Better handling of file download requests

This commit is contained in:
Dane Everitt 2018-03-01 19:19:19 -06:00
parent 838b9a9093
commit 85bdbdce14
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
6 changed files with 56 additions and 31 deletions

View File

@ -12,6 +12,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
### Added
* Adds back client API for sending commands or power toggles to a server though the Panel API: `/api/client/servers/<identifier>`
* Added proper transformer for Packs and re-enabled missing includes on server.
* Added support for using Filesystem as a caching driver, although not recommended.
## v0.7.3 (Derelict Dermodactylus)
### Fixed

View File

@ -0,0 +1,50 @@
<?php
namespace Pterodactyl\Http\Controllers\Api\Remote;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Pterodactyl\Http\Controllers\Controller;
use Illuminate\Contracts\Cache\Repository as CacheRepository;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
class FileDownloadController extends Controller
{
/**
* @var \Illuminate\Contracts\Cache\Repository
*/
private $cache;
/**
* FileDownloadController constructor.
*
* @param \Illuminate\Contracts\Cache\Repository $cache
*/
public function __construct(CacheRepository $cache)
{
$this->cache = $cache;
}
/**
* Handle a request to authenticate a download using a token and return
* the path of the file to the daemon.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse
*
* @throws \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
*/
public function index(Request $request): JsonResponse
{
$download = $this->cache->pull('Server:Downloads:' . $request->input('token', ''));
if (is_null($download)) {
throw new NotFoundHttpException('No file was found using the token provided.');
}
return response()->json([
'path' => array_get($download, 'path'),
'server' => array_get($download, 'server'),
]);
}
}

View File

@ -10,28 +10,6 @@ use Pterodactyl\Http\Controllers\Controller;
class ActionController extends Controller
{
/**
* Handles download request from daemon.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\JsonResponse
*/
public function authenticateDownload(Request $request)
{
$download = Cache::pull('Server:Downloads:' . $request->input('token'));
if (is_null($download)) {
return response()->json([
'error' => 'An invalid request token was recieved with this request.',
], 403);
}
return response()->json([
'path' => $download['path'],
'server' => $download['server'],
]);
}
/**
* Handles install toggle request from daemon.
*

View File

@ -9,6 +9,7 @@
namespace Pterodactyl\Http\Controllers\Server\Files;
use Ramsey\Uuid\Uuid;
use Illuminate\Http\Request;
use Illuminate\Cache\Repository;
use Illuminate\Http\RedirectResponse;
@ -46,8 +47,9 @@ class DownloadController extends Controller
$server = $request->attributes->get('server');
$this->authorize('download-files', $server);
$token = str_random(40);
$token = Uuid::uuid4()->toString();
$node = $server->getRelation('node');
$this->cache->put('Server:Downloads:' . $token, ['server' => $server->uuid, 'path' => $file], 5);
return redirect(sprintf('%s://%s:%s/v1/server/file/download/%s', $node->scheme, $node->fqdn, $node->daemonListen, $token));

View File

@ -1,12 +1,7 @@
<?php
/**
* Pterodactyl - Panel
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
*
* This software is licensed under the terms of the MIT license.
* https://opensource.org/licenses/MIT
*/
Route::get('/authenticate/{token}', 'ValidateKeyController@index')->name('api.remote.authenticate');
Route::post('/download-file', 'FileDownloadController@index')->name('api.remote.download_file');
Route::group(['prefix' => '/eggs'], function () {
Route::get('/', 'EggRetrievalController@index')->name('api.remote.eggs');

View File

@ -10,5 +10,4 @@ Route::get('/packs/pull/{uuid}', 'PackController@pull')->name('daemon.pack.pull'
Route::get('/packs/pull/{uuid}/hash', 'PackController@hash')->name('daemon.pack.hash');
Route::get('/configure/{token}', 'ActionController@configuration')->name('daemon.configuration');
Route::post('/download', 'ActionController@authenticateDownload')->name('daemon.download');
Route::post('/install', 'ActionController@markInstall')->name('daemon.install');