MrUnknownDE/panel
1
0
Fork 0
mirror of https://github.com/MrUnknownDE/panel.git synced 2026-04-16 13:23:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

api(remote): update sftp auth controller

Browse Source
This commit is contained in:
Matthew Penner
2021-07-17 17:22:47 -06:00
parent f9114e2de0
commit 790f109e66
3 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/Http/Controllers/Api/Remote/SftpAuthenticationController.php
View File

@@ -70,8 +70,14 @@ class SftpAuthenticationController extends Controller
['username', '=', $connection['username']],
]);
if ($request->input('type') === 'publicKey') {
$verified = true;
} else {
$verified = password_verify($request->input('password'), $user->password);
}
$server = $this->serverRepository->getByUuid($connection['server'] ?? '');
if (!password_verify($request->input('password'), $user->password) || $server->node_id !== $node->id) {
if (!$verified || $server->node_id !== $node->id) {
$this->incrementLoginAttempts($request);
throw new HttpForbiddenException('Authorization credentials were not correct, please try again.');
@@ -88,9 +94,8 @@ class SftpAuthenticationController extends Controller
$server->validateCurrentState();
return new JsonResponse([
'ssh_keys' => $user->sshKeys->pluck('public_key')->toArray(),
'server' => $server->uuid,
// Deprecated, but still needed at the moment for Wings.
'token' => '',
'permissions' => $permissions ?? ['*'],
]);
}