Should wrap up the base landing page stuff for accounts, next step is server rendering

app/Services/Api/KeyCreationService.php

@@ -28,7 +28,7 @@ use Illuminate\Database\ConnectionInterface;
 use Illuminate\Contracts\Encryption\Encrypter;
 use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
 
-class KeyService
+class KeyCreationService
 {
     const PUB_CRYPTO_BYTES = 8;
     const PRIV_CRYPTO_BYTES = 32;
@@ -36,7 +36,7 @@ class KeyService
     /**
      * @var \Illuminate\Database\ConnectionInterface
      */
-    protected $database;
+    protected $connection;
 
     /**
      * @var \Illuminate\Contracts\Encryption\Encrypter
@@ -57,18 +57,18 @@ class KeyService
      * ApiKeyService constructor.
      *
      * @param \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface $repository
-     * @param \Illuminate\Database\ConnectionInterface                    $database
+     * @param \Illuminate\Database\ConnectionInterface                    $connection
      * @param \Illuminate\Contracts\Encryption\Encrypter                  $encrypter
      * @param \Pterodactyl\Services\Api\PermissionService                 $permissionService
      */
     public function __construct(
         ApiKeyRepositoryInterface $repository,
-        ConnectionInterface $database,
+        ConnectionInterface $connection,
         Encrypter $encrypter,
         PermissionService $permissionService
     ) {
         $this->repository = $repository;
-        $this->database = $database;
+        $this->connection = $connection;
         $this->encrypter = $encrypter;
         $this->permissionService = $permissionService;
     }
@@ -84,13 +84,13 @@ class KeyService
      * @throws \Exception
      * @throws \Pterodactyl\Exceptions\Model\DataValidationException
      */
-    public function create(array $data, array $permissions, array $administrative = [])
+    public function handle(array $data, array $permissions, array $administrative = [])
     {
         $publicKey = bin2hex(random_bytes(self::PUB_CRYPTO_BYTES));
         $secretKey = bin2hex(random_bytes(self::PRIV_CRYPTO_BYTES));
 
         // Start a Transaction
-        $this->database->beginTransaction();
+        $this->connection->beginTransaction();
 
         $data = array_merge($data, [
             'public' => $publicKey,
@@ -128,19 +128,8 @@ class KeyService
             $this->permissionService->create($instance->id, $permission);
         }
 
-        $this->database->commit();
+        $this->connection->commit();
 
         return $secretKey;
     }
-
-    /**
-     * Delete the API key and associated permissions from the database.
-     *
-     * @param int $id
-     * @return bool|null
-     */
-    public function revoke($id)
-    {
-        return $this->repository->delete($id);
-    }
 }

app/Services/Servers/ServerAccessHelperService.php

@@ -0,0 +1,71 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Services\Servers;
+
+use Illuminate\Cache\Repository as CacheRepository;
+use Pterodactyl\Contracts\Repository\ServerRepositoryInterface;
+use Pterodactyl\Contracts\Repository\SubuserRepositoryInterface;
+use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
+use Pterodactyl\Models\User;
+
+class ServerAccessHelperService
+{
+    public function __construct(
+        CacheRepository $cache,
+        ServerRepositoryInterface $repository,
+        SubuserRepositoryInterface $subuserRepository,
+        UserRepositoryInterface $userRepository
+    ) {
+        $this->cache = $cache;
+        $this->repository = $repository;
+        $this->subuserRepository = $subuserRepository;
+        $this->userRepository = $userRepository;
+    }
+
+    public function handle($uuid, $user)
+    {
+        if (! $user instanceof User) {
+            $user = $this->userRepository->find($user);
+        }
+
+        $server = $this->repository->getByUuid($uuid);
+        if (! $user->root_admin) {
+            if (! in_array($server->id, $this->repository->getUserAccessServers($user->id))) {
+                throw new \Exception('User does not have access.');
+            }
+
+            if ($server->owner_id !== $user->id) {
+                $subuser = $this->subuserRepository->withColumns('daemonSecret')->findWhere([
+                    ['user_id', '=', $user->id],
+                    ['server_id', '=', $server->id],
+                ]);
+
+                $server->daemonSecret = $subuser->daemonToken;
+            }
+        }
+
+        return $server;
+    }
+}

app/Services/Users/ToggleTwoFactorService.php

@@ -0,0 +1,84 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Services\Users;
+
+use PragmaRX\Google2FA\Contracts\Google2FA;
+use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
+use Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid;
+use Pterodactyl\Models\User;
+
+class ToggleTwoFactorService
+{
+    /**
+     * @var \PragmaRX\Google2FA\Contracts\Google2FA
+     */
+    protected $google2FA;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
+     */
+    protected $repository;
+
+    /**
+     * ToggleTwoFactorService constructor.
+     *
+     * @param \PragmaRX\Google2FA\Contracts\Google2FA                   $google2FA
+     * @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
+     */
+    public function __construct(
+        Google2FA $google2FA,
+        UserRepositoryInterface $repository
+    ) {
+        $this->google2FA = $google2FA;
+        $this->repository = $repository;
+    }
+
+    /**
+     * @param int|\Pterodactyl\Models\User $user
+     * @param string                       $token
+     * @param null|bool                    $toggleState
+     * @return bool
+     *
+     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     * @throws \Pterodactyl\Exceptions\Service\User\TwoFactorAuthenticationTokenInvalid
+     */
+    public function handle($user, $token, $toggleState = null)
+    {
+        if (! $user instanceof User) {
+            $user = $this->repository->find($user);
+        }
+
+        if (! $this->google2FA->verifyKey($user->totp_secret, $token, 2)) {
+            throw new TwoFactorAuthenticationTokenInvalid;
+        }
+
+        $this->repository->withoutFresh()->update($user->id, [
+            'use_totp' => (is_null($toggleState) ? ! $user->use_totp : $toggleState),
+        ]);
+
+        return true;
+    }
+}

app/Services/Users/TwoFactorSetupService.php

@@ -0,0 +1,91 @@
+<?php
+/*
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+namespace Pterodactyl\Services\Users;
+
+use Illuminate\Contracts\Config\Repository as ConfigRepository;
+use PragmaRX\Google2FA\Contracts\Google2FA;
+use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
+use Pterodactyl\Models\User;
+
+class TwoFactorSetupService
+{
+    /**
+     * @var \Illuminate\Contracts\Config\Repository
+     */
+    protected $config;
+
+    /**
+     * @var \PragmaRX\Google2FA\Contracts\Google2FA
+     */
+    protected $google2FA;
+
+    /**
+     * @var \Pterodactyl\Contracts\Repository\UserRepositoryInterface
+     */
+    protected $repository;
+
+    /**
+     * TwoFactorSetupService constructor.
+     *
+     * @param \Illuminate\Contracts\Config\Repository                   $config
+     * @param \PragmaRX\Google2FA\Contracts\Google2FA                   $google2FA
+     * @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
+     */
+    public function __construct(
+        ConfigRepository $config,
+        Google2FA $google2FA,
+        UserRepositoryInterface $repository
+    ) {
+        $this->config = $config;
+        $this->google2FA = $google2FA;
+        $this->repository = $repository;
+    }
+
+    /**
+     * Generate a 2FA token and store it in the database.
+     *
+     * @param int|\Pterodactyl\Models\User $user
+     * @return array
+     *
+     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
+     */
+    public function handle($user)
+    {
+        if (! $user instanceof User) {
+            $user = $this->repository->find($user);
+        }
+
+        $secret = $this->google2FA->generateSecretKey();
+        $image = $this->google2FA->getQRCodeGoogleUrl($this->config->get('app.name'), $user->email, $secret);
+
+        $this->repository->withoutFresh()->update($user->id, ['totp_secret' => $secret]);
+
+        return [
+            'qrImage' => $image,
+            'secret' => $secret,
+        ];
+    }
+}

app/Services/Users/UserUpdateService.php

@@ -61,6 +61,7 @@ class UserUpdateService
      * @return mixed
      *
      * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
      */
     public function handle($id, array $data)
     {