diff --git a/app/Providers/Blueprint/RouteServiceProvider.php b/app/Providers/Blueprint/RouteServiceProvider.php new file mode 100644 index 0000000..36f5ca4 --- /dev/null +++ b/app/Providers/Blueprint/RouteServiceProvider.php @@ -0,0 +1,45 @@ +routes(function () { + /* Blueprint web routes */ + Route::middleware('blueprint') + ->prefix('/extensions') + ->group(base_path('routes/blueprint/web.php')); + + /* Blueprint API routes */ + Route::middleware(['blueprint/api', RequireTwoFactorAuthentication::class])->group(function () { + /* Application API */ + Route::middleware(['blueprint/application-api', 'throttle:api.application']) + ->prefix('/api/application/extensions') + ->scopeBindings() + ->group(base_path('routes/blueprint/application.php')); + /* Client API */ + Route::middleware(['blueprint/client-api', 'throttle:api.client']) + ->prefix('/api/client/extensions') + ->scopeBindings() + ->group(base_path('routes/blueprint/client.php')); + }); + + /* Blueprint admin routes */ + Route::middleware(['web', 'auth.session', RequireTwoFactorAuthentication::class, AdminAuthenticate::class]) + ->prefix('/admin') + ->group(base_path('routes/blueprint.php')); + }); + } +} diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php deleted file mode 100644 index 0603dc1..0000000 --- a/app/Providers/RouteServiceProvider.php +++ /dev/null @@ -1,130 +0,0 @@ -configureRateLimiting(); - - // Disable trimming string values when requesting file information — it isn't helpful - // and messes up the ability to actually open a directory that ends with a space. - TrimStrings::skipWhen(function (Request $request) { - return preg_match(self::FILE_PATH_REGEX, $request->getPathInfo()) === 1; - }); - - // This is needed to make use of the "resolveRouteBinding" functionality in the - // model. Without it you'll never trigger that logic flow thus resulting in a 404 - // error because we request databases with a HashID, and not with a normal ID. - Route::model('database', Database::class); - - $this->routes(function () { - /* Blueprint web routes */ - Route::middleware('blueprint') - ->prefix('/extensions') - ->group(base_path('routes/blueprint/web.php')); - - /* Blueprint API routes */ - Route::middleware(['blueprint/api', RequireTwoFactorAuthentication::class])->group(function () { - /* Application API */ - Route::middleware(['blueprint/application-api', 'throttle:api.application']) - ->prefix('/api/application/extensions') - ->scopeBindings() - ->group(base_path('routes/blueprint/application.php')); - /* Client API */ - Route::middleware(['blueprint/client-api', 'throttle:api.client']) - ->prefix('/api/client/extensions') - ->scopeBindings() - ->group(base_path('routes/blueprint/client.php')); - }); - - Route::middleware('web')->group(function () { - Route::middleware(['auth.session', RequireTwoFactorAuthentication::class]) - ->group(base_path('routes/base.php')); - - Route::middleware(['auth.session', RequireTwoFactorAuthentication::class, AdminAuthenticate::class]) - ->prefix('/admin') - ->group(base_path('routes/admin.php')) - ->group(base_path('routes/blueprint.php')); // Import Blueprint admin routes - - Route::middleware('guest')->prefix('/auth')->group(base_path('routes/auth.php')); - }); - - Route::middleware(['api', RequireTwoFactorAuthentication::class])->group(function () { - Route::middleware(['application-api', 'throttle:api.application']) - ->prefix('/api/application') - ->scopeBindings() - ->group(base_path('routes/api-application.php')); - - Route::middleware(['client-api', 'throttle:api.client']) - ->prefix('/api/client') - ->scopeBindings() - ->group(base_path('routes/api-client.php')); - }); - - Route::middleware('daemon') - ->prefix('/api/remote') - ->scopeBindings() - ->group(base_path('routes/api-remote.php')); - }); - } - - /** - * Configure the rate limiters for the application. - */ - protected function configureRateLimiting(): void - { - // Authentication rate limiting. For login and checkpoint endpoints we'll apply - // a limit of 10 requests per minute, for the forgot password endpoint apply a - // limit of two per minute for the requester so that there is less ability to - // trigger email spam. - RateLimiter::for('authentication', function (Request $request) { - if ($request->route()->named('auth.post.forgot-password')) { - return Limit::perMinute(2)->by($request->ip()); - } - - return Limit::perMinute(10); - }); - - // Configure the throttles for both the application and client APIs below. - // This is configurable per-instance in "config/http.php". By default this - // limiter will be tied to the specific request user, and falls back to the - // request IP if there is no request user present for the key. - // - // This means that an authenticated API user cannot use IP switching to get - // around the limits. - RateLimiter::for('api.client', function (Request $request) { - $key = optional($request->user())->uuid ?: $request->ip(); - - return Limit::perMinutes( - config('http.rate_limit.client_period'), - config('http.rate_limit.client') - )->by($key); - }); - - RateLimiter::for('api.application', function (Request $request) { - $key = optional($request->user())->uuid ?: $request->ip(); - - return Limit::perMinutes( - config('http.rate_limit.application_period'), - config('http.rate_limit.application') - )->by($key); - }); - } -} diff --git a/config/app.php b/config/app.php new file mode 100644 index 0000000..9493ae9 --- /dev/null +++ b/config/app.php @@ -0,0 +1,239 @@ + '1.11.5', + + /* + |-------------------------------------------------------------------------- + | Application Name + |-------------------------------------------------------------------------- + | + | This value is the name of your application. This value is used when the + | framework needs to place the application's name in a notification or + | any other location as required by the application or its packages. + */ + + 'name' => env('APP_NAME', 'Pterodactyl'), + + /* + |-------------------------------------------------------------------------- + | Application Environment + |-------------------------------------------------------------------------- + | + | This value determines the "environment" your application is currently + | running in. This may determine how you prefer to configure various + | services your application utilizes. Set this in your ".env" file. + | + */ + + 'env' => env('APP_ENV', 'production'), + + /* + |-------------------------------------------------------------------------- + | Application Debug Mode + |-------------------------------------------------------------------------- + | + | When your application is in debug mode, detailed error messages with + | stack traces will be shown on every error that occurs within your + | application. If disabled, a simple generic error page is shown. + | + */ + + 'debug' => env('APP_DEBUG', false), + + /* + |-------------------------------------------------------------------------- + | Application URL + |-------------------------------------------------------------------------- + | + | This URL is used by the console to properly generate URLs when using + | the Artisan command line tool. You should set this to the root of + | your application so that it is used when running Artisan tasks. + | + */ + + 'url' => env('APP_URL', 'http://localhost'), + + /* + |-------------------------------------------------------------------------- + | Application Timezone + |-------------------------------------------------------------------------- + | + | Here you may specify the default timezone for your application, which + | will be used by the PHP date and date-time functions. We have gone + | ahead and set this to a sensible default for you out of the box. + | + */ + + 'timezone' => env('APP_TIMEZONE', 'UTC'), + + /* + |-------------------------------------------------------------------------- + | Application Locale Configuration + |-------------------------------------------------------------------------- + | + | The application locale determines the default locale that will be used + | by the translation service provider. You are free to set this value + | to any of the locales which will be supported by the application. + | + */ + + 'locale' => env('APP_LOCALE', 'en'), + + /* + |-------------------------------------------------------------------------- + | Application Fallback Locale + |-------------------------------------------------------------------------- + | + | The fallback locale determines the locale to use when the current one + | is not available. You may change the value to correspond to any of + | the language folders that are provided through your application. + | + */ + + 'fallback_locale' => 'en', + + /* + |-------------------------------------------------------------------------- + | Encryption Key + |-------------------------------------------------------------------------- + | + | This key is used by the Illuminate encrypter service and should be set + | to a random, 32 character string, otherwise these encrypted strings + | will not be safe. Please do this before deploying an application! + | + */ + + 'key' => env('APP_KEY'), + + 'cipher' => 'AES-256-CBC', + + /* + |-------------------------------------------------------------------------- + | Exception Reporter Configuration + |-------------------------------------------------------------------------- + | + | If you're encountering weird behavior with the Panel and no exceptions + | are being logged try changing the environment variable below to be true. + | This will override the default "don't report" behavior of the Panel and log + | all exceptions. This will be quite noisy. + | + */ + + 'exceptions' => [ + 'report_all' => env('APP_REPORT_ALL_EXCEPTIONS', false), + ], + + /* + |-------------------------------------------------------------------------- + | Maintenance Mode Driver + |-------------------------------------------------------------------------- + | + | These configuration options determine the driver used to determine and + | manage Laravel's "maintenance mode" status. The "cache" driver will + | allow maintenance mode to be controlled across multiple machines. + | + | Supported drivers: "file", "cache" + | + */ + + 'maintenance' => [ + 'driver' => 'file', + ], + + /* + |-------------------------------------------------------------------------- + | Autoloaded Service Providers + |-------------------------------------------------------------------------- + | + | The service providers listed here will be automatically loaded on the + | request to your application. Feel free to add your own services to + | this array to grant expanded functionality to your applications. + | + */ + + 'providers' => [ + /* + * Laravel Framework Service Providers... + */ + Illuminate\Auth\AuthServiceProvider::class, + Illuminate\Broadcasting\BroadcastServiceProvider::class, + Illuminate\Bus\BusServiceProvider::class, + Illuminate\Cache\CacheServiceProvider::class, + Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class, + Illuminate\Cookie\CookieServiceProvider::class, + Illuminate\Database\DatabaseServiceProvider::class, + Illuminate\Encryption\EncryptionServiceProvider::class, + Illuminate\Filesystem\FilesystemServiceProvider::class, + Illuminate\Foundation\Providers\FoundationServiceProvider::class, + Illuminate\Hashing\HashServiceProvider::class, + Illuminate\Mail\MailServiceProvider::class, + Illuminate\Notifications\NotificationServiceProvider::class, + Illuminate\Pagination\PaginationServiceProvider::class, + Illuminate\Pipeline\PipelineServiceProvider::class, + Illuminate\Queue\QueueServiceProvider::class, + Illuminate\Redis\RedisServiceProvider::class, + Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, + Illuminate\Session\SessionServiceProvider::class, + Illuminate\Translation\TranslationServiceProvider::class, + Illuminate\Validation\ValidationServiceProvider::class, + Illuminate\View\ViewServiceProvider::class, + + /* + * Application Service Providers... + */ + Pterodactyl\Providers\ActivityLogServiceProvider::class, + Pterodactyl\Providers\AppServiceProvider::class, + Pterodactyl\Providers\AuthServiceProvider::class, + Pterodactyl\Providers\BackupsServiceProvider::class, + Pterodactyl\Providers\BladeServiceProvider::class, + Pterodactyl\Providers\EventServiceProvider::class, + Pterodactyl\Providers\HashidsServiceProvider::class, + Pterodactyl\Providers\RouteServiceProvider::class, + Pterodactyl\Providers\RepositoryServiceProvider::class, + Pterodactyl\Providers\ViewComposerServiceProvider::class, + + /* + * Blueprint Service Providers + */ + Pterodactyl\Providers\Blueprint\RouteServiceProvider::class, + + /* + * Additional Dependencies + */ + Prologue\Alerts\AlertsServiceProvider::class, + ], + + /* + |-------------------------------------------------------------------------- + | Class Aliases + |-------------------------------------------------------------------------- + | + | This array of class aliases will be registered when this application + | is started. However, feel free to register as many as you wish as + | the aliases are "lazy" loaded, so they don't hinder performance. + | + */ + + 'aliases' => Facade::defaultAliases()->merge([ + 'Alert' => Prologue\Alerts\Facades\Alert::class, + 'Carbon' => Carbon\Carbon::class, + 'JavaScript' => Laracasts\Utilities\JavaScript\JavaScriptFacade::class, + 'Theme' => Pterodactyl\Extensions\Facades\Theme::class, + + // Custom Facades + 'Activity' => Pterodactyl\Facades\Activity::class, + 'LogBatch' => Pterodactyl\Facades\LogBatch::class, + 'LogTarget' => Pterodactyl\Facades\LogTarget::class, + ])->toArray(), +]; \ No newline at end of file