and IPv6 addresses are
* supported, along with CIDR notation.
*
* The "*" character is syntactic sugar
* within TrustedProxy to trust any proxy
* that connects directly to your server,
* a requirement when you cannot know the address
* of your proxy (e.g. if using Rackspace balancers).
*
* The "**" character is syntactic sugar within
* TrustedProxy to trust not just any proxy that
* connects directly to your server, but also
* proxies that connect to those proxies, and all
* the way back until you reach the original source
* IP. It will mean that $request->getClientIp()
* always gets the originating client IP, no matter
* how many proxies that client's request has
* subsequently passed through.
*/
'proxies' => in_array(env('TRUSTED_PROXIES', []), ['*', '**']) ?
env('TRUSTED_PROXIES') : explode(',', env('TRUSTED_PROXIES', null)),
/*
* Or, to trust all proxies that connect
* directly to your server, uncomment this:
*/
// 'proxies' => '*',
/*
* Or, to trust ALL proxies, including those that
* are in a chain of forwarding, uncomment this:
*/
// 'proxies' => '**',
/*
* Default Header Names
*
* Change these if the proxy does
* not send the default header names.
*
* Note that headers such as X-Forwarded-For
* are transformed to HTTP_X_FORWARDED_FOR format.
*
* The following are Symfony defaults, found in
* \Symfony\Component\HttpFoundation\Request::$trustedHeaders
*/
'headers' => \Illuminate\Http\Request::HEADER_X_FORWARDED_FOR | \Illuminate\Http\Request::HEADER_X_FORWARDED_HOST | \Illuminate\Http\Request::HEADER_X_FORWARDED_PORT | \Illuminate\Http\Request::HEADER_X_FORWARDED_PROTO,
];

5
config/view.php
View File

@ -27,5 +27,8 @@ return [
|
*/
'compiled' => realpath(storage_path('framework/views')),
'compiled' => env(
'VIEW_COMPILED_PATH',
realpath(storage_path('framework/views'))
),
];

4
database/migrations/2022_02_20_122102_make_personal_access_tokens_soft_deletable.php
View File

@ -1,8 +1,8 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class MakePersonalAccessTokensSoftDeletable extends Migration
{

2
resources/scripts/i18n.ts
View File

@ -8,7 +8,7 @@ i18n
.use(Backend)
.use(initReactI18next)
.init({
debug: process.env.NODE_ENV !== 'production',
debug: process.env.I18N_DEBUG === 'true',
lng: 'en',
fallbackLng: 'en',
keySeparator: '.',

39
tests/Unit/Http/Middleware/AuthenticateTest.php
View File

@ -1,39 +0,0 @@
<?php
namespace Pterodactyl\Tests\Unit\Http\Middleware;
use Illuminate\Auth\AuthenticationException;
use Pterodactyl\Http\Middleware\Authenticate;
class AuthenticateTest extends MiddlewareTestCase
{
/**
* Test that a logged in user validates correctly.
*/
public function testLoggedInUser()
{
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturn(true);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test that a logged out user results in an exception.
*/
public function testLoggedOutUser()
{
$this->expectException(AuthenticationException::class);
$this->request->shouldReceive('user')->withNoArgs()->once()->andReturnNull();
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Return an instance of the middleware using mocked dependencies.
*/
private function getMiddleware(): Authenticate
{
return new Authenticate();
}
}

58
tests/Unit/Http/Middleware/LanguageMiddlewareTest.php
View File

@ -1,58 +0,0 @@
<?php
namespace Pterodactyl\Tests\Unit\Http\Middleware;
use Mockery as m;
use Pterodactyl\Models\User;
use Illuminate\Foundation\Application;
use Pterodactyl\Http\Middleware\LanguageMiddleware;
class LanguageMiddlewareTest extends MiddlewareTestCase
{
/**
* @var \Illuminate\Foundation\Application|\Mockery\Mock
*/
private $appMock;
/**
* Setup tests.
*/
public function setUp(): void
{
parent::setUp();
$this->appMock = m::mock(Application::class);
}
/**
* Test that a language is defined via the middleware for guests.
*/
public function testLanguageIsSetForGuest()
{
$this->request->shouldReceive('user')->withNoArgs()->andReturnNull();
$this->appMock->shouldReceive('setLocale')->with('en')->once()->andReturnNull();
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Test that a language is defined via the middleware for a user.
*/
public function testLanguageIsSetWithAuthenticatedUser()
{
$user = User::factory()->make(['language' => 'de']);
$this->request->shouldReceive('user')->withNoArgs()->andReturn($user);
$this->appMock->shouldReceive('setLocale')->with('de')->once()->andReturnNull();
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Return an instance of the middleware using mocked dependencies.
*/
private function getMiddleware(): LanguageMiddleware
{
return new LanguageMiddleware($this->appMock);
}
}

58
tests/Unit/Http/Middleware/RedirectIfAuthenticatedTest.php
View File

@ -1,58 +0,0 @@
<?php
namespace Pterodactyl\Tests\Unit\Http\Middleware;
use Mockery as m;
use Illuminate\Auth\AuthManager;
use Illuminate\Http\RedirectResponse;
use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
class RedirectIfAuthenticatedTest extends MiddlewareTestCase
{
/**
* @var \Illuminate\Auth\AuthManager|\Mockery\Mock
*/
private $authManager;
/**
* Setup tests.
*/
public function setUp(): void
{
parent::setUp();
$this->authManager = m::mock(AuthManager::class);
}
/**
* Test that an authenticated user is redirected.
*/
public function testAuthenticatedUserIsRedirected()
{
$this->authManager->shouldReceive('guard')->with(null)->once()->andReturnSelf();
$this->authManager->shouldReceive('check')->withNoArgs()->once()->andReturn(true);
$response = $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
$this->assertInstanceOf(RedirectResponse::class, $response);
$this->assertEquals(route('index'), $response->getTargetUrl());
}
/**
* Test that a non-authenticated user continues through the middleware.
*/
public function testNonAuthenticatedUserIsNotRedirected()
{
$this->authManager->shouldReceive('guard')->with(null)->once()->andReturnSelf();
$this->authManager->shouldReceive('check')->withNoArgs()->once()->andReturn(false);
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
}
/**
* Return an instance of the middleware using mocked dependencies.
*/
private function getMiddleware(): RedirectIfAuthenticated
{
return new RedirectIfAuthenticated($this->authManager);
}
}

16
tests/Unit/Http/Middleware/RequireTwoFactorAuthenticationTest.php
View File

@ -2,27 +2,13 @@
namespace Pterodactyl\Tests\Unit\Http\Middleware;
use Mockery as m;
use Pterodactyl\Models\User;
use Pterodactyl\Models\SecurityKey;
use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Exceptions\Http\TwoFactorAuthRequiredException;
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
{
private $alerts;
/**
* Setup tests.
*/
public function setUp(): void
{
parent::setUp();
$this->alerts = m::mock(AlertsMessageBag::class);
}
public function testNoRequirementUserWithout2fa()
{
// Disable the 2FA requirement
@ -312,6 +298,6 @@ class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
private function getMiddleware(): RequireTwoFactorAuthentication
{
return new RequireTwoFactorAuthentication($this->alerts);
return new RequireTwoFactorAuthentication();
}
}