misc_pterodactyl-panel/app/Http/Kernel.php

128 lines
4.8 KiB
PHP
Raw Normal View History

<?php
namespace Pterodactyl\Http;
use Pterodactyl\Models\ApiKey;
2017-10-29 20:57:43 +00:00
use Illuminate\Auth\Middleware\Authorize;
use Illuminate\Auth\Middleware\Authenticate;
use Pterodactyl\Http\Middleware\TrimStrings;
use Pterodactyl\Http\Middleware\TrustProxies;
2017-10-29 20:57:43 +00:00
use Illuminate\Session\Middleware\StartSession;
use Pterodactyl\Http\Middleware\EncryptCookies;
use Pterodactyl\Http\Middleware\VerifyCsrfToken;
use Pterodactyl\Http\Middleware\VerifyReCaptcha;
use Pterodactyl\Http\Middleware\AdminAuthenticate;
use Illuminate\Routing\Middleware\ThrottleRequests;
use Pterodactyl\Http\Middleware\LanguageMiddleware;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
use Pterodactyl\Http\Middleware\Api\AuthenticateKey;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Pterodactyl\Http\Middleware\AccessingValidServer;
use Pterodactyl\Http\Middleware\Api\SetSessionDriver;
use Illuminate\Session\Middleware\AuthenticateSession;
2017-10-29 20:57:43 +00:00
use Illuminate\View\Middleware\ShareErrorsFromSession;
use Pterodactyl\Http\Middleware\MaintenanceMiddleware;
2017-10-29 20:57:43 +00:00
use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
use Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess;
use Pterodactyl\Http\Middleware\Api\ApiSubstituteBindings;
use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
2017-10-29 20:57:43 +00:00
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
2017-10-29 17:37:25 +00:00
use Pterodactyl\Http\Middleware\Server\AuthenticateAsSubuser;
use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate;
use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer;
2017-10-29 20:57:43 +00:00
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer;
use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer;
2017-10-29 20:57:43 +00:00
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
use Pterodactyl\Http\Middleware\Api\Client\SubstituteClientApiBindings;
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
2017-11-04 22:16:44 +00:00
use Pterodactyl\Http\Middleware\DaemonAuthenticate as OldDaemonAuthenticate;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
2017-10-29 20:57:43 +00:00
CheckForMaintenanceMode::class,
ValidatePostSize::class,
2017-10-29 20:57:43 +00:00
TrimStrings::class,
ConvertEmptyStringsToNull::class,
2017-10-29 20:57:43 +00:00
TrustProxies::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
2017-10-29 20:57:43 +00:00
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
AuthenticateSession::class,
2017-10-29 20:57:43 +00:00
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
LanguageMiddleware::class,
RequireTwoFactorAuthentication::class,
],
'api' => [
2018-01-19 03:36:15 +00:00
'throttle:120,1',
ApiSubstituteBindings::class,
SetSessionDriver::class,
'api..key:' . ApiKey::TYPE_APPLICATION,
AuthenticateApplicationUser::class,
AuthenticateIPAccess::class,
],
'client-api' => [
'throttle:60,1',
SubstituteClientApiBindings::class,
SetSessionDriver::class,
'api..key:' . ApiKey::TYPE_ACCOUNT,
AuthenticateIPAccess::class,
],
'daemon' => [
SubstituteBindings::class,
2017-11-04 22:16:44 +00:00
DaemonAuthenticate::class,
],
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
2017-10-29 20:57:43 +00:00
'auth' => Authenticate::class,
'auth.basic' => AuthenticateWithBasicAuth::class,
'guest' => RedirectIfAuthenticated::class,
'server' => AccessingValidServer::class,
2017-10-29 17:37:25 +00:00
'subuser.auth' => AuthenticateAsSubuser::class,
2017-10-29 20:57:43 +00:00
'admin' => AdminAuthenticate::class,
2017-11-04 22:16:44 +00:00
'daemon-old' => OldDaemonAuthenticate::class,
2017-10-29 20:57:43 +00:00
'csrf' => VerifyCsrfToken::class,
'throttle' => ThrottleRequests::class,
'can' => Authorize::class,
'bindings' => SubstituteBindings::class,
'recaptcha' => VerifyReCaptcha::class,
2018-05-31 14:40:18 +00:00
'node.maintenance' => MaintenanceMiddleware::class,
// Server specific middleware (used for authenticating access to resources)
//
2018-05-13 14:50:56 +00:00
// These are only used for individual server authentication, and not global
// actions from other resources. They are defined in the route files.
'server..database' => DatabaseBelongsToServer::class,
'server..subuser' => SubuserBelongsToServer::class,
'server..schedule' => ScheduleBelongsToServer::class,
// API Specific Middleware
'api..key' => AuthenticateKey::class,
];
}