misc_pterodactyl-panel/app/Http/Middleware/RequireTwoFactorAuthentication.php

<?php
/**
 * Pterodactyl - Panel
 * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
 *
 * This software is licensed under the terms of the MIT license.
 * https://opensource.org/licenses/MIT
 */

namespace Pterodactyl\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Prologue\Alerts\AlertsMessageBag;

class RequireTwoFactorAuthentication
{
    const LEVEL_NONE = 0;
    const LEVEL_ADMIN = 1;
    const LEVEL_ALL = 2;

    /**
     * @var \Prologue\Alerts\AlertsMessageBag
     */
    private $alert;

    /**
     * The names of routes that should be accessable without 2FA enabled.
     *
     * @var array
     */
    protected $except = [
        'account.security',
        'account.security.revoke',
        'account.security.totp',
        'account.security.totp.set',
        'account.security.totp.disable',
        'auth.totp',
        'auth.logout',
    ];

    /**
     * The route to redirect a user to to enable 2FA.
     *
     * @var string
     */
    protected $redirectRoute = 'account.security';

    /**
     * RequireTwoFactorAuthentication constructor.
     *
     * @param \Prologue\Alerts\AlertsMessageBag $alert
     */
    public function __construct(AlertsMessageBag $alert)
    {
        $this->alert = $alert;
    }

    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure                 $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        if (! $request->user()) {
            return $next($request);
        }

        if (in_array($request->route()->getName(), $this->except)) {
            return $next($request);
        }

        switch ((int) config('pterodactyl.auth.2fa_required')) {
            case self::LEVEL_ADMIN:
                if (! $request->user()->root_admin || $request->user()->use_totp) {
                    return $next($request);
                }
                break;
            case self::LEVEL_ALL:
                if ($request->user()->use_totp) {
                    return $next($request);
                }
                break;
            case self::LEVEL_NONE:
            default:
                return $next($request);
        }

        $this->alert->danger(trans('auth.2fa_must_be_enabled'))->flash();

        return redirect()->route($this->redirectRoute);
    }
}
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`<?php`
			`/**`
			`* Pterodactyl - Panel`
			`* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.`
			`*`
Update license headers on files. 2017-09-26 02:43:01 +00:00			`* This software is licensed under the terms of the MIT license.`
			`* https://opensource.org/licenses/MIT`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`*/`

			`namespace Pterodactyl\Http\Middleware;`

			`use Closure;`
Update all the middlewares 2017-10-29 17:37:25 +00:00			`use Illuminate\Http\Request;`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`use Prologue\Alerts\AlertsMessageBag;`

			`class RequireTwoFactorAuthentication`
			`{`
			`const LEVEL_NONE = 0;`
			`const LEVEL_ADMIN = 1;`
			`const LEVEL_ALL = 2;`

			`/**`
			`* @var \Prologue\Alerts\AlertsMessageBag`
			`*/`
Update all the middlewares 2017-10-29 17:37:25 +00:00			`private $alert;`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00
			`/**`
Update all the middlewares 2017-10-29 17:37:25 +00:00			`* The names of routes that should be accessable without 2FA enabled.`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`*`
			`* @var array`
			`*/`
Update all the middlewares 2017-10-29 17:37:25 +00:00			`protected $except = [`
			`'account.security',`
			`'account.security.revoke',`
			`'account.security.totp',`
			`'account.security.totp.set',`
			`'account.security.totp.disable',`
			`'auth.totp',`
			`'auth.logout',`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`];`

Update all the middlewares 2017-10-29 17:37:25 +00:00			`/**`
			`* The route to redirect a user to to enable 2FA.`
			`*`
			`* @var string`
			`*/`
			`protected $redirectRoute = 'account.security';`

Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`/**`
			`* RequireTwoFactorAuthentication constructor.`
			`*`
			`* @param \Prologue\Alerts\AlertsMessageBag $alert`
			`*/`
Implement a better management interface for Settings (#809) 2017-12-15 03:05:26 +00:00			`public function __construct(AlertsMessageBag $alert)`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`{`
			`$this->alert = $alert;`
			`}`

			`/**`
			`* Handle an incoming request.`
			`*`
Update license headers on files. 2017-09-26 02:43:01 +00:00			`* @param \Illuminate\Http\Request $request`
			`* @param \Closure $next`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`* @return mixed`
			`*/`
Update all the middlewares 2017-10-29 17:37:25 +00:00			`public function handle(Request $request, Closure $next)`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`{`
			`if (! $request->user()) {`
			`return $next($request);`
			`}`

Update all the middlewares 2017-10-29 17:37:25 +00:00			`if (in_array($request->route()->getName(), $this->except)) {`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`return $next($request);`
			`}`

Implement a better management interface for Settings (#809) 2017-12-15 03:05:26 +00:00			`switch ((int) config('pterodactyl.auth.2fa_required')) {`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`case self::LEVEL_ADMIN:`
Add more middleware tests 2017-11-03 23:16:49 +00:00			`if (! $request->user()->root_admin \|\| $request->user()->use_totp) {`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`return $next($request);`
			`}`
			`break;`
			`case self::LEVEL_ALL:`
			`if ($request->user()->use_totp) {`
			`return $next($request);`
			`}`
			`break;`
Implement a better management interface for Settings (#809) 2017-12-15 03:05:26 +00:00			`case self::LEVEL_NONE:`
			`default:`
			`return $next($request);`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`}`

Update all the middlewares 2017-10-29 17:37:25 +00:00			`$this->alert->danger(trans('auth.2fa_must_be_enabled'))->flash();`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00
Update all the middlewares 2017-10-29 17:37:25 +00:00			`return redirect()->route($this->redirectRoute);`
Add togglable 2FA user requirements (#635) 2017-09-26 01:58:16 +00:00			`}`
			`}`