add ability to generate a token to retrieve the config for a specific node

This commit is contained in:
Jakob Schrettenbrunner 2017-01-07 18:10:11 +01:00
parent 24bab6de17
commit e1e159b7de
7 changed files with 147 additions and 0 deletions

View file

@ -28,6 +28,7 @@ use DB;
use Log; use Log;
use Alert; use Alert;
use Validator; use Validator;
use Carbon\Carbon;
use Pterodactyl\Models; use Pterodactyl\Models;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Pterodactyl\Exceptions\DisplayException; use Pterodactyl\Exceptions\DisplayException;
@ -276,4 +277,24 @@ class NodesController extends Controller
'tab' => 'tab_delete', 'tab' => 'tab_delete',
]); ]);
} }
public function getConfigurationToken(Request $request, $id) {
// Check if Node exists. Will lead to 404 if not.
Models\Node::findOrFail($id);
// Create a token
$token = new Models\NodeConfigurationToken();
$token->node = $id;
$token->token = str_random(32);
$token->expires_at = Carbon::now()->addMinutes(5); // Expire in 5 Minutes
$token->save();
$token_response = array(
'token' => $token->token,
'expires_at' => $token->expires_at->toDateTimeString()
);
return response(json_encode($token_response), 200)
->header('Content-Type', 'application/json');
}
} }

View file

@ -24,10 +24,12 @@
namespace Pterodactyl\Http\Controllers\Remote; namespace Pterodactyl\Http\Controllers\Remote;
use Carbon\Carbon;
use Pterodactyl\Models; use Pterodactyl\Models;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Pterodactyl\Http\Controllers\Controller; use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Services\NotificationService; use Pterodactyl\Services\NotificationService;
use Pterodactyl\Models\NodeConfigurationToken;
class RemoteController extends Controller class RemoteController extends Controller
{ {
@ -107,4 +109,28 @@ class RemoteController extends Controller
return response('', 201); return response('', 201);
} }
public function getConfiguration(Request $request, $tokenString) {
// Try to query the token and the node from the database
try {
$token = Models\NodeConfigurationToken::where('token', $tokenString)->firstOrFail();
$node = Models\Node::findOrFail($token->node);
} catch(\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
return response(json_encode(array('error' => 'token_invalid')), 403)
->header('Content-Type', 'application/json');
}
// Check if token is expired
if ($token->expires_at->lt(Carbon::now())) {
$token->delete();
return response(json_encode(array('error' => 'token_expired')), 403)
->header('Content-Type', 'application/json');
}
// Delete the token, it's one-time use
$token->delete();
return response($node->getConfigurationAsJson(), 200)
->header('Content-Type', 'application/json');
}
} }

View file

@ -286,6 +286,11 @@ class AdminRoutes
'as' => 'admin.nodes.delete', 'as' => 'admin.nodes.delete',
'uses' => 'Admin\NodesController@deleteNode', 'uses' => 'Admin\NodesController@deleteNode',
]); ]);
$router->get('/{id}/configurationtoken', [
'as' => 'admin.nodes.configurationtoken',
'uses' => 'Admin\NodesController@getConfigurationToken',
]);
}); });
// Location Routes // Location Routes

View file

@ -46,6 +46,11 @@ class RemoteRoutes
'as' => 'remote.event', 'as' => 'remote.event',
'uses' => 'Remote\RemoteController@event', 'uses' => 'Remote\RemoteController@event',
]); ]);
$router->get('configuration/{token}', [
'as' => 'remote.configuration',
'uses' => 'Remote\RemoteController@getConfiguration',
]);
}); });
} }
} }

View file

@ -0,0 +1,51 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
namespace Pterodactyl\Models;
use Illuminate\Database\Eloquent\Model;
class NodeConfigurationToken extends Model
{
/**
* The table associated with the model.
*
* @var string
*/
protected $table = 'node_configuration_tokens';
/**
* Fields that are not mass assignable.
*
* @var array
*/
protected $guarded = ['id', 'created_at', 'updated_at'];
/**
* The attributes that should be mutated to dates.
*
* @var array
*/
protected $dates = ['created_at', 'updated_at', 'expires_at'];
}

View file

@ -282,6 +282,9 @@ class NodeRepository
// Delete Allocations // Delete Allocations
Models\Allocation::where('node', $node->id)->delete(); Models\Allocation::where('node', $node->id)->delete();
// Delete configure tokens
Models\NodeConfigureToken::where('node', $node->id)->delete();
// Delete Node // Delete Node
$node->delete(); $node->delete();

View file

@ -0,0 +1,36 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateNodeConfigurationTokensTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('node_configuration_tokens', function (Blueprint $table) {
$table->increments('id');
$table->char('token', 32);
$table->timestamp('expires_at');
$table->integer('node')->unsigned();
$table->foreign('node')
->references('id')->on('nodes');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('node_configuration_tokens');
}
}