forked from Alex/Pterodactyl-Panel
Better handling of file download requests
This commit is contained in:
parent
838b9a9093
commit
85bdbdce14
@ -12,6 +12,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
|
||||
### Added
|
||||
* Adds back client API for sending commands or power toggles to a server though the Panel API: `/api/client/servers/<identifier>`
|
||||
* Added proper transformer for Packs and re-enabled missing includes on server.
|
||||
* Added support for using Filesystem as a caching driver, although not recommended.
|
||||
|
||||
## v0.7.3 (Derelict Dermodactylus)
|
||||
### Fixed
|
||||
|
50
app/Http/Controllers/Api/Remote/FileDownloadController.php
Normal file
50
app/Http/Controllers/Api/Remote/FileDownloadController.php
Normal file
@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
namespace Pterodactyl\Http\Controllers\Api\Remote;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Pterodactyl\Http\Controllers\Controller;
|
||||
use Illuminate\Contracts\Cache\Repository as CacheRepository;
|
||||
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
||||
|
||||
class FileDownloadController extends Controller
|
||||
{
|
||||
/**
|
||||
* @var \Illuminate\Contracts\Cache\Repository
|
||||
*/
|
||||
private $cache;
|
||||
|
||||
/**
|
||||
* FileDownloadController constructor.
|
||||
*
|
||||
* @param \Illuminate\Contracts\Cache\Repository $cache
|
||||
*/
|
||||
public function __construct(CacheRepository $cache)
|
||||
{
|
||||
$this->cache = $cache;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle a request to authenticate a download using a token and return
|
||||
* the path of the file to the daemon.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*
|
||||
* @throws \Symfony\Component\HttpKernel\Exception\NotFoundHttpException
|
||||
*/
|
||||
public function index(Request $request): JsonResponse
|
||||
{
|
||||
$download = $this->cache->pull('Server:Downloads:' . $request->input('token', ''));
|
||||
|
||||
if (is_null($download)) {
|
||||
throw new NotFoundHttpException('No file was found using the token provided.');
|
||||
}
|
||||
|
||||
return response()->json([
|
||||
'path' => array_get($download, 'path'),
|
||||
'server' => array_get($download, 'server'),
|
||||
]);
|
||||
}
|
||||
}
|
@ -10,28 +10,6 @@ use Pterodactyl\Http\Controllers\Controller;
|
||||
|
||||
class ActionController extends Controller
|
||||
{
|
||||
/**
|
||||
* Handles download request from daemon.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function authenticateDownload(Request $request)
|
||||
{
|
||||
$download = Cache::pull('Server:Downloads:' . $request->input('token'));
|
||||
|
||||
if (is_null($download)) {
|
||||
return response()->json([
|
||||
'error' => 'An invalid request token was recieved with this request.',
|
||||
], 403);
|
||||
}
|
||||
|
||||
return response()->json([
|
||||
'path' => $download['path'],
|
||||
'server' => $download['server'],
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles install toggle request from daemon.
|
||||
*
|
||||
|
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Pterodactyl\Http\Controllers\Server\Files;
|
||||
|
||||
use Ramsey\Uuid\Uuid;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Cache\Repository;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
@ -46,8 +47,9 @@ class DownloadController extends Controller
|
||||
$server = $request->attributes->get('server');
|
||||
$this->authorize('download-files', $server);
|
||||
|
||||
$token = str_random(40);
|
||||
$token = Uuid::uuid4()->toString();
|
||||
$node = $server->getRelation('node');
|
||||
|
||||
$this->cache->put('Server:Downloads:' . $token, ['server' => $server->uuid, 'path' => $file], 5);
|
||||
|
||||
return redirect(sprintf('%s://%s:%s/v1/server/file/download/%s', $node->scheme, $node->fqdn, $node->daemonListen, $token));
|
||||
|
@ -1,12 +1,7 @@
|
||||
<?php
|
||||
/**
|
||||
* Pterodactyl - Panel
|
||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
||||
*
|
||||
* This software is licensed under the terms of the MIT license.
|
||||
* https://opensource.org/licenses/MIT
|
||||
*/
|
||||
|
||||
Route::get('/authenticate/{token}', 'ValidateKeyController@index')->name('api.remote.authenticate');
|
||||
Route::post('/download-file', 'FileDownloadController@index')->name('api.remote.download_file');
|
||||
|
||||
Route::group(['prefix' => '/eggs'], function () {
|
||||
Route::get('/', 'EggRetrievalController@index')->name('api.remote.eggs');
|
||||
|
@ -10,5 +10,4 @@ Route::get('/packs/pull/{uuid}', 'PackController@pull')->name('daemon.pack.pull'
|
||||
Route::get('/packs/pull/{uuid}/hash', 'PackController@hash')->name('daemon.pack.hash');
|
||||
Route::get('/configure/{token}', 'ActionController@configuration')->name('daemon.configuration');
|
||||
|
||||
Route::post('/download', 'ActionController@authenticateDownload')->name('daemon.download');
|
||||
Route::post('/install', 'ActionController@markInstall')->name('daemon.install');
|
||||
|
Loading…
Reference in New Issue
Block a user