Alex
49d5ef271d
ARM64 support for the Panel Docker image, closes #3580 ( #3709 )
...
Co-authored-by: Dane Everitt <dane@daneeveritt.com>
2021-12-04 10:33:42 -08:00
Boy132
4cc8658334
GSL Token Modal Feature ( #3746 )
2021-12-04 10:29:24 -08:00
Yusta
a6e0e5dbda
Add app_url for mail sender ( #3753 )
...
Co-authored-by: Dane Everitt <dane@daneeveritt.com>
2021-12-04 10:26:00 -08:00
Desjardins Jérôme
10aaf00e83
use DB_PORT for mysql database connection ( #3762 )
...
DB_PORT is the env variable defined for the mysql port into Panel Configuration.
2021-12-04 10:25:02 -08:00
Paul Vogel
b9d73afb63
Fix typo in messsage when deleting a database ( #3777 )
2021-12-04 10:24:06 -08:00
Alex
59d47e746b
fix: Forge version regex for 1.17+ JPMS ( #3783 )
...
For 1.17 JPMS arguments, fix regex to match`^1\.(17|18|19|20|21|22|23)` or latest instead of only dot . minor versions, which is something I didn't notice in a previous PR. This should future proof it.
Changes Java image display order defaulting to 17, which the 1.17+ requires for unix args.
2021-12-04 10:23:37 -08:00
Alex
01e7a45cc5
fix(eggs): Forge latest version fetching ( #3770 )
...
Fixes a typo in fetching the latest versions. It was overwritten to "recommended" by mistake.
Easy to read diff: <https://www.diffchecker.com/U04gJTRu >
2021-11-29 10:14:08 -08:00
Matthew Penner
6e4e0bc0a4
ui(admin): update server image when switching eggs
2021-11-17 14:28:19 -07:00
Matthew Penner
81ff03c2a3
ui(admin): add 'externalId' field for users
2021-11-17 14:26:23 -07:00
Matthew Penner
9c92d51e28
ui: organize and tweak to flash messages
2021-11-17 13:52:17 -07:00
Dane Everitt
30bb629bad
Update CHANGELOG.md
2021-11-16 20:36:53 -08:00
Dane Everitt
bf9cbe2c6d
Add consistent CSRF token verification to API endpoints; address security concern with non-CSRF protected endpoints
2021-11-16 20:02:18 -08:00
Matthew Penner
cc31a0a6d0
tests(integration): don't expect non-required fields
2021-11-15 11:29:22 -07:00
Alex
01871d8a6c
add Java 17 LTS image to Minecraft eggs ( #3744 )
...
* feat: add Java 17 LTS for Minecraft
* feat: add java 17 option to java modal
2021-11-15 08:15:27 -08:00
Matthew Penner
d8da79b7fb
yarn: upgrade dependencies
2021-11-12 13:16:15 -07:00
Matthew Penner
ce0bc477c2
ui(admin): fix egg variables
2021-11-04 14:33:24 -06:00
Matthew Penner
f7c824743f
ui(editor): prevent initialContent being duplicated
2021-11-04 13:44:10 -06:00
Matthew Penner
5359ef8407
api(app): allow removing a server's startup command
2021-11-04 11:47:08 -06:00
Matthew Penner
34d20b2bf0
api: remove old debug logs
2021-11-04 11:37:33 -06:00
Matthew Penner
fad4005168
Merge branch 'develop' into v2
2021-11-04 11:34:11 -06:00
Dane Everitt
17c03e9a4d
Fix broken session management for application api
2021-11-03 21:33:21 -07:00
Dane Everitt
e8a8405899
Remove tests
2021-11-03 21:22:14 -07:00
Dane Everitt
60eff40a0c
Fix session management on client API requests; closes #3727
...
Versions of Pterodactyl prior to 1.6.3 used a different throttle pathway for
requests. That pathway found the current request user before continuing on to
other in-app middleware, thus the user was available downstream.
Changes introduced in 1.6.3 changed the throttler logic, therefore removing this
step. As a result, the client API could not always get the currently authenticated
user when cookies were used (aka, requests from the Panel UI, and not API directly).
This change corrects the logic to get the session setup correctly before falling
through to authenticating as a user using the API key. If a cookie is present and a
user is found as a result that session will be used. If an API key is provided it is
ignored when a cookie is also present.
In order to keep the API stateless any session created for an API request stemming
from an API key will have the associated session deleted at the end of the request,
and the 'Set-Cookies' header will be stripped from the response.
2021-11-03 20:51:39 -07:00
Matthew Penner
44f4cbc4c3
Merge branch 'develop' into v2
2021-11-03 15:35:22 -06:00
Matthew Penner
728adfe388
server(startup): make startup nullable; resolves #3721
2021-11-03 15:32:53 -06:00
Dane Everitt
cdd8eabcc0
Add phpstan for static analysis ( #3718 )
2021-10-30 13:41:38 -07:00
Alex
d0663dcbd4
fix: use POST for admin logout route ( #3710 )
...
Quick fix for logging out from the admin panel as the auth route was changed from GET to POST.
2021-10-30 13:27:59 -07:00
Matthew Penner
871d0bdd1c
ui(admin): add egg exporting
2021-10-30 14:23:29 -06:00
Matthew Penner
469c0b40a3
ui(admin): add views for settings
2021-10-30 13:12:02 -06:00
Matthew Penner
70cf5c17aa
ui(admin): basic server creation
2021-10-29 00:04:28 -06:00
Matthew Penner
cc2ed97b0f
ui: fix SearchableSelect not selecting when hitting enter
2021-10-28 23:48:07 -06:00
Matthew Penner
c48d573cc9
Merge branch 'develop' into v2
2021-10-28 22:59:12 -06:00
Matthew Penner
5e99bb8dd6
ui(admin): fix server startup variables
2021-10-24 16:05:00 -06:00
Alex
4dca4f0aa9
change display format of the container uptime ( #3706 )
...
* change display format of the container uptime
Display `day, hour, min` if days is more than 0, otherwise default to existing `hour, min, sec`. Removes pads to make it more clean in this new format.
* clean the return
2021-10-24 14:41:01 -07:00
Samuel Ryberg
c4ab318d5a
Update docker-compose.example.yml ( #3707 )
2021-10-24 10:21:58 -07:00
Alex
ef4410bac6
expose uptime to client resources API endpoint ( #3705 )
...
resolves #3704
2021-10-24 10:12:17 -07:00
Matthew Penner
cf1cc97340
ui(admin): rough layout on new server page
2021-10-23 15:19:49 -06:00
Matthew Penner
bee7c4515c
eggs: update default script values
2021-10-23 14:31:23 -06:00
Matthew Penner
f6ac9707fa
Merge branch 'develop' into v2
2021-10-23 14:22:18 -06:00
Matthew Penner
7f7506e5a9
ui(admin): fix bad redirect on egg delete
2021-10-23 14:19:50 -06:00
Matthew Penner
0e870ab256
fix integration tests
2021-10-23 14:17:05 -06:00
Anders G. Jørgensen
72680fc954
Don't force enable-query ( #3700 )
...
But make sure the query.port is set correctly, if query is enabled.
2021-10-23 13:11:45 -07:00
Dane Everitt
d65e2978d0
Update CHANGELOG.md
2021-10-23 13:02:25 -07:00
Dane Everitt
45999ba4ee
(security) use POST for logout rather than GET
...
see https://github.com/pterodactyl/panel/security/advisories/GHSA-m49f-hcxp-6hm6
2021-10-23 13:00:21 -07:00
Matthew Penner
2948e344d2
fix integration tests
2021-10-23 13:34:41 -06:00
Matthew Penner
b966069946
Merge branch 'develop' into v2
2021-10-23 13:26:25 -06:00
Dane Everitt
22a8b2b3a2
Use more standardized rate limiting in Laravel; apply limits to auth routes
2021-10-23 12:17:16 -07:00
Matthew Penner
cddf2ce41c
ui(admin): new egg page
2021-10-23 13:13:25 -06:00
Matthew Penner
336923ec18
ui(admin): fix container width on server startup
2021-10-23 12:31:30 -06:00
Matthew Penner
3b5fa34d85
ui(admin): add delete confirmation for egg variables
2021-10-23 12:29:17 -06:00