Use cache helpers rather than database to handle configuration tokens and downloads.

app/Http/Controllers/Admin/NodesController.php

@@ -27,6 +27,7 @@ namespace Pterodactyl\Http\Controllers\Admin;
 use DB;
 use Log;
 use Alert;
+use Cache;
 use Javascript;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
@@ -364,11 +365,9 @@ class NodesController extends Controller
     {
         $node = Models\Node::findOrFail($id);
 
-        $t = Models\NodeConfigurationToken::create([
-            'node_id' => $id,
-            'token' => str_random(32),
-        ]);
+        $token = str_random(32);
+        Cache::put('NodeConfiguration:' . $token, $node->id, 5);
 
-        return response()->json(['token' => $t->token]);
+        return response()->json(['token' => $token]);
     }
 }

app/Http/Controllers/Daemon/ActionController.php

@@ -24,11 +24,11 @@
 
 namespace Pterodactyl\Http\Controllers\Daemon;
 
+use Cache;
 use Illuminate\Http\Request;
+use Pterodactyl\Models\Node;
 use Pterodactyl\Models\Server;
-use Pterodactyl\Models\Download;
 use Pterodactyl\Http\Controllers\Controller;
-use Pterodactyl\Models\NodeConfigurationToken;
 
 class ActionController extends Controller
 {
@@ -40,18 +40,17 @@ class ActionController extends Controller
      */
     public function authenticateDownload(Request $request)
     {
-        $download = Download::where('token', $request->input('token'))->first();
-        if (! $download) {
+        $download = Cache::pull('Download:' . $request->input('token'));
+
+        if (is_null($download)) {
             return response()->json([
                 'error' => 'An invalid request token was recieved with this request.',
             ], 403);
         }
 
-        $download->delete();
-
         return response()->json([
-            'path' => $download->path,
-            'server' => $download->server,
+            'path' => $download['path'],
+            'server' => $download['server'],
         ]);
     }
 
@@ -94,24 +93,14 @@ class ActionController extends Controller
      */
     public function configuration(Request $request, $token)
     {
-        // Try to query the token and the node from the database
-        try {
-            $model = NodeConfigurationToken::with('node')->where('token', $token)->firstOrFail();
-        } catch (\Illuminate\Database\Eloquent\ModelNotFoundException $e) {
+        $nodeId = Cache::pull('NodeConfiguration:' . $token);
+        if (is_null($nodeId)) {
             return response()->json(['error' => 'token_invalid'], 403);
         }
 
-        // Check if token is expired
-        if ($model->created_at->addMinutes(5)->lt(Carbon::now())) {
-            $model->delete();
-
-            return response()->json(['error' => 'token_expired'], 403);
-        }
-
-        // Delete the token, it's one-time use
-        $model->delete();
+        $node = Node::findOrFail($nodeId);
 
         // Manually as getConfigurationAsJson() returns it in correct format already
-        return response($model->node->getConfigurationAsJson())->header('Content-Type', 'text/json');
+        return response($node->getConfigurationAsJson())->header('Content-Type', 'text/json');
     }
 }

app/Http/Controllers/Server/ServerController.php

@@ -25,8 +25,8 @@
 namespace Pterodactyl\Http\Controllers\Server;
 
 use Log;
-use Uuid;
 use Alert;
+use Cache;
 use Pterodactyl\Models;
 use Illuminate\Http\Request;
 use Pterodactyl\Exceptions\DisplayException;
@@ -201,13 +201,11 @@ class ServerController extends Controller
         $server = Models\Server::byUuid($uuid);
         $this->authorize('download-files', $server);
 
-        $download = new Models\Download;
-
-        $download->token = (string) Uuid::generate(4);
-        $download->server = $server->uuid;
-        $download->path = $file;
-
-        $download->save();
+        $token = str_random(40);
+        Cache::tags(['Downloads', 'Downloads:Server:' . $server->uuid])->put('Download:' . $token, [
+            'server' => $server->uuid,
+            'path' => $file,
+        ], 1);
 
         return redirect($server->node->scheme . '://' . $server->node->fqdn . ':' . $server->node->daemonListen . '/server/file/download/' . $download->token);
     }