StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update interface to begin change to seperate account API keys and application keys

Browse source 
Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table.
This commit is contained in:
Dane Everitt 2018-01-14 13:30:55 -06:00
parent 28ebd18f57
commit f9fc3f4370
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
18 changed files with 312 additions and 298 deletions
Download patch file Download diff file Expand all files Collapse all files

49
app/Http/Controllers/Base/APIController.php → app/Http/Controllers/Base/AccountKeyController.php
View file

@ -2,14 +2,17 @@
namespace Pterodactyl\Http\Controllers\Base;
use Illuminate\View\View;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Pterodactyl\Models\ApiKey;
use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Services\Api\KeyCreationService;
use Pterodactyl\Http\Requests\Base\ApiKeyFormRequest;
use Pterodactyl\Http\Requests\Base\StoreAccountKeyRequest;
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
class APIController extends Controller
class AccountKeyController extends Controller
{
/**
* @var \Prologue\Alerts\AlertsMessageBag
@ -44,49 +47,44 @@ class APIController extends Controller
}
/**
* Display base API index page.
* Display a listing of all account API keys.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\View\View
*/
public function index(Request $request)
public function index(Request $request): View
{
return view('base.api.index', [
'keys' => $this->repository->findWhere([['user_id', '=', $request->user()->id]]),
'keys' => $this->repository->getAccountKeys($request->user()),
]);
}
/**
* Display API key creation page.
* Display account API key creation page.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\View\View
*/
public function create(Request $request)
public function create(Request $request): View
{
return view('base.api.new');
}
/**
* Handle saving new API key.
* Handle saving new account API key.
*
* @param \Pterodactyl\Http\Requests\Base\ApiKeyFormRequest $request
* @param \Pterodactyl\Http\Requests\Base\StoreAccountKeyRequest $request
* @return \Illuminate\Http\RedirectResponse
*
* @throws \Exception
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
*/
public function store(ApiKeyFormRequest $request)
public function store(StoreAccountKeyRequest $request)
{
$adminPermissions = [];
if ($request->user()->root_admin) {
$adminPermissions = $request->input('admin_permissions', []);
}
$secret = $this->keyService->handle([
$this->keyService->setKeyType(ApiKey::TYPE_ACCOUNT)->handle([
'user_id' => $request->user()->id,
'allowed_ips' => $request->input('allowed_ips'),
'memo' => $request->input('memo'),
], $request->input('permissions', []), $adminPermissions);
]);
$this->alert->success(trans('base.api.index.keypair_created'))->flash();
@ -94,18 +92,15 @@ class APIController extends Controller
}
/**
* @param \Illuminate\Http\Request $request
* @param string $key
* @return \Illuminate\Http\Response
* Delete an account API key from the Panel via an AJAX request.
*
* @throws \Exception
* @param \Illuminate\Http\Request $request
* @param string $identifier
* @return \Illuminate\Http\Response
*/
public function revoke(Request $request, $key)
public function revoke(Request $request, string $identifier): Response
{
$this->repository->deleteWhere([
['user_id', '=', $request->user()->id],
['token', '=', $key],
]);
$this->repository->deleteAccountKey($request->user(), $identifier);
return response('', 204);
}

11
app/Http/Middleware/Api/Admin/AuthenticateKey.php
View file

@ -3,6 +3,7 @@
namespace Pterodactyl\Http\Middleware\Api\Admin;
use Closure;
use Cake\Chronos\Chronos;
use Illuminate\Http\Request;
use Pterodactyl\Models\ApiKey;
use Illuminate\Auth\AuthManager;
@ -51,8 +52,8 @@ class AuthenticateKey
* @param \Closure $next
* @return mixed
*
* @throws \Symfony\Component\HttpKernel\Exception\HttpException
* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/
public function handle(Request $request, Closure $next)
{
@ -65,7 +66,10 @@ class AuthenticateKey
$token = substr($raw, ApiKey::IDENTIFIER_LENGTH);
try {
$model = $this->repository->findFirstWhere([['identifier', '=', $identifier]]);
$model = $this->repository->findFirstWhere([
['identifier', '=', $identifier],
['key_type', '=', ApiKey::TYPE_APPLICATION],
]);
} catch (RecordNotFoundException $exception) {
throw new AccessDeniedHttpException;
}
@ -76,6 +80,7 @@ class AuthenticateKey
$this->auth->guard()->loginUsingId($model->user_id);
$request->attributes->set('api_key', $model);
$this->repository->withoutFreshModel()->update($model->id, ['last_used_at' => Chronos::now()]);
return $next($request);
}

23
app/Http/Requests/Base/StoreAccountKeyRequest.php Normal file
View file

@ -0,0 +1,23 @@
<?php
namespace Pterodactyl\Http\Requests\Base;
use Pterodactyl\Http\Requests\FrontendUserFormRequest;
class StoreAccountKeyRequest extends FrontendUserFormRequest
{
/**
* Rules to validate the request input aganist before storing
* an account API key.
*
* @return array
*/
public function rules()
{
return [
'memo' => 'required|nullable|string|max:500',
'allowed_ips' => 'present',
'allowed_ips.*' => 'sometimes|string',
];
}
}