sonot
/
PteroTheme
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,589 Commits 61 Branches 128 Tags 29 MiB
Commit Graph

84 Commits

Author SHA1 Message Date
Dane Everitt f9fc3f4370
Update interface to begin change to seperate account API keys and application keys 
Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table.
 2018-01-14 13:30:55 -06:00
Dane Everitt ad3a954256
Rename APIKey to ApiKey 2018-01-14 12:06:15 -06:00
Dane Everitt e3df0738da
Change the way API keys are stored and validated; clarify API namespacing 
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
 2018-01-13 16:06:19 -06:00
Dane Everitt a31e5875dc
First round of changes to API to support simpler permissions. 2018-01-11 22:49:46 -06:00
Dane Everitt 60eb60013c
Update repository base code to be cleaner and make use of PHP 7 features 2018-01-04 22:49:50 -06:00
Dane Everitt b9d67459b2
Update to Laravel 5.5 (#814) 2017-12-17 13:07:38 -06:00
Dane Everitt f9df463d32
Implement a better management interface for Settings (#809) 2017-12-14 21:05:26 -06:00
Dane Everitt 285485d7b0
Change how API keys are validated (#771) 2017-12-03 14:29:14 -06:00
Dane Everitt 975597b4d0
Implement changes to administrative user revocation, closes #733 2017-12-03 14:00:47 -06:00
Dane Everitt 20beb2f280 Fix error causing tasks to be un-deletable. 
closes #786
 2017-12-01 20:10:06 -06:00
Dane Everitt 6409fffdad
Implement fix to allow root admins to view all servers. 
closes #722
 2017-11-05 12:38:39 -06:00
Dane Everitt ecdd133b75
Fix daemon auth 2017-11-04 17:16:44 -05:00
Dane Everitt 71b90650de
Fix failing test suite 2017-11-04 12:49:05 -05:00
Dane Everitt 7882250baf
Add more middleware tests 2017-11-03 18:16:49 -05:00
Dane Everitt 7b3393aff9
More middleware tests 2017-11-01 20:45:43 -05:00
Dane Everitt d844a36167
Begin adding unit tests for middleware 2017-10-29 21:40:34 -05:00
Dane Everitt 79decafdc8
Update all the middlewares 2017-10-29 12:37:25 -05:00
Dane Everitt e0d03513e4
Cleanup frontend controllers and middleware 2017-10-27 21:42:53 -05:00
Dane Everitt 058e490ec4 Implement Panel changes to support internal SFTP subsystem on Daemon (#703) 2017-10-25 00:35:25 -04:00
Dane Everitt 97dc0519d6
Add database management back to front-end and begin some refactoring 
Here we go again boys...
 2017-10-18 22:32:19 -05:00
Dane Everitt 048784607d
Minor bug fixes 2017-09-30 11:45:24 -05:00
Dane Everitt fb8a26f141
Merge branch 'develop' into feature/api-daemon-changes 2017-09-25 21:46:44 -05:00
Dane Everitt e56f4cdd33
Update license headers on files. 2017-09-25 21:43:01 -05:00
Lance Pioch 09d958249d Add togglable 2FA user requirements (#635) 2017-09-25 15:58:16 -10:00
Dane Everitt 7d1c233c49
Final adjustments to Daemon <-> Panel communication change 2017-09-24 21:12:30 -05:00
Dane Everitt 906a699ee2
Begin implementation of new daemon authentication scheme 2017-09-23 20:45:25 -05:00
Dane Everitt 7f76684453
More schedule changes 2017-09-13 21:46:43 -05:00
Dane Everitt 2ac90b50f2
Begin refactoring Tasks to be apart of the Scheduler system 2017-09-12 23:45:19 -05:00
Dane Everitt f157c06d04
Fix PHPCS to order by length not alphabetical 2017-09-04 19:07:00 -05:00
Dane Everitt dc310ffdea
Finish subuser controller 2017-09-04 18:12:13 -05:00
Dane Everitt 8f14ee989d Apply fixes from StyleCI 2017-09-03 21:41:03 +00:00
Dane Everitt 4532811fcd
Improved middleware, console page now using new setup 2017-09-02 21:35:33 -05:00
Dane Everitt 3ee5803416
Massive PHPCS linting 2017-08-21 22:10:48 -05:00
Dane Everitt 9515128b8a
Respond 401 not 404 when bad request token 2017-06-28 20:05:50 -05:00
Dane Everitt 5bdd75eb94
Fix IP checking in API middleware, closes #425 2017-05-06 23:02:12 -04:00
Dane Everitt 4306eaa00e
For english language, will be fixed in 0.6.1 when translations are more complete and better implemented. 2017-05-06 22:06:57 -04:00
Dane Everitt 5651d9ae2b
Fix authentication code for daemon requests. 2017-05-02 20:11:56 -04:00
Fillerino 5cc28a0716 Fixing timing attack vuln. on HMAC comparison (#409) 2017-04-24 16:49:03 -04:00
Dane Everitt 93d79994f8 Apply fixes from StyleCI (#372) 2017-04-09 19:16:39 -04:00
Dane Everitt db4df2bfa1
Push basis of new API key policy 
Will need to revisit this another day when I’m fresh to figure out the
best method to do this.
 2017-04-07 21:25:17 -04:00
Dane Everitt c071efd008
Finish API routes for users. 2017-04-02 15:52:53 -04:00
Dane Everitt 97773300ed
Better middleware for routes, cleaned up API, removed old API calls 
New API routes for Server allow specifying which fractal objects to
load into the request, thus making it possible to fine-tune what data
is returned.
 2017-04-02 13:19:39 -04:00
Dane Everitt ddb82ac3ca
Add initial user server transformer for API. 2017-04-02 00:49:53 -04:00
Dane Everitt 87530cdc01
Initial moves to new API scheme. 
Implements a better middleware for handling API authentication, as well
as cleaner route handling.
 2017-04-02 00:11:52 -04:00
Dane Everitt 9c303456fb Update codebase to L5.4 (#367) 2017-04-01 17:59:43 -04:00
Dane Everitt 2dec659dd1
Fix syntax error. 2017-03-31 21:47:53 -04:00
Dane Everitt c7d4c3aa76
Send default response 2017-03-31 21:16:00 -04:00
Dane Everitt ff57e2ff85
Cleanup recaptcha middleware 2017-03-31 21:12:49 -04:00
Dane Everitt 451dd7ebc8 Apply fixes from StyleCI (#364) 2017-03-31 20:48:35 -04:00
Jakob Schrettenbrunner 0ee80b1fec fix captcha middleware using wrong function when disabled 2017-04-01 01:54:42 +02:00