Commit graph

441 commits

Author SHA1 Message Date
Matthew Penner
742e352c67
Update CHANGELOG.md 2023-10-12 13:55:53 -06:00
Matthew Penner
35159b3715
Update CHANGELOG.md 2023-10-10 13:13:00 -06:00
Matthew Penner
43f7c10617
Update CHANGELOG.md 2023-01-27 12:24:55 -07:00
Matthew Penner
ac53e7b061
Update CHANGELOG.md 2022-12-12 16:09:09 -07:00
Matthew Penner
411017198e
Update CHANGELOG.md 2022-12-05 13:16:03 -07:00
Matthew Penner
73b27aea8e
Update CHANGELOG.md 2022-12-04 15:27:21 -07:00
Matthew Penner
1bb1b13f6d
Update CHANGELOG.md 2022-11-22 13:40:58 -07:00
Matthew Penner
c1584d9a5b
Update CHANGELOG.md 2022-11-14 20:31:03 -07:00
Matthew Penner
9c6822f62d
Update CHANGELOG.md 2022-10-16 12:34:36 -06:00
Matthew Penner
ac8629d449
Update CHANGELOG.md 2022-10-04 20:49:03 -06:00
Matthew Penner
0dc77aec25
Update README.md 2022-09-25 19:12:08 -06:00
DaneEveritt
2da8042b0f
Fix clock() usage causing errors in prod environments 2022-07-24 20:43:14 -04:00
DaneEveritt
f614b443dd
Update CHANGELOG.md 2022-07-24 19:37:15 -04:00
DaneEveritt
74c3b00828
Update CHANGELOG.md 2022-07-03 19:51:12 -04:00
DaneEveritt
4fa735da3f
Update CHANGELOG.md 2022-06-27 21:01:24 -04:00
DaneEveritt
d172d2829f
Update CHANGELOG.md 2022-06-26 15:42:11 -04:00
DaneEveritt
278d8b7bf6
Update CHANGELOG.md 2022-06-11 10:04:44 -04:00
DaneEveritt
21ca91abd0
Allow SES region configuration; closes #4124 2022-06-05 13:32:36 -04:00
DaneEveritt
8771597560
Fix database deletion; closes #4114
Co-Authored-By: Dawid <minerpl03@gmail.com>
2022-06-05 13:28:46 -04:00
DaneEveritt
5143faa4b1
Update changelog 2022-05-30 11:40:21 -04:00
DaneEveritt
e5fec9934d
Update CHANGELOG.md 2022-05-29 20:42:55 -04:00
DaneEveritt
b051718afe
Fix up API handling logic for keys and set a prefix on all keys 2022-05-22 19:03:51 -04:00
DaneEveritt
f1235c7f88
Update CHANGELOG.md 2022-05-21 17:02:40 -04:00
DaneEveritt
62b178ed02
Show network usage on the server console view 2022-05-13 23:00:59 -04:00
DaneEveritt
3e1f70570b
Update CHANGELOG.md 2022-05-13 21:54:24 -04:00
DaneEveritt
a6df0afefd
Update CHANGELOG.md 2022-05-07 18:30:12 -04:00
Dane Everitt
dfa329ddf2
[security] ensure session is only for that request when authenticating user API key
https://github.com/pterodactyl/panel/security/advisories/GHSA-7v3x-h7r2-34jv
2022-01-19 21:09:17 -05:00
Dane Everitt
ee870d45e8
Update CHANGELOG.md 2022-01-19 19:55:33 -05:00
Dane Everitt
30bb629bad
Update CHANGELOG.md 2021-11-16 20:36:53 -08:00
Dane Everitt
17c03e9a4d
Fix broken session management for application api 2021-11-03 21:33:21 -07:00
Dane Everitt
60eff40a0c
Fix session management on client API requests; closes #3727
Versions of Pterodactyl prior to 1.6.3 used a different throttle pathway for
requests. That pathway found the current request user before continuing on to
other in-app middleware, thus the user was available downstream.

Changes introduced in 1.6.3 changed the throttler logic, therefore removing this
step. As a result, the client API could not always get the currently authenticated
user when cookies were used (aka, requests from the Panel UI, and not API directly).

This change corrects the logic to get the session setup correctly before falling
through to authenticating as a user using the API key. If a cookie is present and a
user is found as a result that session will be used. If an API key is provided it is
ignored when a cookie is also present.

In order to keep the API stateless any session created for an API request stemming
from an API key will have the associated session deleted at the end of the request,
and the 'Set-Cookies' header will be stripped from the response.
2021-11-03 20:51:39 -07:00
Dane Everitt
d65e2978d0
Update CHANGELOG.md 2021-10-23 13:02:25 -07:00
Dane Everitt
c57eb2c9e6
Update CHANGELOG.md 2021-09-21 21:36:29 -07:00
Dane Everitt
5fdb0a5909
Correctly expose OOM disable state for a server 2021-09-13 21:02:12 -07:00
Dane Everitt
f5a1ce13b8
Update CHANGELOG.md 2021-09-13 20:47:30 -07:00
Dane Everitt
dbb061d6f3
Update CHANGELOG.md 2021-09-12 11:26:37 -07:00
Dane Everitt
869bc22103
Update CHANGELOG.md 2021-08-29 13:42:49 -07:00
Matthew Penner
7e91a33a67
Update CHANGELOG.md (#3524) 2021-08-03 20:51:18 -07:00
Dane Everitt
b19a1640f0
Update CHANGELOG.md 2021-08-02 20:48:16 -07:00
Dane Everitt
aa3ea8b24b
Update CHANGELOG.md 2021-06-05 09:02:21 -07:00
Dane Everitt
8ab3ad3f1a
Update CHANGELOG.md 2021-05-01 11:54:23 -07:00
Dane Everitt
d0c7e2c0e6
Update CHANGELOG.md 2021-04-24 16:45:54 -07:00
Dane Everitt
b5f5185a9b
Update CHANGELOG.md 2021-03-26 09:18:54 -07:00
Dane Everitt
9d500f1c49
Update CHANGELOG.md 2021-03-07 17:38:42 -08:00
Dane Everitt
ca6068fa6d
Update CHANGELOG.md 2021-03-06 10:49:08 -08:00
Dane Everitt
4192bcab4b
Update CHANGELOG.md 2021-03-03 21:17:20 -08:00
Dane Everitt
3053a896f4
Update CHANGELOG.md 2021-01-19 21:45:32 -08:00
Dane Everitt
ef3f8586c5
Update CHANGELOG.md 2021-01-06 21:45:06 -08:00
Dane Everitt
5f284dad1d
Update CHANGELOG.md 2020-12-30 18:13:28 -08:00
Dane Everitt
1fcffc7eb9
Update CHANGELOG.md 2020-12-06 15:44:26 -08:00