File tree Expand file tree Collapse file tree 2 files changed +6
-9
lines changed
app/Http/Controllers/Api/Client
tests/Integration/Api/Client Expand file tree Collapse file tree 2 files changed +6
-9
lines changed Original file line number Diff line number Diff line change @@ -26,14 +26,10 @@ public function index(ClientApiRequest $request)
2626
2727 /**
2828 * Store a new API key for a user's account.
29- *
30- * @return array
31- *
32- * @throws \Pterodactyl\Exceptions\DisplayException
3329 */
34- public function store (StoreApiKeyRequest $ request
30+ public function store (StoreApiKeyRequest $ request: array
3531 {
36- if ($ requestuser ()->apiKeys ->count () >= 5 ) {
32+ if ($ requestuser ()->apiKeys ->count () >= 25 ) {
3733 throw new DisplayException ('You have reached the account limit for number of API keys. ' );
3834 }
3935
Original file line number Diff line number Diff line change @@ -96,16 +96,17 @@ public function testApiKeyCannotSpecifyMoreThanFiftyIps()
9696 }
9797
9898 /**
99- * Test that no more than 5 API keys can exist at any one time for an account. This prevents
99+ * Test that no more than 25 API keys can exist at any one time for an account. This prevents
100100 * a DoS attack vector against the panel.
101101 *
102102 * @see https://github.com/pterodactyl/panel/security/advisories/GHSA-pjmh-7xfm-r4x9
103+ * @see https://github.com/pterodactyl/panel/issues/4394
103104 */
104- public function testNoMoreThanFiveApiKeysCanBeCreatedForAnAccount ()
105+ public function testApiKeyLimitIsApplied ()
105106 {
106107 /** @var \Pterodactyl\Models\User $user */
107108 $ userfactory ()->create ();
108- ApiKey::factory ()->times (5 )->for ($ usercreate ([
109+ ApiKey::factory ()->times (25 )->for ($ usercreate ([
109110 'key_type ' => ApiKey::TYPE_ACCOUNT ,
110111 ]);
111112
You can’t perform that action at this time.
0 commit comments