StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge branch 'develop' into fix/trusted-proxies

Browse source
This commit is contained in:
Jakob 2017-02-03 00:38:58 +01:00 committed by GitHub
commit 19567ee311
24 changed files with 5449 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/Http/Controllers/API/ServerController.php
View file

@ -117,7 +117,10 @@ class ServerController extends BaseController
}
// Requested Daemon Stats
$server = $query->first();
$server = $query->with(
'allocations',
'pack'
)->first();
if ($request->input('daemon') === 'true') {
$node = Models\Node::findOrFail($server->node);
$client = Models\Node::guzzleRequest($node->id);

1
app/Http/Controllers/API/ServiceController.php
View file

@ -55,6 +55,7 @@ class ServiceController extends BaseController
'options' => Models\ServiceOptions::select('id', 'name', 'description', 'tag', 'docker_image')
->where('parent_service', $service->id)
->with('variables')
->with('packs')
->get(),
];
}

72
app/Http/Controllers/Auth/LoginController.php
View file

@ -27,6 +27,7 @@ namespace Pterodactyl\Http\Controllers\Auth;
use Auth;
use Alert;
use Cache;
use Illuminate\Http\Request;
use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA;
@ -110,33 +111,62 @@ class LoginController extends Controller
}
// Verify TOTP Token was Valid
if (Auth::user()->use_totp === 1) {
$G2FA = new Google2FA();
if (is_null($request->input('totp_token')) || ! $G2FA->verifyKey(Auth::user()->totp_secret, $request->input('totp_token'))) {
if (! $lockedOut) {
$this->incrementLoginAttempts($request);
}
if (Auth::user()->use_totp) {
$verifyKey = str_random(64);
Cache::put($verifyKey, Auth::user()->id, 5);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.totp')->with('authentication_token', $verifyKey);
} else {
Auth::login(Auth::user(), $request->has('remember'));
return $this->sendFailedLoginResponse($request);
}
return $this->sendLoginResponse($request);
}
}
public function totp(Request $request)
{
$verifyKey = $request->session()->get('authentication_token');
if (is_null($verifyKey) || Auth::user()) {
return redirect()->route('auth.login');
}
// Successfully Authenticated.
Auth::login(Auth::user(), $request->has('remember'));
return $this->sendLoginResponse($request);
return view('auth.totp', [
'verify_key' => $verifyKey,
'remember' => $request->has('remember'),
]);
}
/**
* Check if the provided user has TOTP enabled.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function checkTotp(Request $request)
public function totpCheckpoint(Request $request)
{
return response()->json(User::select('id')->where('email', $request->input('email'))->where('use_totp', 1)->first());
$G2FA = new Google2FA();
if (is_null($request->input('verify_token'))) {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.login');
}
$user = User::where('id', Cache::pull($request->input('verify_token')))->first();
if (! $user) {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.totp_failed'))->flash();
return redirect()->route('auth.login');
}
if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'), 1)) {
Auth::login($user, $request->has('remember'));
return redirect()->intended($this->redirectPath());
} else {
$this->incrementLoginAttempts($request);
Alert::danger(trans('auth.2fa_failed'))->flash();
return redirect()->route('auth.login');
}
}
}

8
app/Http/Routes/AuthRoutes.php
View file

@ -51,9 +51,13 @@ class AuthRoutes
'uses' => 'Auth\LoginController@login',
]);
// Determine if we need to ask for a TOTP Token
$router->get('login/totp', [
'as' => 'auth.totp',
'uses' => 'Auth\LoginController@totp',
]);
$router->post('login/totp', [
'uses' => 'Auth\LoginController@checkTotp',
'uses' => 'Auth\LoginController@totpCheckpoint',
]);
// Show Password Reset Form