Move everything around as needed to get things setup for the client API

2018-02-25 15:30:56 -06:00 · 2018-02-25 15:30:56 -06:00 · e28973bcae
commit e28973bcae
parent 8daf97021a
17 changed files with 199 additions and 46 deletions
--- a/app/Http/Controllers/Api/Application/ApplicationApiController.php
+++ b/app/Http/Controllers/Api/Application/ApplicationApiController.php
@ -7,13 +7,15 @@ use Illuminate\Http\Response;
 use Illuminate\Container\Container;
 use Pterodactyl\Http\Controllers\Controller;
 use Pterodactyl\Extensions\Spatie\Fractalistic\Fractal;
+use Pterodactyl\Transformers\Api\Application\BaseTransformer;
+use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;

 abstract class ApplicationApiController extends Controller
 {
    /**
     * @var \Illuminate\Http\Request
     */
-    private $request;
+    protected $request;

    /**
     * @var \Pterodactyl\Extensions\Spatie\Fractalistic\Fractal
@ -54,6 +56,8 @@ abstract class ApplicationApiController extends Controller
     *
     * @param string $abstract
     * @return \Pterodactyl\Transformers\Api\Application\BaseTransformer
+     *
+     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
     */
    public function getTransformer(string $abstract)
    {
@ -61,6 +65,10 @@ abstract class ApplicationApiController extends Controller
        $transformer = Container::getInstance()->make($abstract);
        $transformer->setKey($this->request->attributes->get('api_key'));

+        if (! $transformer instanceof BaseTransformer) {
+            throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
+        }
+
        return $transformer;
    }

--- a/app/Http/Controllers/Api/Client/ClientApiController.php
+++ b/app/Http/Controllers/Api/Client/ClientApiController.php
@ -0,0 +1,30 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Api\Application;
+
+use Illuminate\Container\Container;
+use Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException;
+
+abstract class ClientApiController extends ApplicationApiController
+{
+    /**
+     * Return an instance of an application transformer.
+     *
+     * @param string $abstract
+     * @return \Pterodactyl\Transformers\Api\Client\BaseClientTransformer
+     *
+     * @throws \Pterodactyl\Exceptions\Transformer\InvalidTransformerLevelException
+     */
+    public function getTransformer(string $abstract)
+    {
+        /** @var \Pterodactyl\Transformers\Api\Client\BaseClientTransformer $transformer */
+        $transformer = Container::getInstance()->make($abstract);
+        $transformer->setKey($this->request->attributes->get('api_key'));
+
+        if (! $transformer instanceof self) {
+            throw new InvalidTransformerLevelException('Calls to ' . __METHOD__ . ' must return a transformer that is an instance of ' . __CLASS__);
+        }
+
+        return $transformer;
+    }
+}
--- a/app/Http/Controllers/Api/Client/ClientController.php
+++ b/app/Http/Controllers/Api/Client/ClientController.php
@ -0,0 +1,9 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Api\Client;
+
+use Pterodactyl\Http\Controllers\Api\Application\ClientApiController;
+
+class ClientController extends ClientApiController
+{
+}
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -2,6 +2,7 @@

 namespace Pterodactyl\Http;

+use Pterodactyl\Models\ApiKey;
 use Illuminate\Auth\Middleware\Authorize;
 use Illuminate\Auth\Middleware\Authenticate;
 use Pterodactyl\Http\Middleware\TrimStrings;
@ -14,11 +15,14 @@ use Pterodactyl\Http\Middleware\AdminAuthenticate;
 use Illuminate\Routing\Middleware\ThrottleRequests;
 use Pterodactyl\Http\Middleware\LanguageMiddleware;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
+use Pterodactyl\Http\Middleware\Api\AuthenticateKey;
 use Illuminate\Routing\Middleware\SubstituteBindings;
 use Pterodactyl\Http\Middleware\AccessingValidServer;
+use Pterodactyl\Http\Middleware\Api\SetSessionDriver;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
 use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
 use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
+use Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess;
 use Pterodactyl\Http\Middleware\Api\ApiSubstituteBindings;
 use Illuminate\Foundation\Http\Middleware\ValidatePostSize;
 use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
@ -28,12 +32,9 @@ use Pterodactyl\Http\Middleware\Server\SubuserBelongsToServer;
 use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
 use Pterodactyl\Http\Middleware\Server\DatabaseBelongsToServer;
 use Pterodactyl\Http\Middleware\Server\ScheduleBelongsToServer;
-use Pterodactyl\Http\Middleware\Api\Application\AuthenticateKey;
-use Pterodactyl\Http\Middleware\Api\Application\AuthenticateUser;
-use Pterodactyl\Http\Middleware\Api\Application\SetSessionDriver;
 use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
 use Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull;
-use Pterodactyl\Http\Middleware\Api\Application\AuthenticateIPAccess;
+use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser;
 use Pterodactyl\Http\Middleware\DaemonAuthenticate as OldDaemonAuthenticate;

 class Kernel extends HttpKernel
@ -71,8 +72,15 @@ class Kernel extends HttpKernel
            'throttle:120,1',
            ApiSubstituteBindings::class,
            SetSessionDriver::class,
-            AuthenticateKey::class,
-            AuthenticateUser::class,
+            'api..key:' . ApiKey::TYPE_APPLICATION,
+            AuthenticateApplicationUser::class,
+            AuthenticateIPAccess::class,
+        ],
+        'client-api' => [
+            'throttle:60,1',
+            ApiSubstituteBindings::class,
+            SetSessionDriver::class,
+            'api..key:' . ApiKey::TYPE_ACCOUNT,
            AuthenticateIPAccess::class,
        ],
        'daemon' => [
@ -107,5 +115,8 @@ class Kernel extends HttpKernel
        'server..database' => DatabaseBelongsToServer::class,
        'server..subuser' => SubuserBelongsToServer::class,
        'server..schedule' => ScheduleBelongsToServer::class,
+
+        // API Specific Middleware
+        'api..key' => AuthenticateKey::class,
    ];
 }
--- a/app/Http/Middleware/Api/Application/AuthenticateApplicationUser.php
+++ b/app/Http/Middleware/Api/Application/AuthenticateApplicationUser.php
@ -6,7 +6,7 @@ use Closure;
 use Illuminate\Http\Request;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

-class AuthenticateUser
+class AuthenticateApplicationUser
 {
    /**
     * Authenticate that the currently authenticated user is an administrator
--- a/app/Http/Middleware/Api/Application/AuthenticateIPAccess.php
+++ b/app/Http/Middleware/Api/Application/AuthenticateIPAccess.php
@ -1,6 +1,6 @@
 <?php

-namespace Pterodactyl\Http\Middleware\Api\Application;
+namespace Pterodactyl\Http\Middleware\Api;

 use Closure;
 use IPTools\IP;
--- a/app/Http/Middleware/Api/Application/AuthenticateKey.php
+++ b/app/Http/Middleware/Api/Application/AuthenticateKey.php
@ -1,6 +1,6 @@
 <?php

-namespace Pterodactyl\Http\Middleware\Api\Application;
+namespace Pterodactyl\Http\Middleware\Api;

 use Closure;
 use Cake\Chronos\Chronos;
@ -50,12 +50,13 @@ class AuthenticateKey
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure                 $next
+     * @param int                      $keyType
     * @return mixed
     *
     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
     * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
     */
-    public function handle(Request $request, Closure $next)
+    public function handle(Request $request, Closure $next, int $keyType)
    {
        if (is_null($request->bearerToken())) {
            throw new HttpException(401, null, null, ['WWW-Authenticate' => 'Bearer']);
@ -68,7 +69,7 @@ class AuthenticateKey
        try {
            $model = $this->repository->findFirstWhere([
                ['identifier', '=', $identifier],
-                ['key_type', '=', ApiKey::TYPE_APPLICATION],
+                ['key_type', '=', $keyType],
            ]);
        } catch (RecordNotFoundException $exception) {
            throw new AccessDeniedHttpException;
--- a/app/Http/Middleware/Api/Client/AuthenticateClientAccess.php
+++ b/app/Http/Middleware/Api/Client/AuthenticateClientAccess.php
@ -0,0 +1,27 @@
+<?php
+
+namespace Pterodactyl\Http\Middleware\Api\Client;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
+class AuthenticateClientAccess
+{
+    /**
+     * Authenticate that the currently authenticated user has permission
+     * to access the specified server.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure                 $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (is_null($request->user())) {
+            throw new AccessDeniedHttpException('This account does not have permission to access this resource.');
+        }
+
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/Api/Application/SetSessionDriver.php
+++ b/app/Http/Middleware/Api/Application/SetSessionDriver.php
@ -1,6 +1,6 @@
 <?php

-namespace Pterodactyl\Http\Middleware\Api\Application;
+namespace Pterodactyl\Http\Middleware\Api;

 use Closure;
 use Illuminate\Http\Request;