Working login form with password reset functionality.

This commit is contained in:
Dane Everitt 2018-04-08 15:18:13 -05:00
parent c3e462ab2f
commit d63624f607
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
21 changed files with 232 additions and 324 deletions

View file

@ -107,7 +107,7 @@ abstract class AbstractLoginController extends Controller
]); ]);
if ($request->route()->named('auth.checkpoint')) { if ($request->route()->named('auth.checkpoint')) {
throw new DisplayException(trans('auth.checkpoint_failed')); throw new DisplayException(trans('auth.two_factor.checkpoint_failed'));
} }
throw new DisplayException(trans('auth.failed')); throw new DisplayException(trans('auth.failed'));

View file

@ -18,7 +18,7 @@ class LoginCheckpointController extends AbstractLoginController
* *
* @throws \Pterodactyl\Exceptions\DisplayException * @throws \Pterodactyl\Exceptions\DisplayException
*/ */
public function index(LoginCheckpointRequest $request): JsonResponse public function __invoke(LoginCheckpointRequest $request): JsonResponse
{ {
try { try {
$cache = $this->cache->pull($request->input('confirmation_token'), []); $cache = $this->cache->pull($request->input('confirmation_token'), []);

View file

@ -22,6 +22,8 @@ class LoginController extends AbstractLoginController
$username = $request->input('user'); $username = $request->input('user');
$useColumn = $this->getField($username); $useColumn = $this->getField($username);
sleep(1);
if ($this->hasTooManyLoginAttempts($request)) { if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request); $this->fireLockoutEvent($request);
$this->sendLockoutResponse($request); $this->sendLockoutResponse($request);

View file

@ -2,8 +2,12 @@
namespace Pterodactyl\Http\Controllers\Auth; namespace Pterodactyl\Http\Controllers\Auth;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Password;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Http\Controllers\Controller; use Pterodactyl\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords; use Illuminate\Foundation\Auth\ResetsPasswords;
use Pterodactyl\Http\Requests\Auth\ResetPasswordRequest;
class ResetPasswordController extends Controller class ResetPasswordController extends Controller
{ {
@ -17,16 +21,44 @@ class ResetPasswordController extends Controller
public $redirectTo = '/'; public $redirectTo = '/';
/** /**
* Return the rules used when validating password reset. * Reset the given user's password.
* *
* @return array * @param \Pterodactyl\Http\Requests\Auth\ResetPasswordRequest $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\DisplayException
*/ */
protected function rules(): array public function __invoke(ResetPasswordRequest $request): JsonResponse
{ {
return [ // Here we will attempt to reset the user's password. If it is successful we
'token' => 'required', // will update the password on an actual user model and persist it to the
'email' => 'required|email', // database. Otherwise we will parse the error and return the response.
'password' => 'required|confirmed|min:8', $response = $this->broker()->reset(
]; $this->credentials($request), function ($user, $password) {
$this->resetPassword($user, $password);
}
);
// If the password was successfully reset, we will redirect the user back to
// the application's home authenticated view. If there is an error we can
// redirect them back to where they came from with their error message.
if ($response === Password::PASSWORD_RESET) {
return $this->sendResetResponse();
}
throw new DisplayException(trans($response));
}
/**
* Send a successful password reset response back to the callee.
*
* @return \Illuminate\Http\JsonResponse
*/
protected function sendResetResponse(): JsonResponse
{
return response()->json([
'success' => true,
'redirect_to' => $this->redirectTo,
]);
} }
} }

View file

@ -0,0 +1,28 @@
<?php
namespace Pterodactyl\Http\Requests\Auth;
use Illuminate\Foundation\Http\FormRequest;
class ResetPasswordRequest extends FormRequest
{
/**
* @return bool
*/
public function authorize(): bool
{
return true;
}
/**
* @return array
*/
public function rules(): array
{
return [
'token' => 'required|string',
'email' => 'required|email',
'password' => 'required|string|confirmed|min:8',
];
}
}

View file

@ -23,6 +23,7 @@ const paths = {
}, },
scripts: { scripts: {
src: './resources/assets/pterodactyl/scripts/**/*.{js,vue}', src: './resources/assets/pterodactyl/scripts/**/*.{js,vue}',
watch: ['./resources/assets/pterodactyl/scripts/**/*.{js,vue}', './resources/lang/locales.js'],
dest: './public/assets/scripts', dest: './public/assets/scripts',
}, },
}; };
@ -68,7 +69,7 @@ function watch() {
return del(['./public/assets/css/**/*.css']); return del(['./public/assets/css/**/*.css']);
}, styles)); }, styles));
gulp.watch(paths.scripts.src, gulp.series(function cleanScripts() { gulp.watch(paths.scripts.watch, gulp.series(function cleanScripts() {
return del(['./public/assets/scripts/**/*.js']); return del(['./public/assets/scripts/**/*.js']);
}, scripts)); }, scripts));
} }

View file

@ -11,6 +11,7 @@ import Locales from './../../../../resources/lang/locales';
// Base Vuejs Templates // Base Vuejs Templates
import Login from './components/auth/Login'; import Login from './components/auth/Login';
import ResetPassword from './components/auth/ResetPassword';
// Used for the route() helper. // Used for the route() helper.
window.Ziggy = Ziggy; window.Ziggy = Ziggy;
@ -58,6 +59,17 @@ const router = new VueRouter({
path: '/checkpoint', path: '/checkpoint',
component: Login, component: Login,
}, },
{
name: 'reset-password',
path: '/reset-password/:token',
component: ResetPassword,
props: function (route) {
return {
token: route.params.token,
email: route.query.email || '',
}
},
}
] ]
}); });

View file

@ -13,19 +13,20 @@
<div class="flex flex-wrap -mx-3 mb-6"> <div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open"> <div class="input-open">
<input class="input" id="grid-email" type="email" aria-labelledby="grid-email" ref="email" required <input class="input" id="grid-email" type="email" aria-labelledby="grid-email" ref="email" required
v-bind:class="{ 'has-content': email.length > 0 }"
v-bind:readonly="showSpinner" v-bind:readonly="showSpinner"
v-bind:value="email" v-bind:value="email"
v-on:input="updateEmail($event)" v-on:input="updateEmail($event)"
/> />
<label for="grid-email">{{ $t('strings.email') }}</label> <label for="grid-email">{{ $t('strings.email') }}</label>
<p class="text-grey-darker text-xs">{{ $t('auth.reset_help_text') }}</p> <p class="text-grey-darker text-xs">{{ $t('auth.forgot_password.label_help') }}</p>
</div> </div>
</div> </div>
<div> <div>
<button class="btn btn-blue btn-jumbo" type="submit" v-bind:disabled="submitDisabled"> <button class="btn btn-blue btn-jumbo" type="submit" v-bind:disabled="submitDisabled">
<span class="spinner white" v-bind:class="{ hidden: ! showSpinner }">&nbsp;</span> <span class="spinner white" v-bind:class="{ hidden: ! showSpinner }">&nbsp;</span>
<span v-bind:class="{ hidden: showSpinner }"> <span v-bind:class="{ hidden: showSpinner }">
{{ $t('auth.recover_account') }} {{ $t('auth.forgot_password.button') }}
</span> </span>
</button> </button>
</div> </div>
@ -67,7 +68,7 @@
this.$data.showSpinner = true; this.$data.showSpinner = true;
this.$data.errors = []; this.$data.errors = [];
window.axios.post(this.route('auth.forgot-password.send-link'), { window.axios.post(this.route('auth.forgot-password'), {
email: this.$props.email, email: this.$props.email,
}) })
.then(function (response) { .then(function (response) {

View file

@ -10,9 +10,7 @@
v-bind:email="user.email" v-bind:email="user.email"
v-on:update-email="onUpdateEmail" v-on:update-email="onUpdateEmail"
/> />
<two-factor-form <two-factor-form v-if="this.$route.name === 'checkpoint'" />
v-if="this.$route.name === 'checkpoint'"
/>
</div> </div>
</template> </template>

View file

@ -2,11 +2,11 @@
<div> <div>
<flash-message variant="danger" /> <flash-message variant="danger" />
<flash-message variant="success" /> <flash-message variant="success" />
<div class="pb-4" v-if="errors && errors.length === 1"> <div class="pb-4" v-for="error in errors">
<div class="p-2 bg-red-dark border-red-darker border items-center text-red-lightest leading-normal rounded flex lg:inline-flex w-full text-sm" <div class="p-2 bg-red-dark border-red-darker border items-center text-red-lightest leading-normal rounded flex lg:inline-flex w-full text-sm"
role="alert"> role="alert">
<span class="flex rounded-full bg-red uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Error</span> <span class="flex rounded-full bg-red uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Error</span>
<span class="mr-2 text-left flex-auto">{{ errors[0] }}</span> <span class="mr-2 text-left flex-auto">{{ error }}</span>
</div> </div>
</div> </div>
<form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" method="post" <form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" method="post"
@ -16,6 +16,7 @@
<div class="input-open"> <div class="input-open">
<input class="input" id="grid-username" type="text" name="user" aria-labelledby="grid-username" required <input class="input" id="grid-username" type="text" name="user" aria-labelledby="grid-username" required
ref="email" ref="email"
v-bind:readonly="showSpinner"
v-bind:value="user.email" v-bind:value="user.email"
v-on:input="updateEmail($event)" v-on:input="updateEmail($event)"
/> />
@ -26,6 +27,7 @@
<div class="input-open"> <div class="input-open">
<input class="input" id="grid-password" type="password" name="password" <input class="input" id="grid-password" type="password" name="password"
ref="password" ref="password"
v-bind:readonly="showSpinner"
aria-labelledby="grid-password" required aria-labelledby="grid-password" required
v-model="user.password" v-model="user.password"
/> />
@ -43,7 +45,7 @@
<div class="pt-6 text-center"> <div class="pt-6 text-center">
<router-link class="text-xs text-grey tracking-wide no-underline uppercase hover:text-grey-dark" <router-link class="text-xs text-grey tracking-wide no-underline uppercase hover:text-grey-dark"
:to="{ name: 'forgot-password' }"> :to="{ name: 'forgot-password' }">
{{ $t('auth.forgot_password') }} {{ $t('auth.forgot_password.label') }}
</router-link> </router-link>
</div> </div>
</form> </form>

View file

@ -0,0 +1,115 @@
<template>
<div>
<div class="pb-4" v-for="error in errors">
<div class="p-2 bg-red-dark border-red-darker border items-center text-red-lightest leading-normal rounded flex lg:inline-flex w-full text-sm"
role="alert">
<span class="flex rounded-full bg-red uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Error</span>
<span class="mr-2 text-left flex-auto">{{ error }}</span>
</div>
</div>
<form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" method="post"
v-on:submit.prevent="submitForm"
>
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-email" type="email" aria-labelledby="grid-email" required
ref="email"
v-bind:class="{ 'has-content': email.length > 0 }"
v-bind:readonly="showSpinner"
v-on:input="updateEmailField"
/>
<label for="grid-email">{{ $t('strings.email') }}</label>
</div>
</div>
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-password" type="password" aria-labelledby="grid-password" required
ref="password"
v-bind:readonly="showSpinner"
v-model="password"
/>
<label for="grid-password">{{ $t('strings.password') }}</label>
<p class="text-grey-darker text-xs">{{ $t('auth.password_requirements') }}</p>
</div>
</div>
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-password-confirmation" type="password" aria-labelledby="grid-password-confirmation" required
v-bind:readonly="showSpinner"
v-model="passwordConfirmation"
/>
<label for="grid-password-confirmation">{{ $t('strings.confirm_password') }}</label>
</div>
</div>
<div>
<button class="btn btn-blue btn-jumbo" type="submit" v-bind:class="{ disabled: showSpinner }">
<span class="spinner white" v-bind:class="{ hidden: ! showSpinner }">&nbsp;</span>
<span v-bind:class="{ hidden: showSpinner }">
{{ $t('auth.reset_password.button') }}
</span>
</button>
</div>
<div class="pt-6 text-center">
<router-link to="/" class="text-xs text-grey tracking-wide no-underline uppercase hover:text-grey-dark">
{{ $t('auth.go_to_login') }}
</router-link>
</div>
</form>
</div>
</template>
<script>
export default {
name: "ResetPassword",
props: {
token: {type: String, required: true},
email: {type: String, required: false},
},
mounted: function () {
if (this.$props.email.length > 0) {
this.$refs.email.value = this.$props.email;
return this.$refs.password.focus();
}
},
data: function () {
return {
errors: [],
showSpinner: false,
password: '',
passwordConfirmation: '',
};
},
methods: {
updateEmailField: function (event) {
this.$data.submitDisabled = event.target.value.length === 0;
},
submitForm: function () {
const self = this;
this.$data.showSpinner = true;
window.axios.post(this.route('auth.reset-password'), {
email: this.$props.email,
password: this.$data.password,
password_confirmation: this.$data.passwordConfirmation,
token: this.$props.token,
})
.then(function (response) {
return window.location = response.data.redirect_to;
})
.catch(function (err) {
self.$data.showSpinner = false;
if (!err.response) {
return console.error(err);
}
const response = err.response;
if (response.data && _.isObject(response.data.errors)) {
self.$data.errors = [response.data.errors[0].detail];
self.$refs.password.focus();
}
});
}
}
}
</script>

View file

@ -40,7 +40,7 @@
submitToken: function () { submitToken: function () {
const self = this; const self = this;
axios.post(this.route('auth.checkpoint'), { axios.post(this.route('auth.login-checkpoint'), {
confirmation_token: this.$route.query.token, confirmation_token: this.$route.query.token,
authentication_code: this.$data.code, authentication_code: this.$data.code,
}) })

File diff suppressed because one or more lines are too long

View file

@ -11,23 +11,18 @@
transition: border 500ms ease-out; transition: border 500ms ease-out;
} }
&:focus + label, &:valid + label { &:focus + label, &:valid + label, &.has-content + label {
@apply .text-grey-darker .px-0 .cursor-pointer; @apply .text-grey-darker .px-0 .cursor-pointer;
transform:translateY(-26px) transform:translateY(-26px)
} }
&:invalid + label {
@apply .text-grey .px-1;
transform:translateY(0)
}
&:required { &:required {
box-shadow: none; box-shadow: none;
} }
} }
.input-open > label { .input-open > label {
@apply .block .uppercase .tracking-wide .text-grey .text-xs .mb-2 .absolute .px-1; @apply .block .uppercase .tracking-wide .text-grey .text-xs .mb-2 .absolute;
top: 14px; top: 14px;
transition: transform 200ms ease-out; transition: transform 200ms ease-out;
} }

View file

@ -19,7 +19,7 @@
@apply .p-4 .w-full .uppercase .tracking-wide .text-sm; @apply .p-4 .w-full .uppercase .tracking-wide .text-sm;
} }
&:disabled { &:disabled, &.disabled {
opacity: 0.55; opacity: 0.55;
cursor: default; cursor: default;
} }

View file

@ -1,31 +1,27 @@
<?php <?php
return [ return [
'not_authorized' => 'You are not authorized to perform this action.',
'auth_error' => 'There was an error while attempting to login.',
'authentication_required' => 'Authentication is required to continue.',
'remember_me' => 'Remember Me',
'sign_in' => 'Sign In', 'sign_in' => 'Sign In',
'forgot_password' => 'Forgot Password?',
'go_to_login' => 'Go to Login', 'go_to_login' => 'Go to Login',
'reset_help_text' => 'Enter your account email address to recive instructions on resetting your password.', 'failed' => 'No account matching those credentials could be found.',
'recover_account' => 'Recover Account',
'forgot_password' => [
'label' => 'Forgot Password?',
'label_help' => 'Enter your account email address to recive instructions on resetting your password.',
'button' => 'Recover Account',
],
'reset_password' => [
'button' => 'Reset and Sign In',
],
'two_factor' => [ 'two_factor' => [
'label' => '2-Factor Token', 'label' => '2-Factor Token',
'label_help' => 'This account requires a second layer of authentication in order to continue. Please enter the code generated by your device to complete this login.', 'label_help' => 'This account requires a second layer of authentication in order to continue. Please enter the code generated by your device to complete this login.',
'checkpoint_failed' => 'The two-factor authentication token was invalid.',
], ],
'reset_password_text' => 'Reset your account password.',
'reset_password' => 'Reset Account Password',
'email_sent' => 'An email has been sent to you with further instructions for resetting your password.',
'failed' => 'No account matching those credentials could be found.',
'checkpoint_failed' => 'The two-factor authentication token was invalid.',
'throttle' => 'Too many login attempts. Please try again in :seconds seconds.', 'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',
'password_requirements' => 'Passwords must contain at least one uppercase, lowercase, and numeric character and must be at least 8 characters in length.', 'password_requirements' => 'Password must be at least 8 characters in length and should be unique to this site.',
'request_reset' => 'Locate Account',
'2fa_required' => '2-Factor Authentication',
'2fa_failed' => 'The 2FA token provided was invalid.',
'totp_failed' => 'There was an error while attempting to validate TOTP.',
'2fa_must_be_enabled' => 'The administrator has required that 2-Factor Authentication be enabled for your account in order to use the Panel.', '2fa_must_be_enabled' => 'The administrator has required that 2-Factor Authentication be enabled for your account in order to use the Panel.',
]; ];

View file

@ -1,75 +1,5 @@
{{-- Pterodactyl - Panel --}}
{{-- Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> --}}
{{-- This software is licensed under the terms of the MIT license. --}}
{{-- https://opensource.org/licenses/MIT --}}
@extends('templates/auth.core') @extends('templates/auth.core')
@section('title') @section('title')
Login Login
@endsection @endsection
{{--@section('content')--}}
{{--<div class="row">--}}
{{--<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10">--}}
{{--@if (count($errors) > 0)--}}
{{--<div class="alert alert-danger">--}}
{{--<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>--}}
{{--@lang('auth.auth_error')<br><br>--}}
{{--<ul>--}}
{{--@foreach ($errors->all() as $error)--}}
{{--<li>{{ $error }}</li>--}}
{{--@endforeach--}}
{{--</ul>--}}
{{--</div>--}}
{{--@endif--}}
{{--@foreach (Alert::getMessages() as $type => $messages)--}}
{{--@foreach ($messages as $message)--}}
{{--<div class="callout callout-{{ $type }} alert-dismissable" role="alert">--}}
{{--<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>--}}
{{--{!! $message !!}--}}
{{--</div>--}}
{{--@endforeach--}}
{{--@endforeach--}}
{{--</div>--}}
{{--</div>--}}
{{--<div class="row">--}}
{{--<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10 pterodactyl-login-box">--}}
{{--<form id="loginForm" action="{{ route('auth.login') }}" method="POST">--}}
{{--<div class="form-group has-feedback">--}}
{{--<div class="pterodactyl-login-input">--}}
{{--<input type="text" name="user" class="form-control input-lg" value="{{ old('user') }}" required placeholder="@lang('strings.user_identifier')" autofocus>--}}
{{--<span class="fa fa-envelope form-control-feedback fa-lg"></span>--}}
{{--</div>--}}
{{--</div>--}}
{{--<div class="form-group has-feedback">--}}
{{--<div class="pterodactyl-login-input">--}}
{{--<input type="password" name="password" class="form-control input-lg" required placeholder="@lang('strings.password')">--}}
{{--<span class="fa fa-lock form-control-feedback fa-lg"></span>--}}
{{--</div>--}}
{{--</div>--}}
{{--<div class="row">--}}
{{--<div class="col-xs-4">--}}
{{--<a href="{{ route('auth.password') }}"><button type="button" class="btn pterodactyl-login-button--left"><i class="fa fa-life-ring"></i></button></a>--}}
{{--</div>--}}
{{--<div class="col-xs-offset-4 col-xs-4">--}}
{{--{!! csrf_field() !!}--}}
{{--<button type="submit" class="btn btn-block g-recaptcha pterodactyl-login-button--main" @if(config('recaptcha.enabled')) data-sitekey="{{ config('recaptcha.website_key') }}" data-callback='onSubmit' @endif>@lang('auth.sign_in')</button>--}}
{{--</div>--}}
{{--</div>--}}
{{--</form>--}}
{{--</div>--}}
{{--</div>--}}
{{--@endsection--}}
{{--@section('scripts')--}}
{{--@parent--}}
{{--@if(config('recaptcha.enabled'))--}}
{{--<script src="https://www.google.com/recaptcha/api.js" async defer></script>--}}
{{--<script>--}}
{{--function onSubmit(token) {--}}
{{--document.getElementById("loginForm").submit();--}}
{{--}--}}
{{--</script>--}}
{{--@endif--}}
{{--@endsection--}}

View file

@ -1,71 +0,0 @@
{{-- Pterodactyl - Panel --}}
{{-- Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> --}}
{{-- This software is licensed under the terms of the MIT license. --}}
{{-- https://opensource.org/licenses/MIT --}}
@extends('layouts.auth')
@section('title')
Forgot Password
@endsection
@section('content')
<div class="row">
<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10">
@if (count($errors) > 0)
<div class="alert alert-danger">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
@lang('auth.auth_error')<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
@if (session('status'))
<div class="alert alert-success">
@lang('auth.email_sent')
</div>
@endif
</div>
</div>
<div class="row">
<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10 pterodactyl-login-box">
<form id="resetForm" action="{{ route('auth.password') }}" method="POST">
<div class="form-group has-feedback">
<div class="pterodactyl-login-input">
<input type="email" name="email" class="form-control input-lg" value="{{ old('email') }}" required placeholder="@lang('strings.email')" autofocus>
<span class="fa fa-envelope form-control-feedback fa-lg"></span>
@if ($errors->has('email'))
<span class="help-block text-red small">
{{ $errors->first('email') }}
</span>
@endif
</div>
</div>
<div class="row">
<div class="col-xs-4">
<a href="{{ route('auth.login') }}"><button type="button" class="btn pterodactyl-login-button--left"><i class="fa fa-user-circle"></i></button></a>
</div>
<div class="col-xs-offset-4 col-xs-4">
{!! csrf_field() !!}
<button type="submit" class="btn btn-block g-recaptcha pterodactyl-login-button--main" @if(config('recaptcha.enabled')) data-sitekey="{{ config('recaptcha.website_key') }}" data-callback='onSubmit' @endif>@lang('auth.request_reset')</button>
</div>
</div>
</form>
</div>
</div>
@endsection
@section('scripts')
@parent
@if(config('recaptcha.enabled'))
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script>
function onSubmit(token) {
document.getElementById("resetForm").submit();
}
</script>
@endif
@endsection

View file

@ -1,90 +0,0 @@
{{-- Pterodactyl - Panel --}}
{{-- Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> --}}
{{-- This software is licensed under the terms of the MIT license. --}}
{{-- https://opensource.org/licenses/MIT --}}
@extends('layouts.auth')
@section('title')
Reset Password
@endsection
@section('content')
<div class="row">
<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10">
@if (count($errors) > 0)
<div class="alert alert-danger">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
@lang('auth.auth_error')<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
</div>
</div>
<div class="row">
<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10 pterodactyl-login-box">
<form id="resetForm" action="{{ route('auth.reset.post') }}" method="POST">
<div class="form-group has-feedback">
<div class="pterodactyl-login-input">
<input type="email" name="email" class="form-control input-lg" value="{{ $email or old('email') }}" required autofocus placeholder="@lang('strings.email')">
<span class="fa fa-envelope form-control-feedback fa-lg"></span>
@if ($errors->has('email'))
<span class="help-block text-red small">
{{ $errors->first('email') }}
</span>
@endif
</div>
</div>
<div class="form-group has-feedback">
<div class="pterodactyl-login-input">
<input type="password" name="password" class="form-control input-lg" id="password" required placeholder="@lang('strings.password')">
<span class="fa fa-lock form-control-feedback fa-lg"></span>
@if ($errors->has('password'))
<span class="help-block text-red small">
{{ $errors->first('password') }}
</span>
@endif
<p class="small" style="color: #fff;">@lang('auth.password_requirements')</p>
</div>
</div>
<div class="form-group has-feedback">
<div class="pterodactyl-login-input">
<input type="password" name="password_confirmation" class="form-control input-lg" id="password_confirmation" required placeholder="@lang('strings.confirm_password')">
<span class="fa fa-lock form-control-feedback fa-lg"></span>
@if ($errors->has('password_confirmation'))
<span class="help-block text-red small">
{{ $errors->first('password_confirmation') }}
</span>
@endif
</div>
</div>
<div class="row">
<div class="col-xs-4">
<a href="{{ route('auth.login') }}"><button type="button" class="btn pterodactyl-login-button--left"><i class="fa fa-user-circle"></i></button></a>
</div>
<div class="col-xs-offset-1 col-xs-7">
{!! csrf_field() !!}
<input type="hidden" name="token" value="{{ $token }}" />
<button type="submit" class="btn btn-block g-recaptcha pterodactyl-login-button--main" @if(config('recaptcha.enabled')) data-sitekey="{{ config('recaptcha.website_key') }}" data-callback='onSubmit' @endif>@lang('auth.reset_password')</button>
</div>
</div>
</form>
</div>
</div>
@endsection
@section('scripts')
@parent
@if(config('recaptcha.enabled'))
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script>
function onSubmit(token) {
document.getElementById("resetForm").submit();
}
</script>
@endif
@endsection

View file

@ -1,42 +0,0 @@
{{-- Pterodactyl - Panel --}}
{{-- Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com> --}}
{{-- This software is licensed under the terms of the MIT license. --}}
{{-- https://opensource.org/licenses/MIT --}}
@extends('layouts.auth')
@section('title')
2FA Checkpoint
@endsection
@section('scripts')
@parent
<style>
input::-webkit-outer-spin-button, input::-webkit-inner-spin-button {
-webkit-appearance: none;
margin: 0;
}
</style>
@endsection
@section('content')
<div class="row">
<div class="col-sm-offset-3 col-xs-offset-1 col-sm-6 col-xs-10 pterodactyl-login-box">
<form id="totpForm" action="{{ route('auth.totp') }}" method="POST">
<div class="form-group has-feedback">
<div class="pterodactyl-login-input">
<input type="number" name="2fa_token" class="form-control input-lg" required placeholder="@lang('strings.2fa_token')" autofocus>
<span class="fa fa-shield form-control-feedback fa-lg"></span>
</div>
</div>
<div class="row">
<div class="col-xs-offset-8 col-xs-4">
{!! csrf_field() !!}
<input type="hidden" name="verify_token" value="{{ $verify_key }}" />
<button type="submit" class="btn btn-primary btn-block btn-flat pterodactyl-login-button--main">@lang('strings.submit')</button>
</div>
</div>
</form>
</div>
</div>
@endsection

View file

@ -12,17 +12,16 @@ Route::group(['middleware' => 'guest'], function () {
// Login specific routes // Login specific routes
Route::get('/login', 'LoginController@showLoginForm')->name('auth.login'); Route::get('/login', 'LoginController@showLoginForm')->name('auth.login');
Route::post('/login', 'LoginController@login')->middleware('recaptcha'); Route::post('/login', 'LoginController@login')->middleware('recaptcha');
Route::post('/login/checkpoint', 'LoginCheckpointController@index')->name('auth.checkpoint'); Route::post('/login/checkpoint', 'LoginCheckpointController')->name('auth.login-checkpoint');
// Forgot password route. A post to this endpoint will trigger an // Forgot password route. A post to this endpoint will trigger an
// email to be sent containing a reset token. // email to be sent containing a reset token.
Route::post('/password', 'ForgotPasswordController@sendResetLinkEmail')->name('auth.forgot-password.send-link')->middleware('recaptcha'); Route::post('/password', 'ForgotPasswordController@sendResetLinkEmail')->name('auth.forgot-password')->middleware('recaptcha');
// Password reset routes. This endpoint is hit after going through // Password reset routes. This endpoint is hit after going through
// the forgot password routes to acquire a token (or after an account // the forgot password routes to acquire a token (or after an account
// is created). // is created).
Route::get('/password/reset/{token}', 'ResetPasswordController@showResetForm')->name('auth.reset-password'); Route::post('/password/reset', 'ResetPasswordController')->name('auth.reset-password')->middleware('recaptcha');
Route::post('/password/reset', 'ResetPasswordController@reset')->name('auth.reset.post')->middleware('recaptcha');
}); });
/* /*