feat: bump account key limit to 25 (#4417)

Closes #4394

app/Http/Controllers/Api/Client/ApiKeyController.php

@@ -26,14 +26,10 @@ class ApiKeyController extends ClientApiController
 
     /**
      * Store a new API key for a user's account.
-     *
-     * @return array
-     *
-     * @throws \Pterodactyl\Exceptions\DisplayException
      */
-    public function store(StoreApiKeyRequest $request)
+    public function store(StoreApiKeyRequest $request): array
     {
-        if ($request->user()->apiKeys->count() >= 5) {
+        if ($request->user()->apiKeys->count() >= 25) {
             throw new DisplayException('You have reached the account limit for number of API keys.');
         }
 

tests/Integration/Api/Client/ApiKeyControllerTest.php

@@ -96,16 +96,17 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
     }
 
     /**
-     * Test that no more than 5 API keys can exist at any one time for an account. This prevents
+     * Test that no more than 25 API keys can exist at any one time for an account. This prevents
      * a DoS attack vector against the panel.
      *
      * @see https://github.com/pterodactyl/panel/security/advisories/GHSA-pjmh-7xfm-r4x9
+     * @see https://github.com/pterodactyl/panel/issues/4394
      */
-    public function testNoMoreThanFiveApiKeysCanBeCreatedForAnAccount()
+    public function testApiKeyLimitIsApplied()
     {
         /** @var \Pterodactyl\Models\User $user */
         $user = User::factory()->create();
-        ApiKey::factory()->times(5)->for($user)->create([
+        ApiKey::factory()->times(25)->for($user)->create([
             'key_type' => ApiKey::TYPE_ACCOUNT,
         ]);