Skip to content

Commit 7cf7a5a

Browse files
DaneEverittDaneEveritt
committed
Split account things into own controllers.
1 parent 073ef63 commit 7cf7a5a

File tree

5 files changed

+255
-188
lines changed

5 files changed

+255
-188
lines changed

app/Http/Controllers/Base/AccountController.php

Lines changed: 108 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
<?php
2+
/**
3+
* Pterodactyl - Panel
4+
* Copyright (c) 2015 - 2016 Dane Everitt <dane@daneeveritt.com>
5+
* Some Modifications (c) 2015 Dylan Seidt <dylan.seidt@gmail.com>
6+
*
7+
* Permission is hereby granted, free of charge, to any person obtaining a copy
8+
* of this software and associated documentation files (the "Software"), to deal
9+
* in the Software without restriction, including without limitation the rights
10+
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11+
* copies of the Software, and to permit persons to whom the Software is
12+
* furnished to do so, subject to the following conditions:
13+
*
14+
* The above copyright notice and this permission notice shall be included in all
15+
* copies or substantial portions of the Software.
16+
*
17+
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18+
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19+
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20+
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21+
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22+
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23+
* SOFTWARE.
24+
*/
25+
namespace Pterodactyl\Http\Controllers\Base;
26+
27+
use Alert;
28+
29+
use Pterodactyl\Exceptions\DisplayException;
30+
use Pterodactyl\Http\Controllers\Controller;
31+
32+
use Illuminate\Http\Request;
33+
34+
class AccountController extends Controller
35+
{
36+
/**
37+
* Display base account information page.
38+
*
39+
* @param \Illuminate\Http\Request $request
40+
* @return \Illuminate\Contracts\View\View
41+
*/
42+
public function index(Request $request)
43+
{
44+
return view('base.account');
45+
}
46+
47+
/**
48+
* Update an account email.
49+
*
50+
* @param \Illuminate\Http\Request $request
51+
* @return \Illuminate\Http\Response
52+
*/
53+
public function email(Request $request)
54+
{
55+
56+
$this->validate($request, [
57+
'new_email' => 'required|email',
58+
'password' => 'required'
59+
]);
60+
61+
$user = $request->user();
62+
63+
if (!password_verify($request->input('password'), $user->password)) {
64+
Alert::danger('The password provided was not valid for this account.')->flash();
65+
return redirect()->route('account');
66+
}
67+
68+
$user->email = $request->input('new_email');
69+
$user->save();
70+
71+
Alert::success('Your email address has successfully been updated.')->flash();
72+
return redirect()->route('account');
73+
74+
}
75+
76+
/**
77+
* Update an account password.
78+
*
79+
* @param \Illuminate\Http\Request $request
80+
* @return \Illuminate\Http\Response
81+
*/
82+
public function password(Request $request)
83+
{
84+
85+
$this->validate($request, [
86+
'current_password' => 'required',
87+
'new_password' => 'required|confirmed|different:current_password|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
88+
'new_password_confirmation' => 'required'
89+
]);
90+
91+
$user = $request->user();
92+
93+
if (!password_verify($request->input('current_password'), $user->password)) {
94+
Alert::danger('The password provided was not valid for this account.')->flash();
95+
return redirect()->route('account');
96+
}
97+
98+
try {
99+
$user->setPassword($request->input('new_password'));
100+
Alert::success('Your password has successfully been updated.')->flash();
101+
} catch (DisplayException $e) {
102+
Alert::danger($e->getMessage())->flash();
103+
}
104+
105+
return redirect()->route('account');
106+
107+
}
108+
}

app/Http/Controllers/Base/IndexController.php

Lines changed: 3 additions & 174 deletions
Original file line numberDiff line numberDiff line change
@@ -24,15 +24,9 @@
2424
*/
2525
namespace Pterodactyl\Http\Controllers\Base;
2626

27-
use Auth;
28-
use Hash;
29-
use Google2FA;
30-
use Alert;
31-
32-
use Pterodactyl\Models;
33-
use Pterodactyl\Exceptions\DisplayException;
34-
27+
use Pterodactyl\Models\Server;
3528
use Pterodactyl\Http\Controllers\Controller;
29+
3630
use Illuminate\Http\Request;
3731

3832
class IndexController extends Controller
@@ -55,7 +49,7 @@ public function __construct()
5549
public function getIndex(Request $request)
5650
{
5751
return view('base.index', [
58-
'servers' => Models\Server::getUserServers(10),
52+
'servers' => Server::getUserServers(10),
5953
]);
6054
}
6155

@@ -71,169 +65,4 @@ public function getPassword(Request $request, $length = 16)
7165
return str_random($length);
7266
}
7367

74-
/**
75-
* Returns Security Management Page.
76-
*
77-
* @param \Illuminate\Http\Request $request
78-
* @return \Illuminate\Contracts\View\View
79-
*/
80-
public function getAccountSecurity(Request $request)
81-
{
82-
return view('base.security', [
83-
'sessions' => Models\Session::where('user_id', Auth::user()->id)->get()
84-
]);
85-
}
86-
87-
/**
88-
* Generates TOTP Secret and returns popup data for user to verify
89-
* that they can generate a valid response.
90-
*
91-
* @param \Illuminate\Http\Request $request
92-
* @return \Illuminate\Contracts\View\View
93-
*/
94-
public function putAccountTotp(Request $request)
95-
{
96-
97-
$user = $request->user();
98-
99-
$user->totp_secret = Google2FA::generateSecretKey();
100-
$user->save();
101-
102-
return response()->json([
103-
'qrImage' => Google2FA::getQRCodeGoogleUrl(
104-
'Pterodactyl',
105-
$user->email,
106-
$user->totp_secret
107-
),
108-
'secret' => $user->totp_secret
109-
]);
110-
111-
}
112-
113-
/**
114-
* Verifies that 2FA token recieved is valid and will work on the account.
115-
*
116-
* @param \Illuminate\Http\Request $request
117-
* @return \Illuminate\Http\Response
118-
*/
119-
public function postAccountTotp(Request $request)
120-
{
121-
122-
if (!$request->has('token')) {
123-
return response(null, 500);
124-
}
125-
126-
$user = $request->user();
127-
if($user->toggleTotp($request->input('token'))) {
128-
return response('true');
129-
}
130-
131-
return response('false');
132-
133-
}
134-
135-
/**
136-
* Disables TOTP on an account.
137-
*
138-
* @param \Illuminate\Http\Request $request
139-
* @return \Illuminate\Http\Response
140-
*/
141-
public function deleteAccountTotp(Request $request)
142-
{
143-
144-
if (!$request->has('token')) {
145-
Alert::danger('Missing required `token` field in request.')->flash();
146-
return redirect()->route('account.totp');
147-
}
148-
149-
$user = $request->user();
150-
if($user->toggleTotp($request->input('token'))) {
151-
return redirect()->route('account.totp');
152-
}
153-
154-
Alert::danger('The TOTP token provided was invalid.')->flash();
155-
return redirect()->route('account.totp');
156-
157-
}
158-
159-
/**
160-
* Display base account information page.
161-
*
162-
* @param \Illuminate\Http\Request $request
163-
* @return \Illuminate\Contracts\View\View
164-
*/
165-
public function getAccount(Request $request)
166-
{
167-
return view('base.account');
168-
}
169-
170-
/**
171-
* Update an account email.
172-
*
173-
* @param \Illuminate\Http\Request $request
174-
* @return \Illuminate\Http\Response
175-
*/
176-
public function postAccountEmail(Request $request)
177-
{
178-
179-
$this->validate($request, [
180-
'new_email' => 'required|email',
181-
'password' => 'required'
182-
]);
183-
184-
$user = $request->user();
185-
186-
if (!password_verify($request->input('password'), $user->password)) {
187-
Alert::danger('The password provided was not valid for this account.')->flash();
188-
return redirect()->route('account');
189-
}
190-
191-
$user->email = $request->input('new_email');
192-
$user->save();
193-
194-
Alert::success('Your email address has successfully been updated.')->flash();
195-
return redirect()->route('account');
196-
197-
}
198-
199-
/**
200-
* Update an account password.
201-
*
202-
* @param \Illuminate\Http\Request $request
203-
* @return \Illuminate\Http\Response
204-
*/
205-
public function postAccountPassword(Request $request)
206-
{
207-
208-
$this->validate($request, [
209-
'current_password' => 'required',
210-
'new_password' => 'required|confirmed|different:current_password|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
211-
'new_password_confirmation' => 'required'
212-
]);
213-
214-
$user = $request->user();
215-
216-
if (!password_verify($request->input('current_password'), $user->password)) {
217-
Alert::danger('The password provided was not valid for this account.')->flash();
218-
return redirect()->route('account');
219-
}
220-
221-
try {
222-
$user->setPassword($request->input('new_password'));
223-
Alert::success('Your password has successfully been updated.')->flash();
224-
} catch (DisplayException $e) {
225-
Alert::danger($e->getMessage())->flash();
226-
}
227-
228-
return redirect()->route('account');
229-
230-
}
231-
232-
public function getRevokeSession(Request $request, $id)
233-
{
234-
$session = Models\Session::where('id', $id)->where('user_id', Auth::user()->id)->firstOrFail();
235-
$session->delete();
236-
return redirect()->route('account.security');
237-
}
238-
23968
}

0 commit comments

Comments
 (0)