Add front-end support for adding and deleting API keys.
This commit is contained in:
Dane Everitt
parent
dfeed013ba
commit
53ec2c55ec
8 changed files with 379 additions and 225 deletions
|
|
@ -25,9 +25,12 @@
|
|||
namespace Pterodactyl\Http\Controllers\Base;
|
||||
|
||||
use Alert;
|
||||
use Log;
|
||||
|
||||
use Pterodactyl\Models;
|
||||
|
||||
use Pterodactyl\Repositories\APIRepository;
|
||||
use Pterodactyl\Exceptions\DisplayValidationException;
|
||||
use Pterodactyl\Exceptions\DisplayException;
|
||||
use Pterodactyl\Http\Controllers\Controller;
|
||||
|
||||
|
|
@ -45,7 +48,6 @@ class APIController extends Controller
|
|||
return view('base.api.index', [
|
||||
'keys' => $keys
|
||||
]);
|
||||
|
||||
}
|
||||
|
||||
public function new(Request $request)
|
||||
|
|
@ -55,6 +57,32 @@ class APIController extends Controller
|
|||
|
||||
public function save(Request $request)
|
||||
{
|
||||
try {
|
||||
$repo = new APIRepository($request->user());
|
||||
$secret = $repo->new($request->except(['_token']));
|
||||
Alert::success('An API Keypair has successfully been generated. The API secret for this public key is shown below and will not be shown again.<br /><br /><code>' . $secret . '</code>')->flash();
|
||||
return redirect()->route('account.api');
|
||||
} catch (DisplayValidationException $ex) {
|
||||
return redirect()->route('account.api.new')->withErrors(json_decode($ex->getMessage()))->withInput();
|
||||
} catch (DisplayException $ex) {
|
||||
Alert::danger($ex->getMessage())->flash();
|
||||
} catch (\Exception $ex) {
|
||||
Log::error($ex);
|
||||
Alert::danger('An unhandled exception occured while attempting to add this API key.')->flash();
|
||||
}
|
||||
return redirect()->route('account.api.new')->withInput();
|
||||
}
|
||||
|
||||
public function revoke(Request $request, $key)
|
||||
{
|
||||
try {
|
||||
$repo = new APIRepository($request->user());
|
||||
$repo->revoke($key);
|
||||
return response('', 204);
|
||||
} catch (\Exception $ex) {
|
||||
return response()->json([
|
||||
'error' => 'An error occured while attempting to remove this key.'
|
||||
], 503);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class APIRoutes
|
|||
$api = app('Dingo\Api\Routing\Router');
|
||||
$api->version('v1', ['prefix' => 'api/me', 'middleware' => 'api.auth'], function ($api) {
|
||||
$api->get('/', [
|
||||
'as' => 'api.user',
|
||||
'as' => 'api.user.me',
|
||||
'uses' => 'Pterodactyl\Http\Controllers\API\User\InfoController@me'
|
||||
]);
|
||||
|
||||
|
|
|
|||
|
|
@ -88,6 +88,10 @@ class BaseRoutes {
|
|||
$router->post('/new', [
|
||||
'uses' => 'Base\APIController@save'
|
||||
]);
|
||||
|
||||
$router->delete('/revoke/{key}', [
|
||||
'uses' => 'Base\APIController@revoke'
|
||||
]);
|
||||
});
|
||||
|
||||
// TOTP Routes
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@
|
|||
*/
|
||||
namespace Pterodactyl\Repositories;
|
||||
|
||||
use Auth;
|
||||
use DB;
|
||||
use Crypt;
|
||||
use Validator;
|
||||
|
|
@ -40,38 +41,51 @@ class APIRepository
|
|||
* @var array
|
||||
*/
|
||||
protected $permissions = [
|
||||
'*',
|
||||
'admin' => [
|
||||
'*',
|
||||
|
||||
// User Management Routes
|
||||
'api.users.list',
|
||||
'api.users.create',
|
||||
'api.users.view',
|
||||
'api.users.update',
|
||||
'api.users.delete',
|
||||
// User Management Routes
|
||||
'users.list',
|
||||
'users.create',
|
||||
'users.view',
|
||||
'users.update',
|
||||
'users.delete',
|
||||
|
||||
// Server Manaement Routes
|
||||
'api.servers.list',
|
||||
'api.servers.create',
|
||||
'api.servers.view',
|
||||
'api.servers.config',
|
||||
'api.servers.build',
|
||||
'api.servers.suspend',
|
||||
'api.servers.unsuspend',
|
||||
'api.servers.delete',
|
||||
// Server Manaement Routes
|
||||
'servers.list',
|
||||
'servers.create',
|
||||
'servers.view',
|
||||
'servers.config',
|
||||
'servers.build',
|
||||
'servers.suspend',
|
||||
'servers.unsuspend',
|
||||
'servers.delete',
|
||||
|
||||
// Node Management Routes
|
||||
'api.nodes.list',
|
||||
'api.nodes.create',
|
||||
'api.nodes.list',
|
||||
'api.nodes.allocations',
|
||||
'api.nodes.delete',
|
||||
// Node Management Routes
|
||||
'nodes.list',
|
||||
'nodes.create',
|
||||
'nodes.list',
|
||||
'nodes.allocations',
|
||||
'nodes.delete',
|
||||
|
||||
// Service Routes
|
||||
'api.services.list',
|
||||
'api.services.view',
|
||||
// Service Routes
|
||||
'services.list',
|
||||
'services.view',
|
||||
|
||||
// Location Routes
|
||||
'api.locations.list',
|
||||
// Location Routes
|
||||
'locations.list',
|
||||
|
||||
],
|
||||
'user' => [
|
||||
'*',
|
||||
|
||||
// Informational
|
||||
'me',
|
||||
|
||||
// Server Control
|
||||
'server',
|
||||
'server.power',
|
||||
],
|
||||
];
|
||||
|
||||
/**
|
||||
|
|
@ -80,12 +94,17 @@ class APIRepository
|
|||
*/
|
||||
protected $allowed = [];
|
||||
|
||||
protected $user;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*/
|
||||
public function __construct()
|
||||
public function __construct(Models\User $user = null)
|
||||
{
|
||||
//
|
||||
$this->user = is_null($user) ? Auth::user() : $user;
|
||||
if (is_null($this->user)) {
|
||||
throw new \Exception('Cannot access API Repository without passing a user to __construct().');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -101,7 +120,9 @@ class APIRepository
|
|||
public function new(array $data)
|
||||
{
|
||||
$validator = Validator::make($data, [
|
||||
'permissions' => 'required|array'
|
||||
'memo' => 'string|max:500',
|
||||
'permissions' => 'sometimes|required|array',
|
||||
'adminPermissions' => 'sometimes|required|array'
|
||||
]);
|
||||
|
||||
$validator->after(function($validator) use ($data) {
|
||||
|
|
@ -125,31 +146,53 @@ class APIRepository
|
|||
}
|
||||
|
||||
DB::beginTransaction();
|
||||
|
||||
try {
|
||||
$secretKey = str_random(16) . '.' . str_random(15);
|
||||
$secretKey = str_random(16) . '.' . str_random(7) . '.' . str_random(7);
|
||||
$key = new Models\APIKey;
|
||||
$key->fill([
|
||||
'user' => $this->user->id,
|
||||
'public' => str_random(16),
|
||||
'secret' => Crypt::encrypt($secretKey),
|
||||
'allowed_ips' => empty($this->allowed) ? null : json_encode($this->allowed)
|
||||
'allowed_ips' => empty($this->allowed) ? null : json_encode($this->allowed),
|
||||
'memo' => $data['memo'],
|
||||
'expires_at' => null
|
||||
]);
|
||||
$key->save();
|
||||
|
||||
foreach($data['permissions'] as $permission) {
|
||||
if (in_array($permission, $this->permissions)) {
|
||||
foreach($data['permissions'] as $permNode) {
|
||||
if (!strpos($permNode, ':')) continue;
|
||||
|
||||
list($toss, $permission) = explode(':', $permNode);
|
||||
if (in_array('api.user.' . $permission, $this->permissions['user'])) {
|
||||
$model = new Models\APIPermission;
|
||||
$model->fill([
|
||||
'key_id' => $key->id,
|
||||
'permission' => $permission
|
||||
'permission' => 'api.user.' . $permission
|
||||
]);
|
||||
$model->save();
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->user->root_admin === 1) {
|
||||
foreach($data['permissions'] as $permNode) {
|
||||
if (!strpos($permNode, ':')) continue;
|
||||
|
||||
list($toss, $permission) = explode(':', $permNode);
|
||||
if (in_array('api.admin.' . $permission, $this->permissions['admin'])) {
|
||||
$model = new Models\APIPermission;
|
||||
$model->fill([
|
||||
'key_id' => $key->id,
|
||||
'permission' => 'api.admin.' . $permission
|
||||
]);
|
||||
$model->save();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DB::commit();
|
||||
return $secretKey;
|
||||
} catch (\Exception $ex) {
|
||||
DB::rollBack();
|
||||
throw $ex;
|
||||
}
|
||||
|
||||
|
|
@ -169,7 +212,7 @@ class APIRepository
|
|||
DB::beginTransaction();
|
||||
|
||||
try {
|
||||
$model = Models\APIKey::where('public', $key)->firstOrFail();
|
||||
$model = Models\APIKey::where('public', $key)->where('user', $this->user->id)->firstOrFail();
|
||||
$permissions = Models\APIPermission::where('key_id', $model->id)->delete();
|
||||
$model->delete();
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue