Initial Commit of Files

PufferPanel v0.9 (Laravel) is now Pterodactyl 1.0

app/Http/Middleware/APIAuthenticate.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Closure;
+use Debugbar;
+
+use Pterodactyl\Models\API;
+
+class APIAuthenticate
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        if(!$request->header('X-Authorization')) {
+            return response()->json([
+                'error' => 'Authorization header was missing with this request. Please pass the \'X-Authorization\' header with your request.'
+            ], 403);
+        }
+
+        $api = API::where('key', $request->header('X-Authorization'))->first();
+        if (!$api) {
+            return response()->json([
+                'error' => 'Invalid API key was provided in the request.'
+            ], 403);
+        }
+
+        if (!is_null($api->allowed_ips)) {
+            if (!in_array($request->ip(), json_decode($api->allowed_ips, true))) {
+                return response()->json([
+                    'error' => 'This IP (' . $request->ip() . ') is not permitted to access the API with that token.'
+                ], 403);
+            }
+        }
+
+        return $next($request);
+
+    }
+}

app/Http/Middleware/AdminAuthenticate.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\Guard;
+
+class AdminAuthenticate
+{
+    /**
+     * The Guard implementation.
+     *
+     * @var Guard
+     */
+    protected $auth;
+
+    /**
+     * Create a new filter instance.
+     *
+     * @param  Guard  $auth
+     * @return void
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if ($this->auth->guest()) {
+            if ($request->ajax()) {
+                return response('Unauthorized.', 401);
+            } else {
+                return redirect()->guest('auth/login');
+            }
+        }
+
+        if($this->auth->user()->root_admin !== 1) {
+            return abort(403);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/Authenticate.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\Guard;
+
+class Authenticate
+{
+    /**
+     * The Guard implementation.
+     *
+     * @var Guard
+     */
+    protected $auth;
+
+    /**
+     * Create a new filter instance.
+     *
+     * @param  Guard  $auth
+     * @return void
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if ($this->auth->guest()) {
+            if ($request->ajax()) {
+                return response('Unauthorized.', 401);
+            } else {
+                return redirect()->guest('auth/login');
+            }
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckServer.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Closure;
+use Auth;
+use Pterodactyl\Models\Server;
+use Debugbar;
+
+class CheckServer
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        if (!Auth::user()) {
+            return redirect()->guest('auth/login');
+        }
+
+        if (!Server::getByUUID($request->route()->server)) {
+            return redirect('/');
+        }
+
+        return $next($request);
+
+    }
+}

app/Http/Middleware/EncryptCookies.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Illuminate\Cookie\Middleware\EncryptCookies as BaseEncrypter;
+
+class EncryptCookies extends BaseEncrypter
+{
+    /**
+     * The names of the cookies that should not be encrypted.
+     *
+     * @var array
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Middleware/RedirectIfAuthenticated.php

@@ -0,0 +1,43 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\Guard;
+
+class RedirectIfAuthenticated
+{
+    /**
+     * The Guard implementation.
+     *
+     * @var Guard
+     */
+    protected $auth;
+
+    /**
+     * Create a new filter instance.
+     *
+     * @param  Guard  $auth
+     * @return void
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if ($this->auth->check()) {
+            return redirect('/home');
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/VerifyCsrfToken.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
+
+class VerifyCsrfToken extends BaseVerifier
+{
+    /**
+     * The URIs that should be excluded from CSRF verification.
+     *
+     * @var array
+     */
+    protected $except = [
+        //
+    ];
+}