misc_pterodactyl-panel/app/Http/Controllers/Auth/AbstractLoginController.php

<?php

namespace Pterodactyl\Http\Controllers\Auth;

use Illuminate\Http\Request;
use Pterodactyl\Models\User;
use Illuminate\Auth\AuthManager;
use Illuminate\Http\JsonResponse;
use Illuminate\Auth\Events\Failed;
use Illuminate\Contracts\Config\Repository;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Http\Controllers\Controller;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

abstract class AbstractLoginController extends Controller
{
    use AuthenticatesUsers;

    /**
     * Lockout time for failed login requests.
     *
     * @var int
     */
    protected $lockoutTime;

    /**
     * After how many attempts should logins be throttled and locked.
     *
     * @var int
     */
    protected $maxLoginAttempts;

    /**
     * Where to redirect users after login / registration.
     *
     * @var string
     */
    protected $redirectTo = '/';

    /**
     * @var \Illuminate\Auth\AuthManager
     */
    protected $auth;

    /**
     * @var \Illuminate\Contracts\Config\Repository
     */
    protected $config;

    /**
     * LoginController constructor.
     *
     * @param \Illuminate\Auth\AuthManager $auth
     * @param \Illuminate\Contracts\Config\Repository $config
     */
    public function __construct(AuthManager $auth, Repository $config)
    {
        $this->lockoutTime = $config->get('auth.lockout.time');
        $this->maxLoginAttempts = $config->get('auth.lockout.attempts');

        $this->auth = $auth;
        $this->config = $config;
    }

    /**
     * Get the failed login response instance.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Illuminate\Contracts\Auth\Authenticatable|null $user
     *
     * @throws \Pterodactyl\Exceptions\DisplayException
     */
    protected function sendFailedLoginResponse(Request $request, Authenticatable $user = null)
    {
        $this->incrementLoginAttempts($request);
        $this->fireFailedLoginEvent($user, [
            $this->getField($request->input('user')) => $request->input('user'),
        ]);

        if ($request->route()->named('auth.login-checkpoint')) {
            throw new DisplayException(trans('auth.two_factor.checkpoint_failed'));
        }

        throw new DisplayException(trans('auth.failed'));
    }

    /**
     * Send the response after the user was authenticated.
     *
     * @param \Pterodactyl\Models\User $user
     * @param \Illuminate\Http\Request $request
     * @return \Illuminate\Http\JsonResponse
     */
    protected function sendLoginResponse(User $user, Request $request): JsonResponse
    {
        $request->session()->regenerate();
        $this->clearLoginAttempts($request);

        $this->auth->guard()->login($user, true);

        return JsonResponse::create([
            'data' => [
                'complete' => true,
                'intended' => $this->redirectPath(),
                'user' => $user->toVueObject(),
            ],
        ]);
    }

    /**
     * Determine if the user is logging in using an email or username,.
     *
     * @param string $input
     * @return string
     */
    protected function getField(string $input = null): string
    {
        return str_contains($input, '@') ? 'email' : 'username';
    }

    /**
     * Fire a failed login event.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable|null $user
     * @param array $credentials
     */
    protected function fireFailedLoginEvent(Authenticatable $user = null, array $credentials = [])
    {
        event(new Failed('auth', $user, $credentials));
    }
}
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`<?php`

			`namespace Pterodactyl\Http\Controllers\Auth;`

			`use Illuminate\Http\Request;`
Fix JWT handling for API access when logging in 2018-05-28 21:59:48 +00:00			`use Pterodactyl\Models\User;`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`use Illuminate\Auth\AuthManager;`
			`use Illuminate\Http\JsonResponse;`
			`use Illuminate\Auth\Events\Failed;`
Finish authentication flow for 2FA 2019-06-22 20:33:11 +00:00			`use Illuminate\Contracts\Config\Repository;`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`use Pterodactyl\Exceptions\DisplayException;`
			`use Pterodactyl\Http\Controllers\Controller;`
			`use Illuminate\Contracts\Auth\Authenticatable;`
			`use Illuminate\Foundation\Auth\AuthenticatesUsers;`

			`abstract class AbstractLoginController extends Controller`
			`{`
Obliterate JWT from codebase 2018-07-15 05:48:09 +00:00			`use AuthenticatesUsers;`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00
			`/**`
			`* Lockout time for failed login requests.`
			`*`
			`* @var int`
			`*/`
			`protected $lockoutTime;`

			`/**`
			`* After how many attempts should logins be throttled and locked.`
			`*`
			`* @var int`
			`*/`
			`protected $maxLoginAttempts;`

			`/**`
			`* Where to redirect users after login / registration.`
			`*`
			`* @var string`
			`*/`
			`protected $redirectTo = '/';`

Finish authentication flow for 2FA 2019-06-22 20:33:11 +00:00			`/**`
			`* @var \Illuminate\Auth\AuthManager`
			`*/`
			`protected $auth;`

			`/**`
			`* @var \Illuminate\Contracts\Config\Repository`
			`*/`
			`protected $config;`

Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`/**`
			`* LoginController constructor.`
			`*`
Format files 2019-09-06 04:32:57 +00:00			`* @param \Illuminate\Auth\AuthManager $auth`
Finish authentication flow for 2FA 2019-06-22 20:33:11 +00:00			`* @param \Illuminate\Contracts\Config\Repository $config`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`*/`
Finish authentication flow for 2FA 2019-06-22 20:33:11 +00:00			`public function __construct(AuthManager $auth, Repository $config)`
			`{`
			`$this->lockoutTime = $config->get('auth.lockout.time');`
			`$this->maxLoginAttempts = $config->get('auth.lockout.attempts');`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00
Finish authentication flow for 2FA 2019-06-22 20:33:11 +00:00			`$this->auth = $auth;`
			`$this->config = $config;`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`}`

			`/**`
			`* Get the failed login response instance.`
			`*`
Format files 2019-09-06 04:32:57 +00:00			`* @param \Illuminate\Http\Request $request`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`* @param \Illuminate\Contracts\Auth\Authenticatable\|null $user`
			`*`
			`* @throws \Pterodactyl\Exceptions\DisplayException`
			`*/`
			`protected function sendFailedLoginResponse(Request $request, Authenticatable $user = null)`
			`{`
			`$this->incrementLoginAttempts($request);`
			`$this->fireFailedLoginEvent($user, [`
			`$this->getField($request->input('user')) => $request->input('user'),`
			`]);`

Show correct auth error. 2018-04-08 21:16:04 +00:00			`if ($request->route()->named('auth.login-checkpoint')) {`
Working login form with password reset functionality. 2018-04-08 20:18:13 +00:00			`throw new DisplayException(trans('auth.two_factor.checkpoint_failed'));`
Cleanup login/reset functionality, address security issue with 2FA pathways 2018-04-07 21:17:51 +00:00			`}`

Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`throw new DisplayException(trans('auth.failed'));`
			`}`

			`/**`
			`* Send the response after the user was authenticated.`
			`*`
Fix JWT handling for API access when logging in 2018-05-28 21:59:48 +00:00			`* @param \Pterodactyl\Models\User $user`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`* @param \Illuminate\Http\Request $request`
			`* @return \Illuminate\Http\JsonResponse`
			`*/`
Fix JWT handling for API access when logging in 2018-05-28 21:59:48 +00:00			`protected function sendLoginResponse(User $user, Request $request): JsonResponse`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`{`
			`$request->session()->regenerate();`
			`$this->clearLoginAttempts($request);`

Fix JWT handling for API access when logging in 2018-05-28 21:59:48 +00:00			`$this->auth->guard()->login($user, true);`

Finish authentication flow for 2FA 2019-06-22 20:33:11 +00:00			`return JsonResponse::create([`
			`'data' => [`
			`'complete' => true,`
			`'intended' => $this->redirectPath(),`
			`'user' => $user->toVueObject(),`
			`],`
Fix JWT handling for API access when logging in 2018-05-28 21:59:48 +00:00			`]);`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`}`

			`/**`
			`* Determine if the user is logging in using an email or username,.`
			`*`
			`* @param string $input`
			`* @return string`
			`*/`
			`protected function getField(string $input = null): string`
			`{`
			`return str_contains($input, '@') ? 'email' : 'username';`
			`}`

			`/**`
			`* Fire a failed login event.`
			`*`
			`* @param \Illuminate\Contracts\Auth\Authenticatable\|null $user`
Format files 2019-09-06 04:32:57 +00:00			`* @param array $credentials`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`*/`
			`protected function fireFailedLoginEvent(Authenticatable $user = null, array $credentials = [])`
			`{`
Fix some issues 2018-12-30 20:45:57 +00:00			`event(new Failed('auth', $user, $credentials));`
Refactor auth controllers to be cleaner and easier to maintain 2018-04-07 17:35:15 +00:00			`}`
			`}`