panel/app/Http/Controllers/API/AuthController.php at 98b3355158b8b97abbb56cfdcc549a0e8c759b0f · ghzhost/panel · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php

namespace Pterodactyl\Http\Controllers\API;

use JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;

use Illuminate\Http\Request;
use \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use \Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException;

use Pterodactyl\Transformers\UserTransformer;
use Pterodactyl\Models;

/**
 * @Resource("Auth", uri="/auth")
 */
class AuthController extends BaseController
{

    /**
     * Authenticate
     *
     * Authenticate with the API to recieved a JSON Web Token
     *
     * @Post("/login")
     * @Versions({"v1"})
     * @Request({"email": "e@mail.com", "password": "soopersecret"})
     * @Response(200, body={"token": "<jwt-token>"})
     */
    public function postLogin(Request $request) {
        $credentials = $request->only('email', 'password');

        try {
            $token = JWTAuth::attempt($credentials, [
                'permissions' => [
                    'view_users' => true,
                    'edit_users' => true,
                    'delete_users' => false,
                ]
            ]);
            if (!$token) {
                throw new UnauthorizedHttpException('');
            }
        } catch (JWTException $ex) {
            throw new ServiceUnavailableHttpException('');
        }

        return compact('token');
    }

    /**
     * Check if Authenticated
     *
     * @Post("/validate")
     * @Versions({"v1"})
     * @Request(headers={"Authorization": "Bearer <jwt-token>"})
     * @Response(204);
     */
    public function postValidate(Request $request) {
        return $this->response->noContent();
    }

}