Dane Everitt
3bb9bf04e5
Pass the updated model through for updating node config, rather than old model, ref #1237
2018-09-03 14:54:50 -07:00
Dane Everitt
5bd3f59455
Fix schedules running twice, closes #1288
2018-09-03 14:32:33 -07:00
Dane Everitt
178b8f8ce6
More logical time handling
2018-08-31 21:00:13 -07:00
Dane Everitt
8f5bd214a4
[Security] Address 2FA bypass in password reset functionality
...
Thanks to Trixter#0001 on Discord for this security report.
There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required.
This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed.
Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.
2018-07-04 11:41:56 -07:00
Stan
1ffb5acfad
Send an email when a server is marked as installed ( #1213 )
...
Co-authored-by: @stanjg
2018-07-01 14:34:40 -07:00
Dane Everitt
304d947536
Allow creating subuser with no permissions
2018-06-30 18:25:46 -07:00
Dane Everitt
974318ffb4
Logout other sessions when password is changed
...
closes #1222
2018-06-30 17:50:58 -07:00
Dane Everitt
969b16a563
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2018-06-02 21:32:26 +00:00
Dane Everitt
fd8d7c3571
Merge pull request #1130 from stanjg/feature/stats-page
...
Added a statistics page to monitor the panel usage
2018-05-31 22:56:58 -07:00
stanjg
60e1ffa564
Added a test for the controller and cleaned up the controller
2018-05-27 00:16:13 +02:00
stanjg
7a81c61ad8
Wording changes and fix of major fail last commit
2018-05-26 21:02:47 +02:00
stanjg
86e7085396
Cleaned up the controller and prepared for tests
2018-05-26 20:58:49 +02:00
Dane Everitt
0e1b4661ce
Don't allow access to manage page if server failed installing
2018-05-23 22:23:26 -07:00
Dane Everitt
6967b9ba12
Fix exception thrown due to lack of pre-validation on the model.
...
closes #1158
2018-05-20 17:11:52 -07:00
Dane Everitt
00df0b66a6
Merge pull request #1148 from pterodactyl/feature/doc-block-improvements
...
@throws docblock improvements
2018-05-20 16:25:59 -07:00
Dane Everitt
002efddc96
Merge pull request #1146 from pterodactyl/feature/windows-pathinfo-support
...
Add support for Windows, replace all backslashes with forwardslashes
2018-05-20 16:24:58 -07:00
Lance Pioch
71257c67bf
Add more throwing
2018-05-13 12:42:22 -04:00
Lance Pioch
3bc2397795
Library doesn't exist anymore
2018-05-13 12:42:16 -04:00
Lance Pioch
f82b419d47
Update php doc blocks
2018-05-13 12:42:11 -04:00
Lance Pioch
f42f211e65
Add support for Windows, replace all back slashes with forward slashes
2018-05-13 11:39:44 -04:00
Lance Pioch
e2dc0638d9
Fix app/ spelling errors
2018-05-13 11:12:41 -04:00
stanjg
095d85bb60
Added the server as argument, and improved the bug fix
2018-05-06 17:59:11 +02:00
stanjg
06a67bb4bb
Cleaned up some duplicate code
2018-05-05 10:39:20 +02:00
stanjg
28a97fea54
Polished it up
2018-05-04 22:48:43 +02:00
stanjg
93a7d11c28
Made a base
2018-05-04 18:45:37 +02:00
Dane Everitt
3e2ac981a9
Add API endpoint for getting server resource utilization, closes #900
...
This endpoint is throttled to 15 requests per minute to avoid destroying the daemon since clients can use it.
2018-03-17 14:01:53 -05:00
Dane Everitt
f8e98e9c9e
Add ability to change server name, closes #563
2018-03-10 14:44:21 -06:00
Dane Everitt
e55d3c1a9a
Add check on SFTP page to make sure the permission is assigned before showing
2018-03-10 14:26:00 -06:00
Dane Everitt
40c74ae1e7
Add validation to prevent invalid ports, closes #1034
2018-03-10 13:10:40 -06:00
Dane Everitt
4964d294f6
Throw 504 where necessary
2018-03-06 22:17:01 -06:00
Dane Everitt
c739f292e4
paginate databases when viewing a host
2018-03-03 17:52:35 -06:00
Dane Everitt
c6137db529
Fix build limit management in Admin CP
2018-03-02 19:49:09 -06:00
Dane Everitt
bcb69603ad
Add support for user management of databases
2018-03-02 19:03:55 -06:00
Dane Everitt
07893effa3
Add initial go at user created databases for servers, still needs cleaning
2018-03-01 21:27:37 -06:00
Dane Everitt
070239abcf
Fix inability to edit certain environment vars and start line, closes #1008
2018-03-01 19:26:11 -06:00
Dane Everitt
85bdbdce14
Better handling of file download requests
2018-03-01 19:19:19 -06:00
Dane Everitt
838b9a9093
Add support for filesystem caching, closes #993
2018-03-01 18:46:59 -06:00
Dane Everitt
9b93629f45
Add UI for client API keys
2018-02-28 23:30:39 -06:00
Dane Everitt
2017e640b6
Add client API
2018-02-28 22:51:04 -06:00
Dane Everitt
4e12c289ed
Add command sending
2018-02-27 22:09:34 -06:00
Dane Everitt
cef3e4ced4
Add base routes for managing servers as a client
2018-02-27 21:28:43 -06:00
Dane Everitt
e28973bcae
Move everything around as needed to get things setup for the client API
2018-02-25 15:30:56 -06:00
Dane Everitt
fb1b2406b5
Add API endpoint to get a server by external ID
2018-02-24 14:09:09 -06:00
Dane Everitt
baeffef24b
Fix bad permissions check on server API route
2018-02-24 12:15:21 -06:00
Dane Everitt
633bba6d6e
Add support for external_id on servers, closes #975
2018-02-24 11:57:12 -06:00
Dane Everitt
f655188c58
Fix searching servers
2018-02-24 11:48:24 -06:00
Dane Everitt
4b9f025e98
Fix exception when trying to edit a host, ref #957
2018-02-18 14:10:12 -06:00
Dane Everitt
50809cad36
Fix exception when no 2FA token is entered when enabling or disabling
2018-02-18 13:15:10 -06:00
Dane Everitt
8e1aa15dba
Fixes a bug that would cause non-editable variables on the front-end to throw a validation error
2018-02-15 20:58:51 -06:00
Dane Everitt
bf537922a3
Fix username validation and auto-generation, closes #927
2018-02-11 16:39:50 -06:00