Add ApiKey service, cleanup old API key methods
https://zube.io/pterodactyl/panel/c/525
This commit is contained in:
Dane Everitt
parent
2235481765
commit
4ee9d38ad1
10 changed files with 569 additions and 85 deletions
|
|
@ -25,22 +25,48 @@
|
|||
|
||||
namespace Pterodactyl\Http\Controllers\Base;
|
||||
|
||||
use Log;
|
||||
use Alert;
|
||||
use Illuminate\Http\Request;
|
||||
use Pterodactyl\Models\APIKey;
|
||||
use Prologue\Alerts\AlertsMessageBag;
|
||||
use Pterodactyl\Models\APIPermission;
|
||||
use Pterodactyl\Repositories\APIRepository;
|
||||
use Pterodactyl\Exceptions\DisplayException;
|
||||
use Pterodactyl\Services\ApiKeyService;
|
||||
use Pterodactyl\Http\Controllers\Controller;
|
||||
use Pterodactyl\Exceptions\DisplayValidationException;
|
||||
use Pterodactyl\Http\Requests\ApiKeyRequest;
|
||||
|
||||
class APIController extends Controller
|
||||
{
|
||||
/**
|
||||
* @var \Prologue\Alerts\AlertsMessageBag
|
||||
*/
|
||||
protected $alert;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Models\APIKey
|
||||
*/
|
||||
protected $model;
|
||||
|
||||
/**
|
||||
* @var \Pterodactyl\Services\ApiKeyService
|
||||
*/
|
||||
protected $service;
|
||||
|
||||
/**
|
||||
* APIController constructor.
|
||||
*
|
||||
* @param \Prologue\Alerts\AlertsMessageBag $alert
|
||||
* @param \Pterodactyl\Services\ApiKeyService $service
|
||||
*/
|
||||
public function __construct(AlertsMessageBag $alert, ApiKeyService $service, APIKey $model)
|
||||
{
|
||||
$this->alert = $alert;
|
||||
$this->model = $model;
|
||||
$this->service = $service;
|
||||
}
|
||||
|
||||
/**
|
||||
* Display base API index page.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\View\View
|
||||
*/
|
||||
public function index(Request $request)
|
||||
|
|
@ -53,15 +79,14 @@ class APIController extends Controller
|
|||
/**
|
||||
* Display API key creation page.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\View\View
|
||||
*/
|
||||
public function create(Request $request)
|
||||
public function create()
|
||||
{
|
||||
return view('base.api.new', [
|
||||
'permissions' => [
|
||||
'user' => collect(APIPermission::permissions())->pull('_user'),
|
||||
'admin' => collect(APIPermission::permissions())->except('_user')->toArray(),
|
||||
'user' => collect(APIPermission::PERMISSIONS)->pull('_user'),
|
||||
'admin' => collect(APIPermission::PERMISSIONS)->except('_user')->toArray(),
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
|
@ -69,52 +94,46 @@ class APIController extends Controller
|
|||
/**
|
||||
* Handle saving new API key.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Pterodactyl\Http\Requests\ApiKeyRequest $request
|
||||
* @return \Illuminate\Http\RedirectResponse
|
||||
*
|
||||
* @throws \Exception
|
||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||
*/
|
||||
public function store(Request $request)
|
||||
public function store(ApiKeyRequest $request)
|
||||
{
|
||||
try {
|
||||
$repo = new APIRepository($request->user());
|
||||
$secret = $repo->create($request->intersect([
|
||||
'memo', 'allowed_ips',
|
||||
'admin_permissions', 'permissions',
|
||||
]));
|
||||
Alert::success('An API Key-Pair has successfully been generated. The API secret for this public key is shown below and will not be shown again.<br /><br /><code>' . $secret . '</code>')->flash();
|
||||
|
||||
return redirect()->route('account.api');
|
||||
} catch (DisplayValidationException $ex) {
|
||||
return redirect()->route('account.api.new')->withErrors(json_decode($ex->getMessage()))->withInput();
|
||||
} catch (DisplayException $ex) {
|
||||
Alert::danger($ex->getMessage())->flash();
|
||||
} catch (\Exception $ex) {
|
||||
Log::error($ex);
|
||||
Alert::danger('An unhandled exception occured while attempting to add this API key.')->flash();
|
||||
$adminPermissions = [];
|
||||
if ($request->user()->isRootAdmin()) {
|
||||
$adminPermissions = $request->input('admin_permissions') ?? [];
|
||||
}
|
||||
|
||||
return redirect()->route('account.api.new')->withInput();
|
||||
$secret = $this->service->create([
|
||||
'user_id' => $request->user()->id,
|
||||
'allowed_ips' => $request->input('allowed_ips'),
|
||||
'memo' => $request->input('memo'),
|
||||
], $request->input('permissions') ?? [], $adminPermissions);
|
||||
|
||||
$this->alert->success('An API Key-Pair has successfully been generated. The API secret for this public key is shown below and will not be shown again.<br /><br /><code>' . $secret . '</code>')->flash();
|
||||
|
||||
return redirect()->route('account.api');
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle revoking API key.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param string $key
|
||||
* @return \Illuminate\Http\JsonResponse|\Illuminate\Http\Response
|
||||
* @return \Illuminate\Http\Response
|
||||
*
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function revoke(Request $request, $key)
|
||||
{
|
||||
try {
|
||||
$repo = new APIRepository($request->user());
|
||||
$repo->revoke($key);
|
||||
$key = $this->model->newQuery()
|
||||
->where('user_id', $request->user()->id)
|
||||
->where('public', $key)
|
||||
->firstOrFail();
|
||||
|
||||
return response('', 204);
|
||||
} catch (\Exception $ex) {
|
||||
Log::error($ex);
|
||||
$this->service->revoke($key);
|
||||
|
||||
return response()->json([
|
||||
'error' => 'An error occured while attempting to remove this key.',
|
||||
], 503);
|
||||
}
|
||||
return response('', 204);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue