forked from pterodactyl/panel
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathApiKey.php
More file actions
227 lines (209 loc) · 7.48 KB
/
ApiKey.php
File metadata and controls
227 lines (209 loc) · 7.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
<?php
namespace Pterodactyl\Models;
use Illuminate\Support\Str;
use Webmozart\Assert\Assert;
use Pterodactyl\Services\Acl\Api\AdminAcl;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
/**
* Pterodactyl\Models\ApiKey.
*
* @property int $id
* @property int $user_id
* @property int $key_type
* @property string $identifier
* @property string $token
* @property array|null $allowed_ips
* @property string|null $memo
* @property \Illuminate\Support\Carbon|null $last_used_at
* @property \Illuminate\Support\Carbon|null $created_at
* @property \Illuminate\Support\Carbon|null $updated_at
* @property int $r_servers
* @property int $r_nodes
* @property int $r_allocations
* @property int $r_users
* @property int $r_locations
* @property int $r_nests
* @property int $r_eggs
* @property int $r_database_hosts
* @property int $r_server_databases
* @property \Pterodactyl\Models\User $tokenable
* @property \Pterodactyl\Models\User $user
*
* @method static \Database\Factories\ApiKeyFactory factory(...$parameters)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey newModelQuery()
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey newQuery()
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey query()
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereAllowedIps($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereCreatedAt($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereId($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereIdentifier($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereKeyType($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereLastUsedAt($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereMemo($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRAllocations($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRDatabaseHosts($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereREggs($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRLocations($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRNests($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRNodes($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRServerDatabases($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRServers($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereRUsers($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereToken($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereUpdatedAt($value)
* @method static \Illuminate\Database\Eloquent\Builder|ApiKey whereUserId($value)
* @mixin \Eloquent
*/
class ApiKey extends Model
{
/**
* The resource name for this model when it is transformed into an
* API representation using fractal.
*/
public const RESOURCE_NAME = 'api_key';
/**
* Different API keys that can exist on the system.
*/
public const TYPE_NONE = 0;
public const TYPE_ACCOUNT = 1;
/* @deprecated */
public const TYPE_APPLICATION = 2;
/* @deprecated */
public const TYPE_DAEMON_USER = 3;
/* @deprecated */
public const TYPE_DAEMON_APPLICATION = 4;
/**
* The length of API key identifiers.
*/
public const IDENTIFIER_LENGTH = 16;
/**
* The length of the actual API key that is encrypted and stored
* in the database.
*/
public const KEY_LENGTH = 32;
/**
* The table associated with the model.
*
* @var string
*/
protected $table = 'api_keys';
/**
* Cast values to correct type.
*
* @var array
*/
protected $casts = [
'allowed_ips' => 'array',
'user_id' => 'int',
'r_' . AdminAcl::RESOURCE_USERS => 'int',
'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'int',
'r_' . AdminAcl::RESOURCE_DATABASE_HOSTS => 'int',
'r_' . AdminAcl::RESOURCE_SERVER_DATABASES => 'int',
'r_' . AdminAcl::RESOURCE_EGGS => 'int',
'r_' . AdminAcl::RESOURCE_LOCATIONS => 'int',
'r_' . AdminAcl::RESOURCE_NESTS => 'int',
'r_' . AdminAcl::RESOURCE_NODES => 'int',
'r_' . AdminAcl::RESOURCE_SERVERS => 'int',
];
/**
* Fields that are mass assignable.
*
* @var array
*/
protected $fillable = [
'identifier',
'token',
'allowed_ips',
'memo',
'last_used_at',
];
/**
* Fields that should not be included when calling toArray() or toJson()
* on this model.
*
* @var array
*/
protected $hidden = ['token'];
/**
* Rules to protect against invalid data entry to DB.
*
* @var array
*/
public static $validationRules = [
'user_id' => 'required|exists:users,id',
'key_type' => 'present|integer|min:0|max:4',
'identifier' => 'required|string|size:16|unique:api_keys,identifier',
'token' => 'required|string',
'memo' => 'required|nullable|string|max:500',
'allowed_ips' => 'nullable|array',
'allowed_ips.*' => 'string',
'last_used_at' => 'nullable|date',
'r_' . AdminAcl::RESOURCE_USERS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_DATABASE_HOSTS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_SERVER_DATABASES => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_EGGS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_LOCATIONS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_NESTS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_NODES => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_SERVERS => 'integer|min:0|max:3',
];
/**
* @var array
*/
protected $dates = [
self::CREATED_AT,
self::UPDATED_AT,
'last_used_at',
];
/**
* Returns the user this token is assigned to.
*/
public function user(): BelongsTo
{
return $this->belongsTo(User::class);
}
/**
* Required for support with Laravel Sanctum.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*
* @see \Laravel\Sanctum\Guard::supportsTokens()
*/
public function tokenable()
{
return $this->user();
}
/**
* Finds the model matching the provided token.
*
* @param string $token
*
* @return self|null
*/
public static function findToken($token)
{
$identifier = substr($token, 0, self::IDENTIFIER_LENGTH);
$model = static::where('identifier', $identifier)->first();
if (!is_null($model) && decrypt($model->token) === substr($token, strlen($identifier))) {
return $model;
}
return null;
}
/**
* Returns the standard prefix for API keys in the system.
*/
public static function getPrefixForType(int $type): string
{
Assert::oneOf($type, [self::TYPE_ACCOUNT, self::TYPE_APPLICATION]);
return $type === self::TYPE_ACCOUNT ? 'ptlc_' : 'ptla_';
}
/**
* Generates a new identifier for an API key.
*/
public static function generateTokenIdentifier(int $type): string
{
$prefix = self::getPrefixForType($type);
return $prefix . Str::random(self::IDENTIFIER_LENGTH - strlen($prefix));
}
}