9b654d2c76
Fix bug with client API denying access to routes, closes #1366
2018-11-10 15:27:50 -08:00
a9fa60a6fb
Respect pagination settings on frontend
...
closes #1335
2018-11-10 12:38:35 -08:00
d2991eafa1
Merge pull request #1363 from pterodactyl/feature/remove-phraseapp
...
Remove phraseapp because we no longer use it
2018-11-10 12:16:18 -08:00
8ef368faa4
Rename app/Http/Controllers/API/Remote/ValidateKeyController.php to app/Http/Controllers/Api/Remote/ValidateKeyController.php
2018-11-07 18:17:27 +02:00
7c64492557
Rename app/Http/Controllers/API/Remote/SftpController.php to app/Http/Controllers/Api/Remote/SftpController.php
2018-11-07 18:17:08 +02:00
c9e207c15d
Rename app/Http/Controllers/API/Remote/EggRetrievalController.php to app/Http/Controllers/Api/Remote/EggRetrievalController.php
2018-11-07 18:16:50 +02:00
cfbdf07b80
Rename app/Http/Controllers/API/Remote/EggInstallController.php to app/Http/Controllers/Api/Remote/EggInstallController.php
2018-11-07 18:16:28 +02:00
dd9730b5f8
Return permissions string when authenticating SFTP
2018-11-04 11:09:42 -08:00
fb13305641
Delete PhraseAppTranslator.php
2018-10-24 11:34:49 -04:00
74ca11c37d
Delete PhraseAppTranslationProvider.php
2018-10-24 11:32:00 -04:00
c5608b1827
rework UI of mail settings page to allow for saving settings before testing
2018-10-13 21:30:47 -04:00
8b61175c3b
add exception message to fail message for mail test
2018-10-13 21:30:47 -04:00
df9f0be839
styleci tweaks
2018-10-13 21:30:47 -04:00
670efa3544
styleci tweaks
2018-10-13 21:30:47 -04:00
ace58dd1df
allow test of mail system no matter the type
2018-10-13 21:30:47 -04:00
1b03ae2efe
remove Log::debug() call
2018-10-13 21:30:47 -04:00
fd3e5fc73e
add SMTP mail tester
2018-10-13 21:30:47 -04:00
29237fd1ef
Merge pull request #1330 from ayan4m1/feature/exception-logging
...
Simple query exception logging
2018-09-18 21:44:29 -07:00
262ef78fae
Allow deletion of multiple allocations at once ( #1322 )
2018-09-18 21:43:18 -07:00
9f6875ed61
log query exception message during settings boot
2018-09-16 13:20:57 -04:00
f9542c98e2
Fix tests broken by bad namespaces
2018-09-03 15:59:30 -07:00
fd49e524c8
Update middleware code
2018-09-03 15:17:53 -07:00
4d62e4c7b9
Merge branch 'develop' into pr/1128
2018-09-03 15:10:23 -07:00
c6112b4234
Fix tests
2018-09-03 14:59:00 -07:00
3bb9bf04e5
Pass the updated model through for updating node config, rather than old model, ref #1237
2018-09-03 14:54:50 -07:00
7ed9c7cb93
Correctly store changes to upload size limit, closes #1237
2018-09-03 14:53:58 -07:00
5bd3f59455
Fix schedules running twice, closes #1288
2018-09-03 14:32:33 -07:00
413a22a3d5
Changes to job running to clean up code
2018-09-03 14:04:25 -07:00
bcb3f5d5fa
Fix handling of times
2018-08-31 21:12:10 -07:00
178b8f8ce6
More logical time handling
2018-08-31 21:00:13 -07:00
e5636405f3
Drop carbon, use chronos
2018-08-31 20:52:15 -07:00
f3efe546da
Fix broken namespace for autoloader
2018-08-31 20:34:57 -07:00
8f5bd214a4
[Security] Address 2FA bypass in password reset functionality
...
Thanks to Trixter#0001 on Discord for this security report.
There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required.
This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed.
Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.
2018-07-04 11:41:56 -07:00
1ffb5acfad
Send an email when a server is marked as installed ( #1213 )
...
Co-authored-by: @stanjg
2018-07-01 14:34:40 -07:00
d2bc791d74
Fix links sent to users when accounts are created
...
closes #1093
2018-06-30 18:47:31 -07:00
304d947536
Allow creating subuser with no permissions
2018-06-30 18:25:46 -07:00
96699b192e
Don't verify SSL signatures in dev
...
[skip ci]
2018-06-30 18:24:35 -07:00
974318ffb4
Logout other sessions when password is changed
...
closes #1222
2018-06-30 17:50:58 -07:00
bad9ae58e8
Fix environment_variables name ( #1212 )
2018-06-30 13:25:40 -07:00
d73e5a2274
Fixed my fix to fix the 500 error on /api/application/nodes when not specifying a daemon_base ( #1182 )
2018-06-02 14:34:01 -07:00
969b16a563
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2018-06-02 21:32:26 +00:00
b56f3a8671
Expanded the middleware test
2018-06-01 16:22:06 +02:00
e9ac014bf4
Removed the use of Auth facade and removed unnecesary option
2018-06-01 16:10:32 +02:00
3bb9e5e8a8
Merge branch 'develop' of https://github.com/stanjg/panel into feature/user-specific-language
2018-06-01 15:58:09 +02:00
fd8d7c3571
Merge pull request #1130 from stanjg/feature/stats-page
...
Added a statistics page to monitor the panel usage
2018-05-31 22:56:58 -07:00
ccf3e3511f
Renamed middleware, and fixed the test
2018-05-31 16:40:18 +02:00
013dde75ae
Renamed the field and made some improvements
2018-05-31 16:34:35 +02:00
60e1ffa564
Added a test for the controller and cleaned up the controller
2018-05-27 00:16:13 +02:00
7a81c61ad8
Wording changes and fix of major fail last commit
2018-05-26 21:02:47 +02:00
86e7085396
Cleaned up the controller and prepared for tests
2018-05-26 20:58:49 +02:00
Dane Everitt
mrkrabs
Lance Pioch
ayan4m1
Andrew DeLisa
Stan
Sergzy
Jacob Gee-Clarke