Merge branch 'develop' into feature/vuejs

This commit is contained in:
Dane Everitt 2019-05-01 20:57:49 -07:00
commit 5c99cae779
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
8 changed files with 187 additions and 30 deletions

View file

@ -599,7 +599,7 @@ class ServersController extends Controller
['id', '=', $request->input('database')], ['id', '=', $request->input('database')],
]); ]);
$this->databasePasswordService->handle($database, str_random(20)); $this->databasePasswordService->handle($database, str_random(24));
return response('', 204); return response('', 204);
} }

View file

@ -110,8 +110,8 @@ class Node extends Model implements CleansAttributes, ValidableContract
'disk' => 'numeric|min:1', 'disk' => 'numeric|min:1',
'disk_overallocate' => 'numeric|min:-1', 'disk_overallocate' => 'numeric|min:-1',
'daemonBase' => 'regex:/^([\/][\d\w.\-\/]+)$/', 'daemonBase' => 'regex:/^([\/][\d\w.\-\/]+)$/',
'daemonSFTP' => 'numeric|between:1024,65535', 'daemonSFTP' => 'numeric|between:1,65535',
'daemonListen' => 'numeric|between:1024,65535', 'daemonListen' => 'numeric|between:1,65535',
'maintenance_mode' => 'boolean', 'maintenance_mode' => 'boolean',
'upload_size' => 'int|between:1,1024', 'upload_size' => 'int|between:1,1024',
]; ];

View file

@ -69,7 +69,7 @@ class DatabaseManagementService
$data['server_id'] = $server; $data['server_id'] = $server;
$data['database'] = sprintf('s%d_%s', $server, $data['database']); $data['database'] = sprintf('s%d_%s', $server, $data['database']);
$data['username'] = sprintf('u%d_%s', $server, str_random(10)); $data['username'] = sprintf('u%d_%s', $server, str_random(10));
$data['password'] = $this->encrypter->encrypt(str_random(16)); $data['password'] = $this->encrypter->encrypt(str_random(24));
$this->database->beginTransaction(); $this->database->beginTransaction();
try { try {

View file

@ -9,21 +9,27 @@
namespace Pterodactyl\Services\Users; namespace Pterodactyl\Services\Users;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA; use PragmaRX\Google2FAQRCode\Google2FA;
use Illuminate\Support\Collection; use Illuminate\Support\Collection;
use Illuminate\Contracts\Encryption\Encrypter; use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface; use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
class TwoFactorSetupService class TwoFactorSetupService
{ {
/**
* @var \Illuminate\Contracts\Config\Repository
*/
private $config;
/** /**
* @var \Illuminate\Contracts\Encryption\Encrypter * @var \Illuminate\Contracts\Encryption\Encrypter
*/ */
private $encrypter; private $encrypter;
/** /**
* @var \PragmaRX\Google2FA\Google2FA * @var PragmaRX\Google2FAQRCode\Google2FA
*/ */
private $google2FA; private $google2FA;
@ -35,15 +41,18 @@ class TwoFactorSetupService
/** /**
* TwoFactorSetupService constructor. * TwoFactorSetupService constructor.
* *
* @param \Illuminate\Contracts\Config\Repository $config
* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter * @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
* @param \PragmaRX\Google2FA\Google2FA $google2FA * @param PragmaRX\Google2FAQRCode\Google2FA $google2FA
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository * @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
*/ */
public function __construct( public function __construct(
ConfigRepository $config,
Encrypter $encrypter, Encrypter $encrypter,
Google2FA $google2FA, Google2FA $google2FA,
UserRepositoryInterface $repository UserRepositoryInterface $repository
) { ) {
$this->config = $config;
$this->encrypter = $encrypter; $this->encrypter = $encrypter;
$this->google2FA = $google2FA; $this->google2FA = $google2FA;
$this->repository = $repository; $this->repository = $repository;
@ -61,8 +70,8 @@ class TwoFactorSetupService
*/ */
public function handle(User $user): Collection public function handle(User $user): Collection
{ {
$secret = $this->google2FA->generateSecretKey(config('pterodactyl.auth.2fa.bytes')); $secret = $this->google2FA->generateSecretKey($this->config->get('pterodactyl.auth.2fa.bytes'));
$image = $this->google2FA->getQRCodeGoogleUrl(config('app.name'), $user->email, $secret); $image = $this->google2FA->getQRCodeInline($this->config->get('app.name'), $user->email, $secret);
$this->repository->withoutFreshModel()->update($user->id, [ $this->repository->withoutFreshModel()->update($user->id, [
'totp_secret' => $this->encrypter->encrypt($secret), 'totp_secret' => $this->encrypter->encrypt($secret),

View file

@ -29,7 +29,8 @@
"lord/laroute": "^2.4", "lord/laroute": "^2.4",
"matriphe/iso-639": "^1.2", "matriphe/iso-639": "^1.2",
"nesbot/carbon": "^1.22", "nesbot/carbon": "^1.22",
"pragmarx/google2fa": "^2.0", "pragmarx/google2fa": "^5.0",
"pragmarx/google2fa-qrcode": "^1.0.3",
"predis/predis": "^1.1", "predis/predis": "^1.1",
"prologue/alerts": "^0.4", "prologue/alerts": "^0.4",
"ramsey/uuid": "^3.7", "ramsey/uuid": "^3.7",

172
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "cebedf7393ddbd786a17efdf394fa5e3", "content-hash": "9c03519785d01a8f710a0f7e65f602e8",
"packages": [ "packages": [
{ {
"name": "appstract/laravel-blade-directives", "name": "appstract/laravel-blade-directives",
@ -142,6 +142,55 @@
], ],
"time": "2018-12-14T22:50:05+00:00" "time": "2018-12-14T22:50:05+00:00"
}, },
{
"name": "bacon/bacon-qr-code",
"version": "2.0.0",
"source": {
"type": "git",
"url": "https://github.com/Bacon/BaconQrCode.git",
"reference": "eaac909da3ccc32b748a65b127acd8918f58d9b0"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/eaac909da3ccc32b748a65b127acd8918f58d9b0",
"reference": "eaac909da3ccc32b748a65b127acd8918f58d9b0",
"shasum": ""
},
"require": {
"dasprid/enum": "^1.0",
"ext-iconv": "*",
"php": "^7.1"
},
"require-dev": {
"phly/keep-a-changelog": "^1.4",
"phpunit/phpunit": "^6.4",
"squizlabs/php_codesniffer": "^3.1"
},
"suggest": {
"ext-imagick": "to generate QR code images"
},
"type": "library",
"autoload": {
"psr-4": {
"BaconQrCode\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-2-Clause"
],
"authors": [
{
"name": "Ben Scholzen 'DASPRiD'",
"email": "mail@dasprids.de",
"homepage": "http://www.dasprids.de",
"role": "Developer"
}
],
"description": "BaconQrCode is a QR code generator for PHP.",
"homepage": "https://github.com/Bacon/BaconQrCode",
"time": "2018-04-25T17:53:56+00:00"
},
{ {
"name": "cakephp/chronos", "name": "cakephp/chronos",
"version": "1.2.3", "version": "1.2.3",
@ -199,6 +248,48 @@
], ],
"time": "2018-10-18T22:02:21+00:00" "time": "2018-10-18T22:02:21+00:00"
}, },
{
"name": "dasprid/enum",
"version": "1.0.0",
"source": {
"type": "git",
"url": "https://github.com/DASPRiD/Enum.git",
"reference": "631ef6e638e9494b0310837fa531bedd908fc22b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/DASPRiD/Enum/zipball/631ef6e638e9494b0310837fa531bedd908fc22b",
"reference": "631ef6e638e9494b0310837fa531bedd908fc22b",
"shasum": ""
},
"require-dev": {
"phpunit/phpunit": "^6.4",
"squizlabs/php_codesniffer": "^3.1"
},
"type": "library",
"autoload": {
"psr-4": {
"DASPRiD\\Enum\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-2-Clause"
],
"authors": [
{
"name": "Ben Scholzen 'DASPRiD'",
"email": "mail@dasprids.de",
"homepage": "https://dasprids.de/"
}
],
"description": "PHP 7.1 enum implementation",
"keywords": [
"enum",
"map"
],
"time": "2017-10-25T22:45:27+00:00"
},
{ {
"name": "dnoegel/php-xdg-base-dir", "name": "dnoegel/php-xdg-base-dir",
"version": "0.1", "version": "0.1",
@ -2501,31 +2592,27 @@
}, },
{ {
"name": "pragmarx/google2fa", "name": "pragmarx/google2fa",
"version": "v2.0.7", "version": "v5.0.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/antonioribeiro/google2fa.git", "url": "https://github.com/antonioribeiro/google2fa.git",
"reference": "5a818bda62fab0c0a79060b06d50d50b5525d631" "reference": "17c969c82f427dd916afe4be50bafc6299aef1b4"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/5a818bda62fab0c0a79060b06d50d50b5525d631", "url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/17c969c82f427dd916afe4be50bafc6299aef1b4",
"reference": "5a818bda62fab0c0a79060b06d50d50b5525d631", "reference": "17c969c82f427dd916afe4be50bafc6299aef1b4",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"paragonie/constant_time_encoding": "~1.0|~2.0", "paragonie/constant_time_encoding": "~1.0|~2.0",
"paragonie/random_compat": "~1.4|~2.0", "paragonie/random_compat": ">=1",
"php": ">=5.4", "php": ">=5.4",
"symfony/polyfill-php56": "~1.2" "symfony/polyfill-php56": "~1.2"
}, },
"require-dev": { "require-dev": {
"bacon/bacon-qr-code": "~1.0",
"phpunit/phpunit": "~4|~5|~6" "phpunit/phpunit": "~4|~5|~6"
}, },
"suggest": {
"bacon/bacon-qr-code": "Required to generate inline QR Codes."
},
"type": "library", "type": "library",
"extra": { "extra": {
"component": "package", "component": "package",
@ -2541,7 +2628,7 @@
}, },
"notification-url": "https://packagist.org/downloads/", "notification-url": "https://packagist.org/downloads/",
"license": [ "license": [
"BSD-3-Clause" "MIT"
], ],
"authors": [ "authors": [
{ {
@ -2555,10 +2642,67 @@
"2fa", "2fa",
"Authentication", "Authentication",
"Two Factor Authentication", "Two Factor Authentication",
"google2fa", "google2fa"
"laravel"
], ],
"time": "2018-01-06T16:21:07+00:00" "time": "2019-03-19T22:44:16+00:00"
},
{
"name": "pragmarx/google2fa-qrcode",
"version": "v1.0.3",
"source": {
"type": "git",
"url": "https://github.com/antonioribeiro/google2fa-qrcode.git",
"reference": "fd5ff0531a48b193a659309cc5fb882c14dbd03f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/antonioribeiro/google2fa-qrcode/zipball/fd5ff0531a48b193a659309cc5fb882c14dbd03f",
"reference": "fd5ff0531a48b193a659309cc5fb882c14dbd03f",
"shasum": ""
},
"require": {
"bacon/bacon-qr-code": "~1.0|~2.0",
"php": ">=5.4",
"pragmarx/google2fa": ">=4.0"
},
"require-dev": {
"khanamiryan/qrcode-detector-decoder": "^1.0",
"phpunit/phpunit": "~4|~5|~6|~7"
},
"type": "library",
"extra": {
"component": "package",
"branch-alias": {
"dev-master": "1.0-dev"
}
},
"autoload": {
"psr-4": {
"PragmaRX\\Google2FAQRCode\\": "src/",
"PragmaRX\\Google2FAQRCode\\Tests\\": "tests/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Antonio Carlos Ribeiro",
"email": "acr@antoniocarlosribeiro.com",
"role": "Creator & Designer"
}
],
"description": "QR Code package for Google2FA",
"keywords": [
"2fa",
"Authentication",
"Two Factor Authentication",
"google2fa",
"qr code",
"qrcode"
],
"time": "2019-03-20T16:42:58+00:00"
}, },
{ {
"name": "predis/predis", "name": "predis/predis",

View file

@ -3,7 +3,7 @@
"meta": { "meta": {
"version": "PTDL_v1" "version": "PTDL_v1"
}, },
"exported_at": "2018-10-28T20:50:23+01:00", "exported_at": "2019-05-01T16:35:15+00:00",
"name": "Teamspeak3 Server", "name": "Teamspeak3 Server",
"author": "support@pterodactyl.io", "author": "support@pterodactyl.io",
"description": "VoIP software designed with security in mind, featuring crystal clear voice quality, endless customization options, and scalabilty up to thousands of simultaneous users.", "description": "VoIP software designed with security in mind, featuring crystal clear voice quality, endless customization options, and scalabilty up to thousands of simultaneous users.",
@ -27,10 +27,10 @@
"name": "Server Version", "name": "Server Version",
"description": "The version of Teamspeak 3 to use when running the server.", "description": "The version of Teamspeak 3 to use when running the server.",
"env_variable": "TS_VERSION", "env_variable": "TS_VERSION",
"default_value": "3.5.0", "default_value": "3.7.1",
"user_viewable": 1, "user_viewable": 1,
"user_editable": 1, "user_editable": 1,
"rules": "required|regex:\/^([0-9_\\.-]{5,10})$\/" "rules": "required|regex:\/^([0-9_\\.-]{5,10})$\/"
} }
] ]
} }

View file

@ -5,8 +5,9 @@ namespace Tests\Unit\Services\Users;
use Mockery as m; use Mockery as m;
use Tests\TestCase; use Tests\TestCase;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA;
use Illuminate\Support\Collection; use Illuminate\Support\Collection;
use PragmaRX\Google2FAQRCode\Google2FA;
use Illuminate\Contracts\Config\Repository;
use Illuminate\Contracts\Encryption\Encrypter; use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Services\Users\TwoFactorSetupService; use Pterodactyl\Services\Users\TwoFactorSetupService;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface; use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
@ -24,7 +25,7 @@ class TwoFactorSetupServiceTest extends TestCase
private $encrypter; private $encrypter;
/** /**
* @var \PragmaRX\Google2FA\Google2FA|\Mockery\Mock * @var PragmaRX\Google2FAQRCode\Google2FA|\Mockery\Mock
*/ */
private $google2FA; private $google2FA;
@ -40,6 +41,7 @@ class TwoFactorSetupServiceTest extends TestCase
{ {
parent::setUp(); parent::setUp();
$this->config = m::mock(Repository::class);
$this->encrypter = m::mock(Encrypter::class); $this->encrypter = m::mock(Encrypter::class);
$this->google2FA = m::mock(Google2FA::class); $this->google2FA = m::mock(Google2FA::class);
$this->repository = m::mock(UserRepositoryInterface::class); $this->repository = m::mock(UserRepositoryInterface::class);
@ -56,7 +58,8 @@ class TwoFactorSetupServiceTest extends TestCase
config()->set('app.name', 'CompanyName'); config()->set('app.name', 'CompanyName');
$this->google2FA->shouldReceive('generateSecretKey')->with(32)->once()->andReturn('secretKey'); $this->google2FA->shouldReceive('generateSecretKey')->with(32)->once()->andReturn('secretKey');
$this->google2FA->shouldReceive('getQRCodeGoogleUrl')->with('CompanyName', $model->email, 'secretKey')->once()->andReturn('http://url.com'); $this->config->shouldReceive('get')->with('app.name')->once()->andReturn('CompanyName');
$this->google2FA->shouldReceive('getQRCodeInline')->with('CompanyName', $model->email, 'secretKey')->once()->andReturn('http://url.com');
$this->encrypter->shouldReceive('encrypt')->with('secretKey')->once()->andReturn('encryptedSecret'); $this->encrypter->shouldReceive('encrypt')->with('secretKey')->once()->andReturn('encryptedSecret');
$this->repository->shouldReceive('withoutFreshModel->update')->with($model->id, ['totp_secret' => 'encryptedSecret'])->once()->andReturnNull(); $this->repository->shouldReceive('withoutFreshModel->update')->with($model->id, ['totp_secret' => 'encryptedSecret'])->once()->andReturnNull();