StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Have the panel handle all of the authorization for both public key and password based attempts

Browse source
This commit is contained in:
DaneEveritt 2022-05-15 16:00:08 -04:00
parent e856daee19
commit 412ac5ef39
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
2 changed files with 4 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

7
app/Http/Controllers/Api/Remote/SftpAuthenticationController.php
View file

@ -28,7 +28,8 @@ abstract class SftpAuthenticationController extends Controller
/**
* Authenticate a set of credentials and return the associated server details
* for a SFTP connection on the daemon.
* for a SFTP connection on the daemon. This supports both public key and password
* based credentials.
*/
public function __invoke(SftpAuthenticationFormRequest $request): JsonResponse
{
@ -44,9 +45,7 @@ abstract class SftpAuthenticationController extends Controller
$this->reject($request);
}
} else {
// Start blocking requests when the user has no public keys in the first place —
// don't let the user spam this endpoint.
if ($user->sshKeys->isEmpty()) {
if (!$user->sshKeys()->where('public_key', $request->input('password'))->exists()) {
$this->reject($request);
}
}