Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clean up routes and middleware checking

Browse source
This commit is contained in:
Dane Everitt 2016-01-04 16:09:39 -05:00
parent 99a67127c9
commit 4ae8a45ed3
16 changed files with 321 additions and 101 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Http/Controllers/API/UserController.php
View file

@ -19,7 +19,7 @@ class UserController extends Controller
*/ */
public function __construct() public function __construct()
{ {
$this->middleware('api'); //
} }
public function getAllUsers(Request $request) public function getAllUsers(Request $request)

6
app/Http/Controllers/Admin/AccountsController.php
View file

@ -20,11 +20,7 @@ class AccountsController extends Controller
*/ */
public function __construct() public function __construct()
{ {
//
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
$this->middleware('admin');
} }
public function getIndex(Request $request) public function getIndex(Request $request)

6
app/Http/Controllers/Admin/BaseController.php
View file

@ -15,11 +15,7 @@ class BaseController extends Controller
*/ */
public function __construct() public function __construct()
{ {
//
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
$this->middleware('admin');
} }
public function getIndex(Request $request) public function getIndex(Request $request)

6
app/Http/Controllers/Admin/ServersController.php
View file

@ -23,11 +23,7 @@ class ServersController extends Controller
*/ */
public function __construct() public function __construct()
{ {
//
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
$this->middleware('admin');
} }
public function getIndex(Request $request) public function getIndex(Request $request)

2
app/Http/Controllers/Auth/AuthController.php
View file

@ -64,7 +64,7 @@ class AuthController extends Controller
*/ */
public function __construct() public function __construct()
{ {
$this->middleware('guest', ['except' => 'getLogout']); //
} }
/** /**

4
app/Http/Controllers/Base/IndexController.php
View file

@ -21,9 +21,7 @@ class IndexController extends Controller
*/ */
public function __construct() public function __construct()
{ {
//
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
} }
/** /**

9
app/Http/Controllers/Server/AjaxController.php
View file

@ -38,14 +38,7 @@ class AjaxController extends Controller
*/ */
public function __construct() public function __construct()
{ {
//
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
// Routes in this file are also checked aganist the server middleware. If the user
// does not have permission to view the server it will not load.
$this->middleware('server');
} }
/** /**

9
app/Http/Controllers/Server/ServerController.php
View file

@ -26,14 +26,7 @@ class ServerController extends Controller
*/ */
public function __construct() public function __construct()
{ {
//
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
// Routes in this file are also checked aganist the server middleware. If the user
// does not have permission to view the server it will not load.
$this->middleware('server');
} }
/** /**

9
app/Http/Middleware/CheckServer.php
View file

@ -23,8 +23,13 @@ class CheckServer
return redirect()->guest('auth/login'); return redirect()->guest('auth/login');
} }
if (!Server::getByUUID($request->route()->server)) { $server = Server::getByUUID($request->route()->server);
return redirect('/'); if (!$server) {
return redirect()->route('index');
}
if ($server->installed !== 1) {
return response()->view('errors.installing', [], 503);
} }
return $next($request); return $next($request);

141
app/Http/Routes/AdminRoutes.php
View file

@ -7,47 +7,136 @@ use Illuminate\Routing\Router;
class AdminRoutes { class AdminRoutes {
public function map(Router $router) { public function map(Router $router) {
$router->group(['prefix' => 'admin'], function ($server) use ($router) {
$router->get('/', [ 'as' => 'admin.index', 'uses' => 'Admin\BaseController@getIndex' ]);
// Account Routes // Admin Index
$router->group(['prefix' => 'accounts'], function ($server) use ($router) { $router->get('admin', [
'as' => 'admin.index',
'middleware' => [
'auth',
'admin'
],
'uses' => 'Admin\BaseController@getIndex'
]);
$router->get('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@getNew' ]); $router->group([
$router->post('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@postNew' ]); 'prefix' => 'admin/accounts',
'middleware' => [
'auth',
'admin'
]
], function () use ($router) {
$router->get('/', [ 'as' => 'admin.accounts', 'uses' => 'Admin\AccountsController@getIndex' ]); // View All Accounts on System
$router->get('/view/{id}', [ 'as' => 'admin.accounts.view', 'uses' => 'Admin\AccountsController@getView' ]); $router->get('/', [
'as' => 'admin.accounts',
'uses' => 'Admin\AccountsController@getIndex'
]);
$router->post('/update', [ 'as' => 'admin.accounts.update', 'uses' => 'Admin\AccountsController@postUpdate' ]); // View Specific Account
$router->get('/delete/{id}', [ 'as' => 'admin.accounts.delete', 'uses' => 'Admin\AccountsController@getDelete' ]); $router->get('/view/{id}', [
}); 'as' => 'admin.accounts.view',
'uses' => 'Admin\AccountsController@getView'
]);
// Server Routes // Show Create Account Page
$router->group(['prefix' => 'servers'], function ($server) use ($router) { $router->get('/new', [
'as' => 'admin.accounts.new',
'uses' => 'Admin\AccountsController@getNew'
]);
$router->get('/', [ 'as' => 'admin.servers', 'uses' => 'Admin\ServersController@getIndex' ]); // Handle Creating New Account
$router->get('/new', [ 'as' => 'admin.servers.new', 'uses' => 'Admin\ServersController@getNew' ]); $router->post('/new', [
$router->get('/view/{id}', [ 'as' => 'admin.servers.view', 'uses' => 'Admin\ServersController@getView' ]); 'uses' => 'Admin\AccountsController@postNew'
]);
$router->post('/view/{id}/details', [ 'uses' => 'Admin\ServersController@postUpdateServerDetails' ]); // Update A Specific Account
$router->post('/view/{id}/rebuild', [ 'uses' => 'Admin\ServersController@postUpdateServerToggleBuild' ]); $router->post('/update', [
$router->post('/view/{id}/build', [ 'uses' => 'Admin\ServersController@postUpdateServerUpdateBuild' ]); 'uses' => 'Admin\AccountsController@postUpdate'
$router->delete('/view/{id}/{force?}', [ 'uses' => 'Admin\ServersController@deleteServer' ]); ]);
$router->post('/new', [ 'uses' => 'Admin\ServersController@postNewServer']); // Delete an Account Matching an ID
$router->post('/new/get-nodes', [ 'uses' => 'Admin\ServersController@postNewServerGetNodes' ]); $router->get('/delete/{id}', [
$router->post('/new/get-ips', [ 'uses' => 'Admin\ServersController@postNewServerGetIps' ]); 'uses' => 'Admin\AccountsController@getDelete'
$router->post('/new/service-options', [ 'uses' => 'Admin\ServersController@postNewServerServiceOptions' ]); ]);
$router->post('/new/service-variables', [ 'uses' => 'Admin\ServersController@postNewServerServiceVariables' ]);
});
// Server Routes
$router->group([
'prefix' => 'admin/servers',
'middleware' => [
'auth',
'admin'
]
], function () use ($router) {
// View All Servers
$router->get('/', [
'as' => 'admin.servers',
'uses' => 'Admin\ServersController@getIndex' ]);
// View Create Server Page
$router->get('/new', [
'as' => 'admin.servers.new',
'uses' => 'Admin\ServersController@getNew'
]);
// Handle POST Request for Creating Server
$router->post('/new', [
'uses' => 'Admin\ServersController@postNewServer'
]);
// Assorted Page Helpers
$router->post('/new/get-nodes', [
'uses' => 'Admin\ServersController@postNewServerGetNodes'
]);
$router->post('/new/get-ips', [
'uses' => 'Admin\ServersController@postNewServerGetIps'
]);
$router->post('/new/service-options', [
'uses' => 'Admin\ServersController@postNewServerServiceOptions'
]);
$router->post('/new/service-variables', [
'uses' => 'Admin\ServersController@postNewServerServiceVariables'
]);
// End Assorted Page Helpers
// View Specific Server
$router->get('/view/{id}', [
'as' => 'admin.servers.view',
'uses' => 'Admin\ServersController@getView'
]);
// Change Server Details
$router->post('/view/{id}/details', [
'uses' => 'Admin\ServersController@postUpdateServerDetails'
]);
// Rebuild Server
$router->post('/view/{id}/rebuild', [
'uses' => 'Admin\ServersController@postUpdateServerToggleBuild'
]);
// Change Build Details
$router->post('/view/{id}/build', [
'uses' => 'Admin\ServersController@postUpdateServerUpdateBuild'
]);
});
// Change Install Status // Change Install Status
$router->post('/view/{id}/installed', [ $router->post('/view/{id}/installed', [
'uses' => 'Admin\ServersController@postToggleInstall' 'uses' => 'Admin\ServersController@postToggleInstall'
]); ]);
// Delete [force delete]
$router->delete('/view/{id}/{force?}', [
'uses' => 'Admin\ServersController@deleteServer'
]);
}); });
} }
} }

58
app/Http/Routes/AuthRoutes.php
View file

@ -9,23 +9,63 @@ use Pterodactyl\Models\User as User;
class AuthRoutes { class AuthRoutes {
public function map(Router $router) { public function map(Router $router) {
$router->group(['prefix' => 'auth'], function () use ($router) { $router->group([
'prefix' => 'auth',
'middleware' => [
'guest'
]
], function () use ($router) {
$router->get('login', [ 'as' => 'auth.login', 'uses' => 'Auth\AuthController@getLogin' ]); // Display Login Page
$router->post('login', [ 'uses' => 'Auth\AuthController@postLogin' ]); $router->get('login', [
$router->post('login/totp', [ 'uses' => 'Auth\AuthController@checkTotp' ]); 'as' => 'auth.login',
'uses' => 'Auth\AuthController@getLogin'
]);
// Handle Login
$router->post('login', [
'uses' => 'Auth\AuthController@postLogin'
]);
$router->get('password', [ 'as' => 'auth.password', 'uses' => 'Auth\PasswordController@getEmail' ]); // Determine if we need to ask for a TOTP Token
$router->post('password', [ 'as' => 'auth.password.submit', 'uses' => 'Auth\PasswordController@postEmail' ], function () { $router->post('login/totp', [
'uses' => 'Auth\AuthController@checkTotp'
]);
// Show Password Reset Form
$router->get('password', [
'as' => 'auth.password',
'uses' => 'Auth\PasswordController@getEmail'
]);
// Handle Password Reset
$router->post('password', [
'as' => 'auth.password.submit',
'uses' => 'Auth\PasswordController@postEmail'
], function () {
return redirect('auth/password')->with('sent', true); return redirect('auth/password')->with('sent', true);
}); });
$router->post('password/verify', [ 'uses' => 'Auth\PasswordController@postReset' ]);
$router->get('password/verify/{token}', [ 'as' => 'auth.verify', 'uses' => 'Auth\PasswordController@getReset' ]);
$router->get('logout', [ 'as' => 'auth.logout', 'uses' => 'Auth\AuthController@getLogout' ]); // Show Verification Checkpoint
$router->get('password/verify/{token}', [
'as' => 'auth.verify',
'uses' => 'Auth\PasswordController@getReset'
]);
// Handle Verification
$router->post('password/verify', [
'uses' => 'Auth\PasswordController@postReset'
]);
}); });
// Not included above because we don't want the guest middleware
$router->get('logout', [
'as' => 'auth.logout',
'middleware' => 'auth',
'uses' => 'Auth\AuthController@getLogout'
]);
} }
} }

58
app/Http/Routes/BaseRoutes.php
View file

@ -8,25 +8,65 @@ class BaseRoutes {
public function map(Router $router) { public function map(Router $router) {
// Index of Panel
$router->get('/', [
'as' => 'index',
'middleware' => 'auth',
'uses' => 'Base\IndexController@getIndex'
]);
// Handle Index. Redirect /index to / // Handle Index. Redirect /index to /
$router->get('/', [ 'as' => 'index', 'uses' => 'Base\IndexController@getIndex' ]);
$router->get('/index', function () { $router->get('/index', function () {
return redirect()->route('index'); return redirect()->route('index');
}); });
// Password Generation // Password Generation
$router->get('/password-gen/{length}', [ 'as' => 'password-gen', 'uses' => 'Base\IndexController@getPassword' ]); $router->get('/password-gen/{length}', [
'as' => 'password-gen',
'middleware' => 'auth',
'uses' => 'Base\IndexController@getPassword'
]);
// Account Routes // Account Routes
$router->get('/account', [ 'as' => 'account', 'uses' => 'Base\IndexController@getAccount' ]); $router->group([
$router->post('/account/password', [ 'uses' => 'Base\IndexController@postAccountPassword' ]); 'profix' => 'account',
$router->post('/account/email', [ 'uses' => 'Base\IndexController@postAccountEmail' ]); 'middleware' => [
'auth'
]
], function () use ($router) {
$router->get('account', [
'as' => 'account',
'uses' => 'Base\IndexController@getAccount'
]);
$router->post('/account/password', [
'uses' => 'Base\IndexController@postAccountPassword'
]);
$router->post('/account/email', [
'uses' => 'Base\IndexController@postAccountEmail'
]);
});
// TOTP Routes // TOTP Routes
$router->get('/account/totp', [ 'as' => 'account.totp', 'uses' => 'Base\IndexController@getAccountTotp' ]); $router->group([
$router->put('/account/totp', [ 'uses' => 'Base\IndexController@putAccountTotp' ]); 'prefix' => 'account/totp',
$router->post('/account/totp', [ 'uses' => 'Base\IndexController@postAccountTotp' ]); 'middleware' => [
$router->delete('/account/totp', [ 'uses' => 'Base\IndexController@deleteAccountTotp' ]); 'auth'
]
], function () use ($router) {
$router->get('/', [
'as' => 'account.totp',
'uses' => 'Base\IndexController@getAccountTotp'
]);
$router->put('/', [
'uses' => 'Base\IndexController@putAccountTotp'
]);
$router->post('/', [
'uses' => 'Base\IndexController@postAccountTotp'
]);
$router->delete('/', [
'uses' => 'Base\IndexController@deleteAccountTotp'
]);
});
} }

6
app/Http/Routes/RemoteRoutes.php
View file

@ -9,7 +9,11 @@ class RemoteRoutes {
public function map(Router $router) { public function map(Router $router) {
$router->group(['prefix' => 'remote'], function () use ($router) { $router->group(['prefix' => 'remote'], function () use ($router) {
$router->post('download', [ 'as' => 'remote.download', 'uses' => 'Remote\RemoteController@postDownload' ]); // Handles Remote Download Authentication Requests
$router->post('download', [
'as' => 'remote.download',
'uses' => 'Remote\RemoteController@postDownload'
]);
}); });
} }

23
app/Http/Routes/RestRoutes.php
View file

@ -7,15 +7,24 @@ use Illuminate\Routing\Router;
class RestRoutes { class RestRoutes {
public function map(Router $router) { public function map(Router $router) {
$router->group(['prefix' => 'api/v1'], function ($server) use ($router) { $router->group([
'prefix' => 'api/v1',
$router->group(['prefix' => 'users'], function ($server) use ($router) { 'middleware' => [
'api'
$router->get('/', [ 'uses' => 'API\UserController@getAllUsers' ]); ]
$router->get('/{id}/{fields?}', [ 'uses' => 'API\UserController@getUser' ])->where('id', '[0-9]+'); ], function () use ($router) {
// Users endpoint for API
$router->group(['prefix' => 'users'], function () use ($router) {
// Returns all users
$router->get('/', [
'uses' => 'API\UserController@getAllUsers'
]);
// Return listing of user [with only specified fields]
$router->get('/{id}/{fields?}', [
'uses' => 'API\UserController@getUser'
])->where('id', '[0-9]+');
}); });
}); });
} }

62
app/Http/Routes/ServerRoutes.php
View file

@ -7,20 +7,60 @@ use Illuminate\Routing\Router;
class ServerRoutes { class ServerRoutes {
public function map(Router $router) { public function map(Router $router) {
$router->group(['prefix' => 'server/{server}'], function ($server) use ($router) { $router->group([
'prefix' => 'server/{server}',
'middleware' => [
'auth',
'server'
]
], function ($server) use ($router) {
// Index View for Server
$router->get('/', [
'as' => 'server.index',
'uses' => 'Server\ServerController@getIndex'
]);
$router->get('/', [ 'as' => 'server.index', 'uses' => 'Server\ServerController@getIndex' ]); // File Manager Routes
$router->get('/files', [ 'as' => 'files.index', 'uses' => 'Server\ServerController@getFiles' ]); $router->get('/files', [
$router->get('/files/edit/{file}', [ 'as' => 'files.edit', 'uses' => 'Server\ServerController@getEditFile' ])->where('file', '.*'); 'as' => 'files.index',
$router->get('/files/download/{file}', [ 'as' => 'files.download', 'uses' => 'Server\ServerController@getDownloadFile' ])->where('file', '.*'); 'uses' => 'Server\ServerController@getFiles'
$router->get('/files/add', [ 'as' => 'files.add', 'uses' => 'Server\ServerController@getAddFile' ]); ]);
// Ajax Routes $router->get('/files/edit/{file}', [
'as' => 'files.edit',
'uses' => 'Server\ServerController@getEditFile'
])->where('file', '.*');
$router->get('/files/download/{file}', [
'as' => 'files.download',
'uses' => 'Server\ServerController@getDownloadFile'
])->where('file', '.*');
$router->get('/files/add', [
'as' => 'files.add',
'uses' => 'Server\ServerController@getAddFile'
]);
// Assorted AJAX Routes
$router->group(['prefix' => 'ajax'], function ($server) use ($router) { $router->group(['prefix' => 'ajax'], function ($server) use ($router) {
$router->get('status', [ 'uses' => 'Server\AjaxController@getStatus' ]); // Returns Server Status
$router->post('set-connection', [ 'uses' => 'Server\AjaxController@postSetConnection' ]); $router->get('status', [
$router->post('files/directory-list', [ 'uses' => 'Server\AjaxController@postDirectoryList' ]); 'uses' => 'Server\AjaxController@getStatus'
$router->post('files/save', [ 'uses' => 'Server\AjaxController@postSaveFile' ]); ]);
// Sets the Default Connection for the Server
$router->post('set-connection', [
'uses' => 'Server\AjaxController@postSetConnection'
]);
// Assorted File Manager URLs
$router->post('files/directory-list', [
'uses' => 'Server\AjaxController@postDirectoryList'
]);
$router->post('files/save', [
'uses' => 'Server\AjaxController@postSaveFile'
]);
}); });
}); });
} }

21
resources/views/errors/installing.blade.php Normal file
View file

@ -0,0 +1,21 @@
@extends('layouts.master')
@section('title', '503: Server Temporarily Unavaliable')
@section('content')
<div class="col-md-9">
<div class="panel panel-danger">
<div class="panel-heading">
<h3 class="panel-title">HTTP 503: Temporarily Unavaliable</h3>
</div>
<div class="panel-body">
<p style="margin-bottom:0;">The requested server is still completing the install process. Please check back in a few minutes, you should recieve an email as soon as this process is completed.</p>
<br /><br />
<div class="progress progress-striped active">
<div class="progress-bar progress-bar-danger" style="width: 75%"></div>
</div>
</div>
</div>
<p style="text-align:center;"><a href="{{ URL::previous() }}">Take me back</a> or <a href="/">go home</a>.</p>
</div>
@endsection