Commit Graph

116 Commits

Author SHA1 Message Date
Dane Everitt 9b654d2c76
Fix bug with client API denying access to routes, closes #1366 2018-11-10 15:27:50 -08:00
Dane Everitt fd49e524c8
Update middleware code 2018-09-03 15:17:53 -07:00
Dane Everitt 4d62e4c7b9
Merge branch 'develop' into pr/1128 2018-09-03 15:10:23 -07:00
Dane Everitt f3efe546da
Fix broken namespace for autoloader 2018-08-31 20:34:57 -07:00
stanjg b56f3a8671
Expanded the middleware test 2018-06-01 16:22:06 +02:00
stanjg e9ac014bf4
Removed the use of Auth facade and removed unnecesary option 2018-06-01 16:10:32 +02:00
stanjg 3bb9e5e8a8 Merge branch 'develop' of https://github.com/stanjg/panel into feature/user-specific-language 2018-06-01 15:58:09 +02:00
stanjg 013dde75ae
Renamed the field and made some improvements 2018-05-31 16:34:35 +02:00
Dane Everitt e648e50d90
Write some example tests for @stanjg 2018-05-26 11:00:28 -07:00
Dane Everitt e3bbd85f3f
Merge branch 'develop' into pr/1129 2018-05-26 10:34:29 -07:00
Dane Everitt b4e510fbe3
Fixes before release 2018-05-20 16:49:54 -07:00
Dane Everitt 7e2e5fd7c1
Merge branch 'develop' into feature/upgrade-laravel-to-5.6 2018-05-20 16:30:42 -07:00
Lance Pioch 53829399de Make sure this trust proxies is also changed 2018-05-13 11:59:25 -04:00
Lance Pioch e2dc0638d9 Fix app/ spelling errors 2018-05-13 11:12:41 -04:00
stanjg 86c8ecdcdf
Added the actual logic 2018-05-04 15:02:51 +02:00
stanjg 17a72d0895
StyleCI fixes 2018-05-04 14:05:42 +02:00
stanjg 9a06647435
Added support for user specific languages 2018-05-04 12:56:30 +02:00
Dane Everitt ef371a508d
Change check on debugbar to use debug not environment 2018-03-10 12:03:23 -06:00
Dane Everitt a4f03f5d02
Handle missing daemon keys better and fix subuser missing key errors 2018-03-03 21:31:44 -06:00
Dane Everitt bcb69603ad
Add support for user management of databases 2018-03-02 19:03:55 -06:00
Dane Everitt 8f72571895
Fix IP access middleware 2018-02-28 23:39:59 -06:00
Dane Everitt cef3e4ced4
Add base routes for managing servers as a client 2018-02-27 21:28:43 -06:00
Dane Everitt 9a32b9fd03
Merge branch 'develop' into feature/client-api 2018-02-27 21:04:18 -06:00
Dane Everitt 23e07689a7
Handle 404 errors in API bindings correctly to avoid explosing that a resource exists before validating a key 2018-02-27 21:04:04 -06:00
Dane Everitt e28973bcae
Move everything around as needed to get things setup for the client API 2018-02-25 15:30:56 -06:00
Dane Everitt 5b6d3b8325
Slightly more clear errors 2018-02-24 12:27:41 -06:00
Dane Everitt 2ec76d283b
Fix bad API behavior 2018-02-04 15:38:38 -06:00
Dane Everitt 8afced3410
Add nests & eggs
Cleanup middleware handling and parameters on controllers...
2018-01-27 12:38:56 -06:00
Dane Everitt de07b3cc7f
Add server database management support to API. 2018-01-25 22:34:53 -06:00
Dane Everitt 3e327b8b0e
Use more logical route binding to not reveal resources on the API unless authenticated. 2018-01-20 15:33:04 -06:00
Dane Everitt 0e7f8cedf0
Reorganize API files 2018-01-19 19:58:57 -06:00
Dane Everitt c3b9738364
Implement application API Keys 2018-01-18 21:36:15 -06:00
Dane Everitt f9fc3f4370
Update interface to begin change to seperate account API keys and application keys
Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table.
2018-01-14 13:30:55 -06:00
Dane Everitt ad3a954256
Rename APIKey to ApiKey 2018-01-14 12:06:15 -06:00
Dane Everitt e3df0738da
Change the way API keys are stored and validated; clarify API namespacing
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
2018-01-13 16:06:19 -06:00
Dane Everitt a31e5875dc
First round of changes to API to support simpler permissions. 2018-01-11 22:49:46 -06:00
Dane Everitt 60eb60013c
Update repository base code to be cleaner and make use of PHP 7 features 2018-01-04 22:49:50 -06:00
Dane Everitt b9d67459b2
Update to Laravel 5.5 (#814) 2017-12-17 13:07:38 -06:00
Dane Everitt f9df463d32
Implement a better management interface for Settings (#809) 2017-12-14 21:05:26 -06:00
Dane Everitt 285485d7b0
Change how API keys are validated (#771) 2017-12-03 14:29:14 -06:00
Dane Everitt 975597b4d0
Implement changes to administrative user revocation, closes #733 2017-12-03 14:00:47 -06:00
Dane Everitt 20beb2f280 Fix error causing tasks to be un-deletable.
closes #786
2017-12-01 20:10:06 -06:00
Dane Everitt 6409fffdad
Implement fix to allow root admins to view all servers.
closes #722
2017-11-05 12:38:39 -06:00
Dane Everitt ecdd133b75
Fix daemon auth 2017-11-04 17:16:44 -05:00
Dane Everitt 71b90650de
Fix failing test suite 2017-11-04 12:49:05 -05:00
Dane Everitt 7882250baf
Add more middleware tests 2017-11-03 18:16:49 -05:00
Dane Everitt 7b3393aff9
More middleware tests 2017-11-01 20:45:43 -05:00
Dane Everitt d844a36167
Begin adding unit tests for middleware 2017-10-29 21:40:34 -05:00
Dane Everitt 79decafdc8
Update all the middlewares 2017-10-29 12:37:25 -05:00
Dane Everitt e0d03513e4
Cleanup frontend controllers and middleware 2017-10-27 21:42:53 -05:00