From 5a03ce7e1a1cf63c45463efdf9cebe9824d0f4b6 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Thu, 20 Oct 2016 13:39:39 -0400
Subject: [PATCH] Add support for controlling server power from API.

---
 ...werController.php => ServerController.php} | 31 ++++++++++++++++---
 app/Http/Middleware/VerifyCsrfToken.php       |  1 +
 app/Http/Routes/APIRoutes.php                 | 10 ++++++
 3 files changed, 38 insertions(+), 4 deletions(-)
 rename app/Http/Controllers/API/User/{PowerController.php => ServerController.php} (56%)

diff --git a/app/Http/Controllers/API/User/PowerController.php b/app/Http/Controllers/API/User/ServerController.php
similarity index 56%
rename from app/Http/Controllers/API/User/PowerController.php
rename to app/Http/Controllers/API/User/ServerController.php
index c92637b66..805ca0c99 100644
--- a/app/Http/Controllers/API/User/PowerController.php
+++ b/app/Http/Controllers/API/User/ServerController.php
@@ -26,14 +26,37 @@ namespace Pterodactyl\Http\Controllers\API\User;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
 
-class PowerController extends BaseController
+use Pterodactyl\Http\Controllers\API\BaseController;
+
+class ServerController extends BaseController
 {
-    public function __constructor()
+
+    public function info(Request $request, $uuid)
     {
+        // Will return server info including latest query and stats from daemon.
     }
 
-    public function pass(Request $request, $uuid)
+    public function power(Request $request, $uuid)
     {
-        //$server = Models\Server::where('id', $id)->where();
+        $server = Models\Server::getByUUID($uuid);
+        $node = Models\Node::getByID($server->node);
+        $client = Models\Node::guzzleRequest($server->node);
+
+        $res = $client->request('PUT', '/server/power', [
+            'headers' => [
+                'X-Access-Server' => $server->uuid,
+                'X-Access-Token' => $server->daemonSecret
+            ],
+            'exceptions' => false,
+            'json' => [
+                'action' => $request->input('action')
+            ]
+        ]);
+
+        if ($res->getStatusCode() !== 204) {
+            return $this->response->error(json_decode($res->getBody())->error, $res->getStatusCode());
+        }
+
+        return $this->response->noContent();
     }
 }
diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php
index 97aa64965..be7b74e42 100644
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -13,5 +13,6 @@ class VerifyCsrfToken extends BaseVerifier
      */
     protected $except = [
         'remote/*',
+        'api/*'
     ];
 }
diff --git a/app/Http/Routes/APIRoutes.php b/app/Http/Routes/APIRoutes.php
index 3213a641a..5ba792b35 100755
--- a/app/Http/Routes/APIRoutes.php
+++ b/app/Http/Routes/APIRoutes.php
@@ -37,6 +37,16 @@ class APIRoutes
                 'as' => 'api.user',
                 'uses' => 'Pterodactyl\Http\Controllers\API\User\InfoController@me'
             ]);
+
+            $api->get('/server/{uuid}', [
+                'as' => 'api.user.server',
+                'uses' => 'Pterodactyl\Http\Controllers\API\User\ServerController@info'
+            ]);
+
+            $api->put('/server/{uuid}', [
+                'as' => 'api.user.server.power',
+                'uses' => 'Pterodactyl\Http\Controllers\API\User\ServerController@power'
+            ]);
         });
 
         $api->version('v1', ['prefix' => 'api', 'middleware' => 'api.auth'], function ($api) {