Pterodactyl-Panel

mirror of https://github.com/pterodactyl/panel.git synced 2024-11-23 01:22:30 +01:00

Author	SHA1	Message	Date
Dane Everitt	8b9c2465f3	Correct behavior of errors on the login form	2018-07-14 21:26:08 -07:00
Dane Everitt	2ae43e1f61	Add changes for vagrant	2018-07-14 21:16:18 -07:00
Dane Everitt	d17442a096	Disable automatic optimization and change v:serve for new dev environment	2018-07-14 15:07:19 -07:00
Dane Everitt	c82f273d85	Fix remaining broken tests	2018-07-04 19:38:23 -07:00
Dane Everitt	6c20ea9881	Add tests for changed controllers	2018-07-04 19:20:33 -07:00
Dane Everitt	ec8e434375	Set the 2fa image to always have a consistent height, less jarring transition	2018-07-04 19:00:20 -07:00
Dane Everitt	5010c0c756	Merge branch 'feature/vuejs' into feature/vuejs-account	2018-07-04 18:12:57 -07:00
Dane Everitt	6419b1cf81	Handle password reset logic change for 2fa	2018-07-04 18:11:43 -07:00
Dane Everitt	af9af78938	Merge branch 'develop' into feature/vuejs	2018-07-04 18:09:07 -07:00
Dane Everitt	d9948f2876	Update changelog	2018-07-04 11:42:57 -07:00
Dane Everitt	8f5bd214a4	[Security] Address 2FA bypass in password reset functionality Thanks to Trixter#0001 on Discord for this security report. There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required. This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed. Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.	2018-07-04 11:41:56 -07:00
Dane Everitt	b342d4dc6b	Change v:serve to match the new vagrant setup	2018-07-03 23:11:22 -07:00
Dane Everitt	603b8a3094	Merge branch 'feature/vuejs' into feature/vuejs-account	2018-07-02 21:01:04 -07:00
Dane Everitt	48cb01f438	Merge branch 'develop' into feature/vuejs	2018-07-02 21:00:42 -07:00
Jan	422e5dd99f	Update strings.php (#1227 ) Fixed typo.	2018-07-02 15:04:16 -07:00
Dane Everitt	8915c3ec28	Update dependencies	2018-07-01 14:50:11 -07:00
Lance Pioch	b5022766df	Do not keep processing the file/folder paths if the user has cancelled the operation and fix #1124 (#1177 )	2018-07-01 14:42:01 -07:00
Stan	1ffb5acfad	Send an email when a server is marked as installed (#1213 ) Co-authored-by: @stanjg	2018-07-01 14:34:40 -07:00
Dane Everitt	c42605e495	Merge branch 'develop' of https://github.com/Pterodactyl/Panel into develop	2018-07-01 13:50:56 -07:00
Dane Everitt	eeb4d88cbd	Disable codecov failing PRs	2018-07-01 13:50:55 -07:00
Isaac A	b6d18b0a36	Add support for authentication via Unix socket (#1206 ) Co-authored-by: @tenten8401	2018-07-01 13:47:00 -07:00
Dane Everitt	1df3efdfb0	Fix eggs (#1224 )	2018-06-30 18:52:32 -07:00
Dane Everitt	d2bc791d74	Fix links sent to users when accounts are created closes #1093	2018-06-30 18:47:31 -07:00
Dane Everitt	304d947536	Allow creating subuser with no permissions	2018-06-30 18:25:46 -07:00
Dane Everitt	96699b192e	Don't verify SSL signatures in dev [skip ci]	2018-06-30 18:24:35 -07:00
Dane Everitt	59730dcbc9	Speed up tests, allow coverage to fail since thats a slow process	2018-06-30 18:01:23 -07:00
Dane Everitt	5a97f54013	Try concurrent build process for travis	2018-06-30 17:55:41 -07:00
Dane Everitt	974318ffb4	Logout other sessions when password is changed closes #1222	2018-06-30 17:50:58 -07:00
Matthew Penner	1da05a2ee2	Fix typo (#1210 )	2018-06-30 13:25:51 -07:00
Sergzy	bad9ae58e8	Fix environment_variables name (#1212 )	2018-06-30 13:25:40 -07:00
Stan	ad9ed5ea00	Fixed the permission (#1217 )	2018-06-30 13:23:48 -07:00
Dane Everitt	7711b697ad	Finalize two-factor handling on account.	2018-06-20 23:05:35 -07:00
Dane Everitt	0cc895f2d5	Finalize email/password changing in UI	2018-06-17 16:53:24 -07:00
Dane Everitt	81da55d46b	Actually fix the endless redirect loop when the application needs a fresh JWT.	2018-06-17 15:06:34 -07:00
Dane Everitt	5c3d3f6ce9	Better support for mobile devices on login and account pages	2018-06-16 18:04:48 -07:00
Dane Everitt	941c585c73	Fix animations being nuked on production compilation	2018-06-16 17:13:03 -07:00
Dane Everitt	074a929315	Fix icon size in production compiled assets	2018-06-16 17:05:06 -07:00
Dane Everitt	7d509e8ae5	Remove the glow on inputs in Safari/Chrome	2018-06-16 17:00:35 -07:00
Dane Everitt	462e59e330	Make modals look sane on phones	2018-06-16 16:50:18 -07:00
Dane Everitt	ac7cefb83f	Make the account page mobile friendly	2018-06-16 16:43:52 -07:00
Dane Everitt	4e4a183f48	Put the modal more at the top, looks funky in middle	2018-06-16 16:27:53 -07:00
Dane Everitt	d6959ea3dd	Add a basic modal template to be used	2018-06-16 16:25:26 -07:00
Dane Everitt	84fecb7a92	Import only the needed things from lodash	2018-06-16 15:05:36 -07:00
Dane Everitt	fce394f6bd	Change email handling and logout function	2018-06-16 14:30:20 -07:00
Dane Everitt	ca0c35bf82	Avoid getting stuck in an endless redirect loop...	2018-06-16 14:27:23 -07:00
Dane Everitt	1acedc2de2	Remove luxon completely.	2018-06-16 14:11:58 -07:00
Dane Everitt	e7faf979a1	Change login handling to automatically redirect a user if their session will need renewal.	2018-06-16 14:05:39 -07:00
Dane Everitt	24bb8da43d	Fix CSS issue with login page due to input classes	2018-06-16 12:43:32 -07:00
Dane Everitt	b8b9acd0e6	Get the base email update working through the API. Still going to need to determine the best course of action to update the token on the client side.	2018-06-11 22:56:57 -07:00
Dane Everitt	14927c3e7e	Add base UI for account management	2018-06-11 22:36:43 -07:00

1 2 3 4 5 ...

2154 Commits