dvkei/Pterodactyl-Panel
1
0
Fork 0
forked from Alex/Pterodactyl-Panel
Code Issues Pull Requests Projects Releases Wiki Activity

Apply fixes from StyleCI (#364)

Browse Source
This commit is contained in:
Dane Everitt 2017-03-31 20:48:35 -04:00 committed by GitHub
parent fe6a19096f
commit 451dd7ebc8
4 changed files with 33 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
app/Events/Auth/FailedCaptcha.php
View File

@ -29,31 +29,31 @@ use Illuminate\Queue\SerializesModels;
class FailedCaptcha
{
use SerializesModels;
/**
* The IP that the request originated from.
*
* @var string
*/
* The IP that the request originated from.
*
* @var string
*/
public $ip;
/**
* The domain that was used to try to verify the request with recaptcha api.
*
*
* @var string
*/
public $domain;
/**
* Create a new event instance.
*
* @param string $ip
* @param string $domain
* @return void
*/
* Create a new event instance.
*
* @param string $ip
* @param string $domain
* @return void
*/
public function __construct($ip, $domain)
{
$this->ip = $ip;
$this->domain = $domain;
}
}
}

2
app/Http/Controllers/Auth/ForgotPasswordController.php
View File

@ -1,7 +1,7 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal

22
app/Http/Middleware/VerifyReCaptcha.php
View File

@ -3,8 +3,7 @@
namespace Pterodactyl\Http\Middleware;
use Closure;
use Alert;
use \Pterodactyl\Events\Auth\FailedCaptcha;
use Pterodactyl\Events\Auth\FailedCaptcha;
class VerifyReCaptcha
{
@ -17,8 +16,10 @@ class VerifyReCaptcha
*/
public function handle($request, Closure $next)
{
if (!config('recaptcha.enabled')) return $next($request);
if (! config('recaptcha.enabled')) {
return $next($request);
}
$response_domain = null;
if ($request->has('g-recaptcha-response')) {
@ -40,20 +41,21 @@ class VerifyReCaptcha
// Compare the domain received by google with the app url
$domain_verified = false;
if (config('recaptcha.verify_domain')) {
$matches;
preg_match('/^(?:https?:\/\/)?((?:www\.)?[^:\/\n]+)/', config('app.url'), $matches);
$domain = $matches[1];
$domain_verified = $response_domain === $domain;
$matches;
preg_match('/^(?:https?:\/\/)?((?:www\.)?[^:\/\n]+)/', config('app.url'), $matches);
$domain = $matches[1];
$domain_verified = $response_domain === $domain;
}
if ($result->success && (!config('recaptcha.verify_domain') || $domain_verified)) {
if ($result->success && (! config('recaptcha.verify_domain') || $domain_verified)) {
return $next($request);
}
}
}
// Emit an event and return to the previous view with an error (only the captcha error will be shown!)
event(new FailedCaptcha($request->ip(), $response_domain));
return back()->withErrors(['g-recaptcha-response' => trans('strings.captcha_invalid')])->withInput();
}
}

12
config/recaptcha.php
View File

@ -2,25 +2,25 @@
return [
/**
/*
* Enable or disable captchas
*/
'enabled' => env('RECAPTCHA_ENABLED', true),
/**
/*
* Use a custom secret key, we use our public one by default
*/
'secret_key' => env('RECAPTCHA_SECRET_KEY', '6LekAxoUAAAAAPW-PxNWaCLH76WkClMLSa2jImwD'),
/**
/*
* Use a custom website key, we use our public one by default
*/
'website_key' => env('RECAPTCHA_WEBSITE_KEY' ,'6LekAxoUAAAAADjWZJ4ufcDRZBBiH9vfHawqRbup'),
'website_key' => env('RECAPTCHA_WEBSITE_KEY', '6LekAxoUAAAAADjWZJ4ufcDRZBBiH9vfHawqRbup'),
/**
/*
* Domain verification is enabled by default and compares the domain used when solving the captcha
* as public keys can't have domain verification on google's side enabled (obviously).
*/
'verify_domain' => true,
];
];