misc_pterodactyl-panel

Author	SHA1	Message	Date
Dane Everitt	8bbe6bc279	Add test, fix behavior of model creation	2018-07-14 22:58:33 -07:00
Dane Everitt	550c622d3b	Obliterate JWT from codebase	2018-07-14 22:48:09 -07:00
Dane Everitt	6336e5191f	Strip out JWT usage and use cookies to track the currently logged in user	2018-07-14 22:42:58 -07:00
Dane Everitt	eafc4408eb	Fix broken unit tests	2018-07-14 21:49:49 -07:00
Dane Everitt	c82f273d85	Fix remaining broken tests	2018-07-04 19:38:23 -07:00
Dane Everitt	6c20ea9881	Add tests for changed controllers	2018-07-04 19:20:33 -07:00
Dane Everitt	5010c0c756	Merge branch 'feature/vuejs' into feature/vuejs-account	2018-07-04 18:12:57 -07:00
Dane Everitt	af9af78938	Merge branch 'develop' into feature/vuejs	2018-07-04 18:09:07 -07:00
Dane Everitt	8f5bd214a4	[Security] Address 2FA bypass in password reset functionality Thanks to Trixter#0001 on Discord for this security report. There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required. This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed. Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.	2018-07-04 11:41:56 -07:00
Dane Everitt	603b8a3094	Merge branch 'feature/vuejs' into feature/vuejs-account	2018-07-02 21:01:04 -07:00
Dane Everitt	48cb01f438	Merge branch 'develop' into feature/vuejs	2018-07-02 21:00:42 -07:00
Stan	1ffb5acfad	Send an email when a server is marked as installed (#1213 ) Co-authored-by: @stanjg	2018-07-01 14:34:40 -07:00
Dane Everitt	304d947536	Allow creating subuser with no permissions	2018-06-30 18:25:46 -07:00
Dane Everitt	974318ffb4	Logout other sessions when password is changed closes #1222	2018-06-30 17:50:58 -07:00
Dane Everitt	7711b697ad	Finalize two-factor handling on account.	2018-06-20 23:05:35 -07:00
Dane Everitt	0cc895f2d5	Finalize email/password changing in UI	2018-06-17 16:53:24 -07:00
Dane Everitt	fce394f6bd	Change email handling and logout function	2018-06-16 14:30:20 -07:00
Dane Everitt	e7faf979a1	Change login handling to automatically redirect a user if their session will need renewal.	2018-06-16 14:05:39 -07:00
Dane Everitt	b8b9acd0e6	Get the base email update working through the API. Still going to need to determine the best course of action to update the token on the client side.	2018-06-11 22:56:57 -07:00
Dane Everitt	03c83c084a	Revert use of cookies, go back to using a JWT	2018-06-06 22:49:44 -07:00
Dane Everitt	5bcabbde35	Get dashboard in a more working state	2018-06-05 23:42:34 -07:00
Dane Everitt	e948d81d8a	Base attempt at using vuex to handle logins	2018-06-05 23:00:01 -07:00
Dane Everitt	02b29a66ea	Use client API to get resource use for a server	2018-06-02 19:08:53 -07:00
Jacob Gee-Clarke	d73e5a2274	Fixed my fix to fix the 500 error on /api/application/nodes when not specifying a daemon_base (#1182 )	2018-06-02 14:34:01 -07:00
Dane Everitt	969b16a563	Apply fixes from StyleCI [ci skip] [skip ci]	2018-06-02 21:32:26 +00:00
Dane Everitt	6c598f9100	Merge branch 'feature/vuejs' into feature/vuejs-serverlist	2018-05-31 22:59:39 -07:00
Dane Everitt	5f70502f20	Merge branch 'develop' into feature/vuejs	2018-05-31 22:59:16 -07:00
Dane Everitt	fd8d7c3571	Merge pull request #1130 from stanjg/feature/stats-page Added a statistics page to monitor the panel usage	2018-05-31 22:56:58 -07:00
stanjg	ccf3e3511f	Renamed middleware, and fixed the test	2018-05-31 16:40:18 +02:00
stanjg	013dde75ae	Renamed the field and made some improvements	2018-05-31 16:34:35 +02:00
Dane Everitt	a1444b047e	Fix JWT handling for API access when logging in	2018-05-28 14:59:48 -07:00
Dane Everitt	6e5c365018	Use the client API to load servers on the listing page	2018-05-28 13:23:40 -07:00
Dane Everitt	ad69193ac0	Add JWT to login forms	2018-05-28 12:48:42 -07:00
Dane Everitt	6f2fcabf22	Add very basic server search and dynamic rendering functionality	2018-05-26 23:17:02 -07:00
Dane Everitt	9d8830a2d7	Get initial mockup of new server list up	2018-05-26 17:20:36 -07:00
stanjg	60e1ffa564	Added a test for the controller and cleaned up the controller	2018-05-27 00:16:13 +02:00
Dane Everitt	cf90f56777	Merge branch 'develop' into feature/vuejs-auth	2018-05-26 12:17:14 -07:00
stanjg	7a81c61ad8	Wording changes and fix of major fail last commit	2018-05-26 21:02:47 +02:00
stanjg	86e7085396	Cleaned up the controller and prepared for tests	2018-05-26 20:58:49 +02:00
Dane Everitt	e648e50d90	Write some example tests for @stanjg	2018-05-26 11:00:28 -07:00
Dane Everitt	e3bbd85f3f	Merge branch 'develop' into pr/1129	2018-05-26 10:34:29 -07:00
Dane Everitt	0e1b4661ce	Don't allow access to manage page if server failed installing	2018-05-23 22:23:26 -07:00
Dane Everitt	6967b9ba12	Fix exception thrown due to lack of pre-validation on the model. closes #1158	2018-05-20 17:11:52 -07:00
Dane Everitt	b4e510fbe3	Fixes before release	2018-05-20 16:49:54 -07:00
Dane Everitt	7e2e5fd7c1	Merge branch 'develop' into feature/upgrade-laravel-to-5.6	2018-05-20 16:30:42 -07:00
Dane Everitt	00df0b66a6	Merge pull request #1148 from pterodactyl/feature/doc-block-improvements @throws docblock improvements	2018-05-20 16:25:59 -07:00
Dane Everitt	002efddc96	Merge pull request #1146 from pterodactyl/feature/windows-pathinfo-support Add support for Windows, replace all backslashes with forwardslashes	2018-05-20 16:24:58 -07:00
Lance Pioch	71257c67bf	Add more throwing	2018-05-13 12:42:22 -04:00
Lance Pioch	3bc2397795	Library doesn't exist anymore	2018-05-13 12:42:16 -04:00
Lance Pioch	f82b419d47	Update php doc blocks	2018-05-13 12:42:11 -04:00

1 2 3 4 5 ...

700 commits