Michael (Parker) Parker
1ac13c82fa
more docker changes
2018-07-18 17:15:28 -04:00
Michael (Parker) Parker
b7da8532ba
Fixing install
...
Adding php fpm conf and fixing dockerfile
2018-07-18 15:31:35 -04:00
Dane Everitt
6dfaba9042
Merge pull request #1238 from jcsnider/develop
...
Treat white space in terminal output as preformatted...
2018-07-18 09:26:46 -07:00
Michael (Parker) Parker
5427b7e172
dockerfile changes
2018-07-18 12:15:33 -04:00
JC Snider
955617d7ce
Update terminal.css
...
Treat white space in terminal output as preformatted so ascii art/other formatting works.
2018-07-17 18:09:05 -04:00
Dane Everitt
a42280dd84
Begin working on sidebar styling for server view
2018-07-15 19:47:31 -07:00
Dane Everitt
92905a6c2a
Add the server routes
2018-07-15 19:03:38 -07:00
Dane Everitt
79ea4cbe1a
Correct N+1 utilization checking
2018-07-15 18:11:29 -07:00
Dane Everitt
7f5485d648
Fix dashboard to track server state
2018-07-15 17:53:40 -07:00
Dane Everitt
8b3713e3ff
FOrmat and disable server store temporarily
2018-07-15 17:09:53 -07:00
Dane Everitt
d0348a4505
Fix 2FA on login
2018-07-15 17:09:41 -07:00
Dane Everitt
4c4f6d3afe
Fix login
2018-07-15 16:57:00 -07:00
Dane Everitt
ca27346e49
Remove empty css
2018-07-15 16:51:27 -07:00
Dane Everitt
f2d2725ca0
Merge branch 'feature/vuejs' into feature/vue-serverview
2018-07-15 16:50:11 -07:00
Dane Everitt
b859ed61f4
Performance improvements to browser tests
2018-07-15 16:20:36 -07:00
Dane Everitt
d9a09e92bd
Add tests for all of the account actions
2018-07-15 15:58:24 -07:00
Dane Everitt
be2c76c24a
Add tests for password changing
2018-07-15 11:44:18 -07:00
Dane Everitt
6e9123af19
Correctly tear down tests and remove cookies
2018-07-15 11:44:08 -07:00
Dane Everitt
8bbe6bc279
Add test, fix behavior of model creation
2018-07-14 22:58:33 -07:00
Dane Everitt
550c622d3b
Obliterate JWT from codebase
2018-07-14 22:48:09 -07:00
Dane Everitt
6336e5191f
Strip out JWT usage and use cookies to track the currently logged in user
2018-07-14 22:42:58 -07:00
Dane Everitt
a7fae86e58
Treat unauthenticated exceptions the same as everything else
2018-07-14 22:42:38 -07:00
Dane Everitt
aba1b297c8
Add a test that wont work due to auth issues currently
2018-07-14 22:11:56 -07:00
Dane Everitt
a44b4c4426
Fix changing email address error handling
2018-07-14 22:03:19 -07:00
Dane Everitt
eafc4408eb
Fix broken unit tests
2018-07-14 21:49:49 -07:00
Dane Everitt
8b9c2465f3
Correct behavior of errors on the login form
2018-07-14 21:26:08 -07:00
Dane Everitt
2ae43e1f61
Add changes for vagrant
2018-07-14 21:16:18 -07:00
Dane Everitt
d17442a096
Disable automatic optimization and change v:serve for new dev environment
2018-07-14 15:07:19 -07:00
Lance Pioch
44a65b4b3c
Move to its own dir
2018-07-08 11:28:26 -04:00
Lance Pioch
7ef3b76499
Consolidate commands
2018-07-08 11:19:51 -04:00
Lance Pioch
925f28b29c
Update alpine version
2018-07-08 11:19:46 -04:00
Lance Pioch
0667b61abf
Combine and consolidate
2018-07-08 11:19:40 -04:00
Asherslab
a93a73ef4d
Moved files
2018-07-08 11:19:35 -04:00
Asherslab
737bae300c
Some Additions
2018-07-08 11:19:30 -04:00
Asherslab
42e3eecf80
Add docker files
2018-07-08 11:19:24 -04:00
Dane Everitt
c82f273d85
Fix remaining broken tests
2018-07-04 19:38:23 -07:00
Dane Everitt
6c20ea9881
Add tests for changed controllers
2018-07-04 19:20:33 -07:00
Dane Everitt
ec8e434375
Set the 2fa image to always have a consistent height, less jarring transition
2018-07-04 19:00:20 -07:00
Dane Everitt
5010c0c756
Merge branch 'feature/vuejs' into feature/vuejs-account
2018-07-04 18:12:57 -07:00
Dane Everitt
6419b1cf81
Handle password reset logic change for 2fa
2018-07-04 18:11:43 -07:00
Dane Everitt
af9af78938
Merge branch 'develop' into feature/vuejs
2018-07-04 18:09:07 -07:00
Dane Everitt
81f1796a6a
Merge branch 'release/v0.7.9'
2018-07-04 12:08:14 -07:00
Dane Everitt
8341cdbc88
Bump for release
2018-07-04 11:44:21 -07:00
Dane Everitt
d9948f2876
Update changelog
2018-07-04 11:42:57 -07:00
Dane Everitt
8f5bd214a4
[Security] Address 2FA bypass in password reset functionality
...
Thanks to Trixter#0001 on Discord for this security report.
There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required.
This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed.
Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.
2018-07-04 11:41:56 -07:00
Dane Everitt
b342d4dc6b
Change v:serve to match the new vagrant setup
2018-07-03 23:11:22 -07:00
Dane Everitt
603b8a3094
Merge branch 'feature/vuejs' into feature/vuejs-account
2018-07-02 21:01:04 -07:00
Dane Everitt
48cb01f438
Merge branch 'develop' into feature/vuejs
2018-07-02 21:00:42 -07:00
Dane Everitt
28442cead3
Merge branch 'release/v0.7.8'
2018-07-02 21:00:16 -07:00
Jan
422e5dd99f
Update strings.php ( #1227 )
...
Fixed typo.
2018-07-02 15:04:16 -07:00