Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4644 commits 62 branches 124 tags 29 MiB
Commit graph

1983 commits

Author SHA1 Message Date
Matthew Penner
d1c9af8f04
Merge branch 'develop' into v2 2022-01-08 15:20:23 -07:00
Alex
b8bf537737
cmd(setup): validate email input, closes #3175 (#3716) 2021-12-04 10:52:09 -08:00
Dane Everitt
bf9cbe2c6d
Add consistent CSRF token verification to API endpoints; address security concern with non-CSRF protected endpoints 2021-11-16 20:02:18 -08:00
Matthew Penner
ce0bc477c2
ui(admin): fix egg variables 2021-11-04 14:33:24 -06:00
Matthew Penner
5359ef8407
api(app): allow removing a server's startup command 2021-11-04 11:47:08 -06:00
Matthew Penner
34d20b2bf0
api: remove old debug logs 2021-11-04 11:37:33 -06:00
Dane Everitt
17c03e9a4d
Fix broken session management for application api 2021-11-03 21:33:21 -07:00
Dane Everitt
60eff40a0c
Fix session management on client API requests; closes #3727 
Versions of Pterodactyl prior to 1.6.3 used a different throttle pathway for
requests. That pathway found the current request user before continuing on to
other in-app middleware, thus the user was available downstream.

Changes introduced in 1.6.3 changed the throttler logic, therefore removing this
step. As a result, the client API could not always get the currently authenticated
user when cookies were used (aka, requests from the Panel UI, and not API directly).

This change corrects the logic to get the session setup correctly before falling
through to authenticating as a user using the API key. If a cookie is present and a
user is found as a result that session will be used. If an API key is provided it is
ignored when a cookie is also present.

In order to keep the API stateless any session created for an API request stemming
from an API key will have the associated session deleted at the end of the request,
and the 'Set-Cookies' header will be stripped from the response.
 2021-11-03 20:51:39 -07:00
Matthew Penner
728adfe388
server(startup): make startup nullable; resolves #3721 2021-11-03 15:32:53 -06:00
Dane Everitt
cdd8eabcc0
Add phpstan for static analysis (#3718) 2021-10-30 13:41:38 -07:00
Matthew Penner
871d0bdd1c
ui(admin): add egg exporting 2021-10-30 14:23:29 -06:00
Matthew Penner
70cf5c17aa
ui(admin): basic server creation 2021-10-29 00:04:28 -06:00
Matthew Penner
c48d573cc9
Merge branch 'develop' into v2 2021-10-28 22:59:12 -06:00
Matthew Penner
5e99bb8dd6
ui(admin): fix server startup variables 2021-10-24 16:05:00 -06:00
Alex
ef4410bac6
expose uptime to client resources API endpoint (#3705) 
resolves #3704
 2021-10-24 10:12:17 -07:00
Matthew Penner
0e870ab256
fix integration tests 2021-10-23 14:17:05 -06:00
Matthew Penner
2948e344d2
fix integration tests 2021-10-23 13:34:41 -06:00
Matthew Penner
b966069946
Merge branch 'develop' into v2 2021-10-23 13:26:25 -06:00
Dane Everitt
22a8b2b3a2
Use more standardized rate limiting in Laravel; apply limits to auth routes 2021-10-23 12:17:16 -07:00
Matthew Penner
cddf2ce41c
ui(admin): new egg page 2021-10-23 13:13:25 -06:00
Alex
f77932a617
cmd(upgrade): Attempt to gain users attention during upgrade (#3678) 
* cmd(upgrade):  Attempt to gain users attention during upgrade

Changes color of the user and group to gain attention, common issue is having wrong user/group which breaks the panel. Outputs termination message when users spam enter skipping the upgrade wondering why it didn't upgrade.

Reminder to update wings, because users forget it.

* cmd(upgrade): Display wings upgrade documentation link
 2021-10-10 11:08:22 -07:00
Matthew Penner
4fa38b8e9c
Fix wings receiving wrong suspended status on sync (#3667) 
Due to wings pulling the server configuration rather than the Panel pushing it,
wings gets the wrong status for a server if both the status update and sync request
are ran in a transaction due to the status not being persisted in the database.

Fixes #3639
 2021-10-07 08:46:09 -07:00
Matthew Penner
9ab8f946ec
this should fix tests! 
Pro-tip: disable function calls that don't work instead of trying
to figure out why they don't work :)
 2021-10-06 15:02:30 -06:00
Matthew Penner
d945ce76f2
hopefully fix integration tests 2021-10-06 14:45:44 -06:00
Matthew Penner
6df90a12d8
ui(admin): add delete egg variable button 2021-10-03 16:07:13 -06:00
Matthew Penner
1eed25dcc7
ui(admin): finish egg variable editing 2021-10-03 16:07:13 -06:00
Matthew Penner
e2de673488
Merge branch 'develop' into v2 2021-09-30 16:08:11 -06:00
Dane Everitt
4a84c36009
Fix security vulnerability when authenticating a two-factor authentication token for a user 
See associated security advisory for technical details on the content of this security fix.

GHSA ID: GHSA-5vfx-8w6m-h3v4
 2021-09-21 21:30:08 -07:00
Matthew Penner
7d1cb2971f
api(application): allow updating node description 
fixes #3624
 2021-09-18 11:00:31 -06:00
Matthew Penner
8d0dd42475
ui(admin): add egg install editing 2021-09-17 14:47:56 -06:00
Matthew Penner
e8ddadc608
ui(admin): implement basic egg importing 2021-09-17 13:48:20 -06:00
Matthew Penner
df895f4a9f
ui(admin): server edit cleanup, fix startup form 2021-09-16 15:03:51 -06:00
Matthew Penner
95f3eb54db
ui(admin): get server startup ui working 2021-09-15 21:22:15 -06:00
Matthew Penner
a6ab61adba
ui(admin): allow editing allocations for servers 2021-09-15 15:37:17 -06:00
Matthew Penner
6df2368264
ui(admin): server editing improvements 2021-09-15 11:18:58 -06:00
Matthew Penner
23a160b9e1
Merge branch 'develop' into v2 2021-09-15 10:30:40 -06:00
Dane Everitt
5fdb0a5909
Correctly expose OOM disable state for a server 2021-09-13 21:02:12 -07:00
Matthew Penner
24d1799322
api(application): fix 'root_admin' not being set 2021-09-13 17:24:16 -06:00
Matthew Penner
5843c34240
fix type error with WebauthnKeyTransformer 2021-09-13 02:34:01 -06:00
Matthew Penner
4da38891c7
admin: fix nest create not working 2021-09-13 01:53:10 -06:00
Matthew Penner
004a13a5f7
fix null admin role breaking user transformer 2021-09-13 00:58:39 -06:00
Matthew Penner
bc25468802
server: fix build modification not being persisted (#3610) 2021-09-12 23:18:17 -06:00
Matthew Penner
6362731d55
ui(admin): implement basic server editing 2021-09-12 22:15:45 -06:00
Matthew Penner
d0a78ec067
ui(admin): add new node page 2021-09-12 21:22:33 -06:00
Matthew Penner
3c01dbbcc5
ui(admin): add allocation table, implement allocation creator 2021-09-12 19:40:10 -06:00
Matthew Penner
c716be263b
Merge branch 'matthewpi/fix-server-build-modification' into v2 2021-09-12 16:31:42 -06:00
Matthew Penner
0c943248bc
cleanup 2021-09-12 16:22:34 -06:00
Matthew Penner
1880b83944
server: fix build modification not being persisted 2021-09-12 15:27:02 -06:00
Matthew Penner
e384c0d5c3
Merge branch 'develop' into v2 2021-09-11 16:13:11 -06:00
Dane Everitt
7b429831ce
Fix missing user agent headers to store an empty string rather than null value 2021-09-11 13:00:53 -07:00