Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'develop' into fix/trusted-proxies

Browse source
This commit is contained in:
Jakob 2017-02-03 00:38:58 +01:00 committed by GitHub
commit 19567ee311
24 changed files with 5449 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.gitignore vendored
View file

@ -1,12 +1,4 @@
/vendor /vendor
*.DS_Store* *.DS_Store*
.env .env
.vagrant/* node_modules
composer.lock
Homestead.yaml
Vagrantfile
Vagrantfile
node_modules

5
CHANGELOG.md
View file

@ -10,16 +10,17 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
* Users can now have a username as well as client name assigned to their account. * Users can now have a username as well as client name assigned to their account.
* Ability to create a node through the CLI using `pterodactyl:node` as well as locations via `pterodactyl:location`. * Ability to create a node through the CLI using `pterodactyl:node` as well as locations via `pterodactyl:location`.
* New theme (AdminLTE) for front-end with tweaks to backend files to work properly with it. * New theme (AdminLTE) for front-end with tweaks to backend files to work properly with it.
* Add support for PhraseApp's in-context editor
### Fixed ### Fixed
* Bug causing error logs to be spammed if someone timed out on an ajax based page. * Bug causing error logs to be spammed if someone timed out on an ajax based page.
* Fixes edge case where specific server names could cause daemon errors due to an invalid SFTP username being created by the panel. * Fixes edge case where specific server names could cause daemon errors due to an invalid SFTP username being created by the panel.
* Fixes sessions being removed on browser close, and set sessions to idle for up to 3 hours before being marked as expired.
### Changed ### Changed
* Admin API and base routes for user management now define the fields that should be passed to repositories rather than passing all fields. * Admin API and base routes for user management now define the fields that should be passed to repositories rather than passing all fields.
* User model now defines mass assignment fields using `$fillable` rather than `$guarded`. * User model now defines mass assignment fields using `$fillable` rather than `$guarded`.
* 2FA checkpoint on login is now its own page, and not an AJAX based call. Improves security on that front.
### Deprecated
## v0.5.6 (Bodacious Boreopterus) ## v0.5.6 (Bodacious Boreopterus)
### Added ### Added

3
app/Console/Commands/UpdateEmailSettings.php
View file

@ -155,6 +155,9 @@ class UpdateEmailSettings extends Command
file_put_contents($file, $envContents); file_put_contents($file, $envContents);
$bar->finish(); $bar->finish();
$this->line('Updating evironment configuration cache file.');
$this->call('config:cache');
echo "\n"; echo "\n";
} }
} }

3
app/Console/Commands/UpdateEnvironment.php
View file

@ -150,6 +150,9 @@ class UpdateEnvironment extends Command
file_put_contents($file, $envContents); file_put_contents($file, $envContents);
$bar->finish(); $bar->finish();
$this->line('Updating evironment configuration cache file.');
$this->call('config:cache');
echo "\n"; echo "\n";
} }
} }

46
app/Extensions/PhraseAppTranslator.php Normal file
View file

@ -0,0 +1,46 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Extensions;
use Illuminate\Translation\Translator as LaravelTranslator;
class PhraseAppTranslator extends LaravelTranslator
{
/**
* Get the translation for the given key.
*
* @param string $key
* @param array $replace
* @param string|null $locale
* @param bool $fallback
* @return string|array|null
*/
public function get($key, array $replace = [], $locale = null, $fallback = true)
{
$key = substr($key, strpos($key, '.') + 1);
return "{{__phrase_${key}__}}";
}
}

5
app/Http/Controllers/API/ServerController.php
View file

@ -117,7 +117,10 @@ class ServerController extends BaseController
} }
// Requested Daemon Stats // Requested Daemon Stats
$server = $query->first(); $server = $query->with(
'allocations',
'pack'
)->first();
if ($request->input('daemon') === 'true') { if ($request->input('daemon') === 'true') {
$node = Models\Node::findOrFail($server->node); $node = Models\Node::findOrFail($server->node);
$client = Models\Node::guzzleRequest($node->id); $client = Models\Node::guzzleRequest($node->id);

1
app/Http/Controllers/API/ServiceController.php
View file

@ -55,6 +55,7 @@ class ServiceController extends BaseController
'options' => Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image') 'options' => Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image')
->where('parent_service', $service->id) ->where('parent_service', $service->id)
->with('variables') ->with('variables')
->with('packs')
->get(), ->get(),
]; ];
} }

72
app/Http/Controllers/Auth/LoginController.php
View file

@ -27,6 +27,7 @@ namespace Pterodactyl\Http\Controllers\Auth;
use Auth; use Auth;
use Alert; use Alert;
use Cache;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA; use PragmaRX\Google2FA\Google2FA;
@ -110,33 +111,62 @@ class LoginController extends Controller
} }
// Verify TOTP Token was Valid // Verify TOTP Token was Valid
if (Auth::user()->use_totp === 1) { if (Auth::user()->use_totp) {
$G2FA = new Google2FA(); $verifyKey = str_random(64);
if (is_null($request->input('totp_token')) || ! $G2FA->verifyKey(Auth::user()->totp_secret, $request->input('totp_token'))) { Cache::put($verifyKey, Auth::user()->id, 5);
if (! $lockedOut) {
$this->incrementLoginAttempts($request);
}
Alert::danger(trans('auth.totp_failed'))->flash(); return redirect()->route('auth.totp')->with('authentication_token', $verifyKey);
} else {
Auth::login(Auth::user(), $request->has('remember'));
return $this->sendFailedLoginResponse($request); return $this->sendLoginResponse($request);
} }
}
public function totp(Request $request)
{
$verifyKey = $request->session()->get('authentication_token');
if (is_null($verifyKey) || Auth::user()) {
return redirect()->route('auth.login');
} }
// Successfully Authenticated. return view('auth.totp', [
Auth::login(Auth::user(), $request->has('remember')); 'verify_key' => $verifyKey,
'remember' => $request->has('remember'),
return $this->sendLoginResponse($request); ]);
} }
/** public function totpCheckpoint(Request $request)
* Check if the provided user has TOTP enabled.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function checkTotp(Request $request)
{ {
return response()->json(User::select('id')->where('email', $request->input('email'))->where('use_totp', 1)->first()); $G2FA = new Google2FA();
if (is_null($request->input('verify_token'))) {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.login');
}
$user = User::where('id', Cache::pull($request->input('verify_token')))->first();
if (! $user) {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.login');
}
if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'), 1)) {
Auth::login($user, $request->has('remember'));
return redirect()->intended($this->redirectPath());
} else {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.2fa_failed'))->flash();
return redirect()->route('auth.login');
}
} }
} }

8
app/Http/Routes/AuthRoutes.php
View file

@ -51,9 +51,13 @@ class AuthRoutes
'uses' => 'Auth\LoginController@login', 'uses' => 'Auth\LoginController@login',
]); ]);
// Determine if we need to ask for a TOTP Token $router->get('login/totp', [
'as' => 'auth.totp',
'uses' => 'Auth\LoginController@totp',
]);
$router->post('login/totp', [ $router->post('login/totp', [
'uses' => 'Auth\LoginController@checkTotp', 'uses' => 'Auth\LoginController@totpCheckpoint',
]); ]);
// Show Password Reset Form // Show Password Reset Form

50
app/Models/Server.php
View file

@ -208,4 +208,54 @@ class Server extends Model
return []; return [];
} }
/**
* Gets all allocations associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function allocations()
{
return $this->hasMany(Allocation::class, 'assigned_to');
}
/**
* Gets information for the pack associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasOne
*/
public function pack()
{
return $this->hasOne(ServicePack::class, 'id', 'pack');
}
/**
* Gets information for the service associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasOne
*/
public function service()
{
return $this->hasOne(Service::class, 'id', 'service');
}
/**
* Gets information for the service option associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasOne
*/
public function option()
{
return $this->hasOne(ServiceOptions::class, 'id', 'option');
}
/**
* Gets information for the service variables associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function variables()
{
return $this->hasMany(ServerVariables::class);
}
} }

10
app/Models/ServiceOptions.php
View file

@ -60,4 +60,14 @@ class ServiceOptions extends Model
{ {
return $this->hasMany(ServiceVariables::class, 'option_id'); return $this->hasMany(ServiceVariables::class, 'option_id');
} }
/**
* Gets all packs associated with this service.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function packs()
{
return $this->hasMany(ServicePack::class, 'option');
}
} }

2
app/Models/User.php
View file

@ -105,7 +105,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
*/ */
public function toggleTotp($token) public function toggleTotp($token)
{ {
if (! Google2FA::verifyKey($this->totp_secret, $token)) { if (! Google2FA::verifyKey($this->totp_secret, $token, 1)) {
return false; return false;
} }

61
app/Providers/PhraseAppTranslationProvider.php Normal file
View file

@ -0,0 +1,61 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Providers;
use Pterodactyl\Extensions\PhraseAppTranslator;
use Illuminate\Translation\TranslationServiceProvider;
use Illuminate\Translation\Translator as IlluminateTranslator;
class PhraseAppTranslationProvider extends TranslationServiceProvider
{
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
$this->registerLoader();
$this->app->singleton('translator', function ($app) {
$loader = $app['translation.loader'];
// When registering the translator component, we'll need to set the default
// locale as well as the fallback locale. So, we'll grab the application
// configuration so we can easily get both of these values from there.
$locale = $app['config']['app.locale'];
if ($app['config']['app.phrase_in_context']) {
$trans = new PhraseAppTranslator($loader, $locale);
} else {
$trans = new IlluminateTranslator($loader, $locale);
}
$trans->setFallback($app['config']['app.fallback_locale']);
return $trans;
});
}
}

17
composer.json
View file

@ -61,27 +61,18 @@
], ],
"post-install-cmd": [ "post-install-cmd": [
"Illuminate\\Foundation\\ComposerScripts::postInstall", "Illuminate\\Foundation\\ComposerScripts::postInstall",
"php artisan optimize" "php artisan optimize",
"php artisan config:cache"
], ],
"post-update-cmd": [ "post-update-cmd": [
"Illuminate\\Foundation\\ComposerScripts::postUpdate", "Illuminate\\Foundation\\ComposerScripts::postUpdate",
"php artisan optimize" "php artisan optimize",
], "php artisan config:cache"
"setup-dev": [
"composer install",
"php -r \"copy('.env.example', '.env');\"",
"php vendor/bin/homestead make --ip=192.168.10.32",
"sed -i.bak 's/homestead.app/pterodactyl.local/g' Homestead.yaml",
"rm Homestead.yaml.bak",
"php artisan key:generate"
], ],
"setup": [ "setup": [
"composer install --ansi --no-dev", "composer install --ansi --no-dev",
"php -r \"file_exists('.env') || copy('.env.example', '.env');\"", "php -r \"file_exists('.env') || copy('.env.example', '.env');\"",
"php artisan key:generate" "php artisan key:generate"
],
"upgrade": [
"composer update --ansi --no-dev"
] ]
}, },
"config": { "config": {

5129
composer.lock generated Normal file
View file

File diff suppressed because it is too large Load diff

4
config/app.php
View file

@ -6,6 +6,8 @@ return [
'version' => env('APP_VERSION', 'canary'), 'version' => env('APP_VERSION', 'canary'),
'phrase_in_context' => env('PHRASE_IN_CONTEXT', false),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Application Debug Mode | Application Debug Mode
@ -137,7 +139,6 @@ return [
Illuminate\Redis\RedisServiceProvider::class, Illuminate\Redis\RedisServiceProvider::class,
Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
Illuminate\Session\SessionServiceProvider::class, Illuminate\Session\SessionServiceProvider::class,
Illuminate\Translation\TranslationServiceProvider::class,
Illuminate\Validation\ValidationServiceProvider::class, Illuminate\Validation\ValidationServiceProvider::class,
Illuminate\View\ViewServiceProvider::class, Illuminate\View\ViewServiceProvider::class,
Illuminate\Notifications\NotificationServiceProvider::class, Illuminate\Notifications\NotificationServiceProvider::class,
@ -149,6 +150,7 @@ return [
Pterodactyl\Providers\AuthServiceProvider::class, Pterodactyl\Providers\AuthServiceProvider::class,
Pterodactyl\Providers\EventServiceProvider::class, Pterodactyl\Providers\EventServiceProvider::class,
Pterodactyl\Providers\RouteServiceProvider::class, Pterodactyl\Providers\RouteServiceProvider::class,
Pterodactyl\Providers\PhraseAppTranslationProvider::class,
/* /*
* Additional Dependencies * Additional Dependencies

4
config/session.php
View file

@ -29,9 +29,9 @@ return [
| |
*/ */
'lifetime' => 30, 'lifetime' => 120,
'expire_on_close' => true, 'expire_on_close' => false,
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------

8
public/js/phraseapp.js Normal file
View file

@ -0,0 +1,8 @@
window.PHRASEAPP_CONFIG = {
projectId: '94f8b39450cd749ae9c3cc0ab8cdb61d'
};
(function() {
var phraseapp = document.createElement('script'); phraseapp.type = 'text/javascript'; phraseapp.async = true;
phraseapp.src = ['https://', 'phraseapp.com/assets/in-context-editor/2.0/app.js?', new Date().getTime()].join('');
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(phraseapp, s);
})();

13
public/themes/pterodactyl/css/pterodactyl.css
View file

@ -20,10 +20,17 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
*/ */
.login-box, .register-box {
width: 40%;
margin: 7% auto
}
.login-box, .register-box { @media (max-width:768px) {
width: 460px; .login-box, .register-box {
} width: 90%;
margin-top: 20px
}
}
.weight-100 { .weight-100 {
font-weight: 100; font-weight: 100;

2
resources/lang/en/auth.php
View file

@ -15,4 +15,6 @@ return [
'throttle' => 'Too many login attempts. Please try again in :seconds seconds.', 'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
'password_requirements' => 'Passwords must contain at least one uppercase, lowecase, and numeric character and must be at least 8 characters in length.', 'password_requirements' => 'Passwords must contain at least one uppercase, lowecase, and numeric character and must be at least 8 characters in length.',
'request_reset' => 'Locate Account', 'request_reset' => 'Locate Account',
'2fa_required' => '2-Factor Authentication',
'2fa_failed' => 'The 2FA token provided was invalid.',
]; ];

2
resources/themes/pterodactyl/auth/login.blade.php
View file

@ -57,7 +57,7 @@
<div class="row"> <div class="row">
<div class="col-xs-8"> <div class="col-xs-8">
<div class="form-group has-feedback"> <div class="form-group has-feedback">
<input type="checkbox" name="remember_me" id="remember_me" /> <label for="remember_me" class="weight-300">@lang('auth.remember_me')</label> <input type="checkbox" name="remember" id="remember" /> <label for="remember" class="weight-300">@lang('auth.remember_me')</label>
</div> </div>
</div> </div>
<div class="col-xs-4"> <div class="col-xs-4">

46
resources/themes/pterodactyl/auth/totp.blade.php Normal file
View file

@ -0,0 +1,46 @@
{{-- Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> --}}
{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}}
{{-- of this software and associated documentation files (the "Software"), to deal --}}
{{-- in the Software without restriction, including without limitation the rights --}}
{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}}
{{-- copies of the Software, and to permit persons to whom the Software is --}}
{{-- furnished to do so, subject to the following conditions: --}}
{{-- The above copyright notice and this permission notice shall be included in all --}}
{{-- copies or substantial portions of the Software. --}}
{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}}
{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}}
{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}}
{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}}
{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}}
{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}}
{{-- SOFTWARE. --}}
@extends('layouts.auth')
@section('title')
2FA Checkpoint
@endsection
@section('content')
<div class="login-box-body">
<p class="login-box-msg">@lang('auth.2fa_required')</p>
<form action="{{ route('auth.totp') }}" method="POST">
<div class="form-group">
<input type="text" name="2fa_token" class="form-control" placeholder="@lang('strings.2fa_token')">
<span class="fa fa-lock form-control-feedback"></span>
</div>
<div class="row">
<div class="col-xs-12">
{!! csrf_field() !!}
<input type="hidden" name="verify_token" value="{{ $verify_key }}" />
@if($remember)
<input type="hidden" name="remember" value="true" />
@endif
<button type="submit" class="btn btn-primary btn-block btn-flat">@lang('strings.submit')</button>
</div>
</div>
</form>
</div>
@endsection

2
resources/themes/pterodactyl/layouts/auth.blade.php
View file

@ -49,5 +49,7 @@
</div> </div>
{!! Theme::js('js/vendor/jquery/jquery.min.js') !!} {!! Theme::js('js/vendor/jquery/jquery.min.js') !!}
{!! Theme::js('vendor/bootstrap/bootstrap.min.js') !!} {!! Theme::js('vendor/bootstrap/bootstrap.min.js') !!}
@if(config('app.phrase_in_context')) {!! Theme::js('js/phraseapp.js') !!} @endif
</body> </body>
</html> </html>

2
resources/themes/pterodactyl/layouts/master.blade.php
View file

@ -281,6 +281,8 @@
{!! Theme::js('vendor/adminlte/app.min.js') !!} {!! Theme::js('vendor/adminlte/app.min.js') !!}
{!! Theme::js('js/vendor/socketio/socket.io.min.js') !!} {!! Theme::js('js/vendor/socketio/socket.io.min.js') !!}
{!! Theme::js('vendor/bootstrap-notify/bootstrap-notify.min.js') !!} {!! Theme::js('vendor/bootstrap-notify/bootstrap-notify.min.js') !!}
@if(config('app.phrase_in_context')) {!! Theme::js('js/phraseapp.js') !!} @endif
@show @show
</body> </body>
</html> </html>