Dane Everitt
fd49e524c8
Update middleware code
2018-09-03 15:17:53 -07:00
Dane Everitt
4d62e4c7b9
Merge branch 'develop' into pr/1128
2018-09-03 15:10:23 -07:00
Dane Everitt
c6112b4234
Fix tests
2018-09-03 14:59:00 -07:00
Dane Everitt
3bb9bf04e5
Pass the updated model through for updating node config, rather than old model, ref #1237
2018-09-03 14:54:50 -07:00
Dane Everitt
7ed9c7cb93
Correctly store changes to upload size limit, closes #1237
2018-09-03 14:53:58 -07:00
Dane Everitt
5bd3f59455
Fix schedules running twice, closes #1288
2018-09-03 14:32:33 -07:00
Dane Everitt
413a22a3d5
Changes to job running to clean up code
2018-09-03 14:04:25 -07:00
Dane Everitt
bcb3f5d5fa
Fix handling of times
2018-08-31 21:12:10 -07:00
Dane Everitt
178b8f8ce6
More logical time handling
2018-08-31 21:00:13 -07:00
Dane Everitt
e5636405f3
Drop carbon, use chronos
2018-08-31 20:52:15 -07:00
Dane Everitt
f3efe546da
Fix broken namespace for autoloader
2018-08-31 20:34:57 -07:00
Dane Everitt
8f5bd214a4
[Security] Address 2FA bypass in password reset functionality
...
Thanks to Trixter#0001 on Discord for this security report.
There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required.
This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed.
Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.
2018-07-04 11:41:56 -07:00
Stan
1ffb5acfad
Send an email when a server is marked as installed ( #1213 )
...
Co-authored-by: @stanjg
2018-07-01 14:34:40 -07:00
Dane Everitt
d2bc791d74
Fix links sent to users when accounts are created
...
closes #1093
2018-06-30 18:47:31 -07:00
Dane Everitt
304d947536
Allow creating subuser with no permissions
2018-06-30 18:25:46 -07:00
Dane Everitt
96699b192e
Don't verify SSL signatures in dev
...
[skip ci]
2018-06-30 18:24:35 -07:00
Dane Everitt
974318ffb4
Logout other sessions when password is changed
...
closes #1222
2018-06-30 17:50:58 -07:00
Sergzy
bad9ae58e8
Fix environment_variables name ( #1212 )
2018-06-30 13:25:40 -07:00
Jacob Gee-Clarke
d73e5a2274
Fixed my fix to fix the 500 error on /api/application/nodes when not specifying a daemon_base ( #1182 )
2018-06-02 14:34:01 -07:00
Dane Everitt
969b16a563
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2018-06-02 21:32:26 +00:00
stanjg
b56f3a8671
Expanded the middleware test
2018-06-01 16:22:06 +02:00
stanjg
e9ac014bf4
Removed the use of Auth facade and removed unnecesary option
2018-06-01 16:10:32 +02:00
stanjg
3bb9e5e8a8
Merge branch 'develop' of https://github.com/stanjg/panel into feature/user-specific-language
2018-06-01 15:58:09 +02:00
Dane Everitt
fd8d7c3571
Merge pull request #1130 from stanjg/feature/stats-page
...
Added a statistics page to monitor the panel usage
2018-05-31 22:56:58 -07:00
stanjg
ccf3e3511f
Renamed middleware, and fixed the test
2018-05-31 16:40:18 +02:00
stanjg
013dde75ae
Renamed the field and made some improvements
2018-05-31 16:34:35 +02:00
stanjg
60e1ffa564
Added a test for the controller and cleaned up the controller
2018-05-27 00:16:13 +02:00
stanjg
7a81c61ad8
Wording changes and fix of major fail last commit
2018-05-26 21:02:47 +02:00
stanjg
86e7085396
Cleaned up the controller and prepared for tests
2018-05-26 20:58:49 +02:00
Dane Everitt
e648e50d90
Write some example tests for @stanjg
2018-05-26 11:00:28 -07:00
Dane Everitt
e3bbd85f3f
Merge branch 'develop' into pr/1129
2018-05-26 10:34:29 -07:00
Dane Everitt
0e1b4661ce
Don't allow access to manage page if server failed installing
2018-05-23 22:23:26 -07:00
Dane Everitt
6967b9ba12
Fix exception thrown due to lack of pre-validation on the model.
...
closes #1158
2018-05-20 17:11:52 -07:00
Dane Everitt
fae5acf99f
Fix bug when loading server owner dropdown
...
closes #1137
2018-05-20 17:00:50 -07:00
Dane Everitt
b4e510fbe3
Fixes before release
2018-05-20 16:49:54 -07:00
Dane Everitt
7e2e5fd7c1
Merge branch 'develop' into feature/upgrade-laravel-to-5.6
2018-05-20 16:30:42 -07:00
Dane Everitt
00df0b66a6
Merge pull request #1148 from pterodactyl/feature/doc-block-improvements
...
@throws docblock improvements
2018-05-20 16:25:59 -07:00
Dane Everitt
002efddc96
Merge pull request #1146 from pterodactyl/feature/windows-pathinfo-support
...
Add support for Windows, replace all backslashes with forwardslashes
2018-05-20 16:24:58 -07:00
Dane Everitt
457e461f45
Merge pull request #1144 from pterodactyl/feature/spelling
...
Spellchecked the whole application
2018-05-20 16:24:09 -07:00
Lance Pioch
6a4443b751
Fix the styling
2018-05-13 17:41:01 -04:00
Lance Pioch
02379b657d
Replace the log writer class with the new one
2018-05-13 16:40:31 -04:00
Lance Pioch
b232055676
Fix style change
2018-05-13 12:43:59 -04:00
Lance Pioch
71257c67bf
Add more throwing
2018-05-13 12:42:22 -04:00
Lance Pioch
3bc2397795
Library doesn't exist anymore
2018-05-13 12:42:16 -04:00
Lance Pioch
f82b419d47
Update php doc blocks
2018-05-13 12:42:11 -04:00
Lance Pioch
8bf030793f
Replace loggin contract
2018-05-13 12:25:34 -04:00
Lance Pioch
9cbada17b2
Merge branch 'feature/cron-job-fix' into feature/upgrade-laravel-to-5.6
2018-05-13 11:59:51 -04:00
Lance Pioch
53829399de
Make sure this trust proxies is also changed
2018-05-13 11:59:25 -04:00
Lance Pioch
f42f211e65
Add support for Windows, replace all back slashes with forward slashes
2018-05-13 11:39:44 -04:00
Lance Pioch
e2dc0638d9
Fix app/ spelling errors
2018-05-13 11:12:41 -04:00