diff --git a/app/Http/Controllers/API/UserController.php b/app/Http/Controllers/API/UserController.php index d3ac2c788..958dce88d 100644 --- a/app/Http/Controllers/API/UserController.php +++ b/app/Http/Controllers/API/UserController.php @@ -19,7 +19,7 @@ class UserController extends Controller */ public function __construct() { - $this->middleware('api'); + // } public function getAllUsers(Request $request) diff --git a/app/Http/Controllers/Admin/AccountsController.php b/app/Http/Controllers/Admin/AccountsController.php index 2df7f4519..aa933baab 100644 --- a/app/Http/Controllers/Admin/AccountsController.php +++ b/app/Http/Controllers/Admin/AccountsController.php @@ -20,11 +20,7 @@ class AccountsController extends Controller */ public function __construct() { - - // All routes in this controller are protected by the authentication middleware. - $this->middleware('auth'); - $this->middleware('admin'); - + // } public function getIndex(Request $request) diff --git a/app/Http/Controllers/Admin/BaseController.php b/app/Http/Controllers/Admin/BaseController.php index d200c7361..cad20ba36 100644 --- a/app/Http/Controllers/Admin/BaseController.php +++ b/app/Http/Controllers/Admin/BaseController.php @@ -15,11 +15,7 @@ class BaseController extends Controller */ public function __construct() { - - // All routes in this controller are protected by the authentication middleware. - $this->middleware('auth'); - $this->middleware('admin'); - + // } public function getIndex(Request $request) diff --git a/app/Http/Controllers/Admin/ServersController.php b/app/Http/Controllers/Admin/ServersController.php index 8ee797522..093d30200 100644 --- a/app/Http/Controllers/Admin/ServersController.php +++ b/app/Http/Controllers/Admin/ServersController.php @@ -23,11 +23,7 @@ class ServersController extends Controller */ public function __construct() { - - // All routes in this controller are protected by the authentication middleware. - $this->middleware('auth'); - $this->middleware('admin'); - + // } public function getIndex(Request $request) diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php index 601681306..8c5ac77c8 100644 --- a/app/Http/Controllers/Auth/AuthController.php +++ b/app/Http/Controllers/Auth/AuthController.php @@ -64,7 +64,7 @@ class AuthController extends Controller */ public function __construct() { - $this->middleware('guest', ['except' => 'getLogout']); + // } /** diff --git a/app/Http/Controllers/Base/IndexController.php b/app/Http/Controllers/Base/IndexController.php index d62af98cd..5346613bb 100644 --- a/app/Http/Controllers/Base/IndexController.php +++ b/app/Http/Controllers/Base/IndexController.php @@ -21,9 +21,7 @@ class IndexController extends Controller */ public function __construct() { - - // All routes in this controller are protected by the authentication middleware. - $this->middleware('auth'); + // } /** diff --git a/app/Http/Controllers/Server/AjaxController.php b/app/Http/Controllers/Server/AjaxController.php index 48af2eb9d..b519427cd 100644 --- a/app/Http/Controllers/Server/AjaxController.php +++ b/app/Http/Controllers/Server/AjaxController.php @@ -38,14 +38,7 @@ class AjaxController extends Controller */ public function __construct() { - - // All routes in this controller are protected by the authentication middleware. - $this->middleware('auth'); - - // Routes in this file are also checked aganist the server middleware. If the user - // does not have permission to view the server it will not load. - $this->middleware('server'); - + // } /** diff --git a/app/Http/Controllers/Server/ServerController.php b/app/Http/Controllers/Server/ServerController.php index f08965355..bb20881a0 100644 --- a/app/Http/Controllers/Server/ServerController.php +++ b/app/Http/Controllers/Server/ServerController.php @@ -26,14 +26,7 @@ class ServerController extends Controller */ public function __construct() { - - // All routes in this controller are protected by the authentication middleware. - $this->middleware('auth'); - - // Routes in this file are also checked aganist the server middleware. If the user - // does not have permission to view the server it will not load. - $this->middleware('server'); - + // } /** diff --git a/app/Http/Middleware/CheckServer.php b/app/Http/Middleware/CheckServer.php index ca7b7052e..808a1e8bf 100644 --- a/app/Http/Middleware/CheckServer.php +++ b/app/Http/Middleware/CheckServer.php @@ -23,8 +23,13 @@ class CheckServer return redirect()->guest('auth/login'); } - if (!Server::getByUUID($request->route()->server)) { - return redirect('/'); + $server = Server::getByUUID($request->route()->server); + if (!$server) { + return redirect()->route('index'); + } + + if ($server->installed !== 1) { + return response()->view('errors.installing', [], 503); } return $next($request); diff --git a/app/Http/Routes/AdminRoutes.php b/app/Http/Routes/AdminRoutes.php index e1ef156f7..b65d665ab 100644 --- a/app/Http/Routes/AdminRoutes.php +++ b/app/Http/Routes/AdminRoutes.php @@ -7,47 +7,136 @@ use Illuminate\Routing\Router; class AdminRoutes { public function map(Router $router) { - $router->group(['prefix' => 'admin'], function ($server) use ($router) { - $router->get('/', [ 'as' => 'admin.index', 'uses' => 'Admin\BaseController@getIndex' ]); - // Account Routes - $router->group(['prefix' => 'accounts'], function ($server) use ($router) { + // Admin Index + $router->get('admin', [ + 'as' => 'admin.index', + 'middleware' => [ + 'auth', + 'admin' + ], + 'uses' => 'Admin\BaseController@getIndex' + ]); - $router->get('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@getNew' ]); - $router->post('/new', [ 'as' => 'admin.accounts.new', 'uses' => 'Admin\AccountsController@postNew' ]); + $router->group([ + 'prefix' => 'admin/accounts', + 'middleware' => [ + 'auth', + 'admin' + ] + ], function () use ($router) { - $router->get('/', [ 'as' => 'admin.accounts', 'uses' => 'Admin\AccountsController@getIndex' ]); - $router->get('/view/{id}', [ 'as' => 'admin.accounts.view', 'uses' => 'Admin\AccountsController@getView' ]); + // View All Accounts on System + $router->get('/', [ + 'as' => 'admin.accounts', + 'uses' => 'Admin\AccountsController@getIndex' + ]); - $router->post('/update', [ 'as' => 'admin.accounts.update', 'uses' => 'Admin\AccountsController@postUpdate' ]); - $router->get('/delete/{id}', [ 'as' => 'admin.accounts.delete', 'uses' => 'Admin\AccountsController@getDelete' ]); - }); + // View Specific Account + $router->get('/view/{id}', [ + 'as' => 'admin.accounts.view', + 'uses' => 'Admin\AccountsController@getView' + ]); - // Server Routes - $router->group(['prefix' => 'servers'], function ($server) use ($router) { + // Show Create Account Page + $router->get('/new', [ + 'as' => 'admin.accounts.new', + 'uses' => 'Admin\AccountsController@getNew' + ]); - $router->get('/', [ 'as' => 'admin.servers', 'uses' => 'Admin\ServersController@getIndex' ]); - $router->get('/new', [ 'as' => 'admin.servers.new', 'uses' => 'Admin\ServersController@getNew' ]); - $router->get('/view/{id}', [ 'as' => 'admin.servers.view', 'uses' => 'Admin\ServersController@getView' ]); + // Handle Creating New Account + $router->post('/new', [ + 'uses' => 'Admin\AccountsController@postNew' + ]); - $router->post('/view/{id}/details', [ 'uses' => 'Admin\ServersController@postUpdateServerDetails' ]); - $router->post('/view/{id}/rebuild', [ 'uses' => 'Admin\ServersController@postUpdateServerToggleBuild' ]); - $router->post('/view/{id}/build', [ 'uses' => 'Admin\ServersController@postUpdateServerUpdateBuild' ]); - $router->delete('/view/{id}/{force?}', [ 'uses' => 'Admin\ServersController@deleteServer' ]); + // Update A Specific Account + $router->post('/update', [ + 'uses' => 'Admin\AccountsController@postUpdate' + ]); - $router->post('/new', [ 'uses' => 'Admin\ServersController@postNewServer']); - $router->post('/new/get-nodes', [ 'uses' => 'Admin\ServersController@postNewServerGetNodes' ]); - $router->post('/new/get-ips', [ 'uses' => 'Admin\ServersController@postNewServerGetIps' ]); - $router->post('/new/service-options', [ 'uses' => 'Admin\ServersController@postNewServerServiceOptions' ]); - $router->post('/new/service-variables', [ 'uses' => 'Admin\ServersController@postNewServerServiceVariables' ]); + // Delete an Account Matching an ID + $router->get('/delete/{id}', [ + 'uses' => 'Admin\AccountsController@getDelete' + ]); + + }); + + // Server Routes + $router->group([ + 'prefix' => 'admin/servers', + 'middleware' => [ + 'auth', + 'admin' + ] + ], function () use ($router) { + + // View All Servers + $router->get('/', [ + 'as' => 'admin.servers', + 'uses' => 'Admin\ServersController@getIndex' ]); + + // View Create Server Page + $router->get('/new', [ + 'as' => 'admin.servers.new', + 'uses' => 'Admin\ServersController@getNew' + ]); + + // Handle POST Request for Creating Server + $router->post('/new', [ + 'uses' => 'Admin\ServersController@postNewServer' + ]); + + // Assorted Page Helpers + $router->post('/new/get-nodes', [ + 'uses' => 'Admin\ServersController@postNewServerGetNodes' + ]); + + $router->post('/new/get-ips', [ + 'uses' => 'Admin\ServersController@postNewServerGetIps' + ]); + + $router->post('/new/service-options', [ + 'uses' => 'Admin\ServersController@postNewServerServiceOptions' + ]); + + $router->post('/new/service-variables', [ + 'uses' => 'Admin\ServersController@postNewServerServiceVariables' + ]); + // End Assorted Page Helpers + + // View Specific Server + $router->get('/view/{id}', [ + 'as' => 'admin.servers.view', + 'uses' => 'Admin\ServersController@getView' + ]); + + // Change Server Details + $router->post('/view/{id}/details', [ + 'uses' => 'Admin\ServersController@postUpdateServerDetails' + ]); + + // Rebuild Server + $router->post('/view/{id}/rebuild', [ + 'uses' => 'Admin\ServersController@postUpdateServerToggleBuild' + ]); + + // Change Build Details + $router->post('/view/{id}/build', [ + 'uses' => 'Admin\ServersController@postUpdateServerUpdateBuild' + ]); - }); // Change Install Status $router->post('/view/{id}/installed', [ 'uses' => 'Admin\ServersController@postToggleInstall' ]); + // Delete [force delete] + $router->delete('/view/{id}/{force?}', [ + 'uses' => 'Admin\ServersController@deleteServer' + ]); + }); + } } diff --git a/app/Http/Routes/AuthRoutes.php b/app/Http/Routes/AuthRoutes.php index 236144552..fa6e9771c 100644 --- a/app/Http/Routes/AuthRoutes.php +++ b/app/Http/Routes/AuthRoutes.php @@ -9,23 +9,63 @@ use Pterodactyl\Models\User as User; class AuthRoutes { public function map(Router $router) { - $router->group(['prefix' => 'auth'], function () use ($router) { + $router->group([ + 'prefix' => 'auth', + 'middleware' => [ + 'guest' + ] + ], function () use ($router) { - $router->get('login', [ 'as' => 'auth.login', 'uses' => 'Auth\AuthController@getLogin' ]); - $router->post('login', [ 'uses' => 'Auth\AuthController@postLogin' ]); - $router->post('login/totp', [ 'uses' => 'Auth\AuthController@checkTotp' ]); + // Display Login Page + $router->get('login', [ + 'as' => 'auth.login', + 'uses' => 'Auth\AuthController@getLogin' + ]); + // Handle Login + $router->post('login', [ + 'uses' => 'Auth\AuthController@postLogin' + ]); - $router->get('password', [ 'as' => 'auth.password', 'uses' => 'Auth\PasswordController@getEmail' ]); - $router->post('password', [ 'as' => 'auth.password.submit', 'uses' => 'Auth\PasswordController@postEmail' ], function () { + // Determine if we need to ask for a TOTP Token + $router->post('login/totp', [ + 'uses' => 'Auth\AuthController@checkTotp' + ]); + + // Show Password Reset Form + $router->get('password', [ + 'as' => 'auth.password', + 'uses' => 'Auth\PasswordController@getEmail' + ]); + + // Handle Password Reset + $router->post('password', [ + 'as' => 'auth.password.submit', + 'uses' => 'Auth\PasswordController@postEmail' + ], function () { return redirect('auth/password')->with('sent', true); }); - $router->post('password/verify', [ 'uses' => 'Auth\PasswordController@postReset' ]); - $router->get('password/verify/{token}', [ 'as' => 'auth.verify', 'uses' => 'Auth\PasswordController@getReset' ]); - $router->get('logout', [ 'as' => 'auth.logout', 'uses' => 'Auth\AuthController@getLogout' ]); + // Show Verification Checkpoint + $router->get('password/verify/{token}', [ + 'as' => 'auth.verify', + 'uses' => 'Auth\PasswordController@getReset' + ]); + + // Handle Verification + $router->post('password/verify', [ + 'uses' => 'Auth\PasswordController@postReset' + ]); }); + + // Not included above because we don't want the guest middleware + $router->get('logout', [ + 'as' => 'auth.logout', + 'middleware' => 'auth', + 'uses' => 'Auth\AuthController@getLogout' + ]); + } } diff --git a/app/Http/Routes/BaseRoutes.php b/app/Http/Routes/BaseRoutes.php index 34638dda0..7081db9d4 100644 --- a/app/Http/Routes/BaseRoutes.php +++ b/app/Http/Routes/BaseRoutes.php @@ -8,25 +8,65 @@ class BaseRoutes { public function map(Router $router) { + // Index of Panel + $router->get('/', [ + 'as' => 'index', + 'middleware' => 'auth', + 'uses' => 'Base\IndexController@getIndex' + ]); + // Handle Index. Redirect /index to / - $router->get('/', [ 'as' => 'index', 'uses' => 'Base\IndexController@getIndex' ]); $router->get('/index', function () { return redirect()->route('index'); }); // Password Generation - $router->get('/password-gen/{length}', [ 'as' => 'password-gen', 'uses' => 'Base\IndexController@getPassword' ]); + $router->get('/password-gen/{length}', [ + 'as' => 'password-gen', + 'middleware' => 'auth', + 'uses' => 'Base\IndexController@getPassword' + ]); // Account Routes - $router->get('/account', [ 'as' => 'account', 'uses' => 'Base\IndexController@getAccount' ]); - $router->post('/account/password', [ 'uses' => 'Base\IndexController@postAccountPassword' ]); - $router->post('/account/email', [ 'uses' => 'Base\IndexController@postAccountEmail' ]); + $router->group([ + 'profix' => 'account', + 'middleware' => [ + 'auth' + ] + ], function () use ($router) { + $router->get('account', [ + 'as' => 'account', + 'uses' => 'Base\IndexController@getAccount' + ]); + $router->post('/account/password', [ + 'uses' => 'Base\IndexController@postAccountPassword' + ]); + $router->post('/account/email', [ + 'uses' => 'Base\IndexController@postAccountEmail' + ]); + }); // TOTP Routes - $router->get('/account/totp', [ 'as' => 'account.totp', 'uses' => 'Base\IndexController@getAccountTotp' ]); - $router->put('/account/totp', [ 'uses' => 'Base\IndexController@putAccountTotp' ]); - $router->post('/account/totp', [ 'uses' => 'Base\IndexController@postAccountTotp' ]); - $router->delete('/account/totp', [ 'uses' => 'Base\IndexController@deleteAccountTotp' ]); + $router->group([ + 'prefix' => 'account/totp', + 'middleware' => [ + 'auth' + ] + ], function () use ($router) { + $router->get('/', [ + 'as' => 'account.totp', + 'uses' => 'Base\IndexController@getAccountTotp' + ]); + $router->put('/', [ + 'uses' => 'Base\IndexController@putAccountTotp' + ]); + $router->post('/', [ + 'uses' => 'Base\IndexController@postAccountTotp' + ]); + $router->delete('/', [ + 'uses' => 'Base\IndexController@deleteAccountTotp' + ]); + }); } diff --git a/app/Http/Routes/RemoteRoutes.php b/app/Http/Routes/RemoteRoutes.php index de5866f57..f4a72f82e 100644 --- a/app/Http/Routes/RemoteRoutes.php +++ b/app/Http/Routes/RemoteRoutes.php @@ -9,7 +9,11 @@ class RemoteRoutes { public function map(Router $router) { $router->group(['prefix' => 'remote'], function () use ($router) { - $router->post('download', [ 'as' => 'remote.download', 'uses' => 'Remote\RemoteController@postDownload' ]); + // Handles Remote Download Authentication Requests + $router->post('download', [ + 'as' => 'remote.download', + 'uses' => 'Remote\RemoteController@postDownload' + ]); }); } diff --git a/app/Http/Routes/RestRoutes.php b/app/Http/Routes/RestRoutes.php index 474d9d899..0e98cc981 100644 --- a/app/Http/Routes/RestRoutes.php +++ b/app/Http/Routes/RestRoutes.php @@ -7,15 +7,24 @@ use Illuminate\Routing\Router; class RestRoutes { public function map(Router $router) { - $router->group(['prefix' => 'api/v1'], function ($server) use ($router) { - - $router->group(['prefix' => 'users'], function ($server) use ($router) { - - $router->get('/', [ 'uses' => 'API\UserController@getAllUsers' ]); - $router->get('/{id}/{fields?}', [ 'uses' => 'API\UserController@getUser' ])->where('id', '[0-9]+'); + $router->group([ + 'prefix' => 'api/v1', + 'middleware' => [ + 'api' + ] + ], function () use ($router) { + // Users endpoint for API + $router->group(['prefix' => 'users'], function () use ($router) { + // Returns all users + $router->get('/', [ + 'uses' => 'API\UserController@getAllUsers' + ]); + // Return listing of user [with only specified fields] + $router->get('/{id}/{fields?}', [ + 'uses' => 'API\UserController@getUser' + ])->where('id', '[0-9]+'); }); - }); } diff --git a/app/Http/Routes/ServerRoutes.php b/app/Http/Routes/ServerRoutes.php index 5c97156c0..d7875837a 100644 --- a/app/Http/Routes/ServerRoutes.php +++ b/app/Http/Routes/ServerRoutes.php @@ -7,20 +7,60 @@ use Illuminate\Routing\Router; class ServerRoutes { public function map(Router $router) { - $router->group(['prefix' => 'server/{server}'], function ($server) use ($router) { + $router->group([ + 'prefix' => 'server/{server}', + 'middleware' => [ + 'auth', + 'server' + ] + ], function ($server) use ($router) { + // Index View for Server + $router->get('/', [ + 'as' => 'server.index', + 'uses' => 'Server\ServerController@getIndex' + ]); - $router->get('/', [ 'as' => 'server.index', 'uses' => 'Server\ServerController@getIndex' ]); - $router->get('/files', [ 'as' => 'files.index', 'uses' => 'Server\ServerController@getFiles' ]); - $router->get('/files/edit/{file}', [ 'as' => 'files.edit', 'uses' => 'Server\ServerController@getEditFile' ])->where('file', '.*'); - $router->get('/files/download/{file}', [ 'as' => 'files.download', 'uses' => 'Server\ServerController@getDownloadFile' ])->where('file', '.*'); - $router->get('/files/add', [ 'as' => 'files.add', 'uses' => 'Server\ServerController@getAddFile' ]); + // File Manager Routes + $router->get('/files', [ + 'as' => 'files.index', + 'uses' => 'Server\ServerController@getFiles' + ]); - // Ajax Routes + $router->get('/files/edit/{file}', [ + 'as' => 'files.edit', + 'uses' => 'Server\ServerController@getEditFile' + ])->where('file', '.*'); + + $router->get('/files/download/{file}', [ + 'as' => 'files.download', + 'uses' => 'Server\ServerController@getDownloadFile' + ])->where('file', '.*'); + + $router->get('/files/add', [ + 'as' => 'files.add', + 'uses' => 'Server\ServerController@getAddFile' + ]); + + // Assorted AJAX Routes $router->group(['prefix' => 'ajax'], function ($server) use ($router) { - $router->get('status', [ 'uses' => 'Server\AjaxController@getStatus' ]); - $router->post('set-connection', [ 'uses' => 'Server\AjaxController@postSetConnection' ]); - $router->post('files/directory-list', [ 'uses' => 'Server\AjaxController@postDirectoryList' ]); - $router->post('files/save', [ 'uses' => 'Server\AjaxController@postSaveFile' ]); + // Returns Server Status + $router->get('status', [ + 'uses' => 'Server\AjaxController@getStatus' + ]); + + // Sets the Default Connection for the Server + $router->post('set-connection', [ + 'uses' => 'Server\AjaxController@postSetConnection' + ]); + + // Assorted File Manager URLs + $router->post('files/directory-list', [ + 'uses' => 'Server\AjaxController@postDirectoryList' + ]); + + $router->post('files/save', [ + 'uses' => 'Server\AjaxController@postSaveFile' + ]); }); }); } diff --git a/resources/views/errors/installing.blade.php b/resources/views/errors/installing.blade.php new file mode 100644 index 000000000..1ec867da6 --- /dev/null +++ b/resources/views/errors/installing.blade.php @@ -0,0 +1,21 @@ +@extends('layouts.master') + +@section('title', '503: Server Temporarily Unavaliable') + +@section('content') +
+
+
+

HTTP 503: Temporarily Unavaliable

+
+
+

The requested server is still completing the install process. Please check back in a few minutes, you should recieve an email as soon as this process is completed.

+

+
+
+
+
+
+

Take me back or go home.

+
+@endsection