StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Block API access when 2FA is required on account; closes #2791

Browse source
This commit is contained in:
Dane Everitt 2020-12-06 13:56:14 -08:00
parent 5d23d894ae
commit d22456d9ca
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
8 changed files with 101 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

9
routes/api-client.php
View file

@ -1,6 +1,7 @@
<?php
use Illuminate\Support\Facades\Route;
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
use Pterodactyl\Http\Middleware\Api\Client\Server\SubuserBelongsToServer;
use Pterodactyl\Http\Middleware\Api\Client\Server\AuthenticateServerAccess;
use Pterodactyl\Http\Middleware\Api\Client\Server\AllocationBelongsToServer;
@ -17,10 +18,10 @@ Route::get('/', 'ClientController@index')->name('api:client.index');
Route::get('/permissions', 'ClientController@permissions');
Route::group(['prefix' => '/account'], function () {
Route::get('/', 'AccountController@index')->name('api:client.account');
Route::get('/two-factor', 'TwoFactorController@index');
Route::post('/two-factor', 'TwoFactorController@store');
Route::delete('/two-factor', 'TwoFactorController@delete');
Route::get('/', 'AccountController@index')->name('api:client.account')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::get('/two-factor', 'TwoFactorController@index')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::post('/two-factor', 'TwoFactorController@store')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::delete('/two-factor', 'TwoFactorController@delete')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::put('/email', 'AccountController@updateEmail')->name('api:client.account.update-email');
Route::put('/password', 'AccountController@updatePassword')->name('api:client.account.update-password');