Ensure we don't cause a mess with the auth providers
This commit is contained in:
parent
3ae70efc14
commit
dca53611ff
6 changed files with 233 additions and 15 deletions
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Pterodactyl\Http;
|
namespace Pterodactyl\Http;
|
||||||
|
|
||||||
|
use Fruitcake\Cors\HandleCors;
|
||||||
use Illuminate\Auth\Middleware\Authorize;
|
use Illuminate\Auth\Middleware\Authorize;
|
||||||
use Illuminate\Auth\Middleware\Authenticate;
|
use Illuminate\Auth\Middleware\Authenticate;
|
||||||
use Illuminate\Http\Middleware\TrustProxies;
|
use Illuminate\Http\Middleware\TrustProxies;
|
||||||
|
@ -26,9 +27,9 @@ use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
|
||||||
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
||||||
use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate;
|
use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate;
|
||||||
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
|
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
|
||||||
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
|
|
||||||
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
|
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
|
||||||
use Pterodactyl\Http\Middleware\Api\Client\SubstituteClientBindings;
|
use Pterodactyl\Http\Middleware\Api\Client\SubstituteClientBindings;
|
||||||
|
use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
|
||||||
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
|
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
|
||||||
|
|
||||||
class Kernel extends HttpKernel
|
class Kernel extends HttpKernel
|
||||||
|
@ -39,12 +40,12 @@ class Kernel extends HttpKernel
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $middleware = [
|
protected $middleware = [
|
||||||
CheckForMaintenanceMode::class,
|
TrustProxies::class,
|
||||||
EncryptCookies::class,
|
HandleCors::class,
|
||||||
|
PreventRequestsDuringMaintenance::class,
|
||||||
ValidatePostSize::class,
|
ValidatePostSize::class,
|
||||||
TrimStrings::class,
|
TrimStrings::class,
|
||||||
ConvertEmptyStringsToNull::class,
|
ConvertEmptyStringsToNull::class,
|
||||||
TrustProxies::class,
|
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -54,14 +55,13 @@ class Kernel extends HttpKernel
|
||||||
*/
|
*/
|
||||||
protected $middlewareGroups = [
|
protected $middlewareGroups = [
|
||||||
'web' => [
|
'web' => [
|
||||||
|
EncryptCookies::class,
|
||||||
AddQueuedCookiesToResponse::class,
|
AddQueuedCookiesToResponse::class,
|
||||||
StartSession::class,
|
StartSession::class,
|
||||||
AuthenticateSession::class,
|
|
||||||
ShareErrorsFromSession::class,
|
ShareErrorsFromSession::class,
|
||||||
VerifyCsrfToken::class,
|
VerifyCsrfToken::class,
|
||||||
SubstituteBindings::class,
|
SubstituteBindings::class,
|
||||||
LanguageMiddleware::class,
|
LanguageMiddleware::class,
|
||||||
RequireTwoFactorAuthentication::class,
|
|
||||||
],
|
],
|
||||||
'api' => [
|
'api' => [
|
||||||
EnsureStatefulRequests::class,
|
EnsureStatefulRequests::class,
|
||||||
|
@ -91,6 +91,7 @@ class Kernel extends HttpKernel
|
||||||
protected $routeMiddleware = [
|
protected $routeMiddleware = [
|
||||||
'auth' => Authenticate::class,
|
'auth' => Authenticate::class,
|
||||||
'auth.basic' => AuthenticateWithBasicAuth::class,
|
'auth.basic' => AuthenticateWithBasicAuth::class,
|
||||||
|
'auth.session' => AuthenticateSession::class,
|
||||||
'guest' => RedirectIfAuthenticated::class,
|
'guest' => RedirectIfAuthenticated::class,
|
||||||
'csrf' => VerifyCsrfToken::class,
|
'csrf' => VerifyCsrfToken::class,
|
||||||
'throttle' => ThrottleRequests::class,
|
'throttle' => ThrottleRequests::class,
|
||||||
|
|
|
@ -9,6 +9,7 @@ use Illuminate\Cache\RateLimiting\Limit;
|
||||||
use Illuminate\Support\Facades\RateLimiter;
|
use Illuminate\Support\Facades\RateLimiter;
|
||||||
use Pterodactyl\Http\Middleware\TrimStrings;
|
use Pterodactyl\Http\Middleware\TrimStrings;
|
||||||
use Pterodactyl\Http\Middleware\AdminAuthenticate;
|
use Pterodactyl\Http\Middleware\AdminAuthenticate;
|
||||||
|
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
|
||||||
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
|
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
|
||||||
|
|
||||||
class RouteServiceProvider extends ServiceProvider
|
class RouteServiceProvider extends ServiceProvider
|
||||||
|
@ -35,12 +36,17 @@ class RouteServiceProvider extends ServiceProvider
|
||||||
|
|
||||||
$this->routes(function () {
|
$this->routes(function () {
|
||||||
Route::middleware('web')->group(function () {
|
Route::middleware('web')->group(function () {
|
||||||
Route::middleware('auth')->group(base_path('routes/base.php'));
|
Route::middleware(['auth.session', RequireTwoFactorAuthentication::class])
|
||||||
|
->group(base_path('routes/base.php'));
|
||||||
|
|
||||||
|
Route::middleware(['auth.session', RequireTwoFactorAuthentication::class, AdminAuthenticate::class])
|
||||||
|
->prefix('/admin')
|
||||||
|
->group(base_path('routes/admin.php'));
|
||||||
|
|
||||||
Route::middleware('guest')->prefix('/auth')->group(base_path('routes/auth.php'));
|
Route::middleware('guest')->prefix('/auth')->group(base_path('routes/auth.php'));
|
||||||
Route::middleware(['auth', AdminAuthenticate::class])->prefix('/admin')->group(base_path('routes/admin.php'));
|
|
||||||
});
|
});
|
||||||
|
|
||||||
Route::middleware('api')->group(function () {
|
Route::middleware(['api', RequireTwoFactorAuthentication::class])->group(function () {
|
||||||
Route::middleware(['application-api', 'throttle:api.application'])
|
Route::middleware(['application-api', 'throttle:api.application'])
|
||||||
->prefix('/api/application')
|
->prefix('/api/application')
|
||||||
->scopeBindings()
|
->scopeBindings()
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
"ext-zip": "*",
|
"ext-zip": "*",
|
||||||
"aws/aws-sdk-php": "^3.171",
|
"aws/aws-sdk-php": "^3.171",
|
||||||
"doctrine/dbal": "~2.13.9",
|
"doctrine/dbal": "~2.13.9",
|
||||||
|
"fruitcake/laravel-cors": "~3.0.0",
|
||||||
"guzzlehttp/guzzle": "~7.4.2",
|
"guzzlehttp/guzzle": "~7.4.2",
|
||||||
"hashids/hashids": "~4.1.0",
|
"hashids/hashids": "~4.1.0",
|
||||||
"laracasts/utilities": "~3.2.1",
|
"laracasts/utilities": "~3.2.1",
|
||||||
|
|
152
composer.lock
generated
152
composer.lock
generated
|
@ -4,7 +4,7 @@
|
||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "0368e946c40456bcd1fb007bfc3e7bf0",
|
"content-hash": "3bd4e0acecbf871892a813141facfaea",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "aws/aws-crt-php",
|
"name": "aws/aws-crt-php",
|
||||||
|
@ -923,6 +923,156 @@
|
||||||
],
|
],
|
||||||
"time": "2020-12-29T14:50:06+00:00"
|
"time": "2020-12-29T14:50:06+00:00"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "fruitcake/laravel-cors",
|
||||||
|
"version": "v3.0.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/fruitcake/laravel-cors.git",
|
||||||
|
"reference": "7c036ec08972d8d5d9db637e772af6887828faf5"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/fruitcake/laravel-cors/zipball/7c036ec08972d8d5d9db637e772af6887828faf5",
|
||||||
|
"reference": "7c036ec08972d8d5d9db637e772af6887828faf5",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"fruitcake/php-cors": "^1.2",
|
||||||
|
"illuminate/contracts": "^6|^7|^8|^9",
|
||||||
|
"illuminate/support": "^6|^7|^8|^9",
|
||||||
|
"php": "^7.4|^8.0"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"laravel/framework": "^6|^7.24|^8",
|
||||||
|
"orchestra/testbench-dusk": "^4|^5|^6|^7",
|
||||||
|
"phpunit/phpunit": "^9",
|
||||||
|
"squizlabs/php_codesniffer": "^3.5"
|
||||||
|
},
|
||||||
|
"type": "library",
|
||||||
|
"extra": {
|
||||||
|
"branch-alias": {
|
||||||
|
"dev-master": "3.0-dev"
|
||||||
|
},
|
||||||
|
"laravel": {
|
||||||
|
"providers": [
|
||||||
|
"Fruitcake\\Cors\\CorsServiceProvider"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"Fruitcake\\Cors\\": "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"MIT"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Fruitcake",
|
||||||
|
"homepage": "https://fruitcake.nl"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Barry vd. Heuvel",
|
||||||
|
"email": "barryvdh@gmail.com"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Adds CORS (Cross-Origin Resource Sharing) headers support in your Laravel application",
|
||||||
|
"keywords": [
|
||||||
|
"api",
|
||||||
|
"cors",
|
||||||
|
"crossdomain",
|
||||||
|
"laravel"
|
||||||
|
],
|
||||||
|
"support": {
|
||||||
|
"issues": "https://github.com/fruitcake/laravel-cors/issues",
|
||||||
|
"source": "https://github.com/fruitcake/laravel-cors/tree/v3.0.0"
|
||||||
|
},
|
||||||
|
"funding": [
|
||||||
|
{
|
||||||
|
"url": "https://fruitcake.nl",
|
||||||
|
"type": "custom"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://github.com/barryvdh",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"time": "2022-02-23T14:53:22+00:00"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "fruitcake/php-cors",
|
||||||
|
"version": "v1.2.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/fruitcake/php-cors.git",
|
||||||
|
"reference": "58571acbaa5f9f462c9c77e911700ac66f446d4e"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/fruitcake/php-cors/zipball/58571acbaa5f9f462c9c77e911700ac66f446d4e",
|
||||||
|
"reference": "58571acbaa5f9f462c9c77e911700ac66f446d4e",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"php": "^7.4|^8.0",
|
||||||
|
"symfony/http-foundation": "^4.4|^5.4|^6"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"phpstan/phpstan": "^1.4",
|
||||||
|
"phpunit/phpunit": "^9",
|
||||||
|
"squizlabs/php_codesniffer": "^3.5"
|
||||||
|
},
|
||||||
|
"type": "library",
|
||||||
|
"extra": {
|
||||||
|
"branch-alias": {
|
||||||
|
"dev-main": "1.1-dev"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"Fruitcake\\Cors\\": "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"MIT"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Fruitcake",
|
||||||
|
"homepage": "https://fruitcake.nl"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Barryvdh",
|
||||||
|
"email": "barryvdh@gmail.com"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Cross-origin resource sharing library for the Symfony HttpFoundation",
|
||||||
|
"homepage": "https://github.com/fruitcake/php-cors",
|
||||||
|
"keywords": [
|
||||||
|
"cors",
|
||||||
|
"laravel",
|
||||||
|
"symfony"
|
||||||
|
],
|
||||||
|
"support": {
|
||||||
|
"issues": "https://github.com/fruitcake/php-cors/issues",
|
||||||
|
"source": "https://github.com/fruitcake/php-cors/tree/v1.2.0"
|
||||||
|
},
|
||||||
|
"funding": [
|
||||||
|
{
|
||||||
|
"url": "https://fruitcake.nl",
|
||||||
|
"type": "custom"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://github.com/barryvdh",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"time": "2022-02-20T15:07:15+00:00"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "graham-campbell/result-type",
|
"name": "graham-campbell/result-type",
|
||||||
"version": "v1.0.4",
|
"version": "v1.0.4",
|
||||||
|
|
59
config/cors.php
Normal file
59
config/cors.php
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| Laravel CORS Options
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| The allowed_methods and allowed_headers options are case-insensitive.
|
||||||
|
|
|
||||||
|
| You don't need to provide both allowed_origins and allowed_origins_patterns.
|
||||||
|
| If one of the strings passed matches, it is considered a valid origin.
|
||||||
|
|
|
||||||
|
| If ['*'] is provided to allowed_methods, allowed_origins or allowed_headers
|
||||||
|
| all methods / origins / headers are allowed.
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* You can enable CORS for 1 or multiple paths.
|
||||||
|
* Example: ['api/*']
|
||||||
|
*/
|
||||||
|
'paths' => ['/api/client', '/api/application', '/api/client/*', '/api/application/*'],
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Matches the request method. `['*']` allows all methods.
|
||||||
|
*/
|
||||||
|
'allowed_methods' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD'],
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Matches the request origin. `['*']` allows all origins. Wildcards can be used, eg `*.mydomain.com`
|
||||||
|
*/
|
||||||
|
'allowed_origins' => explode(',', env('APP_CORS_ALLOWED_ORIGINS') ?? ''),
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Patterns that can be used with `preg_match` to match the origin.
|
||||||
|
*/
|
||||||
|
'allowed_origins_patterns' => [],
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the Access-Control-Allow-Headers response header. `['*']` allows all headers.
|
||||||
|
*/
|
||||||
|
'allowed_headers' => ['*'],
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the Access-Control-Expose-Headers response header with these headers.
|
||||||
|
*/
|
||||||
|
'exposed_headers' => [],
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the Access-Control-Max-Age response header when > 0.
|
||||||
|
*/
|
||||||
|
'max_age' => 0,
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sets the Access-Control-Allow-Credentials header.
|
||||||
|
*/
|
||||||
|
'supports_credentials' => true,
|
||||||
|
];
|
|
@ -14,11 +14,12 @@ export interface LoginData {
|
||||||
|
|
||||||
export default ({ username, password, recaptchaData }: LoginData): Promise<LoginResponse> => {
|
export default ({ username, password, recaptchaData }: LoginData): Promise<LoginResponse> => {
|
||||||
return new Promise((resolve, reject) => {
|
return new Promise((resolve, reject) => {
|
||||||
http.post('/auth/login', {
|
http.get('/sanctum/csrf-cookie')
|
||||||
|
.then(() => http.post('/auth/login', {
|
||||||
user: username,
|
user: username,
|
||||||
password,
|
password,
|
||||||
'g-recaptcha-response': recaptchaData,
|
'g-recaptcha-response': recaptchaData,
|
||||||
})
|
}))
|
||||||
.then(response => {
|
.then(response => {
|
||||||
if (!(response.data instanceof Object)) {
|
if (!(response.data instanceof Object)) {
|
||||||
return reject(new Error('An error occurred while processing the login request.'));
|
return reject(new Error('An error occurred while processing the login request.'));
|
||||||
|
|
Loading…
Reference in a new issue