mirror of
https://github.com/pterodactyl/panel.git
synced 2024-11-22 09:02:28 +01:00
Update routes to use CSRF protection
This commit is contained in:
Dane Everitt
parent
98b3355158
commit
2def94c958
@ -13,7 +13,8 @@ class AdminRoutes {
|
||||
'as' => 'admin.index',
|
||||
'middleware' => [
|
||||
'auth',
|
||||
'admin'
|
||||
'admin',
|
||||
'csrf'
|
||||
],
|
||||
'uses' => 'Admin\BaseController@getIndex'
|
||||
]);
|
||||
@ -22,7 +23,8 @@ class AdminRoutes {
|
||||
'prefix' => 'admin/accounts',
|
||||
'middleware' => [
|
||||
'auth',
|
||||
'admin'
|
||||
'admin',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
|
||||
@ -66,7 +68,8 @@ class AdminRoutes {
|
||||
'prefix' => 'admin/servers',
|
||||
'middleware' => [
|
||||
'auth',
|
||||
'admin'
|
||||
'admin',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
|
||||
@ -148,7 +151,8 @@ class AdminRoutes {
|
||||
'prefix' => 'admin/nodes',
|
||||
'middleware' => [
|
||||
'auth',
|
||||
'admin'
|
||||
'admin',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
|
||||
@ -204,7 +208,8 @@ class AdminRoutes {
|
||||
'prefix' => 'admin/locations',
|
||||
'middleware' => [
|
||||
'auth',
|
||||
'admin'
|
||||
'admin',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
$router->get('/', [
|
||||
|
||||
@ -12,7 +12,8 @@ class AuthRoutes {
|
||||
$router->group([
|
||||
'prefix' => 'auth',
|
||||
'middleware' => [
|
||||
'guest'
|
||||
'guest',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
|
||||
|
||||
@ -31,7 +31,8 @@ class BaseRoutes {
|
||||
$router->group([
|
||||
'profix' => 'account',
|
||||
'middleware' => [
|
||||
'auth'
|
||||
'auth',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
$router->get('account', [
|
||||
@ -50,7 +51,8 @@ class BaseRoutes {
|
||||
$router->group([
|
||||
'prefix' => 'account/totp',
|
||||
'middleware' => [
|
||||
'auth'
|
||||
'auth',
|
||||
'csrf'
|
||||
]
|
||||
], function () use ($router) {
|
||||
$router->get('/', [
|
||||
|
||||
@ -1,31 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Routes;
|
||||
|
||||
use Illuminate\Routing\Router;
|
||||
|
||||
class RestRoutes {
|
||||
|
||||
public function map(Router $router) {
|
||||
$router->group([
|
||||
'prefix' => 'api/v1',
|
||||
'middleware' => [
|
||||
'api'
|
||||
]
|
||||
], function () use ($router) {
|
||||
// Users endpoint for API
|
||||
$router->group(['prefix' => 'users'], function () use ($router) {
|
||||
// Returns all users
|
||||
$router->get('/', [
|
||||
'uses' => 'API\UserController@getAllUsers'
|
||||
]);
|
||||
|
||||
// Return listing of user [with only specified fields]
|
||||
$router->get('/{id}/{fields?}', [
|
||||
'uses' => 'API\UserController@getUser'
|
||||
])->where('id', '[0-9]+');
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
@ -11,7 +11,8 @@ class ServerRoutes {
|
||||
'prefix' => 'server/{server}',
|
||||
'middleware' => [
|
||||
'auth',
|
||||
'server'
|
||||
'server',
|
||||
'csrf'
|
||||
]
|
||||
], function ($server) use ($router) {
|
||||
// Index View for Server
|
||||
|
||||
Loading…
Reference in New Issue
Block a user