Move everything around as needed to get things setup for the client API
This commit is contained in:
Dane Everitt
parent
8daf97021a
commit
e28973bcae
17 changed files with 199 additions and 46 deletions
40
app/Http/Middleware/Api/AuthenticateIPAccess.php
Normal file
40
app/Http/Middleware/Api/AuthenticateIPAccess.php
Normal file
|
|
@ -0,0 +1,40 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Middleware\Api;
|
||||
|
||||
use Closure;
|
||||
use IPTools\IP;
|
||||
use IPTools\Range;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
|
||||
class AuthenticateIPAccess
|
||||
{
|
||||
/**
|
||||
* Determine if a request IP has permission to access the API.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*
|
||||
* @throws \Exception
|
||||
* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||
*/
|
||||
public function handle(Request $request, Closure $next)
|
||||
{
|
||||
$model = $request->attributes->get('api_key');
|
||||
|
||||
if (is_null($model->allowed_ips) || empty($model->allowed_ips)) {
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
$find = new IP($request->ip());
|
||||
foreach ($model->allowed_ips as $ip) {
|
||||
if (Range::parse($ip)->contains($find)) {
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
throw new AccessDeniedHttpException('This IP address does not have permission to access the API using these credentials.');
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue