Add more middleware tests

2017-11-03 18:16:49 -05:00 · 2017-11-03 18:16:49 -05:00 · 7882250baf
commit 7882250baf
parent 133fd17da6
13 changed files with 515 additions and 48 deletions
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@ -4,41 +4,26 @@ namespace Pterodactyl\Http\Middleware;

 use Closure;
 use Illuminate\Http\Request;
-use Illuminate\Contracts\Auth\Guard;
+use Illuminate\Auth\AuthenticationException;

 class Authenticate
 {
-    /**
-     * The Guard implementation.
-     *
-     * @var \Illuminate\Contracts\Auth\Guard
-     */
-    protected $auth;
-
-    /**
-     * Create a new filter instance.
-     *
-     * @param \Illuminate\Contracts\Auth\Guard $auth
-     */
-    public function __construct(Guard $auth)
-    {
-        $this->auth = $auth;
-    }
-
    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure                 $next
     * @return mixed
+     *
+     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function handle(Request $request, Closure $next)
    {
-        if ($this->auth->guest()) {
-            if ($request->ajax()) {
-                return response('Unauthorized.', 401);
+        if (! $request->user()) {
+            if ($request->ajax() || $request->expectsJson()) {
+                throw new AuthenticationException();
            } else {
-                return redirect()->guest('auth/login');
+                return redirect()->route('auth.login');
            }
        }

--- a/app/Http/Middleware/DaemonAuthenticate.php
+++ b/app/Http/Middleware/DaemonAuthenticate.php
@ -11,10 +11,8 @@ namespace Pterodactyl\Http\Middleware;

 use Closure;
 use Illuminate\Http\Request;
-use Pterodactyl\Models\Node;
-use Symfony\Component\HttpKernel\Exception\HttpException;
 use Pterodactyl\Contracts\Repository\NodeRepositoryInterface;
-use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

 class DaemonAuthenticate
 {
@ -56,15 +54,10 @@ class DaemonAuthenticate
        }

        if (! $request->header('X-Access-Node')) {
-            throw new HttpException(403);
-        }
-
-        try {
-            $node = $this->repository->findWhere(['daemonSecret' => $request->header('X-Access-Node')]);
-        } catch (RecordNotFoundException $exception) {
-            throw new HttpException(401);
+            throw new AccessDeniedHttpException;
        }

+        $node = $this->repository->findWhere(['daemonSecret' => $request->header('X-Access-Node')]);
        $request->attributes->set('node', $node);

        return $next($request);
--- a/app/Http/Middleware/LanguageMiddleware.php
+++ b/app/Http/Middleware/LanguageMiddleware.php
@ -11,11 +11,16 @@ namespace Pterodactyl\Http\Middleware;

 use Closure;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\App;
+use Illuminate\Foundation\Application;
 use Illuminate\Contracts\Config\Repository;

 class LanguageMiddleware
 {
+    /**
+     * @var \Illuminate\Foundation\Application
+     */
+    private $app;
+
    /**
     * @var \Illuminate\Contracts\Config\Repository
     */
@ -24,10 +29,12 @@ class LanguageMiddleware
    /**
     * LanguageMiddleware constructor.
     *
+     * @param \Illuminate\Foundation\Application      $app
     * @param \Illuminate\Contracts\Config\Repository $config
     */
-    public function __construct(Repository $config)
+    public function __construct(Application $app, Repository $config)
    {
+        $this->app = $app;
        $this->config = $config;
    }

@ -40,7 +47,7 @@ class LanguageMiddleware
     */
    public function handle(Request $request, Closure $next)
    {
-        App::setLocale($this->config->get('app.locale', 'en'));
+        $this->app->setLocale($this->config->get('app.locale', 'en'));

        return $next($request);
    }
--- a/app/Http/Middleware/RedirectIfAuthenticated.php
+++ b/app/Http/Middleware/RedirectIfAuthenticated.php
@ -9,7 +9,7 @@ use Illuminate\Auth\AuthManager;
 class RedirectIfAuthenticated
 {
    /**
-     * @var \Illuminate\Contracts\Auth\Guard
+     * @var \Illuminate\Auth\AuthManager
     */
    private $authManager;

@ -34,7 +34,7 @@ class RedirectIfAuthenticated
    public function handle(Request $request, Closure $next, string $guard = null)
    {
        if ($this->authManager->guard($guard)->check()) {
-            return redirect(route('index'));
+            return redirect()->route('index');
        }

        return $next($request);
--- a/app/Http/Middleware/RequireTwoFactorAuthentication.php
+++ b/app/Http/Middleware/RequireTwoFactorAuthentication.php
@ -73,27 +73,23 @@ class RequireTwoFactorAuthentication
     */
    public function handle(Request $request, Closure $next)
    {
-        // Ignore non-users
        if (! $request->user()) {
            return $next($request);
        }

-        // Skip the 2FA pages
        if (in_array($request->route()->getName(), $this->except)) {
            return $next($request);
        }

-        // Get the setting
        switch ((int) $this->settings->get('2fa', 0)) {
            case self::LEVEL_NONE:
                return $next($request);
-
+                break;
            case self::LEVEL_ADMIN:
-                if (! $request->user()->root_admin) {
+                if (! $request->user()->root_admin || $request->user()->use_totp) {
                    return $next($request);
                }
                break;
-
            case self::LEVEL_ALL:
                if ($request->user()->use_totp) {
                    return $next($request);