StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Ensure we don't cause a mess with the auth providers

Browse source
This commit is contained in:
DaneEveritt 2022-05-22 18:16:47 -04:00
parent 3ae70efc14
commit dca53611ff
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
6 changed files with 233 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

13
app/Http/Kernel.php
View file

@ -2,6 +2,7 @@
namespace Pterodactyl\Http;
use Fruitcake\Cors\HandleCors;
use Illuminate\Auth\Middleware\Authorize;
use Illuminate\Auth\Middleware\Authenticate;
use Illuminate\Http\Middleware\TrustProxies;
@ -26,9 +27,9 @@ use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Pterodactyl\Http\Middleware\Api\Daemon\DaemonAuthenticate;
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
use Pterodactyl\Http\Middleware\Api\Client\SubstituteClientBindings;
use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
class Kernel extends HttpKernel
@ -39,12 +40,12 @@ class Kernel extends HttpKernel
* @var array
*/
protected $middleware = [
CheckForMaintenanceMode::class,
EncryptCookies::class,
TrustProxies::class,
HandleCors::class,
PreventRequestsDuringMaintenance::class,
ValidatePostSize::class,
TrimStrings::class,
ConvertEmptyStringsToNull::class,
TrustProxies::class,
];
/**
@ -54,14 +55,13 @@ class Kernel extends HttpKernel
*/
protected $middlewareGroups = [
'web' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
AuthenticateSession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
SubstituteBindings::class,
LanguageMiddleware::class,
RequireTwoFactorAuthentication::class,
],
'api' => [
EnsureStatefulRequests::class,
@ -91,6 +91,7 @@ class Kernel extends HttpKernel
protected $routeMiddleware = [
'auth' => Authenticate::class,
'auth.basic' => AuthenticateWithBasicAuth::class,
'auth.session' => AuthenticateSession::class,
'guest' => RedirectIfAuthenticated::class,
'csrf' => VerifyCsrfToken::class,
'throttle' => ThrottleRequests::class,

12
app/Providers/RouteServiceProvider.php
View file

@ -9,6 +9,7 @@ use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Support\Facades\RateLimiter;
use Pterodactyl\Http\Middleware\TrimStrings;
use Pterodactyl\Http\Middleware\AdminAuthenticate;
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
class RouteServiceProvider extends ServiceProvider
@ -35,12 +36,17 @@ class RouteServiceProvider extends ServiceProvider
$this->routes(function () {
Route::middleware('web')->group(function () {
Route::middleware('auth')->group(base_path('routes/base.php'));
Route::middleware(['auth.session', RequireTwoFactorAuthentication::class])
->group(base_path('routes/base.php'));
Route::middleware(['auth.session', RequireTwoFactorAuthentication::class, AdminAuthenticate::class])
->prefix('/admin')
->group(base_path('routes/admin.php'));
Route::middleware('guest')->prefix('/auth')->group(base_path('routes/auth.php'));
Route::middleware(['auth', AdminAuthenticate::class])->prefix('/admin')->group(base_path('routes/admin.php'));
});
Route::middleware('api')->group(function () {
Route::middleware(['api', RequireTwoFactorAuthentication::class])->group(function () {
Route::middleware(['application-api', 'throttle:api.application'])
->prefix('/api/application')
->scopeBindings()