Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Apply fixes from StyleCI (#364)

Browse source
This commit is contained in:
Dane Everitt 2017-03-31 20:48:35 -04:00 committed by GitHub
parent fe6a19096f
commit 451dd7ebc8
4 changed files with 33 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
app/Events/Auth/FailedCaptcha.php
View file

@ -29,31 +29,31 @@ use Illuminate\Queue\SerializesModels;
class FailedCaptcha class FailedCaptcha
{ {
use SerializesModels; use SerializesModels;
/** /**
* The IP that the request originated from. * The IP that the request originated from.
* *
* @var string * @var string
*/ */
public $ip; public $ip;
/** /**
* The domain that was used to try to verify the request with recaptcha api. * The domain that was used to try to verify the request with recaptcha api.
* *
* @var string * @var string
*/ */
public $domain; public $domain;
/** /**
* Create a new event instance. * Create a new event instance.
* *
* @param string $ip * @param string $ip
* @param string $domain * @param string $domain
* @return void * @return void
*/ */
public function __construct($ip, $domain) public function __construct($ip, $domain)
{ {
$this->ip = $ip; $this->ip = $ip;
$this->domain = $domain; $this->domain = $domain;
} }
} }

2
app/Http/Controllers/Auth/ForgotPasswordController.php
View file

@ -1,7 +1,7 @@
<?php <?php
/** /**
* Pterodactyl - Panel * Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
* *
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal

22
app/Http/Middleware/VerifyReCaptcha.php
View file

@ -3,8 +3,7 @@
namespace Pterodactyl\Http\Middleware; namespace Pterodactyl\Http\Middleware;
use Closure; use Closure;
use Alert; use Pterodactyl\Events\Auth\FailedCaptcha;
use \Pterodactyl\Events\Auth\FailedCaptcha;
class VerifyReCaptcha class VerifyReCaptcha
{ {
@ -17,8 +16,10 @@ class VerifyReCaptcha
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if (!config('recaptcha.enabled')) return $next($request); if (! config('recaptcha.enabled')) {
return $next($request);
}
$response_domain = null; $response_domain = null;
if ($request->has('g-recaptcha-response')) { if ($request->has('g-recaptcha-response')) {
@ -40,20 +41,21 @@ class VerifyReCaptcha
// Compare the domain received by google with the app url // Compare the domain received by google with the app url
$domain_verified = false; $domain_verified = false;
if (config('recaptcha.verify_domain')) { if (config('recaptcha.verify_domain')) {
$matches; $matches;
preg_match('/^(?:https?:\/\/)?((?:www\.)?[^:\/\n]+)/', config('app.url'), $matches); preg_match('/^(?:https?:\/\/)?((?:www\.)?[^:\/\n]+)/', config('app.url'), $matches);
$domain = $matches[1]; $domain = $matches[1];
$domain_verified = $response_domain === $domain; $domain_verified = $response_domain === $domain;
} }
if ($result->success && (!config('recaptcha.verify_domain') || $domain_verified)) { if ($result->success && (! config('recaptcha.verify_domain') || $domain_verified)) {
return $next($request); return $next($request);
} }
} }
} }
// Emit an event and return to the previous view with an error (only the captcha error will be shown!) // Emit an event and return to the previous view with an error (only the captcha error will be shown!)
event(new FailedCaptcha($request->ip(), $response_domain)); event(new FailedCaptcha($request->ip(), $response_domain));
return back()->withErrors(['g-recaptcha-response' => trans('strings.captcha_invalid')])->withInput(); return back()->withErrors(['g-recaptcha-response' => trans('strings.captcha_invalid')])->withInput();
} }
} }

12
config/recaptcha.php
View file

@ -2,25 +2,25 @@
return [ return [
/** /*
* Enable or disable captchas * Enable or disable captchas
*/ */
'enabled' => env('RECAPTCHA_ENABLED', true), 'enabled' => env('RECAPTCHA_ENABLED', true),
/** /*
* Use a custom secret key, we use our public one by default * Use a custom secret key, we use our public one by default
*/ */
'secret_key' => env('RECAPTCHA_SECRET_KEY', '6LekAxoUAAAAAPW-PxNWaCLH76WkClMLSa2jImwD'), 'secret_key' => env('RECAPTCHA_SECRET_KEY', '6LekAxoUAAAAAPW-PxNWaCLH76WkClMLSa2jImwD'),
/** /*
* Use a custom website key, we use our public one by default * Use a custom website key, we use our public one by default
*/ */
'website_key' => env('RECAPTCHA_WEBSITE_KEY' ,'6LekAxoUAAAAADjWZJ4ufcDRZBBiH9vfHawqRbup'), 'website_key' => env('RECAPTCHA_WEBSITE_KEY', '6LekAxoUAAAAADjWZJ4ufcDRZBBiH9vfHawqRbup'),
/** /*
* Domain verification is enabled by default and compares the domain used when solving the captcha * Domain verification is enabled by default and compares the domain used when solving the captcha
* as public keys can't have domain verification on google's side enabled (obviously). * as public keys can't have domain verification on google's side enabled (obviously).
*/ */
'verify_domain' => true, 'verify_domain' => true,
]; ];