Dane Everitt
51204b8d9d
Add all of the potential transformers that might be needed for now.
2017-04-07 20:28:58 -04:00
Dane Everitt
faa437b77b
Use the `current_password` not `password` field when verifying passwords.
2017-04-04 12:14:24 -04:00
Dane Everitt
65630bdcce
Move API to use JSON:API standards and fractal serializer
...
Makes the data slightly more complex, but forces a standard and can
always be changed down the road simply by changing the default
serializer.
2017-04-02 16:51:56 -04:00
Dane Everitt
c071efd008
Finish API routes for users.
2017-04-02 15:52:53 -04:00
Dane Everitt
97773300ed
Better middleware for routes, cleaned up API, removed old API calls
...
New API routes for Server allow specifying which fractal objects to
load into the request, thus making it possible to fine-tune what data
is returned.
2017-04-02 13:19:39 -04:00
Dane Everitt
ddb82ac3ca
Add initial user server transformer for API.
2017-04-02 00:49:53 -04:00
Dane Everitt
87530cdc01
Initial moves to new API scheme.
...
Implements a better middleware for handling API authentication, as well
as cleaner route handling.
2017-04-02 00:11:52 -04:00
Dane Everitt
5927e0e12a
Merge remote-tracking branch 'origin/develop' into develop
...
# Conflicts:
# app/Http/Controllers/Base/LanguageController.php
# app/Http/Kernel.php
# app/Http/Middleware/TrimStrings.php
# app/Providers/RouteServiceProvider.php
2017-04-01 21:03:10 -04:00
Dane Everitt
d80c59aad3
Cleanup routing mechanisms
2017-04-01 21:01:10 -04:00
Dane Everitt
9c303456fb
Update codebase to L5.4 ( #367 )
2017-04-01 17:59:43 -04:00
Dane Everitt
cbeecfe5e4
Implement front-end server searching 🍬
2017-04-01 13:14:49 -04:00
Dane Everitt
edaa270a33
Add server descriptions, closes #338 🐖
...
🐷 https://s3.kelp.in/D0n2Z.png
2017-03-31 23:07:19 -04:00
Dane Everitt
536865b22a
Remove deletion queue for servers. Just immediately delete.
2017-03-31 22:12:31 -04:00
Dane Everitt
2dec659dd1
Fix syntax error.
2017-03-31 21:47:53 -04:00
Dane Everitt
c7d4c3aa76
Send default response
2017-03-31 21:16:00 -04:00
Dane Everitt
ff57e2ff85
Cleanup recaptcha middleware
2017-03-31 21:12:49 -04:00
Dane Everitt
451dd7ebc8
Apply fixes from StyleCI ( #364 )
2017-03-31 20:48:35 -04:00
Jakob Schrettenbrunner
e613e44749
fix #363
2017-04-01 01:58:05 +02:00
Jakob Schrettenbrunner
0ee80b1fec
fix captcha middleware using wrong function when disabled
2017-04-01 01:54:42 +02:00
Jakob Schrettenbrunner
207e0131fc
Merge branch 'develop' of github.com:Pterodactyl/Panel into improve-password-reset
2017-03-31 12:20:41 +02:00
Jakob Schrettenbrunner
142cbb0641
Add invisible ReCAPTCHA to login and password reset
2017-03-31 12:19:44 +02:00
Dane Everitt
1f0e95790a
🔒 Don't disclose if account exists when resetting passwords, closes #358
2017-03-30 17:44:20 -04:00
Dane Everitt
95c739a3f3
Update subusers view
2017-03-30 15:31:02 -04:00
Dane Everitt
f0057353ad
Apply fixes from StyleCI
2017-03-19 23:52:11 +00:00
Dane Everitt
0312c974f5
Update doc blocks for all app/
2017-03-19 19:36:50 -04:00
Dane Everitt
5e27772fef
Very rough go at getting API back into operational state.
...
Not spending a lot of time on this as its a pre-release and I have
plans to overhaul the API to actually work and be easy to maintain.
2017-03-19 13:20:33 -04:00
Dane Everitt
377fe92f5b
Don't try to render 200 lines per second in the console... 💣
...
Corrects a math mistake on my end, and makes the console speed
configurable again. Now sends 50 messages per second.
Console will notify when being throttled, and refreshing the page will
clear the queue if necessary.
2017-03-19 11:13:17 -04:00
Dane Everitt
4f16509447
Use env() properly throughout panel to avoid cache issues.
2017-03-18 15:56:19 -04:00
Dane Everitt
03e0de28d9
Initial implementation of option scripts on panel side.
2017-03-18 13:09:30 -04:00
Dane Everitt
202dd52e2b
Fixes bug causing MySQL user accounts to be corrupted when resetting a password via the panel.
...
closes #352
2017-03-17 17:17:36 -04:00
Dane Everitt
7e45f917c7
Fix subuser permissions in file manager
2017-03-17 16:19:45 -04:00
Dane Everitt
4ad09c5435
Fixes bug introduced during admin rewrite that broke server creation
2017-03-16 21:11:15 -04:00
Dane Everitt
b8c3ab6960
closes #339
2017-03-16 19:56:58 -04:00
Dane Everitt
1aa191210a
closes #344
2017-03-16 19:54:31 -04:00
Dane Everitt
198a021a97
Add database host management to panel.
2017-03-16 19:35:29 -04:00
Dane Everitt
05d2a6d370
Add back locations with new theme
2017-03-16 18:09:02 -04:00
Dane Everitt
1852018397
Add back missing node creation page.
2017-03-15 21:38:09 -04:00
Dane Everitt
436ba814a9
Apply fixes from StyleCI ( #351 )
2017-03-15 20:53:49 -04:00
Dane Everitt
1c47b2ed55
Finish pack management in Admin CP
2017-03-15 20:52:37 -04:00
Dane Everitt
50558db7c3
Add initial pack creation and overview pages
2017-03-14 21:18:36 -04:00
Dane Everitt
2d90187c83
StyleCI fixes
2017-03-12 19:38:50 -04:00
Dane Everitt
fcadee7e67
Fix front and backend views with new service variable setups
2017-03-12 19:34:06 -04:00
Dane Everitt
1897741381
StyleCI cleanup
2017-03-12 16:34:43 -04:00
Dane Everitt
f5a4ec981d
Add ability to create new service variable.
2017-03-12 16:28:38 -04:00
Dane Everitt
b1b1f448e9
Send the correct information to daemon for new index.js setup
2017-03-12 16:04:47 -04:00
Dane Everitt
419031e0cd
Add function file editing, and move all service file items into database
2017-03-12 15:59:17 -04:00
Dane Everitt
d7682bb7c9
Complete new service, option, and variable management interface in Admin CP
2017-03-12 00:00:06 -05:00
Dane Everitt
70db461075
Start push of service changes.
...
Changes the way service files are stored and allows for much easier
updates in the future that won’t affect custom services.
Also stores more configurations in the database to make life easier for
everyone.
2017-03-10 18:25:12 -05:00
Dane Everitt
5bf2e2686a
Apply fixes from StyleCI ( #335 )
2017-03-05 20:28:29 -05:00
Dane Everitt
3355554704
Fix frontend database password reset
2017-03-05 16:46:44 -05:00
Dane Everitt
32dec97e46
Improved database mechanics in admin CP for server view
2017-03-05 16:37:40 -05:00
Dane Everitt
349b36d38a
Added startup management, cleaned up code.
...
Refactored entire startup repository code block to be more efficient
and cleaner. Also includes modifications to front-end to make it match
backend name and design.
2017-03-04 23:45:25 -05:00
Dane Everitt
d51ae5ec23
Apply fixes from StyleCI ( #332 )
2017-03-04 19:28:23 -05:00
Dane Everitt
e688468920
Push updated server views
2017-03-04 19:03:49 -05:00
Dane Everitt
b1564389d8
Apply fixes from StyleCI ( #331 )
2017-03-03 23:38:21 -05:00
Dane Everitt
e6d3663b3b
Model and template cleanup
2017-03-03 23:37:41 -05:00
Dane Everitt
d38f89a468
Cleanup node routes, cleanup remote token
2017-03-03 23:14:25 -05:00
Jakob Schrettenbrunner
6df573e50c
retheme admin users list
2017-03-04 00:16:11 +01:00
Dane Everitt
fd5b74c873
Use usernames for @schrej
2017-03-03 17:53:35 -05:00
Dane Everitt
fd9f1a68eb
Implement node view, cleanup other files.
...
Still in progress, need to do a lot of controller cleanup first and add
node deletion as well.
2017-03-03 17:30:41 -05:00
Dane Everitt
fb21bf9282
Begin implementation of server admin view
...
Currently completed tabs: About, Details, Build Configuration
2017-02-25 00:48:14 -05:00
Dane Everitt
bbf9fd12ae
Apply fixes from StyleCI ( #325 )
2017-02-24 18:23:03 -05:00
Dane Everitt
cb6b44d4f0
Completed new server page with new theme.
2017-02-24 18:19:03 -05:00
Dane Everitt
58999913ba
More improvements to add server page.
2017-02-23 22:52:05 -05:00
Dane Everitt
8f96b35db1
Merge branch 'develop' into feature/admin-retheme
2017-02-23 21:24:17 -05:00
Dane Everitt
b11029a666
Apply fixes from StyleCI ( #312 )
...
* Bump for release
* Apply fixes from StyleCI
2017-02-18 22:57:50 -05:00
Dane Everitt
ed4068bdb9
Fix bug preventing server container rebuilds.
2017-02-18 22:33:15 -05:00
Dane Everitt
644c07ea3a
Fix broken port deletion
2017-02-18 22:32:16 -05:00
Dane Everitt
b926d432e8
Thats enough re-theming for the day...
2017-02-18 19:31:44 -05:00
Dane Everitt
99497adcb2
Show proper server status when viewing listing.
...
closes #308
2017-02-17 20:34:57 -05:00
Dane Everitt
e9762b4277
Fixes port deletion for node allocations as well as server notes on allocations.
...
closes #305
2017-02-17 19:59:40 -05:00
Dane Everitt
008cccb098
Fix up email sending and add more notifications to the panel.
...
Closes #265
2017-02-17 19:23:27 -05:00
Dane Everitt
9af06b4b59
Add in query caching on server view
2017-02-17 18:19:53 -05:00
Dane Everitt
73996d3154
Fix bug in node update
2017-02-16 15:57:02 -05:00
Dane Everitt
59f9ab6e90
Help @schrej not have an aneurysm.
2017-02-16 15:49:14 -05:00
Dane Everitt
5e63ac0baa
Fix double encoding of JSON
2017-02-16 15:38:56 -05:00
Dane Everitt
4e66ba078d
Fix locations error on create
2017-02-16 14:56:28 -05:00
Jakob
d230ee179a
Merge pull request #299 from Pterodactyl/feature/allow-login-with-username
...
allow to use the username for login as well
2017-02-16 20:47:25 +01:00
Jakob Schrettenbrunner
4fc832838b
use ‚required|string‘ to validate usernames
2017-02-16 20:45:36 +01:00
Jakob Schrettenbrunner
0b2c5279a8
allow to use the username for login as well
...
add translation strings
2017-02-16 20:40:21 +01:00
Dane Everitt
c8ae776ab8
Fix settings redirection for server
2017-02-16 14:04:15 -05:00
Dane Everitt
2e134b7a55
Set out some roach traps to catch all these 🐛
2017-02-16 13:56:28 -05:00
Dane Everitt
516e2dc5ee
Add back API key deletion
2017-02-16 12:57:48 -05:00
Dane Everitt
19d352619e
More singularization and correct file names.
2017-02-12 16:03:17 -05:00
Dane Everitt
8ba479e51f
Singularize model names.
2017-02-12 16:02:23 -05:00
Dane Everitt
7c916ad38f
Apply fixes from StyleCI ( #294 )
2017-02-12 15:10:39 -05:00
Dane Everitt
a14df81f27
Merge branch 'develop' into feature/updated-models
2017-02-10 20:30:20 -05:00
Dane Everitt
32a1dc17ed
API model updates, as well as general model updates and code fixes.
2017-02-10 20:26:38 -05:00
Dane Everitt
c70d31c08f
More model updates.
2017-02-10 17:36:58 -05:00
Dane Everitt
3b3002b77a
API Model updates.
2017-02-10 17:29:10 -05:00
Dane Everitt
efef356870
Assorted model code updates.
2017-02-10 17:18:46 -05:00
Dane Everitt
ba175e6b55
Cleanup location model and controller for Admin.
2017-02-10 17:09:56 -05:00
Dane Everitt
0720bfe62f
Cleanup database query code.
2017-02-10 17:03:58 -05:00
Dane Everitt
99812b0407
More subuser Model updates.
2017-02-09 19:38:54 -05:00
Dane Everitt
4f61637284
More model updates to more places than I anticipated.
...
This probably broke a lot of things.
2017-02-09 17:43:54 -05:00
Dane Everitt
02458c909d
Improves server model and cleans up model code calls.
2017-02-05 19:19:46 -05:00
Dane Everitt
323f1d943f
Completed model updates for Services
2017-02-05 17:58:17 -05:00
Dane Everitt
09d23deed6
New models for node and location admin pages.
2017-02-03 16:50:28 -05:00
Dane Everitt
96d3aa767f
Model updates for Database Management in ACP
2017-02-03 15:19:14 -05:00
Dane Everitt
9c2d34d6e6
Mo' StyleCI fixes... 🦀
2017-02-02 19:48:15 -05:00
Dane Everitt
533e2bcafb
Fix database column references in ACP
2017-02-02 19:46:46 -05:00
Dane Everitt
3baa21a6eb
StyleCI fixes.
2017-02-02 19:43:55 -05:00
Dane Everitt
3114b7e52a
Complete implementation of new Server model.
2017-02-02 19:41:38 -05:00
Jakob
19567ee311
Merge branch 'develop' into fix/trusted-proxies
2017-02-03 00:38:58 +01:00
Dane Everitt
d4bcf0be59
Initial implementation of improved sever model and logic
2017-02-02 18:21:36 -05:00
Dane Everitt
7f51e5df62
API tweaks to return more relevant information on server listing
2017-02-02 16:24:08 -05:00
Dane Everitt
32c21baab0
Return packs associated with a service when viewing it on the API.
2017-02-02 16:01:18 -05:00
Dane Everitt
a93adce303
Only allow up to 30 seconds of overlap on comparing the 2FA tokens.
2017-02-01 23:02:54 -05:00
Dane Everitt
4abdee0efb
Better 2FA implementation on logins
2017-02-01 22:58:48 -05:00
Jakob Schrettenbrunner
24650b67be
Merge branch 'develop' into fix/trusted-proxies
...
sorry
2017-02-01 20:35:10 +01:00
Jakob Schrettenbrunner
8ab4faad8a
remove TRUSTED_PROXIES from .env.example
...
make style ci happy
2017-02-01 20:31:24 +01:00
Jakob Schrettenbrunner
ee26a7e8dd
add fideloper/proxy to support reverse proxies and load balancers
2017-02-01 20:10:28 +01:00
Dane Everitt
e5ed1c7f6a
One day eslint will have a PHP counterpart that works in Atom... 🤔
2017-01-31 20:04:34 -05:00
Dane Everitt
4b0197f2be
Implement basic security policy on daemon remote routes
2017-01-27 16:34:46 -05:00
Dane Everitt
9087feec4f
Remove build settings from packs.
2017-01-27 16:21:25 -05:00
Dane Everitt
e6d3e75024
Add new daemon routes for pack handling
2017-01-25 18:25:34 -05:00
Dane Everitt
bf7b58470a
Update copyright headers
2017-01-24 17:57:08 -05:00
Dane Everitt
b9512dccb8
Apply fixes from StyleCI ( #269 )
2017-01-23 17:11:25 -05:00
Dane Everitt
06232b84c2
Merge pull request #268 from hammerdawn/ThemeFixes
...
Repair the admin side add user functionality.
2017-01-23 17:10:32 -05:00
Emmet Young
9c87e03c0c
Repair the admin side add user functionality.
2017-01-23 13:24:14 +11:00
Dane Everitt
5f1bfcf980
Much cleaner code for updating user details front-end
2017-01-22 16:16:43 -05:00
Dane Everitt
9e54dabe5b
Display if subusers are using 2FA
2017-01-22 16:16:26 -05:00
Dane Everitt
355697dbb5
Apply fixes from StyleCI ( #260 )
2017-01-21 15:56:32 -05:00
Dane Everitt
0e23f87724
Add task management views
2017-01-21 15:40:46 -05:00
Dane Everitt
db7b741b28
Show server status in sidebar properly on subuser views
2017-01-21 13:49:14 -05:00
Dane Everitt
3d2278ba3e
Add subuser list and new subuser views
...
Holy 🐄 translations are annoying to implement for these views.
2017-01-20 23:39:37 -05:00
Dane Everitt
994588c82d
Set the old theme on admin center until new theme is done
2017-01-20 17:19:42 -05:00
Dane Everitt
91178d78a4
Add support for creating files via file manager
2017-01-20 17:10:14 -05:00
Dane Everitt
83c776fc82
Fix up most of the file manager
2017-01-19 16:58:57 -05:00
Dane Everitt
88378ce983
Add allocations tab
...
Strips some core allocation features for now, will be added back with
more features once the theme is done.
2017-01-18 20:45:10 -05:00
Dane Everitt
f6600f447f
Add Startup Params view
...
Translations might be the end of us.
2017-01-17 19:30:27 -05:00
Dane Everitt
e2eff27a56
Apply fixes from StyleCI
2017-01-17 23:21:33 +00:00
Dane Everitt
515e543c7f
Add SFTP and Database management pages to new theme.
2017-01-15 20:28:54 -05:00
Dane Everitt
c7f3bb5112
New theme assigned to server console page.
2017-01-15 18:52:22 -05:00
Dane Everitt
2fc852c6a4
Push 'Account' and 'Security' pages as well as 'My Servers'
2017-01-15 14:09:57 -05:00
Dane Everitt
457ed28b0b
Initial change of theme.
...
Only themed pages currently are login and reset password pages.
2017-01-14 21:32:33 -05:00
Dane Everitt
a5aa089d66
Apply fixes from StyleCI
2017-01-12 20:48:12 +00:00
Dane Everitt
e91362eee6
Update user controller
2017-01-12 15:40:24 -05:00
Dane Everitt
6bd9663f59
Merge branch 'develop' into feature/service-changes
2017-01-12 13:15:37 -05:00
Jakob Schrettenbrunner
9f2ca17ea4
replace manual json headers with laravel response()->json()
...
better Carbon dependency
rename admin.nodes.configuration-token route
style fixes
2017-01-08 15:21:02 +01:00
Jakob Schrettenbrunner
f70b33d69c
one more styleci fix. don’t be that picky! 🙈
2017-01-07 18:40:55 +01:00
Jakob Schrettenbrunner
a661f71974
fix styleci issues
2017-01-07 18:39:41 +01:00
Jakob Schrettenbrunner
a1568e5acb
add button to generate token to node configuration tab
...
add info message after node creation about token generation
2017-01-07 18:27:19 +01:00
Jakob Schrettenbrunner
e1e159b7de
add ability to generate a token to retrieve the config for a specific node
2017-01-07 18:10:11 +01:00
Dane Everitt
d9de884de3
Apply fixes from StyleCI
2017-01-03 22:46:30 +00:00
Dane Everitt
c1bf757623
Fix service option name being set wrongly after adding a new variable. closes #208
2017-01-03 17:44:48 -05:00
Dane Everitt
aa6e733ba5
Switch filemanager and EULA check to use pure Javascript methods
...
Removes the need for the javascript to be parsed by Blade template
engine by using a defined javascript variable with the values that are
necessary for checking everything and passing the correct values.
This does make it so that if a user does not have permission to do
something they could theoretically make the option show up in the
context menu, however when they click it, it will simply return an
error by the daemon.
2017-01-03 16:47:33 -05:00
Dane Everitt
39731f99da
Merge pull request #226 from hammerdawn/APICHANGE
...
Allow listing a user by both ID and email. Useful for checking if a u…
2017-01-02 22:00:45 -05:00
Emmet Young
3f5bf099ae
Use DaneEveritt's shortened query call.
2017-01-03 13:40:35 +11:00
Dane Everitt
a1dff5cda0
Push updated languages
2016-12-30 17:17:36 -05:00
Emmet Young
b5d3417167
Allow listing a user by both ID and email. Useful for checking if a user exists by its email.
2016-12-29 22:56:45 +11:00
Dane Everitt
a49dee2416
Add base implementation of service retrieval. 🏇
...
There is currently no authentication middleware on this route.
2016-12-14 18:54:43 -05:00
Dane Everitt
efda0dd009
Apply fixes from StyleCI
2016-12-14 21:56:25 +00:00
Dane Everitt
fc38b09e1f
Merge branch 'develop' into feature/service-changes
2016-12-14 16:53:53 -05:00
spaceemotion
a85ac87ae8
Refactor to use more laravel logic and improve compatibility with older PHP versions ( #206 )
...
* Fix @param namespaces for PHPDocs in ServerPolicy
* Reduce permission check duplication in ServerPolicy
This introduces a new checkPermission method to reduce code duplication when checking for permissions.
* Simplify logic to list accessible servers for the user
We can directly use the pluck function that laravel collections provide to simplify the logic.
* Fix pagination issue when databases/servers exceed 20
Laravels strips out the currently selected tab (or any GET query for that matter) by default when using pagination. the appends() methods helps with keeping that information.
* Refactor unnecessary array_merge calls
We can just append to the array instead of constantly merging a new copy.
* Fix accessing “API Access” on some versions of PHP
The “new” word is reserved and should not be used as a method name.
http://stackoverflow.com/questions/9575590/why-am-i-getting-an-unexpected-t-new-error-in-php
* Fix revoking API keys on older versions of php (5.6)
“string” was not a valid function argument type yet, so revoking keys results in an error on older installations.
* Fix issues with API due to methods named “list”
“list” is yet another reserved keyword in PHP and messes up older installations of PHP (5.6).
This renames all methods named “list” to “lists”. The API route names are left untouched (e.g. still called “api.admin.users.list”).
* Refactor and shorten some API logic
Used laravel collection methods where applicable to directly transform the values instead of converting back and forth.
This also removes some dead variables that were never used as well as getting rid of a n+1 problem in the Service API (loading service variables afterwards, not during the model creation).
* Return model save status in repositories where applicable
* Fix typo in ServicePolicy#powerStart
* Apply StyleCI corrections
2016-12-12 14:30:57 -05:00
Dane Everitt
c1fb0a665f
Apply fixes from StyleCI
2016-12-07 22:46:38 +00:00
Emmet Young
f687fab9a2
API: ability to search for an allocation based on the assigned server id ( #194 )
2016-12-04 22:17:35 -05:00
Dane Everitt
9ae716ee42
show container ID for server in panel
...
Also shows the UID of the user to ease permissions setting
closes #160
2016-12-02 19:35:08 -05:00
Dane Everitt
2ac734d595
Update node config sent over API
2016-12-02 19:12:29 -05:00
Dane Everitt
3cd0a8337f
Add ability to filter user list
2016-12-02 18:41:52 -05:00
Dane Everitt
ed5b7559ec
Fixes potential for generated password to not meet own validation requirements
2016-12-01 19:16:40 -05:00
Jakob
03c6f986d2
fix api /servers/{id}/build
...
remove unrelated error thrown every time
2016-11-30 12:26:23 +01:00
Dane Everitt
75de060a55
Fix pack selector
2016-11-27 14:57:23 -05:00
Dane Everitt
c4a4b84bd3
Add service pack reference to server and send to daemon
2016-11-27 14:50:10 -05:00
Dane Everitt
238f08f222
Add pack selection to view
2016-11-27 14:30:44 -05:00
Dane Everitt
9eb14614c2
Merge branch 'develop' into feature/service-changes
2016-11-27 14:01:13 -05:00
Dane Everitt
946512bac9
search for owner:<email> correctly.
2016-11-26 20:18:46 -05:00
Dane Everitt
723b608e0c
Implement node deletion properly, fixes #173
2016-11-26 16:29:13 -05:00
Dane Everitt
0e89ecb427
Handle node:<param> properly when doing server searches
...
Uses the node name rather than the node’s ID by default.
2016-11-26 16:19:25 -05:00
Dane Everitt
5600f3201c
Add support for deleting service packs.
2016-11-18 17:31:57 -05:00
Dane Everitt
d4729427aa
Support for uploading templates for installing packs
2016-11-16 17:22:22 -05:00
Dane Everitt
e09659a88f
support for pack editing
2016-11-16 16:09:28 -05:00
Dane Everitt
09c2dcc1b6
Support for viewing and exporting packs
2016-11-15 23:12:47 -05:00
Dane Everitt
a1bc6fa2d3
Push changes that support creations of service packs and basic listing
2016-11-15 20:20:32 -05:00
Dane Everitt
cfd5e0e854
Implement base service file modification through panel
2016-11-09 17:58:14 -05:00
Dane Everitt
659c33f0e8
Fixes a bug that allows a user to bypass 2FA authentication requirements
...
This bug was reported to us by a user (@Ferry#1704) on Discord on
Monday, November 7th, 2016.
It was disclosed that it was possible to bypass the 2FA checkpoint by
clicking outside of the modal which would prompt the modal to close,
but not submit the form. The user could then press the login button
which would trigger an error. Due to this error being triggered the
authentication attempt was not cancelled. On the next page load the
application recognized the user as logged in and continued on to the
panel.
At no time was it possible to login without using the correct email
address and password.
As a result of this bug we have re-factored the Authentication code for
logins to address the persistent session. Previously accounts were
manually logged back out on 2FA failure. However, as this bug
demonstrated, causing a fatal error in the code would prevent the
logout code from firing, thus preserving their session state.
This commit modifies the code to use a non-persistent login to handle
2FA checking. In order for the session to be saved the application must
complete all portions of the login without any errors, at which point
the user is persistently authenticated using Auth::login().
This resolves the ability to cause an exception and bypass 2FA
verification.
2016-11-07 15:55:57 -05:00
Dane Everitt
48994c1354
Fix the other user bug...
2016-11-04 21:50:47 -04:00
Dane Everitt
4359252545
Fix a @schrej bug
2016-11-04 21:46:16 -04:00
Dane Everitt
61e65294af
Fix bug preventing rendering of database hosts when not linked to a node.
2016-11-04 20:44:56 -04:00
Jakob
e65dc5708d
Validate password on reset according to rules ( #158 )
...
* move password rules to Models\User::PASSWORD_RULES
* validate new password according to rules on password reset
* add password requirements info to auth.passwords.reset view
2016-10-30 16:02:39 -04:00
Dane Everitt
6fd7c78f0c
Add server deletion to a queue.
...
This action allows servers to be deleted, but only be soft-deleted for
10 minutes. After that time period the server will be completely
removed from the database and daemon. This allows some safety if a
server is accidentally deleted.
Force deleting a server will still work. If the daemon is in-accessible
the server will fail to be deleted. When server is soft-deleted admins
can still view its information page in the admin CP, however the server
will be suspended and inaccessible on the front-end or though the
daemon.
Admins can manually delete the server ahead of the delete timer, or if
it failed to delete previously they can do an immediate retry.
2016-10-27 20:05:29 -04:00
Dane Everitt
bef717b202
add typeahead support for owner email when adding new server
...
closes #144
pic: http://s3.pterodactyl.io/UpPSJ.png
2016-10-21 15:22:47 -04:00
Dane Everitt
f24347d1bd
Remove old admin routes, fix display to non-admins
...
Complete!
2016-10-20 18:40:16 -04:00
Dane Everitt
b1a9a59707
Update middleware to handle wildcards correctly.
2016-10-20 18:35:55 -04:00
Dane Everitt
53ec2c55ec
Add front-end support for adding and deleting API keys.
2016-10-20 18:20:58 -04:00
Dane Everitt
dfeed013ba
Server API obey's the subuser permissions as well
2016-10-20 17:04:58 -04:00
Dane Everitt
125856d92f
Support for server info and minor changes to API setup
2016-10-20 16:42:54 -04:00
Dane Everitt
5a03ce7e1a
Add support for controlling server power from API.
2016-10-20 13:39:39 -04:00
Dane Everitt
745c735b32
Add initial basic API changes
...
New route is `/api/me`
2016-10-14 20:22:23 -04:00
Dane Everitt
126df09152
Fix route handling
2016-10-14 17:17:35 -04:00
Dane Everitt
7cf7a5a961
Split account things into own controllers.
2016-10-14 17:15:36 -04:00
Dane Everitt
63058d8c8e
Super early base implementation of notifications from daemon
2016-10-14 16:20:24 -04:00
Dane Everitt
649b18c8d1
support for server filtering
...
closes #125
2016-10-12 17:12:27 -04:00
Dane Everitt
84a4c8b7f4
API enhancements, return node config, return 200 not 201
2016-10-12 15:42:23 -04:00
Dane Everitt
c8a73fa608
Log the error output for API
2016-10-07 16:10:54 -04:00
Dane Everitt
af68dbed8f
Add support for base API logging of all requests
...
ref #31
2016-10-07 16:06:09 -04:00
Dane Everitt
06422b2055
fix up API route return
2016-10-07 14:26:50 -04:00
Dane Everitt
06756af994
add ?daemon=true option to API for servers
2016-10-06 23:56:32 -04:00
Dane Everitt
9d10c2a757
Support custom user id though API, closes #115
2016-10-06 22:36:59 -04:00
Dane Everitt
77198b48df
Support folders within folders for JS path
2016-10-06 17:27:30 -04:00
Dane Everitt
8330e26b39
Update routes to reflect daemon changes
2016-10-04 21:38:32 -04:00
Dane Everitt
4d922b6a0c
Clean up file adding and listing
2016-10-03 21:09:20 -04:00
Dane Everitt
fb4d122a2a
More updates to file manager
...
Not doing individual commits for this, tons of changes for tons of
different aspects across multiple files.
2016-10-01 23:09:55 -04:00
Dane Everitt
71245cb531
Minor changes to support better dynamic JS loading
2016-09-30 20:53:08 -04:00
Dane Everitt
831399184f
clean up front-end port allocation handling
2016-09-30 18:21:02 -04:00
Dane Everitt
bd7fd836ff
clean up node allocation
2016-09-30 17:12:36 -04:00
Dane Everitt
16222d1bd7
redirect if no locations
2016-09-30 16:05:39 -04:00
Dane Everitt
2e88c51ac7
If value is empty set to null
2016-09-30 16:01:36 -04:00
Dane Everitt
a9d0b4a4fe
Add support for setting IP aliases though panel
2016-09-29 21:34:20 -04:00
Dane Everitt
723e34a784
redirect to allocation tab when created
2016-09-29 17:47:47 -04:00
Dane Everitt
d9f1a7faf7
allow setting variable options to "0", closes #87
2016-09-17 20:25:13 -04:00
Dane Everitt
812b869be8
add ability to change servers docker image
2016-09-17 20:14:36 -04:00
Dane Everitt
7dd00d6d88
Fix startup executable display bug
2016-09-16 18:44:12 -04:00
Dane Everitt
bcd4b35890
Startup not required, fix display executable bug
2016-09-16 18:39:36 -04:00
Dane Everitt
06c680ee52
Fix redirect on server delete
2016-09-14 18:36:33 -04:00
Dane Everitt
c2d0a5adb3
Fix exception loading typo
2016-09-14 18:36:33 -04:00
Dane Everitt
228d6b1b21
Clean up exception handling code, closes #81
...
Makes sure things get logged properly.
2016-09-07 16:12:06 -04:00
Dane Everitt
e0bff4db8e
closes #85 , also fixes route names
2016-09-07 15:28:57 -04:00
Dane Everitt
9fb0cb420e
Add subuser support to tasks
...
Also allow task creation…
2016-09-05 17:39:58 -04:00
Dane Everitt
9b4a0ed143
Add task toggle and delete
2016-09-05 17:13:22 -04:00
Dane Everitt
7529e961de
Add back API ( #80 )
...
Re-implements the API after it was removed in the Laravel 5.3 upgrade.
2016-09-05 16:21:36 -04:00
Dane Everitt
b02df8e610
Implement base notifications support ( #77 )
...
* initial implementation of notifications
* typehint UUID returns. Fixes that notifications bug
2016-09-05 12:00:56 -04:00
Dane Everitt
b3ca8a3732
Fix password reset redirection path
2016-09-04 19:08:46 -04:00
Dane Everitt
afb5011fbe
Update to Laravel 5.3
...
[BREAKING] — REMOVES REMOTE API
A new API will need to be implemented properly using the new Laravel
Passport OAuth2 system. DingoAPI was becoming too unstable and
development wasn’t really moving along enough to continue to rely on it.
2016-09-03 17:09:00 -04:00
Dane Everitt
8e657a0bf0
Remove old 'active' column and replace some references with 'suspended' in place
2016-09-01 21:21:01 -04:00
Dane Everitt
38eae88bd0
Add support for suspension
2016-09-01 21:16:38 -04:00
Dane Everitt
e8c175f385
Add IP Aliasing ( #72 )
...
* complete support for IP Alias's throughout panel
Includes a database change and probably better allocation handling
anyways
closes #37
2016-08-31 16:03:37 -04:00
Dane Everitt
4d31004cf4
Suppress overly verbose error output to users
2016-08-16 19:20:58 -04:00
Dane Everitt
445b2f20eb
closes #69
2016-08-16 19:06:03 -04:00
Dane Everitt
5233d6e87b
Add database password change support and fix column name
2016-08-16 00:07:10 -04:00
Dane Everitt
67d9f9f4ab
Improve scheduled task layout and data handling
2016-03-18 16:23:10 -04:00
Dane Everitt
e7436aab2b
Add active session management
2016-02-26 00:35:23 -05:00
Dane Everitt
f6be06164f
fix user controller; closes #58 , closes #59
2016-02-21 01:15:37 -05:00
Dane Everitt
48b9bc0c52
add support for variable creation and deletion
2016-02-21 00:38:03 -05:00
Dane Everitt
dcf2f6fa0a
fix up urls to follow a cleaner pattern
2016-02-21 00:07:03 -05:00
Dane Everitt
dcfdb89e3c
add support for deleting service option
2016-02-20 16:55:05 -05:00
Dane Everitt
1e9bf1c220
Add support for adding new service option
2016-02-20 16:45:13 -05:00
Dane Everitt
177bd4ec9d
add ability to delete a service
2016-02-20 16:23:04 -05:00
Dane Everitt
a50bb5da14
add ability to create new service
2016-02-20 16:02:49 -05:00
Dane Everitt
e42547a1ff
add support for editing service options
2016-02-20 15:59:37 -05:00
Dane Everitt
ad5e253a07
Really basic initial implementation of service management
2016-02-15 15:21:28 -05:00
Dane Everitt
217762a2eb
More complete implementation of database management in panel.
...
Still missing ability to change passwords for databases, but that will
come soon.
2016-02-14 21:43:20 -05:00
Dane Everitt
a36f3dd875
Fix startup variable editing to allow admin full control
2016-02-13 17:36:03 -05:00
Dane Everitt
a903ae313a
Add per-service-option startup & executable
...
Also fixes display issue on front-end where users could see and edit
hidden settings
Fixes a bug in relation to #57
2016-02-13 17:29:52 -05:00
Dane Everitt
5678d643cd
Very basic view of databases and database servers on the system
2016-02-13 00:18:32 -05:00
Dane Everitt
7013d10987
Add basic support for per-server databases
...
Still missing ability to define database servers
2016-02-08 18:03:05 -05:00
Dane Everitt
a9ced7d474
Very basic initial auto-deploy script setup
2016-02-05 23:41:16 -05:00
Dane Everitt
4d99d57820
fix associated server display; closes #43
2016-01-25 19:14:32 -05:00
Dane Everitt
333aa73be5
Remove exception logging for connection error; closes #40
2016-01-25 18:42:27 -05:00
Dane Everitt
873f39d574
fix download error; closes #39
2016-01-25 18:39:34 -05:00
Dane Everitt
7bb0190ffa
Change hmac method
2016-01-22 21:56:54 -05:00
Dane Everitt
aac498808c
closes #30
2016-01-22 21:53:11 -05:00
Dane Everitt
be48fbd418
Fix allocation selection
2016-01-22 21:43:56 -05:00
Dane Everitt
fbd1b3f097
Improved display for server view if not installed
2016-01-22 20:39:16 -05:00
Dane Everitt
be47565c78
Update to match new installer processing.
2016-01-22 20:31:47 -05:00
Dane Everitt
4719b20a27
Implement server startup stuff
2016-01-22 19:40:48 -05:00
Dane Everitt
52229d5d2e
Add SFTP management to server front-end
2016-01-21 23:58:08 -05:00
Dane Everitt
63f4d08f0f
Add language switching support
2016-01-20 22:39:02 -05:00
Dane Everitt
b63fc02cef
Add settings to panel
2016-01-20 22:08:13 -05:00
Dane Everitt
591cc8648d
Fix user creation
2016-01-20 22:08:13 -05:00
Dane Everitt
40c68a5391
Add title to copyright
2016-01-20 16:05:16 -05:00
Dane Everitt
026df6a36f
Relicense project under MIT
...
Permission obtained from @DDynamic. Contributions from other users were
removed since we did not obtain permission from them for the re-license.
From this point forward all contributors must have a signed Contributor
License Agreement on file.
2016-01-20 15:56:40 -05:00
Dane Everitt
b0bcb879d0
Add license details to add app files.
2016-01-19 19:10:39 -05:00
Dane Everitt
ac6edc4d64
Completed subuser system
2016-01-18 19:57:10 -05:00
Dane Everitt
b7666bdb05
Basic initial subuser management
2016-01-18 01:24:33 -05:00
Dane Everitt
644f26fbfe
Add location creation
2016-01-16 23:10:46 -05:00
Dane Everitt
fb5533f107
add location editing
2016-01-16 22:57:28 -05:00
Dane Everitt
21a95a5d0e
Add location delete support
2016-01-16 22:29:35 -05:00
Dane Everitt
861af87e93
Fix password reset system
2016-01-16 21:57:10 -05:00
Dane Everitt
8e92f96999
Fix logout
2016-01-16 21:45:35 -05:00
Dane Everitt
c701aa0825
Add support for CIDR ranges on API
2016-01-16 20:17:46 -05:00
Dane Everitt
317698a84a
encrypt API keys
2016-01-16 20:11:31 -05:00
Dane Everitt
3e595ca856
Add API Management to admin CP
2016-01-16 19:56:48 -05:00
Dane Everitt
ade16e64c8
Fix api route permission
2016-01-16 17:34:07 -05:00
Dane Everitt
a6bc36a710
add initial api management page
2016-01-16 01:20:27 -05:00
Dane Everitt
ac65d5fa21
Finish base API.
...
Making PR, any additional API functions or modifications can be done
within the repository now.
2016-01-16 00:25:21 -05:00
Dane Everitt
77e3744b40
Change authentication method for API.
2016-01-15 19:26:50 -05:00
Dane Everitt
63f377a038
Add more API routes
...
Servers: list all, list single
Nodes: list all, list single, list single allocations, add node
Locations: list all
2016-01-15 17:54:29 -05:00
Dane Everitt
0ccaa16ea4
Fix exceptions thrown to mimic proper HTTP status codes
2016-01-15 00:20:58 -05:00
Dane Everitt
69c2e89fe0
Fix some missing exceptions and validation handling for users
2016-01-15 00:08:50 -05:00
Dane Everitt
8c9e797210
Finish user portion of API
2016-01-14 23:13:26 -05:00
Dane Everitt
4604500349
Replace tabs with Spaces
...
I *really* wish Atom would stop doing this to me.
2016-01-12 23:49:56 -05:00
Dane Everitt
695728295a
Add support for creating a user using the API
2016-01-12 23:43:33 -05:00
Dane Everitt
3114c1f73e
Add user specific listing route
2016-01-12 22:59:34 -05:00
Dane Everitt
72acf06353
Improve API auth to rate limit requests and verify they are root_admin
2016-01-12 22:59:24 -05:00
Dane Everitt
2def94c958
Update routes to use CSRF protection
2016-01-12 21:50:43 -05:00
Dane Everitt
98b3355158
very basic initial push of API
2016-01-12 01:05:44 -05:00
Dane Everitt
a3eb4b7dc4
Update to Laravel 5.2
2016-01-11 22:04:11 -05:00
Dane Everitt
02f6bf428e
Show initial locations list
2016-01-10 19:22:21 -05:00
Dane Everitt
1d97b0be98
Add support for modification of server startup variables and command
2016-01-10 18:57:22 -05:00
Dane Everitt
232c05c31d
Add support for deleting nodes
...
Finishes node management
2016-01-10 16:59:19 -05:00
Dane Everitt
179481c547
Add support for allocation management on nodes.
...
Allows deleting entire IP blocks, as well as allocating new IPs and
Ports via CIDR ranges, single IP, and single ports or a port range.
2016-01-10 00:38:16 -05:00
Dane Everitt
a1c6aa6358
Clean up setting allocation front-end
2016-01-08 22:36:57 -05:00
Dane Everitt
65a91baa16
Fix inner join bug
2016-01-08 20:39:16 -05:00
Dane Everitt
54bef1e7d5
Basic allocation information
...
Allows deleting ports, nothing else yet
2016-01-08 20:01:18 -05:00
Dane Everitt
2160613163
Add EULA acceptance popup when starting server
2016-01-08 19:54:06 -05:00
Dane Everitt
edf0939ff3
MiddleWare !== Middleware
2016-01-08 15:08:29 -05:00
Dane Everitt
6e0c5d16af
Allow updating settings and show configuration for node
2016-01-05 18:31:25 -05:00
Dane Everitt
09d28bf145
adds support for viewing server stats from 'Your Servers' page
...
http://s3.pterodactyl.io/bnSTK.png
2016-01-05 01:15:23 -05:00
Dane Everitt
69f0340c48
Add very basic node information view
...
Adds a servers tab with 30 second interval data from the daemon for
each displayed server.
2016-01-05 00:52:20 -05:00
Dane Everitt
d381c691ba
Add support for node creation
2016-01-04 23:59:45 -05:00
Dane Everitt
98d2a1e1fd
Delete account is no longer a GET request
2016-01-04 16:22:57 -05:00
Dane Everitt
4ae8a45ed3
Clean up routes and middleware checking
2016-01-04 16:09:39 -05:00
Dane Everitt
99a67127c9
Add toggle install status support
2016-01-04 16:09:22 -05:00
Dane Everitt
4fe4881f77
Add delete server support as well as fix a few other bugs
...
Also a few JS fixes to make things work better and not clear the
console every time the server is booted
2016-01-03 23:16:03 -05:00
Dane Everitt
9d2d726992
🎉 Finishes server creation 🎉
2016-01-03 18:10:28 -05:00
Dane Everitt
a7fdb9618c
support for changing allocation on frontend
2016-01-03 15:15:14 -05:00
Dane Everitt
fb77e23eb4
Make server overview cleaner and easier to follow
...
Also adds allocation information tab, still need to make it so users
can actually change their default connection address
2016-01-03 00:28:33 -05:00
Dane Everitt
4953608aee
Add build configuration to server management.
...
Allows modification of certain settings, as well as assigning
additional IP addresses and ports.
2016-01-02 23:21:22 -05:00
Dane Everitt
2c054e7edc
Add initial support for viewing basic server details
...
Includes support for changing server name, owner, and daemon secret.
2016-01-02 18:04:18 -05:00
Dane Everitt
f467c3f0eb
Improved user management in Admin CP
...
Fixes a few bugs from PR#17
2016-01-02 15:08:33 -05:00
BlameDylan
6810375d2b
View and Delete Users
...
This commit implements an interface into the Admin Panel that allows
users to be viewed, modified, and deleted.
2016-01-02 00:38:15 -06:00
Dane Everitt
6b25a163fc
Improved server creation and options
2016-01-01 22:53:43 -05:00
Dane Everitt
59fb0eae4f
Improved file downloading
2016-01-01 19:27:44 -05:00
Dane Everitt
46117afc77
Code cleanup and fixes filemanager
2016-01-01 18:08:15 -05:00
Dane Everitt
264431a271
Whats this? We can add new servers now?!
2015-12-15 15:08:41 -05:00
Dane Everitt
22b0bbf6ce
Model fixing, moving things around to improve code.
...
Adds unique UUID generator, moves functions into repositories for
adding servers and users, cleans up code, adding more comments.
2015-12-13 22:22:16 -05:00
Dane Everitt
5955b1453c
Fix authentication handler
...
Check email & password before token to handle case where email is
invalid.
2015-12-13 21:30:57 -05:00
Dane Everitt
9c9d33c127
Merge pull request #13 from DDynamic/development
...
Account Creation in AdminCP
2015-12-13 20:36:39 -05:00
BlameDylan
3d80c5b7e6
Account Creation in AdminCP
2015-12-13 19:03:04 -06:00
Dane Everitt
b6ac96550b
Fairly basic implementation of adding a server. Does not actually do anything yet.
...
Pushing this for commit sake.
2015-12-11 23:29:00 -05:00
Dane Everitt
d0e4592377
Initial validator implementation for server creation
2015-12-10 23:13:34 -05:00
Dane Everitt
288ee1a258
Improved TOTp handling in login.
...
Cleaned up the code a bit, also checks TOTP before attemping to verify
user.
This addresses the potential for an attacker to try at a password
and/or confirm that the password is correct unless they have a valid
TOTP code for the request. A failed TOTP response will trigger a
throttle count on the login as well.
2015-12-10 21:58:17 -05:00
BlameDylan
4585753d04
Implement Two-factor authentication
2015-12-10 19:40:59 -06:00
Dane Everitt
59ff1ebbe6
Finish front-end server creation page.
2015-12-10 18:30:49 -05:00
BlameDylan
2d57772528
Migrate ability to reset passwords
2015-12-08 18:28:49 -06:00
Dane Everitt
f47f0cd549
More additions to server creation page.
...
Adds memory/disk/etc. fields as well as selecting the service type and
option. Still need to add in the ability to set the variables once an
option is selected.
2015-12-08 18:34:18 -05:00
Dane Everitt
47235b670a
Push some basic add server functionality
...
Doesn’t support adding the server, but adds improved support for
handling picking server location, node, and ip+port
2015-12-07 00:47:19 -05:00
Dane Everitt
1489f7a694
Initial Commit of Files
...
PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0
2015-12-06 13:58:49 -05:00