Commit graph

180 commits

Author SHA1 Message Date
Dane Everitt
f42bc8a031
Cleanup exception reporting, stop logging PDO exception stacks.
PDOException stacks include the MySQL password for the connection attempt and many people do not realize this when providing logs.
2018-02-04 13:31:39 -06:00
Dane Everitt
e3df0738da
Change the way API keys are stored and validated; clarify API namespacing
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
2018-01-13 16:06:19 -06:00
Dane Everitt
800e2df6b2
Merge branch 'develop' into feature/api-v1
# Conflicts:
#	app/Contracts/Repository/RepositoryInterface.php
#	app/Repositories/Eloquent/EloquentRepository.php
#	app/Services/Nodes/NodeUpdateService.php
#	tests/Unit/Services/Nodes/NodeUpdateServiceTest.php
2018-01-10 20:55:22 -06:00
Dimitar Yanakiev
8690b5a154
Update database.php 2018-01-05 01:06:01 +02:00
Dane Everitt
46d7ba7585
Merge branch 'develop' into feature/api-v1 2017-12-31 10:32:28 -06:00
Dane Everitt
1b9b92ac62
Cleanup settings use in panel. 2017-12-30 16:33:00 -06:00
Dane Everitt
54b6fb5ebd
More work on the API utilizing Laravel 5.5 exception rendering
Also corrects API format to maintain JSONAPI spec
2017-12-17 14:57:05 -06:00
Dane Everitt
b9d67459b2
Update to Laravel 5.5 (#814) 2017-12-17 13:07:38 -06:00
Dane Everitt
0dcf2aaed6
Inital upgrade to 5.5
This simply updates dependencies and gets all of the providers and config files updated based on what  the laravel/laravel currently ships with
2017-12-16 12:20:09 -06:00
Dane Everitt
f9df463d32
Implement a better management interface for Settings (#809) 2017-12-14 21:05:26 -06:00
Dane Everitt
6f52f4a614
Push updates to login page, mostly UI enhancements. 2017-11-18 15:09:58 -06:00
Dane Everitt
c7c2c1a45e
Implement changes to 2FA system (#761) 2017-11-18 13:35:33 -05:00
Dane Everitt
88562b5cd6
Fix inability to create a server 2017-11-05 15:36:37 -06:00
Dane Everitt
1438a50ae9
More fixes 2017-11-04 16:46:18 -05:00
Dane Everitt
69cd330eb8
Fix setup command issues 2017-11-04 16:27:15 -05:00
Dane Everitt
6a2cb72ede
Fix debug bar getting loaded in production 2017-11-04 14:21:30 -05:00
Dane Everitt
f5b20e38c4
Fix failing tests due to way nest creation worked 2017-11-04 13:01:54 -05:00
Dane Everitt
79decafdc8
Update all the middlewares 2017-10-29 12:37:25 -05:00
Dane Everitt
fa62a0982e
Refactor startup modification and environment variable services
Better setup, more flexibility, more tests.
2017-10-26 23:49:54 -05:00
Matthew Hatcher
2f9e7bdc3b Adding Laravel Blade Directives Package. (#695) 2017-10-18 00:26:03 -04:00
Dane Everitt
b1834307d5
Update demon routes to use /v1/ 2017-09-30 21:00:24 -05:00
Dane Everitt
15d38ce823
Add ability to switch between new and existing daemon 2017-09-30 19:23:44 -05:00
Dane Everitt
8e2b77dc1e
Final touches to new key-rotation service 2017-09-24 12:34:00 -05:00
Dane Everitt
8722571037
Finish console command cleanup 2017-09-22 21:19:57 -05:00
Dane Everitt
bab28dbc85
Initial implementation of new task mgmt system 👮 2017-09-09 23:55:21 -05:00
Dane Everitt
54554465f2
Add more front-end controllers, language file cleanup 2017-09-03 16:32:52 -05:00
Dane Everitt
72735c24f7
Complete move from old repository to new repository structure! 2017-08-26 18:08:11 -05:00
Dane Everitt
74ea1aa0aa
Push subuser creation service 2017-08-23 21:34:11 -05:00
Dane Everitt
3ee5803416
Massive PHPCS linting 2017-08-21 22:10:48 -05:00
Dane Everitt
cdfbc60030
Push pack services and fix for failing tests 2017-08-20 19:23:50 -05:00
Dane Everitt
280633b28a
More service classes for pack management 2017-08-19 20:40:00 -05:00
Dane Everitt
9d3dca87f2
Begin moving packs to new service mechanisms, refactor exceptions for services 2017-08-18 22:19:06 -05:00
Dane Everitt
ebb3a01036
Should fix failing travis builds 2017-07-23 17:55:38 -05:00
Dane Everitt
bc3366b10d
Repository interface improvements 2017-07-15 11:52:34 -05:00
Dane Everitt
5c3dc60d1e
Addition of repository to ease testing and maintainability 2017-07-01 15:29:49 -05:00
Dane Everitt
2f4ec64f2a
Merge branch 'develop' into feature/PTDL-472 2017-07-01 12:33:30 -05:00
Dane Everitt
63d08905b4
Up session timeout to 7 days 2017-06-28 21:57:52 -05:00
Dane Everitt
2235481765
More service structure testing and configuration
Tests aren't working as well as I had hoped, so a lot are commented out while I wait to hear back on this bug causing them to fail.
2017-06-24 19:49:09 -05:00
Dane Everitt
cede747442
Cleanup user and location controllers. 2017-06-17 17:36:39 -05:00
Dane Everitt
a527949939
Add more location tests, more travis CI fix attempts 2017-06-16 00:29:19 -05:00
Dane Everitt
760525a673
Push more tests for location services, setup travis CI integration 2017-06-15 23:03:22 -05:00
Dane Everitt
26e476a794
Push updates, removes repositories, begins moving functionality to services.
First integration tests included.
2017-06-13 23:25:37 -05:00
Dane Everitt
5c2b9deb09
Push initial implementations of new repository structure
This breaks almost the entire panel, do not pull this branch in this state.

Mostly just moved old repository files to a new folder without updating anything else in order to start doing new things. Structure is not finalized.
2017-06-10 22:28:44 -05:00
Dane Everitt
72c0330486
Fixes 2FA not honoring 'Remember Me' checkbox, closes #439 2017-05-22 19:09:42 -05:00
Dane Everitt
1c37a8fe1a
Fixes account creation and password reset abilities. 2017-04-28 00:07:38 -04:00
Dane Everitt
d600d7ebb0
Use file driver, avoids memcache error if using redis 2017-04-14 17:27:15 -04:00
Dane Everitt
52fb4f58d5
Ship with support for login notifications 2017-04-14 17:10:01 -04:00
Dane Everitt
93d79994f8 Apply fixes from StyleCI (#372) 2017-04-09 19:16:39 -04:00
Dane Everitt
87c09a921b
More defined naming scheme for config 2017-04-09 16:05:18 -04:00
Dane Everitt
de8bbcd098
Configuration for API pagination and includes on listing 2017-04-09 16:04:08 -04:00
Dane Everitt
4479d3bf19
Improved logic for handling permissions on API routes.
Still only partially implemented, however this method will allow the
inclusion of data that is granted with servers (such as viewing more
about the node, node location, allocations, etc) while still limiting
someone from doing `?include=node.servers` and listing all servers when
they don’t have list-servers as a permission.
2017-04-08 12:05:29 -04:00
Dane Everitt
65630bdcce
Move API to use JSON:API standards and fractal serializer
Makes the data slightly more complex, but forces a standard and can
always be changed down the road simply by changing the default
serializer.
2017-04-02 16:51:56 -04:00
Dane Everitt
97773300ed
Better middleware for routes, cleaned up API, removed old API calls
New API routes for Server allow specifying which fractal objects to
load into the request, thus making it possible to fine-tune what data
is returned.
2017-04-02 13:19:39 -04:00
Dane Everitt
ddb82ac3ca
Add initial user server transformer for API. 2017-04-02 00:49:53 -04:00
Dane Everitt
87530cdc01
Initial moves to new API scheme.
Implements a better middleware for handling API authentication, as well
as cleaner route handling.
2017-04-02 00:11:52 -04:00
Dane Everitt
9c303456fb Update codebase to L5.4 (#367) 2017-04-01 17:59:43 -04:00
Dane Everitt
0a95d97d7f
Better support for redis as a backend 2017-04-01 16:31:18 -04:00
Dane Everitt
ff57e2ff85
Cleanup recaptcha middleware 2017-03-31 21:12:49 -04:00
Dane Everitt
451dd7ebc8 Apply fixes from StyleCI (#364) 2017-03-31 20:48:35 -04:00
Jakob Schrettenbrunner
207e0131fc Merge branch 'develop' of github.com:Pterodactyl/Panel into improve-password-reset 2017-03-31 12:20:41 +02:00
Jakob Schrettenbrunner
142cbb0641 Add invisible ReCAPTCHA to login and password reset 2017-03-31 12:19:44 +02:00
Dane Everitt
da003efb03
Fixes issue with DOCTYPE being discarded on JS injected views 2017-03-30 16:23:25 -04:00
Dane Everitt
da19749098
Fix phraseapp and move config location 2017-03-19 11:55:36 -04:00
Dane Everitt
377fe92f5b
Don't try to render 200 lines per second in the console... 💣
Corrects a math mistake on my end, and makes the console speed
configurable again. Now sends 50 messages per second.

Console will notify when being throttled, and refreshing the page will
clear the queue if necessary.
2017-03-19 11:13:17 -04:00
Dane Everitt
4f16509447
Use env() properly throughout panel to avoid cache issues. 2017-03-18 15:56:19 -04:00
Dane Everitt
4ad09c5435
Fixes bug introduced during admin rewrite that broke server creation 2017-03-16 21:11:15 -04:00
Dane Everitt
1aa191210a
closes #344 2017-03-16 19:54:31 -04:00
Dane Everitt
1c47b2ed55
Finish pack management in Admin CP 2017-03-15 20:52:37 -04:00
Dane Everitt
d7682bb7c9
Complete new service, option, and variable management interface in Admin CP 2017-03-12 00:00:06 -05:00
Dane Everitt
70db461075
Start push of service changes.
Changes the way service files are stored and allows for much easier
updates in the future that won’t affect custom services.

Also stores more configurations in the database to make life easier for
everyone.
2017-03-10 18:25:12 -05:00
Dane Everitt
b301b89459
Merge branch 'develop' into feature/admin-retheme 2017-03-03 17:30:51 -05:00
Dane Everitt
c021872a9c Update database.php 2017-03-02 12:17:52 -05:00
Dane Everitt
cb6b44d4f0
Completed new server page with new theme. 2017-02-24 18:19:03 -05:00
Dane Everitt
b82c67424f Slow ya roll StyleCI... 2017-02-18 22:59:08 -05:00
Dane Everitt
b11029a666 Apply fixes from StyleCI (#312)
* Bump for release

* Apply fixes from StyleCI
2017-02-18 22:57:50 -05:00
Dane Everitt
008cccb098
Fix up email sending and add more notifications to the panel.
Closes #265
2017-02-17 19:23:27 -05:00
Dane Everitt
9af06b4b59
Add in query caching on server view 2017-02-17 18:19:53 -05:00
Dane Everitt
b5c39a1212
Fix @schrej's proxy code. 2017-02-12 16:41:17 -05:00
Jakob
19567ee311 Merge branch 'develop' into fix/trusted-proxies 2017-02-03 00:38:58 +01:00
Jakob
8cac2a3669 Merge pull request #285 from Pterodactyl/feature/phrase-in-context
add phraseapp in context editor
2017-02-03 00:36:50 +01:00
Jakob Schrettenbrunner
7f1000dd8a make dane and styleci happy 2017-02-03 00:08:10 +01:00
Jakob Schrettenbrunner
7b659a773e handle * and ** for TRUSTED_PROXIES 2017-02-02 23:31:42 +01:00
Jakob Schrettenbrunner
7f0608d412 better naming of PhraseApp related stuff 2017-02-02 23:14:53 +01:00
Dane Everitt
fb589a7f4e
Fix session timeout issues on browser close. 2017-02-02 16:29:37 -05:00
Jakob Schrettenbrunner
8fc30fbe3a add phraseapp in context editor 2017-02-02 15:05:33 +01:00
Jakob Schrettenbrunner
24650b67be Merge branch 'develop' into fix/trusted-proxies
sorry
2017-02-01 20:35:10 +01:00
Jakob Schrettenbrunner
8ab4faad8a remove TRUSTED_PROXIES from .env.example
make style ci happy
2017-02-01 20:31:24 +01:00
Jakob Schrettenbrunner
ee26a7e8dd add fideloper/proxy to support reverse proxies and load balancers 2017-02-01 20:10:28 +01:00
Dane Everitt
2fc852c6a4
Push 'Account' and 'Security' pages as well as 'My Servers' 2017-01-15 14:09:57 -05:00
Dane Everitt
457ed28b0b
Initial change of theme.
Only themed pages currently are login and reset password pages.
2017-01-14 21:32:33 -05:00
Dane Everitt
d9de884de3 Apply fixes from StyleCI 2017-01-03 22:46:30 +00:00
Dane Everitt
aa6e733ba5
Switch filemanager and EULA check to use pure Javascript methods
Removes the need for the javascript to be parsed by Blade template
engine by using a defined javascript variable with the values that are
necessary for checking everything and passing the correct values.

This does make it so that if a user does not have permission to do
something they could theoretically make the option show up in the
context menu, however when they click it, it will simply return an
error by the daemon.
2017-01-03 16:47:33 -05:00
Dane Everitt
c1fb0a665f Apply fixes from StyleCI 2016-12-07 22:46:38 +00:00
Dane Everitt
90cd2b677e
Add version checking to daemon and panel
Also includes some buttons for users to get help from the panel.
2016-11-26 19:29:57 -05:00
Dane Everitt
b8a6a15b08 Set version to 'canary' on development branch
Official releases are either merged into master or branched off where their version number is then incremented.
2016-11-07 20:08:25 -05:00
Dane Everitt
702c1d6ba6
Official bump to v0.5.0 🎉 2016-11-04 22:00:32 -04:00
Dane Everitt
a55220da39
Fix missing environment variables relating to queues 2016-10-30 18:34:50 -04:00
Dane Everitt
f80e481263
Add support for SQS and Redis in queue system 2016-10-27 17:16:47 -04:00
Dane Everitt
745c735b32
Add initial basic API changes
New route is `/api/me`
2016-10-14 20:22:23 -04:00
Dane Everitt
ca84022e84
bump version to 0.5.0
Any changes to v0.4.x release will require a release branch with
modifications.
2016-09-27 21:02:30 -04:00