1
1
mirror of https://github.com/pterodactyl/panel.git synced 2024-11-23 01:22:30 +01:00
Commit Graph

19 Commits

Author SHA1 Message Date
Matthew Penner
cbcf62086f
Upgrade to Laravel 9 (#4413)
Co-authored-by: DaneEveritt <dane@daneeveritt.com>
2022-10-14 10:59:20 -06:00
DaneEveritt
b051718afe
Fix up API handling logic for keys and set a prefix on all keys 2022-05-22 19:03:51 -04:00
Dane Everitt
c449ca5155
Use more standardized phpcs 2021-01-23 12:33:34 -08:00
Dane Everitt
933a4733e8
Add base support for creating a new API key for an account 2020-03-22 18:15:38 -07:00
Dane Everitt
7543ef085d
Format files 2019-09-05 21:32:57 -07:00
Lance Pioch
e2dc0638d9 Fix app/ spelling errors 2018-05-13 11:12:41 -04:00
Dane Everitt
f9fc3f4370
Update interface to begin change to seperate account API keys and application keys
Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table.
2018-01-14 13:30:55 -06:00
Dane Everitt
ad3a954256
Rename APIKey to ApiKey 2018-01-14 12:06:15 -06:00
Dane Everitt
7aa540b895
Remove api permissions table 2018-01-14 12:05:18 -06:00
Dane Everitt
e0fb7fa30c
Fix failing ApiKeyCreationService test 2018-01-13 16:23:43 -06:00
Dane Everitt
e3df0738da
Change the way API keys are stored and validated; clarify API namespacing
Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison.
2018-01-13 16:06:19 -06:00
Dane Everitt
5f9fe4a69b
Update calls to missing function 2018-01-05 16:33:50 -06:00
Dane Everitt
285485d7b0
Change how API keys are validated (#771) 2017-12-03 14:29:14 -06:00
Dane Everitt
2f42396317
Fix bug with permissions including more than one dash, closes #727 2017-11-05 13:42:57 -06:00
Dane Everitt
e56f4cdd33
Update license headers on files. 2017-09-25 21:43:01 -05:00
Dane Everitt
a8c4d6afdb
Update random ID method to use str_random and not random_bytes
The use of random_bytes in combination with bin2hex was producing a lot of duplicate keys when tested in batches of 10k (anywhere from 2 to 6). The use of str_random yielded no duplicates even at scales of 100k keys that were 8 characters.
2017-09-13 23:07:02 -05:00
Dane Everitt
e045ef443a
Should wrap up the base landing page stuff for accounts, next step is server rendering 2017-08-30 21:11:14 -05:00
Dane Everitt
3ee5803416
Massive PHPCS linting 2017-08-21 22:10:48 -05:00
Dane Everitt
1f4f6024cc
Refactor (again) 2017-07-09 12:29:18 -05:00