Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f31a6d3967 
							
						 
					 
					
						
						
							
							Fix parameter bindings for client API routes;  closes   pterodactyl/panel#2359  
						
						
						
						
					 
					
						2020-09-27 10:39:18 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							906cfce81c 
							
						 
					 
					
						
						
							
							Don't return a 403 when returning resources for a suspended server;  closes   #2279  
						
						
						
						
					 
					
						2020-08-30 09:54:59 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							540cc82e3d 
							
						 
					 
					
						
						
							
							Don't resolve database hosts;  closes   #2237  
						
						
						
						
					 
					
						2020-08-19 20:38:51 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							61e9771333 
							
						 
					 
					
						
						
							
							Code cleanup for subuser API endpoints;  closes   #2247  
						
						
						
						
					 
					
						2020-08-19 20:21:12 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2278927fb6 
							
						 
					 
					
						
						
							
							Update allocations to support ids; protect endpoints; support notes  
						
						
						
						
					 
					
						2020-07-09 20:36:08 -07:00 
						 
				 
			
				
					
						
							
							
								DarthShmev 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							06ece0e624 
							
						 
					 
					
						
						
							
							Fix AuthenticateServerAccess middleware spelling issue.  
						
						
						
						
					 
					
						2020-07-05 15:48:02 -04:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fde8465f35 
							
						 
					 
					
						
						
							
							Show a better error when JSON data cannot be parsed in the request  
						
						
						
						
					 
					
						2020-06-30 20:05:11 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							536180ed0c 
							
						 
					 
					
						
						
							
							Return Http test cases to a passing state  
						
						
						
						
					 
					
						2020-06-23 21:59:37 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							16e14621c8 
							
						 
					 
					
						
						
							
							Better error messaging when server is suspended  
						
						
						
						
					 
					
						2020-06-22 20:22:52 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6056b6f45d 
							
						 
					 
					
						
						
							
							Show console when an admin is viewing an installing server  
						
						
						
						
					 
					
						2020-04-26 13:21:39 -07:00 
						 
				 
			
				
					
						
							
							
								Matthew Penner 
							
						 
					 
					
						
						
						
						
							
						
						
							658a959e5d 
							
						 
					 
					
						
						
							
							Fix trailing comma in DaemonAuthenticate.php, change ServerDetailsController.php to use node authentication  
						
						
						
						
					 
					
						2020-04-10 17:54:50 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2532a73425 
							
						 
					 
					
						
						
							
							Don't throw errors if bad data is sent in the header  
						
						
						
						
					 
					
						2020-04-10 15:53:19 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7557dddf49 
							
						 
					 
					
						
						
							
							Store node daemon tokens in an encrypted manner  
						
						
						
						
					 
					
						2020-04-10 15:15:38 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							be05d2df81 
							
						 
					 
					
						
						
							
							Add support for generating a signed URL for downloading a file from the daemon  
						
						
						
						
					 
					
						2020-04-04 19:54:59 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1f92a7de33 
							
						 
					 
					
						
						
							
							Authenticate that the request is coming from someone that should even know about the server  
						
						
						
						
					 
					
						2020-03-28 16:23:18 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7543ef085d 
							
						 
					 
					
						
						
							
							Format files  
						
						
						
						
					 
					
						2019-09-05 21:32:57 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							95d19bf09e 
							
						 
					 
					
						
						
							
							Update logic that handles creation of folders for a server  
						
						
						
						
					 
					
						2019-05-01 21:45:39 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0999ec93c3 
							
						 
					 
					
						
						
							
							More logic for deleting databases  
						
						
						
						
					 
					
						2018-08-25 15:07:42 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9be2aa4ca9 
							
						 
					 
					
						
						
							
							Push beginning of DB deletion stuff  
						
						
						
						
					 
					
						2018-08-25 14:43:21 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8bbe6bc279 
							
						 
					 
					
						
						
							
							Add test, fix behavior of model creation  
						
						
						
						
					 
					
						2018-07-14 22:58:33 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							550c622d3b 
							
						 
					 
					
						
						
							
							Obliterate JWT from codebase  
						
						
						
						
					 
					
						2018-07-14 22:48:09 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6336e5191f 
							
						 
					 
					
						
						
							
							Strip out JWT usage and use cookies to track the currently logged in user  
						
						
						
						
					 
					
						2018-07-14 22:42:58 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c82f273d85 
							
						 
					 
					
						
						
							
							Fix remaining broken tests  
						
						
						
						
					 
					
						2018-07-04 19:38:23 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e7faf979a1 
							
						 
					 
					
						
						
							
							Change login handling to automatically redirect a user if their session will need renewal.  
						
						
						
						
					 
					
						2018-06-16 14:05:39 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							03c83c084a 
							
						 
					 
					
						
						
							
							Revert use of cookies, go back to using a JWT  
						
						
						
						
					 
					
						2018-06-06 22:49:44 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5bcabbde35 
							
						 
					 
					
						
						
							
							Get dashboard in a more working state  
						
						
						
						
					 
					
						2018-06-05 23:42:34 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a1444b047e 
							
						 
					 
					
						
						
							
							Fix JWT handling for API access when logging in  
						
						
						
						
					 
					
						2018-05-28 14:59:48 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6e5c365018 
							
						 
					 
					
						
						
							
							Use the client API to load servers on the listing page  
						
						
						
						
					 
					
						2018-05-28 13:23:40 -07:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ad69193ac0 
							
						 
					 
					
						
						
							
							Add JWT to login forms  
						
						
						
						
					 
					
						2018-05-28 12:48:42 -07:00 
						 
				 
			
				
					
						
							
							
								Lance Pioch 
							
						 
					 
					
						
						
						
						
							
						
						
							e2dc0638d9 
							
						 
					 
					
						
						
							
							Fix app/ spelling errors  
						
						
						
						
					 
					
						2018-05-13 11:12:41 -04:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ef371a508d 
							
						 
					 
					
						
						
							
							Change check on debugbar to use debug not environment  
						
						
						
						
					 
					
						2018-03-10 12:03:23 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8f72571895 
							
						 
					 
					
						
						
							
							Fix IP access middleware  
						
						
						
						
					 
					
						2018-02-28 23:39:59 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							cef3e4ced4 
							
						 
					 
					
						
						
							
							Add base routes for managing servers as a client  
						
						
						
						
					 
					
						2018-02-27 21:28:43 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9a32b9fd03 
							
						 
					 
					
						
						
							
							Merge branch 'develop' into feature/client-api  
						
						
						
						
					 
					
						2018-02-27 21:04:18 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							23e07689a7 
							
						 
					 
					
						
						
							
							Handle 404 errors in API bindings correctly to avoid explosing that a resource exists before validating a key  
						
						
						
						
					 
					
						2018-02-27 21:04:04 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e28973bcae 
							
						 
					 
					
						
						
							
							Move everything around as needed to get things setup for the client API  
						
						
						
						
					 
					
						2018-02-25 15:30:56 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5b6d3b8325 
							
						 
					 
					
						
						
							
							Slightly more clear errors  
						
						
						
						
					 
					
						2018-02-24 12:27:41 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2ec76d283b 
							
						 
					 
					
						
						
							
							Fix bad API behavior  
						
						
						
						
					 
					
						2018-02-04 15:38:38 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8afced3410 
							
						 
					 
					
						
						
							
							Add nests & eggs  
						
						... 
						
						
						
						Cleanup middleware handling and parameters on controllers... 
						
						
					 
					
						2018-01-27 12:38:56 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							de07b3cc7f 
							
						 
					 
					
						
						
							
							Add server database management support to API.  
						
						
						
						
					 
					
						2018-01-25 22:34:53 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3e327b8b0e 
							
						 
					 
					
						
						
							
							Use more logical route binding to not reveal resources on the API unless authenticated.  
						
						
						
						
					 
					
						2018-01-20 15:33:04 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0e7f8cedf0 
							
						 
					 
					
						
						
							
							Reorganize API files  
						
						
						
						
					 
					
						2018-01-19 19:58:57 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c3b9738364 
							
						 
					 
					
						
						
							
							Implement application API Keys  
						
						
						
						
					 
					
						2018-01-18 21:36:15 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f9fc3f4370 
							
						 
					 
					
						
						
							
							Update interface to begin change to seperate account API keys and application keys  
						
						... 
						
						
						
						Main difference is permissions, cleaner UI for normal users, and account keys use permissions assigned to servers and subusers while application keys use R/W ACLs stored in the key table. 
						
						
					 
					
						2018-01-14 13:30:55 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ad3a954256 
							
						 
					 
					
						
						
							
							Rename APIKey to ApiKey  
						
						
						
						
					 
					
						2018-01-14 12:06:15 -06:00 
						 
				 
			
				
					
						
							
							
								Dane Everitt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e3df0738da 
							
						 
					 
					
						
						
							
							Change the way API keys are stored and validated; clarify API namespacing  
						
						... 
						
						
						
						Previously, a single key was used to access the API, this has not changed in terms of what the user sees. However, API keys now use an identifier and token internally. The identifier is the first 16 characters of the key, and the token is the remaining 32. The token is stored encrypted at rest in the database and the identifier is used by the API middleware to grab that record and make a timing attack safe comparison. 
						
						
					 
					
						2018-01-13 16:06:19 -06:00