From 3d80c5b7e64b40a50d5e9a1b62bc5b147b424004 Mon Sep 17 00:00:00 2001
From: BlameDylan <dylan.seidt@gmail.com>
Date: Sat, 12 Dec 2015 00:21:17 -0600
Subject: [PATCH] Account Creation in AdminCP

---
 .../Controllers/Admin/AccountsController.php  | 30 ++++++-
 app/Http/Controllers/Base/IndexController.php | 12 +++
 app/Http/Routes/AdminRoutes.php               |  4 +-
 app/Http/Routes/BaseRoutes.php                |  3 +
 resources/views/admin/accounts/new.blade.php  | 90 +++++++++++++++++++
 5 files changed, 136 insertions(+), 3 deletions(-)
 create mode 100644 resources/views/admin/accounts/new.blade.php

diff --git a/app/Http/Controllers/Admin/AccountsController.php b/app/Http/Controllers/Admin/AccountsController.php
index 9f7b29465..55af688aa 100644
--- a/app/Http/Controllers/Admin/AccountsController.php
+++ b/app/Http/Controllers/Admin/AccountsController.php
@@ -2,9 +2,12 @@
 
 namespace Pterodactyl\Http\Controllers\Admin;
 
+use Alert;
 use Debugbar;
-use Pterodactyl\Models\User;
+use Hash;
+use Uuid;
 
+use Pterodactyl\Models\User;
 use Pterodactyl\Http\Controllers\Controller;
 use Illuminate\Http\Request;
 
@@ -32,7 +35,7 @@ class AccountsController extends Controller
 
     public function getNew(Request $request)
     {
-        //
+        return view('admin.accounts.new');
     }
 
     public function getView(Request $request, $id)
@@ -40,4 +43,27 @@ class AccountsController extends Controller
         //
     }
 
+    public function postNew(Request $request)
+    {
+        $this->validate($request, [
+            'username' => 'required|min:4|unique:users,username',
+            'email' => 'required|email|unique:users,email',
+            'password' => 'required|confirmed|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
+            'password_confirmation' => 'required'
+        ]);
+
+        //@TODO: re-generate UUID if conflict
+        $user = new User;
+        $user->uuid = Uuid::generate(4);
+
+        $user->username = $request->input('username');
+        $user->email = $request->input('email');
+        $user->password = Hash::make($request->input('password'));
+
+        $user->save();
+
+        Alert::success('Account has been successfully created.')->flash();
+        return redirect()->route('admin.accounts.view', ['id' => $user->id]);
+    }
+
 }
diff --git a/app/Http/Controllers/Base/IndexController.php b/app/Http/Controllers/Base/IndexController.php
index d9ff07fd0..b8599c517 100644
--- a/app/Http/Controllers/Base/IndexController.php
+++ b/app/Http/Controllers/Base/IndexController.php
@@ -41,6 +41,18 @@ class IndexController extends Controller
         ]);
     }
 
+    /**
+     * Generate a random string.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @return string
+     */
+    public function getPassword(Request $request, $length = 16)
+    {
+        $length = ($length < 8) ? 8 : $length;
+        return str_random($length);
+    }
+
     /**
      * Returns TOTP Management Page.
      *
diff --git a/app/Http/Routes/AdminRoutes.php b/app/Http/Routes/AdminRoutes.php
index 058d3c786..1f5e48e29 100644
--- a/app/Http/Routes/AdminRoutes.php
+++ b/app/Http/Routes/AdminRoutes.php
@@ -13,8 +13,10 @@ class AdminRoutes {
             // Account Routes
             $router->group(['prefix' => 'accounts'], function ($server) use ($router) {
                 $router->get('/', [ 'as' => 'admin.accounts', 'uses' => 'Admin\AccountsController@getIndex' ]);
-                $router->get('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@getNew' ]);
                 $router->get('/view/{id}', [ 'as' => 'admin.accounts.view', 'uses' => 'Admin\AccountsController@getView' ]);
+
+                $router->get('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@getNew' ]);
+                $router->post('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@postNew' ]);
             });
 
             // Server Routes
diff --git a/app/Http/Routes/BaseRoutes.php b/app/Http/Routes/BaseRoutes.php
index bd12219d4..34638dda0 100644
--- a/app/Http/Routes/BaseRoutes.php
+++ b/app/Http/Routes/BaseRoutes.php
@@ -14,6 +14,9 @@ class BaseRoutes {
             return redirect()->route('index');
         });
 
+        // Password Generation
+        $router->get('/password-gen/{length}', [ 'as' => 'password-gen', 'uses' => 'Base\IndexController@getPassword' ]);
+
         // Account Routes
         $router->get('/account', [ 'as' => 'account', 'uses' => 'Base\IndexController@getAccount' ]);
         $router->post('/account/password', [ 'uses' => 'Base\IndexController@postAccountPassword' ]);
diff --git a/resources/views/admin/accounts/new.blade.php b/resources/views/admin/accounts/new.blade.php
new file mode 100644
index 000000000..9bff528b1
--- /dev/null
+++ b/resources/views/admin/accounts/new.blade.php
@@ -0,0 +1,90 @@
+@extends('layouts.admin')
+
+@section('title')
+    New Account
+@endsection
+
+@section('content')
+<div class="col-md-9">
+    <ul class="breadcrumb">
+        <li><a href="/admin">Admin Controls</a></li>
+        <li><a href="/admin/accounts">Accounts</a></li>
+        <li class="active">Add New Account</li>
+	</ul>
+    @if (count($errors) > 0)
+        <div class="alert alert-danger">
+            <strong>{{ trans('strings.whoops') }}!</strong> {{ trans('auth.errorencountered') }}<br><br>
+            <ul>
+                @foreach ($errors->all() as $error)
+                    <li>{{ $error }}</li>
+                @endforeach
+            </ul>
+        </div>
+    @endif
+    <h3>Create New Account</h3><hr />
+    <form action="new" method="post">
+		<fieldset>
+			<div class="form-group">
+				<label for="username" class="control-label">Username</label>
+				<div>
+					<input type="text" autocomplete="off" name="username" class="form-control" />
+				</div>
+			</div>
+			<div class="form-group">
+				<label for="email" class="control-label">Email</label>
+				<div>
+					<input type="text" autocomplete="off" name="email" class="form-control" />
+				</div>
+			</div>
+			<div class="row">
+				<div class="col-md-12">
+					<div id="gen_pass" class=" alert alert-success" style="display:none;margin-bottom: 10px;"></div>
+				</div>
+				<div class="form-group col-md-6">
+					<label for="pass" class="control-label">Password</label>
+					<div>
+						<input type="password" name="password" class="form-control" />
+					</div>
+				</div>
+				<div class="form-group col-md-6">
+					<label for="pass_2" class="control-label">Password Again</label>
+					<div>
+						<input type="password" name="password_confirmation" class="form-control" />
+					</div>
+				</div>
+			</div>
+			<div class="form-group">
+				<div>
+                    {!! csrf_field() !!}
+					<button class="btn btn-primary btn-sm" type="submit">Create Account</button>
+					<button class="btn btn-default btn-sm" id="gen_pass_bttn" type="button">Generate Password</button>
+				</div>
+			</div>
+		</fieldset>
+	</form>
+</div>
+<script>
+$(document).ready(function(){
+	$("#sidebar_links").find("a[href='/admin/account/new']").addClass('active');
+	$("#gen_pass_bttn").click(function(e){
+		e.preventDefault();
+		$.ajax({
+			type: "GET",
+			url: "/password-gen/12",
+            headers: {
+                'X-CSRF-TOKEN': '{{ csrf_token() }}'
+           },
+			success: function(data) {
+				$("#gen_pass").html('<strong>Generated Password:</strong> ' + data).slideDown();
+				$('input[name="password"], input[name="password_confirmation"]').val(data);
+				return false;
+			}
+		});
+		return false;
+	});
+});
+$(document).ready(function () {
+	$('#sidebar_links').find("a[href='/admin/accounts']").addClass('active');
+});
+</script>
+@endsection