Add initial basic API changes

New route is `/api/me`

Author: DaneEveritt

app/Http/Controllers/API/User/InfoController.php

@@ -0,0 +1,58 @@
+<?php
+/**
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+namespace Pterodactyl\Http\Controllers\API\User;
+
+use Auth;
+use Dingo;
+use Pterodactyl\Models;
+use Illuminate\Http\Request;
+
+use Pterodactyl\Http\Controllers\API\BaseController;
+
+class InfoController extends BaseController
+{
+    public function me(Request $request)
+    {
+        $servers = Models\Server::getUserServers();
+        $response = [];
+
+        foreach($servers as &$server) {
+            $response = array_merge($response, [[
+                'id' => $server->uuidShort,
+                'uuid' => $server->uuid,
+                'name' => $server->name,
+                'node' => $server->nodeName,
+                'ip' => [
+                    'set' => $server->ip,
+                    'alias' => $server->ip_alias
+                ],
+                'port' => $server->port,
+                'service' => $server->a_serviceName,
+                'option' => $server->a_serviceOptionName
+            ]]);
+        }
+
+        return $response;
+    }
+}

app/Http/Controllers/API/User/PowerController.php

@@ -0,0 +1,39 @@
+<?php
+/**
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+namespace Pterodactyl\Http\Controllers\API\User;
+
+use Pterodactyl\Models;
+use Illuminate\Http\Request;
+
+class PowerController extends BaseController
+{
+    public function __constructor()
+    {
+    }
+
+    public function pass(Request $request, $uuid)
+    {
+        //$server = Models\Server::where('id', $id)->where();
+    }
+}

app/Http/Controllers/Base/APIController.php

@@ -0,0 +1,60 @@
+<?php
+/**
+ * Pterodactyl - Panel
+ * Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
+ * Some Modifications (c) 2015 Dylan Seidt <dylan.seidt@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+namespace Pterodactyl\Http\Controllers\Base;
+
+use Alert;
+
+use Pterodactyl\Models;
+
+use Pterodactyl\Exceptions\DisplayException;
+use Pterodactyl\Http\Controllers\Controller;
+
+use Illuminate\Http\Request;
+
+class APIController extends Controller
+{
+    public function index(Request $request)
+    {
+        $keys = Models\APIKey::where('user', $request->user()->id)->get();
+        foreach($keys as &$key) {
+            $key->permissions = Models\APIPermission::where('key_id', $key->id)->get();
+        }
+
+        return view('base.api.index', [
+            'keys' => $keys
+        ]);
+
+    }
+
+    public function new(Request $request)
+    {
+        return view('base.api.new');
+    }
+
+    public function save(Request $request)
+    {
+
+    }
+}

app/Http/Middleware/APISecretToken.php

@@ -23,12 +23,15 @@
  */
 namespace Pterodactyl\Http\Middleware;
 
+use Auth;
 use Crypt;
+use Config;
 use IPTools\IP;
 use IPTools\Range;
 
 use Pterodactyl\Models\APIKey;
 use Pterodactyl\Models\APIPermission;
+use Pterodactyl\Models\User;
 use Pterodactyl\Services\APILogService;
 
 use Illuminate\Http\Request;
@@ -51,7 +54,7 @@ class APISecretToken extends Authorization
 
     public function __construct()
     {
-        //
+        Config::set('session.driver', 'array');
     }
 
     public function getAuthorizationMethod()
@@ -90,14 +93,11 @@ public function authenticate(Request $request, Route $route)
                 }
             }
 
-            foreach(APIPermission::where('key_id', $key->id)->get() as &$row) {
-                if ($row->permission === '*' || $row->permission === $request->route()->getName()) {
-                    $this->permissionAllowed = true;
-                    continue;
-                }
-            }
-
-            if (!$this->permissionAllowed) {
+            $permission = APIPermission::where('key_id', $key->id)
+                            ->where('permission', $request->route()->getName())
+                            ->orWhere('permission', '*')
+                            ->first();
+            if (!$permission) {
                 APILogService::log($request, 'You do not have permission to access this resource.');
                 throw new AccessDeniedHttpException('You do not have permission to access this resource.');
             }
@@ -118,7 +118,7 @@ public function authenticate(Request $request, Route $route)
 
         // Log the Route Access
         APILogService::log($request, null, true);
-        return true;
+        return Auth::loginUsingId($key->user);
 
     }
 

app/Http/Routes/APIRoutes.php

@@ -32,130 +32,137 @@ class APIRoutes
     public function map(Router $router) {
 
         $api = app('Dingo\Api\Routing\Router');
-        $api->version('v1', ['middleware' => 'api.auth'], function ($api) {
+        $api->version('v1', ['prefix' => 'api/me', 'middleware' => 'api.auth'], function ($api) {
+            $api->get('/', [
+                'as' => 'api.user',
+                'uses' => 'Pterodactyl\Http\Controllers\API\User\InfoController@me'
+            ]);
+        });
+
+        $api->version('v1', ['prefix' => 'api', 'middleware' => 'api.auth'], function ($api) {
 
             /**
              * User Routes
              */
             $api->get('users', [
-                'as' => 'api.users.list',
+                'as' => 'api.admin.users.list',
                 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@list'
             ]);
 
             $api->post('users', [
-                'as' => 'api.users.create',
+                'as' => 'api.admin.users.create',
                 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@create'
             ]);
 
             $api->get('users/{id}', [
-                'as' => 'api.users.view',
+                'as' => 'api.admin.users.view',
                 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@view'
             ]);
 
             $api->patch('users/{id}', [
-                'as' => 'api.users.update',
+                'as' => 'api.admin.users.update',
                 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@update'
             ]);
 
             $api->delete('users/{id}', [
-                'as' => 'api.users.delete',
+                'as' => 'api.admin.users.delete',
                 'uses' => 'Pterodactyl\Http\Controllers\API\UserController@delete'
             ]);
 
             /**
              * Server Routes
              */
             $api->get('servers', [
-                'as' => 'api.servers.list',
+                'as' => 'api.admin.servers.list',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@list'
             ]);
 
             $api->post('servers', [
-                'as' => 'api.servers.create',
+                'as' => 'api.admin.servers.create',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@create'
             ]);
 
             $api->get('servers/{id}', [
-                'as' => 'api.servers.view',
+                'as' => 'api.admin.servers.view',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@view'
             ]);
 
             $api->patch('servers/{id}/config', [
-                'as' => 'api.servers.config',
+                'as' => 'api.admin.servers.config',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@config'
             ]);
 
             $api->patch('servers/{id}/build', [
-                'as' => 'api.servers.build',
+                'as' => 'api.admin.servers.build',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@build'
             ]);
 
             $api->post('servers/{id}/suspend', [
-                'as' => 'api.servers.suspend',
+                'as' => 'api.admin.servers.suspend',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@suspend'
             ]);
 
             $api->post('servers/{id}/unsuspend', [
-                'as' => 'api.servers.unsuspend',
+                'as' => 'api.admin.servers.unsuspend',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@unsuspend'
             ]);
 
             $api->delete('servers/{id}/{force?}', [
-                'as' => 'api.servers.delete',
+                'as' => 'api.admin.servers.delete',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServerController@delete'
             ]);
 
             /**
              * Node Routes
              */
             $api->get('nodes', [
-                'as' => 'api.nodes.list',
+                'as' => 'api.admin.nodes.list',
                 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@list'
             ]);
 
             $api->post('nodes', [
-                'as' => 'api.nodes.create',
+                'as' => 'api.admin.nodes.create',
                 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@create'
             ]);
 
             $api->get('nodes/allocations', [
-                'as' => 'api.nodes.allocations',
+                'as' => 'api.admin.nodes.allocations',
                 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@allocations'
             ]);
 
             $api->get('nodes/{id}', [
-                'as' => 'api.nodes.view',
+                'as' => 'api.admin.nodes.view',
                 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@view'
             ]);
 
             $api->get('nodes/{id}/config', [
-                'as' => 'api.nodes.view',
+                'as' => 'api.admin.nodes.view',
                 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@config'
             ]);
 
             $api->delete('nodes/{id}', [
-                'as' => 'api.nodes.delete',
+                'as' => 'api.admin.nodes.delete',
                 'uses' => 'Pterodactyl\Http\Controllers\API\NodeController@delete'
             ]);
 
             /**
              * Location Routes
              */
             $api->get('locations', [
-                'as' => 'api.locations.list',
+                'as' => 'api.admin.locations.list',
                 'uses' => 'Pterodactyl\Http\Controllers\API\LocationController@list'
             ]);
 
             /**
              * Service Routes
              */
             $api->get('services', [
-                'as' => 'api.services.list',
+                'as' => 'api.admin.services.list',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@list'
             ]);
 
             $api->get('services/{id}', [
-                'as' => 'api.services.view',
+                'as' => 'api.admin.services.view',
                 'uses' => 'Pterodactyl\Http\Controllers\API\ServiceController@view'
             ]);