Change authentication method for API.
This commit is contained in:
Dane Everitt
parent
63f377a038
commit
77e3744b40
9 changed files with 162 additions and 219 deletions
|
|
@ -1,63 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Models;
|
||||
|
||||
use Log;
|
||||
use Pterodactyl\Exceptions\DisplayException;
|
||||
use Pterodactyl\Models\APIPermission;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class API extends Model
|
||||
{
|
||||
|
||||
/**
|
||||
* The table associated with the model.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $table = 'api';
|
||||
|
||||
/**
|
||||
* The attributes excluded from the model's JSON form.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $hidden = ['daemonSecret'];
|
||||
|
||||
public function permissions()
|
||||
{
|
||||
return $this->hasMany(APIPermission::class);
|
||||
}
|
||||
|
||||
public static function findKey($key)
|
||||
{
|
||||
return self::where('key', $key)->first();
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine if an API key has permission to perform an action.
|
||||
*
|
||||
* @param string $key
|
||||
* @param string $permission
|
||||
* @return boolean
|
||||
*/
|
||||
public static function checkPermission($key, $permission)
|
||||
{
|
||||
$api = self::findKey($key);
|
||||
|
||||
if (!$api) {
|
||||
throw new DisplayException('The requested API key (' . $key . ') was not found in the system.');
|
||||
}
|
||||
|
||||
return APIPermission::check($api->id, $permission);
|
||||
|
||||
}
|
||||
|
||||
public static function noPermissionError($error = 'You do not have permission to perform this action with this API key.')
|
||||
{
|
||||
return response()->json([
|
||||
'error' => 'You do not have permission to perform this action with this API key.'
|
||||
], 403);
|
||||
}
|
||||
|
||||
}
|
||||
17
app/Models/APIKey.php
Normal file
17
app/Models/APIKey.php
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Models;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class APIKey extends Model
|
||||
{
|
||||
|
||||
/**
|
||||
* The table associated with the model.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $table = 'api_keys';
|
||||
|
||||
}
|
||||
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
namespace Pterodactyl\Models;
|
||||
|
||||
use Debugbar;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class APIPermission extends Model
|
||||
|
|
@ -15,16 +14,4 @@ class APIPermission extends Model
|
|||
*/
|
||||
protected $table = 'api_permissions';
|
||||
|
||||
/**
|
||||
* Checks if an API key has a specific permission.
|
||||
*
|
||||
* @param int $id
|
||||
* @param string $permission
|
||||
* @return boolean
|
||||
*/
|
||||
public static function check($id, $permission)
|
||||
{
|
||||
return self::where('key_id', $id)->where('permission', $permission)->exists();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue