Clean up routes and middleware checking

This commit is contained in:
Dane Everitt 2016-01-04 16:09:39 -05:00
parent 99a67127c9
commit 4ae8a45ed3
16 changed files with 321 additions and 101 deletions

View file

@ -19,7 +19,7 @@ class UserController extends Controller
*/
public function __construct()
{
$this->middleware('api');
//
}
public function getAllUsers(Request $request)

View file

@ -20,11 +20,7 @@ class AccountsController extends Controller
*/
public function __construct()
{
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
$this->middleware('admin');
//
}
public function getIndex(Request $request)

View file

@ -15,11 +15,7 @@ class BaseController extends Controller
*/
public function __construct()
{
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
$this->middleware('admin');
//
}
public function getIndex(Request $request)

View file

@ -23,11 +23,7 @@ class ServersController extends Controller
*/
public function __construct()
{
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
$this->middleware('admin');
//
}
public function getIndex(Request $request)

View file

@ -64,7 +64,7 @@ class AuthController extends Controller
*/
public function __construct()
{
$this->middleware('guest', ['except' => 'getLogout']);
//
}
/**

View file

@ -21,9 +21,7 @@ class IndexController extends Controller
*/
public function __construct()
{
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
//
}
/**

View file

@ -38,14 +38,7 @@ class AjaxController extends Controller
*/
public function __construct()
{
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
// Routes in this file are also checked aganist the server middleware. If the user
// does not have permission to view the server it will not load.
$this->middleware('server');
//
}
/**

View file

@ -26,14 +26,7 @@ class ServerController extends Controller
*/
public function __construct()
{
// All routes in this controller are protected by the authentication middleware.
$this->middleware('auth');
// Routes in this file are also checked aganist the server middleware. If the user
// does not have permission to view the server it will not load.
$this->middleware('server');
//
}
/**

View file

@ -23,8 +23,13 @@ class CheckServer
return redirect()->guest('auth/login');
}
if (!Server::getByUUID($request->route()->server)) {
return redirect('/');
$server = Server::getByUUID($request->route()->server);
if (!$server) {
return redirect()->route('index');
}
if ($server->installed !== 1) {
return response()->view('errors.installing', [], 503);
}
return $next($request);

View file

@ -7,47 +7,136 @@ use Illuminate\Routing\Router;
class AdminRoutes {
public function map(Router $router) {
$router->group(['prefix' => 'admin'], function ($server) use ($router) {
$router->get('/', [ 'as' => 'admin.index', 'uses' => 'Admin\BaseController@getIndex' ]);
// Account Routes
$router->group(['prefix' => 'accounts'], function ($server) use ($router) {
// Admin Index
$router->get('admin', [
'as' => 'admin.index',
'middleware' => [
'auth',
'admin'
],
'uses' => 'Admin\BaseController@getIndex'
]);
$router->get('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@getNew' ]);
$router->post('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@postNew' ]);
$router->group([
'prefix' => 'admin/accounts',
'middleware' => [
'auth',
'admin'
]
], function () use ($router) {
$router->get('/', [ 'as' => 'admin.accounts', 'uses' => 'Admin\AccountsController@getIndex' ]);
$router->get('/view/{id}', [ 'as' => 'admin.accounts.view', 'uses' => 'Admin\AccountsController@getView' ]);
// View All Accounts on System
$router->get('/', [
'as' => 'admin.accounts',
'uses' => 'Admin\AccountsController@getIndex'
]);
// View Specific Account
$router->get('/view/{id}', [
'as' => 'admin.accounts.view',
'uses' => 'Admin\AccountsController@getView'
]);
// Show Create Account Page
$router->get('/new', [
'as' => 'admin.accounts.new',
'uses' => 'Admin\AccountsController@getNew'
]);
// Handle Creating New Account
$router->post('/new', [
'uses' => 'Admin\AccountsController@postNew'
]);
// Update A Specific Account
$router->post('/update', [
'uses' => 'Admin\AccountsController@postUpdate'
]);
// Delete an Account Matching an ID
$router->get('/delete/{id}', [
'uses' => 'Admin\AccountsController@getDelete'
]);
$router->post('/update', [ 'as' => 'admin.accounts.update', 'uses' => 'Admin\AccountsController@postUpdate' ]);
$router->get('/delete/{id}', [ 'as' => 'admin.accounts.delete', 'uses' => 'Admin\AccountsController@getDelete' ]);
});
// Server Routes
$router->group(['prefix' => 'servers'], function ($server) use ($router) {
$router->group([
'prefix' => 'admin/servers',
'middleware' => [
'auth',
'admin'
]
], function () use ($router) {
$router->get('/', [ 'as' => 'admin.servers', 'uses' => 'Admin\ServersController@getIndex' ]);
$router->get('/new', [ 'as' => 'admin.servers.new', 'uses' => 'Admin\ServersController@getNew' ]);
$router->get('/view/{id}', [ 'as' => 'admin.servers.view', 'uses' => 'Admin\ServersController@getView' ]);
// View All Servers
$router->get('/', [
'as' => 'admin.servers',
'uses' => 'Admin\ServersController@getIndex' ]);
$router->post('/view/{id}/details', [ 'uses' => 'Admin\ServersController@postUpdateServerDetails' ]);
$router->post('/view/{id}/rebuild', [ 'uses' => 'Admin\ServersController@postUpdateServerToggleBuild' ]);
$router->post('/view/{id}/build', [ 'uses' => 'Admin\ServersController@postUpdateServerUpdateBuild' ]);
$router->delete('/view/{id}/{force?}', [ 'uses' => 'Admin\ServersController@deleteServer' ]);
// View Create Server Page
$router->get('/new', [
'as' => 'admin.servers.new',
'uses' => 'Admin\ServersController@getNew'
]);
$router->post('/new', [ 'uses' => 'Admin\ServersController@postNewServer']);
$router->post('/new/get-nodes', [ 'uses' => 'Admin\ServersController@postNewServerGetNodes' ]);
$router->post('/new/get-ips', [ 'uses' => 'Admin\ServersController@postNewServerGetIps' ]);
$router->post('/new/service-options', [ 'uses' => 'Admin\ServersController@postNewServerServiceOptions' ]);
$router->post('/new/service-variables', [ 'uses' => 'Admin\ServersController@postNewServerServiceVariables' ]);
// Handle POST Request for Creating Server
$router->post('/new', [
'uses' => 'Admin\ServersController@postNewServer'
]);
// Assorted Page Helpers
$router->post('/new/get-nodes', [
'uses' => 'Admin\ServersController@postNewServerGetNodes'
]);
$router->post('/new/get-ips', [
'uses' => 'Admin\ServersController@postNewServerGetIps'
]);
$router->post('/new/service-options', [
'uses' => 'Admin\ServersController@postNewServerServiceOptions'
]);
$router->post('/new/service-variables', [
'uses' => 'Admin\ServersController@postNewServerServiceVariables'
]);
// End Assorted Page Helpers
// View Specific Server
$router->get('/view/{id}', [
'as' => 'admin.servers.view',
'uses' => 'Admin\ServersController@getView'
]);
// Change Server Details
$router->post('/view/{id}/details', [
'uses' => 'Admin\ServersController@postUpdateServerDetails'
]);
// Rebuild Server
$router->post('/view/{id}/rebuild', [
'uses' => 'Admin\ServersController@postUpdateServerToggleBuild'
]);
// Change Build Details
$router->post('/view/{id}/build', [
'uses' => 'Admin\ServersController@postUpdateServerUpdateBuild'
]);
});
// Change Install Status
$router->post('/view/{id}/installed', [
'uses' => 'Admin\ServersController@postToggleInstall'
]);
// Delete [force delete]
$router->delete('/view/{id}/{force?}', [
'uses' => 'Admin\ServersController@deleteServer'
]);
});
}
}

View file

@ -9,23 +9,63 @@ use Pterodactyl\Models\User as User;
class AuthRoutes {
public function map(Router $router) {
$router->group(['prefix' => 'auth'], function () use ($router) {
$router->group([
'prefix' => 'auth',
'middleware' => [
'guest'
]
], function () use ($router) {
$router->get('login', [ 'as' => 'auth.login', 'uses' => 'Auth\AuthController@getLogin' ]);
$router->post('login', [ 'uses' => 'Auth\AuthController@postLogin' ]);
$router->post('login/totp', [ 'uses' => 'Auth\AuthController@checkTotp' ]);
// Display Login Page
$router->get('login', [
'as' => 'auth.login',
'uses' => 'Auth\AuthController@getLogin'
]);
// Handle Login
$router->post('login', [
'uses' => 'Auth\AuthController@postLogin'
]);
$router->get('password', [ 'as' => 'auth.password', 'uses' => 'Auth\PasswordController@getEmail' ]);
$router->post('password', [ 'as' => 'auth.password.submit', 'uses' => 'Auth\PasswordController@postEmail' ], function () {
// Determine if we need to ask for a TOTP Token
$router->post('login/totp', [
'uses' => 'Auth\AuthController@checkTotp'
]);
// Show Password Reset Form
$router->get('password', [
'as' => 'auth.password',
'uses' => 'Auth\PasswordController@getEmail'
]);
// Handle Password Reset
$router->post('password', [
'as' => 'auth.password.submit',
'uses' => 'Auth\PasswordController@postEmail'
], function () {
return redirect('auth/password')->with('sent', true);
});
$router->post('password/verify', [ 'uses' => 'Auth\PasswordController@postReset' ]);
$router->get('password/verify/{token}', [ 'as' => 'auth.verify', 'uses' => 'Auth\PasswordController@getReset' ]);
$router->get('logout', [ 'as' => 'auth.logout', 'uses' => 'Auth\AuthController@getLogout' ]);
// Show Verification Checkpoint
$router->get('password/verify/{token}', [
'as' => 'auth.verify',
'uses' => 'Auth\PasswordController@getReset'
]);
// Handle Verification
$router->post('password/verify', [
'uses' => 'Auth\PasswordController@postReset'
]);
});
// Not included above because we don't want the guest middleware
$router->get('logout', [
'as' => 'auth.logout',
'middleware' => 'auth',
'uses' => 'Auth\AuthController@getLogout'
]);
}
}

View file

@ -8,25 +8,65 @@ class BaseRoutes {
public function map(Router $router) {
// Index of Panel
$router->get('/', [
'as' => 'index',
'middleware' => 'auth',
'uses' => 'Base\IndexController@getIndex'
]);
// Handle Index. Redirect /index to /
$router->get('/', [ 'as' => 'index', 'uses' => 'Base\IndexController@getIndex' ]);
$router->get('/index', function () {
return redirect()->route('index');
});
// Password Generation
$router->get('/password-gen/{length}', [ 'as' => 'password-gen', 'uses' => 'Base\IndexController@getPassword' ]);
$router->get('/password-gen/{length}', [
'as' => 'password-gen',
'middleware' => 'auth',
'uses' => 'Base\IndexController@getPassword'
]);
// Account Routes
$router->get('/account', [ 'as' => 'account', 'uses' => 'Base\IndexController@getAccount' ]);
$router->post('/account/password', [ 'uses' => 'Base\IndexController@postAccountPassword' ]);
$router->post('/account/email', [ 'uses' => 'Base\IndexController@postAccountEmail' ]);
$router->group([
'profix' => 'account',
'middleware' => [
'auth'
]
], function () use ($router) {
$router->get('account', [
'as' => 'account',
'uses' => 'Base\IndexController@getAccount'
]);
$router->post('/account/password', [
'uses' => 'Base\IndexController@postAccountPassword'
]);
$router->post('/account/email', [
'uses' => 'Base\IndexController@postAccountEmail'
]);
});
// TOTP Routes
$router->get('/account/totp', [ 'as' => 'account.totp', 'uses' => 'Base\IndexController@getAccountTotp' ]);
$router->put('/account/totp', [ 'uses' => 'Base\IndexController@putAccountTotp' ]);
$router->post('/account/totp', [ 'uses' => 'Base\IndexController@postAccountTotp' ]);
$router->delete('/account/totp', [ 'uses' => 'Base\IndexController@deleteAccountTotp' ]);
$router->group([
'prefix' => 'account/totp',
'middleware' => [
'auth'
]
], function () use ($router) {
$router->get('/', [
'as' => 'account.totp',
'uses' => 'Base\IndexController@getAccountTotp'
]);
$router->put('/', [
'uses' => 'Base\IndexController@putAccountTotp'
]);
$router->post('/', [
'uses' => 'Base\IndexController@postAccountTotp'
]);
$router->delete('/', [
'uses' => 'Base\IndexController@deleteAccountTotp'
]);
});
}

View file

@ -9,7 +9,11 @@ class RemoteRoutes {
public function map(Router $router) {
$router->group(['prefix' => 'remote'], function () use ($router) {
$router->post('download', [ 'as' => 'remote.download', 'uses' => 'Remote\RemoteController@postDownload' ]);
// Handles Remote Download Authentication Requests
$router->post('download', [
'as' => 'remote.download',
'uses' => 'Remote\RemoteController@postDownload'
]);
});
}

View file

@ -7,15 +7,24 @@ use Illuminate\Routing\Router;
class RestRoutes {
public function map(Router $router) {
$router->group(['prefix' => 'api/v1'], function ($server) use ($router) {
$router->group(['prefix' => 'users'], function ($server) use ($router) {
$router->get('/', [ 'uses' => 'API\UserController@getAllUsers' ]);
$router->get('/{id}/{fields?}', [ 'uses' => 'API\UserController@getUser' ])->where('id', '[0-9]+');
$router->group([
'prefix' => 'api/v1',
'middleware' => [
'api'
]
], function () use ($router) {
// Users endpoint for API
$router->group(['prefix' => 'users'], function () use ($router) {
// Returns all users
$router->get('/', [
'uses' => 'API\UserController@getAllUsers'
]);
// Return listing of user [with only specified fields]
$router->get('/{id}/{fields?}', [
'uses' => 'API\UserController@getUser'
])->where('id', '[0-9]+');
});
});
}

View file

@ -7,20 +7,60 @@ use Illuminate\Routing\Router;
class ServerRoutes {
public function map(Router $router) {
$router->group(['prefix' => 'server/{server}'], function ($server) use ($router) {
$router->group([
'prefix' => 'server/{server}',
'middleware' => [
'auth',
'server'
]
], function ($server) use ($router) {
// Index View for Server
$router->get('/', [
'as' => 'server.index',
'uses' => 'Server\ServerController@getIndex'
]);
$router->get('/', [ 'as' => 'server.index', 'uses' => 'Server\ServerController@getIndex' ]);
$router->get('/files', [ 'as' => 'files.index', 'uses' => 'Server\ServerController@getFiles' ]);
$router->get('/files/edit/{file}', [ 'as' => 'files.edit', 'uses' => 'Server\ServerController@getEditFile' ])->where('file', '.*');
$router->get('/files/download/{file}', [ 'as' => 'files.download', 'uses' => 'Server\ServerController@getDownloadFile' ])->where('file', '.*');
$router->get('/files/add', [ 'as' => 'files.add', 'uses' => 'Server\ServerController@getAddFile' ]);
// File Manager Routes
$router->get('/files', [
'as' => 'files.index',
'uses' => 'Server\ServerController@getFiles'
]);
// Ajax Routes
$router->get('/files/edit/{file}', [
'as' => 'files.edit',
'uses' => 'Server\ServerController@getEditFile'
])->where('file', '.*');
$router->get('/files/download/{file}', [
'as' => 'files.download',
'uses' => 'Server\ServerController@getDownloadFile'
])->where('file', '.*');
$router->get('/files/add', [
'as' => 'files.add',
'uses' => 'Server\ServerController@getAddFile'
]);
// Assorted AJAX Routes
$router->group(['prefix' => 'ajax'], function ($server) use ($router) {
$router->get('status', [ 'uses' => 'Server\AjaxController@getStatus' ]);
$router->post('set-connection', [ 'uses' => 'Server\AjaxController@postSetConnection' ]);
$router->post('files/directory-list', [ 'uses' => 'Server\AjaxController@postDirectoryList' ]);
$router->post('files/save', [ 'uses' => 'Server\AjaxController@postSaveFile' ]);
// Returns Server Status
$router->get('status', [
'uses' => 'Server\AjaxController@getStatus'
]);
// Sets the Default Connection for the Server
$router->post('set-connection', [
'uses' => 'Server\AjaxController@postSetConnection'
]);
// Assorted File Manager URLs
$router->post('files/directory-list', [
'uses' => 'Server\AjaxController@postDirectoryList'
]);
$router->post('files/save', [
'uses' => 'Server\AjaxController@postSaveFile'
]);
});
});
}

View file

@ -0,0 +1,21 @@
@extends('layouts.master')
@section('title', '503: Server Temporarily Unavaliable')
@section('content')
<div class="col-md-9">
<div class="panel panel-danger">
<div class="panel-heading">
<h3 class="panel-title">HTTP 503: Temporarily Unavaliable</h3>
</div>
<div class="panel-body">
<p style="margin-bottom:0;">The requested server is still completing the install process. Please check back in a few minutes, you should recieve an email as soon as this process is completed.</p>
<br /><br />
<div class="progress progress-striped active">
<div class="progress-bar progress-bar-danger" style="width: 75%"></div>
</div>
</div>
</div>
<p style="text-align:center;"><a href="{{ URL::previous() }}">Take me back</a> or <a href="/">go home</a>.</p>
</div>
@endsection