Add base support for creating a new API key for an account

Author: DaneEveritt

app/Http/Controllers/Api/Client/ApiKeyController.php

@@ -0,0 +1,86 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Api\Client;
+
+use Pterodactyl\Models\ApiKey;
+use Pterodactyl\Exceptions\DisplayException;
+use Illuminate\Contracts\Encryption\Encrypter;
+use Pterodactyl\Services\Api\KeyCreationService;
+use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
+use Pterodactyl\Transformers\Api\Client\ApiKeyTransformer;
+use Pterodactyl\Http\Requests\Api\Client\Account\StoreApiKeyRequest;
+
+class ApiKeyController extends ClientApiController
+{
+    /**
+     * @var \Pterodactyl\Services\Api\KeyCreationService
+     */
+    private $keyCreationService;
+
+    /**
+     * @var \Illuminate\Contracts\Encryption\Encrypter
+     */
+    private $encrypter;
+
+    /**
+     * ApiKeyController constructor.
+     *
+     * @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
+     * @param \Pterodactyl\Services\Api\KeyCreationService $keyCreationService
+     */
+    public function __construct(Encrypter $encrypter, KeyCreationService $keyCreationService)
+    {
+        parent::__construct();
+
+        $this->encrypter = $encrypter;
+        $this->keyCreationService = $keyCreationService;
+    }
+
+    /**
+     * Returns all of the API keys that exist for the given client.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Client\ClientApiRequest $request
+     * @return array
+     */
+    public function index(ClientApiRequest $request)
+    {
+        return $this->fractal->collection($request->user()->apiKeys)
+            ->transformWith($this->getTransformer(ApiKeyTransformer::class))
+            ->toArray();
+    }
+
+    /**
+     * Store a new API key for a user's account.
+     *
+     * @param \Pterodactyl\Http\Requests\Api\Client\Account\StoreApiKeyRequest $request
+     * @return array
+     *
+     * @throws \Pterodactyl\Exceptions\DisplayException
+     * @throws \Pterodactyl\Exceptions\Model\DataValidationException
+     */
+    public function store(StoreApiKeyRequest $request)
+    {
+        if ($request->user()->apiKeys->count() >= 5) {
+            throw new DisplayException(
+                'You have reached the account limit for number of API keys.'
+            );
+        }
+
+        $key = $this->keyCreationService->setKeyType(ApiKey::TYPE_ACCOUNT)->handle([
+            'user_id' => $request->user()->id,
+            'memo' => $request->input('description'),
+            'allowed_ips' => $request->input('allowed_ips') ?? [],
+        ]);
+
+        return $this->fractal->item($key)
+            ->transformWith($this->getTransformer(ApiKeyTransformer::class))
+            ->addMeta([
+                'secret_token' => $this->encrypter->decrypt($key->token),
+            ])
+            ->toArray();
+    }
+
+    public function delete()
+    {
+    }
+}

app/Http/Requests/Api/Client/Account/StoreApiKeyRequest.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Pterodactyl\Http\Requests\Api\Client\Account;
+
+use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
+
+class StoreApiKeyRequest extends ClientApiRequest
+{
+    /**
+     * @return array
+     */
+    public function rules(): array
+    {
+        return [
+            'description' => 'required|string|min:4',
+            'allowed_ips' => 'array',
+            'allowed_ips.*' => 'ip',
+        ];
+    }
+}

app/Models/ApiKey.php

@@ -4,8 +4,22 @@
 
 use Pterodactyl\Services\Acl\Api\AdminAcl;
 
+/**
+ * @property int $id
+ * @property int $user_id
+ * @property int $key_type
+ * @property string $identifier
+ * @property string $token
+ * @property array $allowed_ips
+ * @property string $memo
+ * @property \Carbon\Carbon|null $last_used_at
+ * @property \Carbon\Carbon $created_at
+ * @property \Carbon\Carbon $updated_at
+ */
 class ApiKey extends Validable
 {
+    const RESOURCE_NAME = 'api_key';
+
     /**
      * Different API keys that can exist on the system.
      */

app/Models/User.php

@@ -36,6 +36,7 @@
  * @property \Carbon\Carbon $updated_at
  *
  * @property string $name
+ * @property \Pterodactyl\Models\ApiKey[]|\Illuminate\Database\Eloquent\Collection $apiKeys
  * @property \Pterodactyl\Models\Permission[]|\Illuminate\Database\Eloquent\Collection $permissions
  * @property \Pterodactyl\Models\Server[]|\Illuminate\Database\Eloquent\Collection $servers
  * @property \Pterodactyl\Models\Subuser[]|\Illuminate\Database\Eloquent\Collection $subuserOf
@@ -258,4 +259,13 @@ public function keys()
     {
         return $this->hasMany(DaemonKey::class);
     }
+
+    /**
+     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     */
+    public function apiKeys()
+    {
+        return $this->hasMany(ApiKey::class)
+            ->where('key_type', ApiKey::TYPE_ACCOUNT);
+    }
 }

app/Services/Api/KeyCreationService.php

@@ -72,8 +72,6 @@ public function handle(array $data, array $permissions = []): ApiKey
             $data = array_merge($data, $permissions);
         }
 
-        $instance = $this->repository->create($data, true, true);
-
-        return $instance;
+        return $this->repository->create($data, true, true);
     }
 }

app/Transformers/Api/Client/ApiKeyTransformer.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace Pterodactyl\Transformers\Api\Client;
+
+use Pterodactyl\Models\ApiKey;
+
+class ApiKeyTransformer extends BaseClientTransformer
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function getResourceName(): string
+    {
+        return ApiKey::RESOURCE_NAME;
+    }
+
+    /**
+     * Transform this model into a representation that can be consumed by a client.
+     *
+     * @param \Pterodactyl\Models\ApiKey $model
+     * @return array
+     */
+    public function transform(ApiKey $model)
+    {
+        return [
+            'identifier' => $model->identifier,
+            'description' => $model->memo,
+            'allowed_ips' => $model->allowed_ips,
+            'last_used_at' => $model->last_used_at ? $model->last_used_at->toIso8601String() : null,
+            'created_at' => $model->created_at->toIso8601String(),
+        ];
+    }
+}

package.json

@@ -43,6 +43,7 @@
     "devDependencies": {
         "@babel/core": "^7.7.5",
         "@babel/plugin-proposal-class-properties": "^7.7.4",
+        "@babel/plugin-proposal-nullish-coalescing-operator": "^7.8.3",
         "@babel/plugin-proposal-object-rest-spread": "^7.7.4",
         "@babel/plugin-proposal-optional-chaining": "^7.8.3",
         "@babel/plugin-syntax-dynamic-import": "^7.7.4",

resources/scripts/api/account/createApiKey.ts

@@ -0,0 +1,17 @@
+import http from '@/api/http';
+import { ApiKey, rawDataToApiKey } from '@/api/account/getApiKeys';
+
+export default (description: string, allowedIps: string): Promise<ApiKey & { secretToken: string }> => {
+    return new Promise((resolve, reject) => {
+        http.post(`/api/client/account/api-keys`, {
+            description,
+            // eslint-disable-next-line @typescript-eslint/camelcase
+            allowed_ips: allowedIps.length > 0 ? allowedIps.split('\n') : [],
+        })
+            .then(({ data }) => resolve({
+                ...rawDataToApiKey(data.attributes),
+                secretToken: data.meta?.secret_token ?? '',
+            }))
+            .catch(reject);
+    });
+};

resources/scripts/api/account/getApiKeys.ts

@@ -0,0 +1,25 @@
+import http from '@/api/http';
+
+export interface ApiKey {
+    identifier: string;
+    description: string;
+    allowedIps: string[];
+    createdAt: Date | null;
+    lastUsedAt: Date | null;
+}
+
+export const rawDataToApiKey = (data: any): ApiKey => ({
+    identifier: data.identifier,
+    description: data.description,
+    allowedIps: data.allowed_ips,
+    createdAt: data.created_at ? new Date(data.created_at) : null,
+    lastUsedAt: data.last_used_at ? new Date(data.last_used_at) : null,
+});
+
+export default (): Promise<ApiKey[]> => {
+    return new Promise((resolve, reject) => {
+        http.get('/api/client/account/api-keys')
+            .then(({ data }) => resolve((data.data || []).map(rawDataToApiKey)))
+            .catch(reject);
+    });
+};

resources/scripts/components/dashboard/AccountApiContainer.tsx

@@ -0,0 +1,16 @@
+import React from 'react';
+import ContentBox from '@/components/elements/ContentBox';
+import CreateApiKeyForm from '@/components/dashboard/forms/CreateApiKeyForm';
+
+export default () => {
+    return (
+        <div className={'my-10 flex'}>
+            <ContentBox title={'Create API Key'} className={'flex-1'} showFlashes={'account'}>
+                <CreateApiKeyForm/>
+            </ContentBox>
+            <ContentBox title={'API Keys'} className={'ml-10 flex-1'}>
+                <p>Testing</p>
+            </ContentBox>
+        </div>
+    );
+};