Alex/Pterodactyl-Panel
1
1
Fork 1
mirror of https://github.com/pterodactyl/panel.git synced 2024-11-22 17:12:30 +01:00
Code Issues Releases Wiki Activity

Finalize two-factor handling on account.

Browse Source
This commit is contained in:
Dane Everitt 2018-06-20 23:05:35 -07:00
parent 0cc895f2d5
commit 7711b697ad
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
13 changed files with 299 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
app/Http/Controllers/Base/SecurityController.php
View File

@ -3,6 +3,7 @@
namespace Pterodactyl\Http\Controllers\Base; namespace Pterodactyl\Http\Controllers\Base;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Prologue\Alerts\AlertsMessageBag; use Prologue\Alerts\AlertsMessageBag;
use Pterodactyl\Http\Controllers\Controller; use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Services\Users\TwoFactorSetupService; use Pterodactyl\Services\Users\TwoFactorSetupService;
@ -62,36 +63,28 @@ class SecurityController extends Controller
} }
/** /**
* Returns Security Management Page. * Return information about the user's two-factor authentication status. If not enabled setup their
* * secret and return information to allow the user to proceede with setup.
* @param \Illuminate\Http\Request $request
* @return \Illuminate\View\View
*/
public function index(Request $request)
{
if ($this->config->get('session.driver') === 'database') {
$activeSessions = $this->repository->getUserSessions($request->user()->id);
}
return view('base.security', [
'sessions' => $activeSessions ?? null,
]);
}
/**
* Generates TOTP Secret and returns popup data for user to verify
* that they can generate a valid response.
* *
* @param \Illuminate\Http\Request $request * @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse * @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/ */
public function generateTotp(Request $request) public function index(Request $request): JsonResponse
{ {
return response()->json([ if ($request->user()->use_totp) {
'qrImage' => $this->twoFactorSetupService->handle($request->user()), return JsonResponse::create([
'enabled' => true,
]);
}
$response = $this->twoFactorSetupService->handle($request->user());
return JsonResponse::create([
'enabled' => false,
'qr_image' => $response->get('image'),
'secret' => $response->get('secret'),
]); ]);
} }
@ -99,53 +92,43 @@ class SecurityController extends Controller
* Verifies that 2FA token received is valid and will work on the account. * Verifies that 2FA token received is valid and will work on the account.
* *
* @param \Illuminate\Http\Request $request * @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response * @return \Illuminate\Http\JsonResponse
* *
* @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/ */
public function setTotp(Request $request) public function store(Request $request): JsonResponse
{ {
try { try {
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? ''); $this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '');
return response('true');
} catch (TwoFactorAuthenticationTokenInvalid $exception) { } catch (TwoFactorAuthenticationTokenInvalid $exception) {
return response('false'); $error = true;
} }
return JsonResponse::create([
'success' => ! isset($error),
]);
} }
/** /**
* Disables TOTP on an account. * Disables TOTP on an account.
* *
* @param \Illuminate\Http\Request $request * @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse * @return \Illuminate\Http\JsonResponse
* *
* @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/ */
public function disableTotp(Request $request) public function delete(Request $request): JsonResponse
{ {
try { try {
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '', false); $this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '', false);
} catch (TwoFactorAuthenticationTokenInvalid $exception) { } catch (TwoFactorAuthenticationTokenInvalid $exception) {
$this->alert->danger(trans('base.security.2fa_disable_error'))->flash(); $error = true;
} }
return redirect()->route('account.security'); return JsonResponse::create([
} 'success' => ! isset($error),
]);
/**
* Revokes a user session.
*
* @param \Illuminate\Http\Request $request
* @param string $id
* @return \Illuminate\Http\RedirectResponse
*/
public function revoke(Request $request, string $id)
{
$this->repository->deleteUserSession($request->user()->id, $id);
return redirect()->route('account.security');
} }
} }

23
app/Services/Users/TwoFactorSetupService.php
View File

@ -11,17 +11,12 @@ namespace Pterodactyl\Services\Users;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use PragmaRX\Google2FA\Google2FA; use PragmaRX\Google2FA\Google2FA;
use Illuminate\Support\Collection;
use Illuminate\Contracts\Encryption\Encrypter; use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Contracts\Repository\UserRepositoryInterface; use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
class TwoFactorSetupService class TwoFactorSetupService
{ {
/**
* @var \Illuminate\Contracts\Config\Repository
*/
private $config;
/** /**
* @var \Illuminate\Contracts\Encryption\Encrypter * @var \Illuminate\Contracts\Encryption\Encrypter
*/ */
@ -40,18 +35,15 @@ class TwoFactorSetupService
/** /**
* TwoFactorSetupService constructor. * TwoFactorSetupService constructor.
* *
* @param \Illuminate\Contracts\Config\Repository $config
* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter * @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
* @param \PragmaRX\Google2FA\Google2FA $google2FA * @param \PragmaRX\Google2FA\Google2FA $google2FA
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository * @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
*/ */
public function __construct( public function __construct(
ConfigRepository $config,
Encrypter $encrypter, Encrypter $encrypter,
Google2FA $google2FA, Google2FA $google2FA,
UserRepositoryInterface $repository UserRepositoryInterface $repository
) { ) {
$this->config = $config;
$this->encrypter = $encrypter; $this->encrypter = $encrypter;
$this->google2FA = $google2FA; $this->google2FA = $google2FA;
$this->repository = $repository; $this->repository = $repository;
@ -62,20 +54,23 @@ class TwoFactorSetupService
* QR code image. * QR code image.
* *
* @param \Pterodactyl\Models\User $user * @param \Pterodactyl\Models\User $user
* @return string * @return \Illuminate\Support\Collection
* *
* @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Model\DataValidationException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
*/ */
public function handle(User $user): string public function handle(User $user): Collection
{ {
$secret = $this->google2FA->generateSecretKey($this->config->get('pterodactyl.auth.2fa.bytes')); $secret = $this->google2FA->generateSecretKey(config('pterodactyl.auth.2fa.bytes'));
$image = $this->google2FA->getQRCodeGoogleUrl($this->config->get('app.name'), $user->email, $secret); $image = $this->google2FA->getQRCodeGoogleUrl(config('app.name'), $user->email, $secret);
$this->repository->withoutFreshModel()->update($user->id, [ $this->repository->withoutFreshModel()->update($user->id, [
'totp_secret' => $this->encrypter->encrypt($secret), 'totp_secret' => $this->encrypter->encrypt($secret),
]); ]);
return $image; return new Collection([
'image' => $image,
'secret' => $secret,
]);
} }
} }

10
resources/assets/scripts/components/dashboard/Account.vue
View File

@ -3,7 +3,7 @@
<navigation/> <navigation/>
<div class="container animate fadein mt-2 sm:mt-6"> <div class="container animate fadein mt-2 sm:mt-6">
<modal :show="modalVisible" v-on:close="modalVisible = false"> <modal :show="modalVisible" v-on:close="modalVisible = false">
<TwoFactorAuthentication/> <TwoFactorAuthentication v-on:close="modalVisible = false"/>
</modal> </modal>
<flash container="mt-2 sm:mt-6 mb-2"/> <flash container="mt-2 sm:mt-6 mb-2"/>
<div class="flex flex-wrap"> <div class="flex flex-wrap">
@ -11,7 +11,7 @@
<div class="sm:m-4 md:ml-0"> <div class="sm:m-4 md:ml-0">
<update-email class="mb-4 sm:mb-8"/> <update-email class="mb-4 sm:mb-8"/>
<div class="content-box text-center mb-4 sm:mb-0"> <div class="content-box text-center mb-4 sm:mb-0">
<button class="btn btn-green btn-sm" type="submit" v-on:click="modalVisible = true">Configure 2-Factor Authentication</button> <button class="btn btn-green btn-sm" type="submit" v-on:click="openModal">Configure 2-Factor Authentication</button>
</div> </div>
</div> </div>
</div> </div>
@ -39,5 +39,11 @@
modalVisible: false, modalVisible: false,
}; };
}, },
methods: {
openModal: function () {
this.$data.modalVisible = true;
window.events.$emit('two_factor:open');
},
}
}; };
</script> </script>

14
resources/assets/scripts/components/dashboard/account/ChangePassword.vue
View File

@ -2,26 +2,26 @@
<div> <div>
<form method="post" v-on:submit.prevent="submitForm"> <form method="post" v-on:submit.prevent="submitForm">
<div class="content-box"> <div class="content-box">
<h2 class="mb-6 text-grey-darkest font-medium">Change your password</h2> <h2 class="mb-6 text-grey-darkest font-medium">{{ $t('dashboard.account.password.title') }}</h2>
<div class="mt-6"> <div class="mt-6">
<label for="grid-password-current" class="input-label">Current password</label> <label for="grid-password-current" class="input-label">{{ $t('strings.password') }}</label>
<input id="grid-password-current" name="current_password" type="password" class="input" required <input id="grid-password-current" name="current_password" type="password" class="input" required
ref="current" ref="current"
v-model="current" v-model="current"
> >
</div> </div>
<div class="mt-6"> <div class="mt-6">
<label for="grid-password-new" class="input-label">New password</label> <label for="grid-password-new" class="input-label">{{ $t('strings.new_password') }}</label>
<input id="grid-password-new" name="password" type="password" class="input" required <input id="grid-password-new" name="password" type="password" class="input" required
:class="{ error: errors.has('password') }" :class="{ error: errors.has('password') }"
v-model="newPassword" v-model="newPassword"
v-validate="'min:8'" v-validate="'min:8'"
> >
<p class="input-help error" v-show="errors.has('password')">{{ errors.first('password') }}</p> <p class="input-help error" v-show="errors.has('password')">{{ errors.first('password') }}</p>
<p class="input-help">Your new password should be at least 8 characters in length.</p> <p class="input-help">{{ $t('dashboard.account.password.requirements') }}</p>
</div> </div>
<div class="mt-6"> <div class="mt-6">
<label for="grid-password-new-confirm" class="input-label">Confirm new password</label> <label for="grid-password-new-confirm" class="input-label">{{ $t('strings.confirm_password') }}</label>
<input id="grid-password-new-confirm" name="password_confirmation" type="password" class="input" required <input id="grid-password-new-confirm" name="password_confirmation" type="password" class="input" required
:class="{ error: errors.has('password_confirmation') }" :class="{ error: errors.has('password_confirmation') }"
v-model="confirmNew" v-model="confirmNew"
@ -31,7 +31,7 @@
<p class="input-help error" v-show="errors.has('password_confirmation')">{{ errors.first('password_confirmation') }}</p> <p class="input-help error" v-show="errors.has('password_confirmation')">{{ errors.first('password_confirmation') }}</p>
</div> </div>
<div class="mt-6 text-right"> <div class="mt-6 text-right">
<button class="btn btn-blue btn-sm text-right" type="submit">Save</button> <button class="btn btn-blue btn-sm text-right" type="submit">{{ $t('strings.save') }}</button>
</div> </div>
</div> </div>
</form> </form>
@ -68,7 +68,7 @@
this.$data.newPassword = ''; this.$data.newPassword = '';
this.$data.confirmNew = ''; this.$data.confirmNew = '';
this.success('Your password has been updated.'); this.success(this.$t('dashboard.account.password.updated'));
}) })
.catch(err => { .catch(err => {
if (!err.response) { if (!err.response) {

184
resources/assets/scripts/components/dashboard/account/TwoFactorAuthentication.vue
View File

@ -1,11 +1,191 @@
<template> <template>
<div> <div>
Todo: put the 2FA magic here! <div class="h-16 text-center" v-show="spinner">
<span class="spinner spinner-xl text-blue"></span>
</div>
<div v-if="response.enabled" v-show="!spinner">
<h2 class="font-medium text-grey-darkest">{{ $t('dashboard.account.two_factor.disable.title') }}</h2>
<div class="mt-6">
<label class="input-label" for="grid-two-factor-token-disable">{{ $t('dashboard.account.two_factor.disable.field') }}</label>
<input id="grid-two-factor-token-disable" type="number" class="input"
name="token"
v-model="token"
ref="token"
v-validate="'length:6'"
:class="{ error: errors.has('token') }"
>
<p class="input-help error" v-show="errors.has('token')">{{ errors.first('token') }}</p>
</div>
<div class="mt-6 w-full text-right">
<button class="btn btn-sm btn-secondary mr-4" v-on:click="$emit('close')">
Cancel
</button>
<button class="btn btn-sm btn-red" type="submit"
:disabled="submitDisabled"
v-on:click.prevent="disableTwoFactor"
>{{ $t('strings.disable') }}</button>
</div>
</div>
<div v-else v-show="!spinner">
<h2 class="font-medium text-grey-darkest">{{ $t('dashboard.account.two_factor.setup.title') }}</h2>
<div class="flex mt-6">
<div class="flex-none w-full sm:w-1/2 text-center">
<div>
<img :src="response.qr_image" alt="Two-factor qr image" class="w-3/4">
</div>
<div>
<p class="text-xs text-grey-darker mb-2">{{ $t('dashboard.account.two_factor.setup.help') }}</p>
<p class="text-xs"><code>{{response.secret}}</code></p>
</div>
</div>
<div class="flex-none w-full sm:w-1/2">
<div>
<label class="input-label" for="grid-two-factor-token">{{ $t('dashboard.account.two_factor.setup.field') }}</label>
<input id="grid-two-factor-token" type="number" class="input"
name="token"
v-model="token"
ref="token"
v-validate="'length:6'"
:class="{ error: errors.has('token') }"
>
<p class="input-help error" v-show="errors.has('token')">{{ errors.first('token') }}</p>
</div>
<div class="mt-6">
<button class="btn btn-blue btn-jumbo" type="submit"
:disabled="submitDisabled"
v-on:click.prevent="enableTwoFactor"
>{{ $t('strings.enable') }}</button>
</div>
</div>
</div>
</div>
</div> </div>
</template> </template>
<script> <script>
import Vue from 'vue';
import isObject from 'lodash/isObject';
export default { export default {
name: 'TwoFactorAuthentication' name: 'TwoFactorAuthentication',
data: function () {
return {
spinner: true,
token: '',
submitDisabled: true,
response: {
enabled: false,
qr_image: '',
secret: '',
},
};
},
/**
* Before the component is mounted setup the event listener. This event is fired when a user
* presses the 'Configure 2-Factor' button on their account page. Once this happens we fire off
* a HTTP request to get their information.
*/
mounted: function () {
window.events.$on('two_factor:open', () => {
this.prepareModalContent();
});
},
watch: {
token: function (value) {
this.$data.submitDisabled = value.length !== 6;
},
},
methods: {
/**
* Determine the correct content to show in the modal.
*/
prepareModalContent: function () {
// Reset the data object when the modal is opened again.
Object.assign(this.$data, this.$options.data());
window.axios.get(this.route('account.two_factor'))
.finally(() => {
this.clearFlashes();
})
.then(response => {
this.$data.response = response.data;
this.$data.spinner = false;
Vue.nextTick().then(() => {
this.$refs.token.focus();
})
})
.catch(error => {
if (!error.response) {
this.error(error.message);
}
const response = error.response;
if (response.data && isObject(response.data.errors)) {
response.data.errors.forEach(e => {
this.error(e.detail);
});
}
this.$emit('close');
});
},
/**
* Enable two-factor authentication on the account by validating the token provided by the user.
* Close the modal once the request completes so that the success or error message can be shown
* to the user.
*/
enableTwoFactor: function () {
return this._callInternalApi('account.two_factor.enable', 'enabled');
},
/**
* Disables two-factor authentication for the client account and closes the modal.
*/
disableTwoFactor: function () {
return this._callInternalApi('account.two_factor.disable', 'disabled');
},
/**
* Call the Panel API endpoint and handle errors.
*
* @param {String} route
* @param {String} langKey
* @private
*/
_callInternalApi: function (route, langKey) {
window.axios.post(this.route(route), {
token: this.$data.token,
})
.finally(() => {
this.clearFlashes();
})
.then(response => {
if (response.data.success) {
this.success(this.$t(`dashboard.account.two_factor.${langKey}`));
} else {
this.error(this.$t('dashboard.account.two_factor.invalid'));
}
})
.catch(error => {
if (!error.response) {
this.error(error.message);
}
const response = error.response;
if (response.data && isObject(response.data.errors)) {
response.data.errors.forEach(e => {
this.error(e.detail);
});
}
})
.finally(() => {
this.$emit('close');
})
}
},
}; };
</script> </script>

14
resources/assets/scripts/components/dashboard/account/UpdateEmail.vue
View File

@ -2,9 +2,9 @@
<div :class> <div :class>
<form method="post" v-on:submit.prevent="submitForm"> <form method="post" v-on:submit.prevent="submitForm">
<div class="content-box"> <div class="content-box">
<h2 class="mb-6 text-grey-darkest font-medium">Update your email</h2> <h2 class="mb-6 text-grey-darkest font-medium">{{ $t('dashboard.account.email.title') }}</h2>
<div> <div>
<label for="grid-email" class="input-label">Email address</label> <label for="grid-email" class="input-label">{{ $t('strings.email_address') }}</label>
<input id="grid-email" name="email" type="email" class="input" required <input id="grid-email" name="email" type="email" class="input" required
:class="{ error: errors.has('email') }" :class="{ error: errors.has('email') }"
v-validate v-validate
@ -13,13 +13,13 @@
<p class="input-help error" v-show="errors.has('email')">{{ errors.first('email') }}</p> <p class="input-help error" v-show="errors.has('email')">{{ errors.first('email') }}</p>
</div> </div>
<div class="mt-6"> <div class="mt-6">
<label for="grid-password" class="input-label">Password</label> <label for="grid-password" class="input-label">{{ $t('strings.password') }}</label>
<input id="grid-password" name="password" type="password" class="input" required <input id="grid-password" name="password" type="password" class="input" required
v-model="password" v-model="password"
> >
</div> </div>
<div class="mt-6 text-right"> <div class="mt-6 text-right">
<button class="btn btn-blue btn-sm text-right" type="submit">Save</button> <button class="btn btn-blue btn-sm text-right" type="submit">{{ $t('strings.save') }}</button>
</div> </div>
</div> </div>
</form> </form>
@ -57,7 +57,7 @@
this.$data.password = ''; this.$data.password = '';
}) })
.then(() => { .then(() => {
this.success('Your email address has been updated.'); this.success(this.$t('dashboard.account.email.updated'));
}) })
.catch(error => { .catch(error => {
if (!error.response) { if (!error.response) {
@ -79,7 +79,3 @@
} }
}; };
</script> </script>
<style scoped>
</style>

8
resources/assets/styles/components/buttons.css
View File

@ -20,6 +20,14 @@
} }
} }
&.btn-red {
@apply .bg-red .border-red-dark .border .text-white;
&:hover:enabled {
@apply .bg-red-dark .border-red-darker;
}
}
&.btn-secondary { &.btn-secondary {
@apply .border .border-grey-light .text-grey-dark; @apply .border .border-grey-light .text-grey-dark;

10
resources/assets/styles/components/forms.css
View File

@ -2,6 +2,16 @@ textarea, select, input, button {
outline: none; outline: none;
} }
input[type=number]::-webkit-outer-spin-button,
input[type=number]::-webkit-inner-spin-button {
-webkit-appearance: none !important;
margin: 0;
}
input[type=number] {
-moz-appearance: textfield !important;
}
/** /**
* Styles for the login form open input boxes. Label floats up above it when content * Styles for the login form open input boxes. Label floats up above it when content
* is input and then sinks back down into the field if left empty. * is input and then sinks back down into the field if left empty.

4
resources/assets/styles/components/spinners.css
View File

@ -31,11 +31,11 @@
/** /**
* Spinner Colors * Spinner Colors
*/ */
&.blue:after { &.blue:after, &.text-blue:after {
@apply .border-blue; @apply .border-blue;
} }
&.white:after { &.white:after, &.text-white:after {
@apply .border-white; @apply .border-white;
} }

31
resources/lang/en/base.php
View File

@ -54,35 +54,4 @@ return [
], ],
], ],
], ],
'account' => [
'details_updated' => 'Your account details have been successfully updated.',
'invalid_password' => 'The password provided for your account was not valid.',
'header' => 'Your Account',
'header_sub' => 'Manage your account details.',
'update_pass' => 'Update Password',
'update_email' => 'Update Email Address',
'current_password' => 'Current Password',
'new_password' => 'New Password',
'new_password_again' => 'Repeat New Password',
'new_email' => 'New Email Address',
'first_name' => 'First Name',
'last_name' => 'Last Name',
'update_identity' => 'Update Identity',
'username_help' => 'Your username must be unique to your account, and may only contain the following characters: :requirements.',
],
'security' => [
'session_mgmt_disabled' => 'Your host has not enabled the ability to manage account sessions via this interface.',
'header' => 'Account Security',
'header_sub' => 'Control active sessions and 2-Factor Authentication.',
'sessions' => 'Active Sessions',
'2fa_header' => '2-Factor Authentication',
'2fa_token_help' => 'Enter the 2FA Token generated by your app (Google Authenticator, Authy, etc.).',
'disable_2fa' => 'Disable 2-Factor Authentication',
'2fa_enabled' => '2-Factor Authentication is enabled on this account and will be required in order to login to the panel. If you would like to disable 2FA, simply enter a valid token below and submit the form.',
'2fa_disabled' => '2-Factor Authentication is disabled on your account! You should enable 2FA in order to add an extra level of protection on your account.',
'enable_2fa' => 'Enable 2-Factor Authentication',
'2fa_qr' => 'Configure 2FA on Your Device',
'2fa_checkpoint_help' => 'Use the 2FA application on your phone to take a picture of the QR code to the left, or manually enter the code under it. Once you have done so, generate a token and enter it below.',
'2fa_disable_error' => 'The 2FA token provided was not valid. Protection has not been disabled for this account.',
],
]; ];

28
resources/lang/en/dashboard/account.php Normal file
View File

@ -0,0 +1,28 @@
<?php
return [
'email' => [
'title' => 'Update your email',
'updated' => 'Your email address has been updated.',
],
'password' => [
'title' => 'Change your password',
'requirements' => 'Your new password should be at least 8 characters in length.',
'updated' => 'Your password has been updated.',
],
'two_factor' => [
'button' => 'Configure 2-Factor Authentication',
'disabled' => 'Two-factor authentication has been disabled on your account. You will no longer be prompted to provide a token when logging in.',
'enabled' => 'Two-factor authentication has been enabled on your account! From now on, when logging in, you will be required to provide the code generated by your device.',
'invalid' => 'The token provided was invalid.',
'setup' => [
'title' => 'Setup two-factor authentication',
'help' => 'Can\'t scan the code? Enter the code below into your application:',
'field' => 'Enter token',
],
'disable' => [
'title' => 'Disable two-factor authentication',
'field' => 'Enter token',
],
],
];

9
resources/lang/en/strings.php
View File

@ -2,9 +2,11 @@
return [ return [
'email' => 'Email', 'email' => 'Email',
'email_address' => 'Email address',
'user_identifier' => 'Username or Email', 'user_identifier' => 'Username or Email',
'password' => 'Password', 'password' => 'Password',
'confirm_password' => 'Confirm Password', 'new_password' => 'New password',
'confirm_password' => 'Confirm new password',
'login' => 'Login', 'login' => 'Login',
'home' => 'Home', 'home' => 'Home',
'servers' => 'Servers', 'servers' => 'Servers',
@ -85,7 +87,8 @@ return [
'sat' => 'Saturday', 'sat' => 'Saturday',
], ],
'last_used' => 'Last Used', 'last_used' => 'Last Used',
'enable' => 'Enable',
// Copyright Line 'disable' => 'Disable',
'save' => 'Save',
'copyright' => '&copy; 2015 - :year Pterodactyl Software', 'copyright' => '&copy; 2015 - :year Pterodactyl Software',
]; ];

26
routes/base.php
View File

@ -1,11 +1,5 @@
<?php <?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* This software is licensed under the terms of the MIT license.
* https://opensource.org/licenses/MIT
*/
Route::get('/', 'IndexController@index')->name('index'); Route::get('/', 'IndexController@index')->name('index');
/* /*
@ -16,11 +10,6 @@ Route::get('/', 'IndexController@index')->name('index');
| Endpoint: /account | Endpoint: /account
| |
*/ */
//Route::group(['prefix' => 'account'], function () {
// Route::get('/', 'AccountController@index')->name('account');
//
// Route::post('/', 'AccountController@update');
//});
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
@ -47,15 +36,10 @@ Route::group(['prefix' => 'account/api'], function () {
| Endpoint: /account/security | Endpoint: /account/security
| |
*/ */
Route::group(['prefix' => 'account/security'], function () { Route::group(['prefix' => 'account/two_factor'], function () {
Route::get('/', 'SecurityController@index')->name('account.security'); Route::get('/', 'SecurityController@index')->name('account.two_factor');
Route::get('/revoke/{id}', 'SecurityController@revoke')->name('account.security.revoke'); Route::post('/totp', 'SecurityController@store')->name('account.two_factor.enable');
Route::post('/totp/disable', 'SecurityController@delete')->name('account.two_factor.disable');
Route::put('/totp', 'SecurityController@generateTotp')->name('account.security.totp');
Route::post('/totp', 'SecurityController@setTotp')->name('account.security.totp.set');
Route::delete('/totp', 'SecurityController@disableTotp')->name('account.security.totp.disable');
}); });
// Catch any other combinations of routes and pass them off to the Vuejs component. // Catch any other combinations of routes and pass them off to the Vuejs component.