Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'develop' into fix/trusted-proxies

Browse source
This commit is contained in:
Jakob 2017-02-03 00:38:58 +01:00 committed by GitHub
commit 19567ee311
24 changed files with 5449 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.gitignore vendored
View file

@ -1,12 +1,4 @@
/vendor
*.DS_Store*
.env
.vagrant/*
composer.lock
Homestead.yaml
Vagrantfile
Vagrantfile
node_modules

5
CHANGELOG.md
View file

@ -10,16 +10,17 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
* Users can now have a username as well as client name assigned to their account.
* Ability to create a node through the CLI using `pterodactyl:node` as well as locations via `pterodactyl:location`.
* New theme (AdminLTE) for front-end with tweaks to backend files to work properly with it.
* Add support for PhraseApp's in-context editor
### Fixed
* Bug causing error logs to be spammed if someone timed out on an ajax based page.
* Fixes edge case where specific server names could cause daemon errors due to an invalid SFTP username being created by the panel.
* Fixes sessions being removed on browser close, and set sessions to idle for up to 3 hours before being marked as expired.
### Changed
* Admin API and base routes for user management now define the fields that should be passed to repositories rather than passing all fields.
* User model now defines mass assignment fields using `$fillable` rather than `$guarded`.
### Deprecated
* 2FA checkpoint on login is now its own page, and not an AJAX based call. Improves security on that front.
## v0.5.6 (Bodacious Boreopterus)
### Added

3
app/Console/Commands/UpdateEmailSettings.php
View file

@ -155,6 +155,9 @@ class UpdateEmailSettings extends Command
file_put_contents($file, $envContents);
$bar->finish();
$this->line('Updating evironment configuration cache file.');
$this->call('config:cache');
echo "\n";
}
}

3
app/Console/Commands/UpdateEnvironment.php
View file

@ -150,6 +150,9 @@ class UpdateEnvironment extends Command
file_put_contents($file, $envContents);
$bar->finish();
$this->line('Updating evironment configuration cache file.');
$this->call('config:cache');
echo "\n";
}
}

46
app/Extensions/PhraseAppTranslator.php Normal file
View file

@ -0,0 +1,46 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Extensions;
use Illuminate\Translation\Translator as LaravelTranslator;
class PhraseAppTranslator extends LaravelTranslator
{
/**
* Get the translation for the given key.
*
* @param string $key
* @param array $replace
* @param string|null $locale
* @param bool $fallback
* @return string|array|null
*/
public function get($key, array $replace = [], $locale = null, $fallback = true)
{
$key = substr($key, strpos($key, '.') + 1);
return "{{__phrase_${key}__}}";
}
}

5
app/Http/Controllers/API/ServerController.php
View file

@ -117,7 +117,10 @@ class ServerController extends BaseController
}
// Requested Daemon Stats
$server = $query->first();
$server = $query->with(
'allocations',
'pack'
)->first();
if ($request->input('daemon') === 'true') {
$node = Models\Node::findOrFail($server->node);
$client = Models\Node::guzzleRequest($node->id);

1
app/Http/Controllers/API/ServiceController.php
View file

@ -55,6 +55,7 @@ class ServiceController extends BaseController
'options' => Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image')
->where('parent_service', $service->id)
->with('variables')
->with('packs')
->get(),
];
}

72
app/Http/Controllers/Auth/LoginController.php
View file

@ -27,6 +27,7 @@ namespace Pterodactyl\Http\Controllers\Auth;
use Auth;
use Alert;
use Cache;
use Illuminate\Http\Request;
use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA;
@ -110,33 +111,62 @@ class LoginController extends Controller
}
// Verify TOTP Token was Valid
if (Auth::user()->use_totp === 1) {
$G2FA = new Google2FA();
if (is_null($request->input('totp_token')) || ! $G2FA->verifyKey(Auth::user()->totp_secret, $request->input('totp_token'))) {
if (! $lockedOut) {
$this->incrementLoginAttempts($request);
}
if (Auth::user()->use_totp) {
$verifyKey = str_random(64);
Cache::put($verifyKey, Auth::user()->id, 5);
Alert::danger(trans('auth.totp_failed'))->flash();
return $this->sendFailedLoginResponse($request);
}
}
// Successfully Authenticated.
return redirect()->route('auth.totp')->with('authentication_token', $verifyKey);
} else {
Auth::login(Auth::user(), $request->has('remember'));
return $this->sendLoginResponse($request);
}
}
/**
* Check if the provided user has TOTP enabled.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function checkTotp(Request $request)
public function totp(Request $request)
{
return response()->json(User::select('id')->where('email', $request->input('email'))->where('use_totp', 1)->first());
$verifyKey = $request->session()->get('authentication_token');
if (is_null($verifyKey) || Auth::user()) {
return redirect()->route('auth.login');
}
return view('auth.totp', [
'verify_key' => $verifyKey,
'remember' => $request->has('remember'),
]);
}
public function totpCheckpoint(Request $request)
{
$G2FA = new Google2FA();
if (is_null($request->input('verify_token'))) {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.login');
}
$user = User::where('id', Cache::pull($request->input('verify_token')))->first();
if (! $user) {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.login');
}
if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'), 1)) {
Auth::login($user, $request->has('remember'));
return redirect()->intended($this->redirectPath());
} else {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.2fa_failed'))->flash();
return redirect()->route('auth.login');
}
}
}

8
app/Http/Routes/AuthRoutes.php
View file

@ -51,9 +51,13 @@ class AuthRoutes
'uses' => 'Auth\LoginController@login',
]);
// Determine if we need to ask for a TOTP Token
$router->get('login/totp', [
'as' => 'auth.totp',
'uses' => 'Auth\LoginController@totp',
]);
$router->post('login/totp', [
'uses' => 'Auth\LoginController@checkTotp',
'uses' => 'Auth\LoginController@totpCheckpoint',
]);
// Show Password Reset Form

50
app/Models/Server.php
View file

@ -208,4 +208,54 @@ class Server extends Model
return [];
}
/**
* Gets all allocations associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function allocations()
{
return $this->hasMany(Allocation::class, 'assigned_to');
}
/**
* Gets information for the pack associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasOne
*/
public function pack()
{
return $this->hasOne(ServicePack::class, 'id', 'pack');
}
/**
* Gets information for the service associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasOne
*/
public function service()
{
return $this->hasOne(Service::class, 'id', 'service');
}
/**
* Gets information for the service option associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasOne
*/
public function option()
{
return $this->hasOne(ServiceOptions::class, 'id', 'option');
}
/**
* Gets information for the service variables associated with this server.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function variables()
{
return $this->hasMany(ServerVariables::class);
}
}

10
app/Models/ServiceOptions.php
View file

@ -60,4 +60,14 @@ class ServiceOptions extends Model
{
return $this->hasMany(ServiceVariables::class, 'option_id');
}
/**
* Gets all packs associated with this service.
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function packs()
{
return $this->hasMany(ServicePack::class, 'option');
}
}

2
app/Models/User.php
View file

@ -105,7 +105,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
*/
public function toggleTotp($token)
{
if (! Google2FA::verifyKey($this->totp_secret, $token)) {
if (! Google2FA::verifyKey($this->totp_secret, $token, 1)) {
return false;
}

61
app/Providers/PhraseAppTranslationProvider.php Normal file
View file

@ -0,0 +1,61 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Providers;
use Pterodactyl\Extensions\PhraseAppTranslator;
use Illuminate\Translation\TranslationServiceProvider;
use Illuminate\Translation\Translator as IlluminateTranslator;
class PhraseAppTranslationProvider extends TranslationServiceProvider
{
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
$this->registerLoader();
$this->app->singleton('translator', function ($app) {
$loader = $app['translation.loader'];
// When registering the translator component, we'll need to set the default
// locale as well as the fallback locale. So, we'll grab the application
// configuration so we can easily get both of these values from there.
$locale = $app['config']['app.locale'];
if ($app['config']['app.phrase_in_context']) {
$trans = new PhraseAppTranslator($loader, $locale);
} else {
$trans = new IlluminateTranslator($loader, $locale);
}
$trans->setFallback($app['config']['app.fallback_locale']);
return $trans;
});
}
}

17
composer.json
View file

@ -61,27 +61,18 @@
],
"post-install-cmd": [
"Illuminate\\Foundation\\ComposerScripts::postInstall",
"php artisan optimize"
"php artisan optimize",
"php artisan config:cache"
],
"post-update-cmd": [
"Illuminate\\Foundation\\ComposerScripts::postUpdate",
"php artisan optimize"
],
"setup-dev": [
"composer install",
"php -r \"copy('.env.example', '.env');\"",
"php vendor/bin/homestead make --ip=192.168.10.32",
"sed -i.bak 's/homestead.app/pterodactyl.local/g' Homestead.yaml",
"rm Homestead.yaml.bak",
"php artisan key:generate"
"php artisan optimize",
"php artisan config:cache"
],
"setup": [
"composer install --ansi --no-dev",
"php -r \"file_exists('.env') || copy('.env.example', '.env');\"",
"php artisan key:generate"
],
"upgrade": [
"composer update --ansi --no-dev"
]
},
"config": {

5129
composer.lock generated Normal file
View file

File diff suppressed because it is too large Load diff

4
config/app.php
View file

@ -6,6 +6,8 @@ return [
'version' => env('APP_VERSION', 'canary'),
'phrase_in_context' => env('PHRASE_IN_CONTEXT', false),
/*
|--------------------------------------------------------------------------
| Application Debug Mode
@ -137,7 +139,6 @@ return [
Illuminate\Redis\RedisServiceProvider::class,
Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
Illuminate\Session\SessionServiceProvider::class,
Illuminate\Translation\TranslationServiceProvider::class,
Illuminate\Validation\ValidationServiceProvider::class,
Illuminate\View\ViewServiceProvider::class,
Illuminate\Notifications\NotificationServiceProvider::class,
@ -149,6 +150,7 @@ return [
Pterodactyl\Providers\AuthServiceProvider::class,
Pterodactyl\Providers\EventServiceProvider::class,
Pterodactyl\Providers\RouteServiceProvider::class,
Pterodactyl\Providers\PhraseAppTranslationProvider::class,
/*
* Additional Dependencies

4
config/session.php
View file

@ -29,9 +29,9 @@ return [
|
*/
'lifetime' => 30,
'lifetime' => 120,
'expire_on_close' => true,
'expire_on_close' => false,
/*
|--------------------------------------------------------------------------

8
public/js/phraseapp.js Normal file
View file

@ -0,0 +1,8 @@
window.PHRASEAPP_CONFIG = {
projectId: '94f8b39450cd749ae9c3cc0ab8cdb61d'
};
(function() {
var phraseapp = document.createElement('script'); phraseapp.type = 'text/javascript'; phraseapp.async = true;
phraseapp.src = ['https://', 'phraseapp.com/assets/in-context-editor/2.0/app.js?', new Date().getTime()].join('');
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(phraseapp, s);
})();

11
public/themes/pterodactyl/css/pterodactyl.css
View file

@ -20,9 +20,16 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
.login-box, .register-box {
width: 460px;
width: 40%;
margin: 7% auto
}
@media (max-width:768px) {
.login-box, .register-box {
width: 90%;
margin-top: 20px
}
}
.weight-100 {

2
resources/lang/en/auth.php
View file

@ -15,4 +15,6 @@ return [
'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
'password_requirements' => 'Passwords must contain at least one uppercase, lowecase, and numeric character and must be at least 8 characters in length.',
'request_reset' => 'Locate Account',
'2fa_required' => '2-Factor Authentication',
'2fa_failed' => 'The 2FA token provided was invalid.',
];

2
resources/themes/pterodactyl/auth/login.blade.php
View file

@ -57,7 +57,7 @@
<div class="row">
<div class="col-xs-8">
<div class="form-group has-feedback">
<input type="checkbox" name="remember_me" id="remember_me" /> <label for="remember_me" class="weight-300">@lang('auth.remember_me')</label>
<input type="checkbox" name="remember" id="remember" /> <label for="remember" class="weight-300">@lang('auth.remember_me')</label>
</div>
</div>
<div class="col-xs-4">

46
resources/themes/pterodactyl/auth/totp.blade.php Normal file
View file

@ -0,0 +1,46 @@
{{-- Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> --}}
{{-- Permission is hereby granted, free of charge, to any person obtaining a copy --}}
{{-- of this software and associated documentation files (the "Software"), to deal --}}
{{-- in the Software without restriction, including without limitation the rights --}}
{{-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell --}}
{{-- copies of the Software, and to permit persons to whom the Software is --}}
{{-- furnished to do so, subject to the following conditions: --}}
{{-- The above copyright notice and this permission notice shall be included in all --}}
{{-- copies or substantial portions of the Software. --}}
{{-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR --}}
{{-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, --}}
{{-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE --}}
{{-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER --}}
{{-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, --}}
{{-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE --}}
{{-- SOFTWARE. --}}
@extends('layouts.auth')
@section('title')
2FA Checkpoint
@endsection
@section('content')
<div class="login-box-body">
<p class="login-box-msg">@lang('auth.2fa_required')</p>
<form action="{{ route('auth.totp') }}" method="POST">
<div class="form-group">
<input type="text" name="2fa_token" class="form-control" placeholder="@lang('strings.2fa_token')">
<span class="fa fa-lock form-control-feedback"></span>
</div>
<div class="row">
<div class="col-xs-12">
{!! csrf_field() !!}
<input type="hidden" name="verify_token" value="{{ $verify_key }}" />
@if($remember)
<input type="hidden" name="remember" value="true" />
@endif
<button type="submit" class="btn btn-primary btn-block btn-flat">@lang('strings.submit')</button>
</div>
</div>
</form>
</div>
@endsection

2
resources/themes/pterodactyl/layouts/auth.blade.php
View file

@ -49,5 +49,7 @@
</div>
{!! Theme::js('js/vendor/jquery/jquery.min.js') !!}
{!! Theme::js('vendor/bootstrap/bootstrap.min.js') !!}
@if(config('app.phrase_in_context')) {!! Theme::js('js/phraseapp.js') !!} @endif
</body>
</html>

2
resources/themes/pterodactyl/layouts/master.blade.php
View file

@ -281,6 +281,8 @@
{!! Theme::js('vendor/adminlte/app.min.js') !!}
{!! Theme::js('js/vendor/socketio/socket.io.min.js') !!}
{!! Theme::js('vendor/bootstrap-notify/bootstrap-notify.min.js') !!}
@if(config('app.phrase_in_context')) {!! Theme::js('js/phraseapp.js') !!} @endif
@show
</body>
</html>