MrUnknownDE/panel
1
0
Fork 0
mirror of https://github.com/MrUnknownDE/panel.git synced 2026-04-27 10:33:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Block API access when 2FA is required on account; closes #2791

Browse Source
This commit is contained in:
Dane Everitt
2020-12-06 13:56:14 -08:00
parent 5d23d894ae
commit d22456d9ca
8 changed files with 101 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
routes/api-client.php
View File

@@ -1,6 +1,7 @@
<?php
use Illuminate\Support\Facades\Route;
use Pterodactyl\Http\Middleware\RequireTwoFactorAuthentication;
use Pterodactyl\Http\Middleware\Api\Client\Server\SubuserBelongsToServer;
use Pterodactyl\Http\Middleware\Api\Client\Server\AuthenticateServerAccess;
use Pterodactyl\Http\Middleware\Api\Client\Server\AllocationBelongsToServer;
@@ -17,10 +18,10 @@ Route::get('/', 'ClientController@index')->name('api:client.index');
Route::get('/permissions', 'ClientController@permissions');
Route::group(['prefix' => '/account'], function () {
Route::get('/', 'AccountController@index')->name('api:client.account');
Route::get('/two-factor', 'TwoFactorController@index');
Route::post('/two-factor', 'TwoFactorController@store');
Route::delete('/two-factor', 'TwoFactorController@delete');
Route::get('/', 'AccountController@index')->name('api:client.account')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::get('/two-factor', 'TwoFactorController@index')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::post('/two-factor', 'TwoFactorController@store')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::delete('/two-factor', 'TwoFactorController@delete')->withoutMiddleware(RequireTwoFactorAuthentication::class);
Route::put('/email', 'AccountController@updateEmail')->name('api:client.account.update-email');
Route::put('/password', 'AccountController@updatePassword')->name('api:client.account.update-password');