Dane Everitt
b6205463db
Merge branch 'develop' into feature/vuejs
2018-09-23 13:14:46 -07:00
Andrew DeLisa
262ef78fae
Allow deletion of multiple allocations at once ( #1322 )
2018-09-18 21:43:18 -07:00
Dane Everitt
5ca13839cf
Merge branch 'develop' into feature/vue-serverview
2018-09-05 21:34:59 -07:00
Dane Everitt
f9542c98e2
Fix tests broken by bad namespaces
2018-09-03 15:59:30 -07:00
Dane Everitt
fd49e524c8
Update middleware code
2018-09-03 15:17:53 -07:00
Dane Everitt
4d62e4c7b9
Merge branch 'develop' into pr/1128
2018-09-03 15:10:23 -07:00
Dane Everitt
3bb9bf04e5
Pass the updated model through for updating node config, rather than old model, ref #1237
2018-09-03 14:54:50 -07:00
Dane Everitt
5bd3f59455
Fix schedules running twice, closes #1288
2018-09-03 14:32:33 -07:00
Dane Everitt
178b8f8ce6
More logical time handling
2018-08-31 21:00:13 -07:00
Dane Everitt
f3efe546da
Fix broken namespace for autoloader
2018-08-31 20:34:57 -07:00
Dane Everitt
e906ada528
Better handling when deleting a database
2018-08-26 14:01:00 -07:00
Dane Everitt
0999ec93c3
More logic for deleting databases
2018-08-25 15:07:42 -07:00
Dane Everitt
9be2aa4ca9
Push beginning of DB deletion stuff
2018-08-25 14:43:21 -07:00
Dane Everitt
c28e9c1ab7
Add ability to create new database through the UI
2018-08-22 22:29:20 -07:00
Dane Everitt
17796fb1c4
Add basic database listing for server
2018-08-21 21:47:01 -07:00
Dane Everitt
e9f8751c4c
More filemanager work, directory browsing working
2018-08-13 22:58:58 -07:00
Dane Everitt
92a9146b61
Improve filemanager, get first level folders listing
2018-08-06 23:14:13 -07:00
Dane Everitt
8db9d9bbee
Very rough go at connecting to socket and rendering console data for server
2018-07-20 23:45:07 -07:00
Dane Everitt
f2d2725ca0
Merge branch 'feature/vuejs' into feature/vue-serverview
2018-07-15 16:50:11 -07:00
Dane Everitt
be2c76c24a
Add tests for password changing
2018-07-15 11:44:18 -07:00
Dane Everitt
8bbe6bc279
Add test, fix behavior of model creation
2018-07-14 22:58:33 -07:00
Dane Everitt
550c622d3b
Obliterate JWT from codebase
2018-07-14 22:48:09 -07:00
Dane Everitt
6336e5191f
Strip out JWT usage and use cookies to track the currently logged in user
2018-07-14 22:42:58 -07:00
Dane Everitt
eafc4408eb
Fix broken unit tests
2018-07-14 21:49:49 -07:00
Dane Everitt
c82f273d85
Fix remaining broken tests
2018-07-04 19:38:23 -07:00
Dane Everitt
6c20ea9881
Add tests for changed controllers
2018-07-04 19:20:33 -07:00
Dane Everitt
5010c0c756
Merge branch 'feature/vuejs' into feature/vuejs-account
2018-07-04 18:12:57 -07:00
Dane Everitt
af9af78938
Merge branch 'develop' into feature/vuejs
2018-07-04 18:09:07 -07:00
Dane Everitt
8f5bd214a4
[Security] Address 2FA bypass in password reset functionality
...
Thanks to Trixter#0001 on Discord for this security report.
There was a two-factor authentication bypass present in all previous versions of Pterodactyl that would allow a user to login without providing a token by going through the password reset process. A person would still have to have access to the targeted account's email, but if they did manage to get a password reset link they would be able to reset the account password and then proceede to login without a token being required.
This logic has since been changed to check if 2FA is enabled on an account, and if so they will NOT be logged in when their password is changed. This will force them to continue through the normal login pathway where a token will be needed.
Overall the impact of this issue is minor, but I am still addressing it and disclosing the mechanism behind it.
2018-07-04 11:41:56 -07:00
Dane Everitt
603b8a3094
Merge branch 'feature/vuejs' into feature/vuejs-account
2018-07-02 21:01:04 -07:00
Dane Everitt
48cb01f438
Merge branch 'develop' into feature/vuejs
2018-07-02 21:00:42 -07:00
Stan
1ffb5acfad
Send an email when a server is marked as installed ( #1213 )
...
Co-authored-by: @stanjg
2018-07-01 14:34:40 -07:00
Dane Everitt
304d947536
Allow creating subuser with no permissions
2018-06-30 18:25:46 -07:00
Dane Everitt
974318ffb4
Logout other sessions when password is changed
...
closes #1222
2018-06-30 17:50:58 -07:00
Dane Everitt
7711b697ad
Finalize two-factor handling on account.
2018-06-20 23:05:35 -07:00
Dane Everitt
0cc895f2d5
Finalize email/password changing in UI
2018-06-17 16:53:24 -07:00
Dane Everitt
fce394f6bd
Change email handling and logout function
2018-06-16 14:30:20 -07:00
Dane Everitt
e7faf979a1
Change login handling to automatically redirect a user if their session will need renewal.
2018-06-16 14:05:39 -07:00
Dane Everitt
b8b9acd0e6
Get the base email update working through the API.
...
Still going to need to determine the best course of action to update the token on the client side.
2018-06-11 22:56:57 -07:00
Jakob Schrettenbrunner
05478e3277
Merge branch 'feature/vuejs' into feature/vue-serverview
2018-06-11 21:06:12 +02:00
Dane Everitt
03c83c084a
Revert use of cookies, go back to using a JWT
2018-06-06 22:49:44 -07:00
Dane Everitt
5bcabbde35
Get dashboard in a more working state
2018-06-05 23:42:34 -07:00
Dane Everitt
e948d81d8a
Base attempt at using vuex to handle logins
2018-06-05 23:00:01 -07:00
Dane Everitt
e65854c8c2
Merge branch 'feature/vuejs' into feature/vue-serverview
2018-06-02 23:28:55 -07:00
Dane Everitt
02b29a66ea
Use client API to get resource use for a server
2018-06-02 19:08:53 -07:00
Jacob Gee-Clarke
d73e5a2274
Fixed my fix to fix the 500 error on /api/application/nodes when not specifying a daemon_base ( #1182 )
2018-06-02 14:34:01 -07:00
Dane Everitt
969b16a563
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2018-06-02 21:32:26 +00:00
stanjg
b56f3a8671
Expanded the middleware test
2018-06-01 16:22:06 +02:00
stanjg
e9ac014bf4
Removed the use of Auth facade and removed unnecesary option
2018-06-01 16:10:32 +02:00
stanjg
3bb9e5e8a8
Merge branch 'develop' of https://github.com/stanjg/panel into feature/user-specific-language
2018-06-01 15:58:09 +02:00