Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Log the error output for API

Browse source
This commit is contained in:
Dane Everitt 2016-10-07 16:10:54 -04:00
parent af68dbed8f
commit c8a73fa608
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
3 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/Http/Middleware/APISecretToken.php
View file

@ -62,15 +62,15 @@ class APISecretToken extends Authorization
public function authenticate(Request $request, Route $route) public function authenticate(Request $request, Route $route)
{ {
if (!$request->bearerToken() || empty($request->bearerToken())) { if (!$request->bearerToken() || empty($request->bearerToken())) {
APILogService::log($request); APILogService::log($request, 'The authentication header was missing or malformed.');
throw new UnauthorizedHttpException('The authentication header was missing or malformed'); throw new UnauthorizedHttpException('The authentication header was missing or malformed.');
} }
list($public, $hashed) = explode('.', $request->bearerToken()); list($public, $hashed) = explode('.', $request->bearerToken());
$key = APIKey::where('public', $public)->first(); $key = APIKey::where('public', $public)->first();
if (!$key) { if (!$key) {
APILogService::log($request); APILogService::log($request, 'Invalid API Key.');
throw new AccessDeniedHttpException('Invalid API Key.'); throw new AccessDeniedHttpException('Invalid API Key.');
} }
@ -85,7 +85,7 @@ class APISecretToken extends Authorization
} }
} }
if (!$inRange) { if (!$inRange) {
APILogService::log($request); APILogService::log($request, 'This IP address <' . $request->ip() . '> does not have permission to use this API key.');
throw new AccessDeniedHttpException('This IP address <' . $request->ip() . '> does not have permission to use this API key.'); throw new AccessDeniedHttpException('This IP address <' . $request->ip() . '> does not have permission to use this API key.');
} }
} }
@ -98,7 +98,7 @@ class APISecretToken extends Authorization
} }
if (!$this->permissionAllowed) { if (!$this->permissionAllowed) {
APILogService::log($request); APILogService::log($request, 'You do not have permission to access this resource.');
throw new AccessDeniedHttpException('You do not have permission to access this resource.'); throw new AccessDeniedHttpException('You do not have permission to access this resource.');
} }
} }
@ -106,18 +106,18 @@ class APISecretToken extends Authorization
try { try {
$decrypted = Crypt::decrypt($key->secret); $decrypted = Crypt::decrypt($key->secret);
} catch (\Illuminate\Contracts\Encryption\DecryptException $ex) { } catch (\Illuminate\Contracts\Encryption\DecryptException $ex) {
APILogService::log($request); APILogService::log($request, 'There was an error while attempting to check your secret key.');
throw new HttpException('There was an error while attempting to check your secret key.'); throw new HttpException('There was an error while attempting to check your secret key.');
} }
$this->url = urldecode($request->fullUrl()); $this->url = urldecode($request->fullUrl());
if($this->_generateHMAC($request->getContent(), $decrypted) !== base64_decode($hashed)) { if($this->_generateHMAC($request->getContent(), $decrypted) !== base64_decode($hashed)) {
APILogService::log($request); APILogService::log($request, 'The hashed body was not valid. Potential modification of contents in route.');
throw new BadRequestHttpException('The hashed body was not valid. Potential modification of contents in route.'); throw new BadRequestHttpException('The hashed body was not valid. Potential modification of contents in route.');
} }
// Log the Route Access // Log the Route Access
APILogService::log($request, true); APILogService::log($request, null, true);
return true; return true;
} }

3
app/Services/APILogService.php
View file

@ -36,7 +36,7 @@ class APILogService
// //
} }
public static function log(Request $request, $authorized = false) public static function log(Request $request, $error = null, $authorized = false)
{ {
if ($request->bearerToken() && !empty($request->bearerToken())) { if ($request->bearerToken() && !empty($request->bearerToken())) {
list($public, $hashed) = explode('.', $request->bearerToken()); list($public, $hashed) = explode('.', $request->bearerToken());
@ -47,6 +47,7 @@ class APILogService
try { try {
$log = APILog::create([ $log = APILog::create([
'authorized' => $authorized, 'authorized' => $authorized,
'error' => $error,
'key' => $public, 'key' => $public,
'method' => $request->method(), 'method' => $request->method(),
'route' => $request->fullUrl(), 'route' => $request->fullUrl(),

1
database/migrations/2016_10_07_152117_build_api_log_table.php
View file

@ -16,6 +16,7 @@ class BuildApiLogTable extends Migration
Schema::create('api_logs', function (Blueprint $table) { Schema::create('api_logs', function (Blueprint $table) {
$table->increments('id'); $table->increments('id');
$table->boolean('authorized'); $table->boolean('authorized');
$table->text('error')->nullable();
$table->char('key', 16)->nullable(); $table->char('key', 16)->nullable();
$table->char('method', 6); $table->char('method', 6);
$table->text('route'); $table->text('route');