From 11a3bd2a4b54b8e95e58f3ef84aade5f85320f0a Mon Sep 17 00:00:00 2001 From: Naterfute Date: Tue, 13 Jan 2026 02:38:13 -0800 Subject: [PATCH] fix: update http Kernel --- app/Http/Kernel.php | 128 +++++++++++++++++++++++--------------------- 1 file changed, 68 insertions(+), 60 deletions(-) diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index e81ac82d6..73a4eabbe 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -35,66 +35,74 @@ use Pterodactyl\Http\Middleware\Api\Application\AuthenticateApplicationUser; class Kernel extends HttpKernel { - /** - * The application's global HTTP middleware stack. - */ - protected $middleware = [ - TrustProxies::class, - HandleCors::class, - PreventRequestsDuringMaintenance::class, - ValidatePostSize::class, - TrimStrings::class, - ConvertEmptyStringsToNull::class, - ]; + /** + * The application's global HTTP middleware stack. + */ + protected $middleware = [ + TrustProxies::class, + HandleCors::class, + PreventRequestsDuringMaintenance::class, + ValidatePostSize::class, + TrimStrings::class, + ConvertEmptyStringsToNull::class, + ]; - /** - * The application's route middleware groups. - */ - protected $middlewareGroups = [ - 'web' => [ - EncryptCookies::class, - AddQueuedCookiesToResponse::class, - StartSession::class, - ShareErrorsFromSession::class, - VerifyCsrfToken::class, - SubstituteBindings::class, - LanguageMiddleware::class, - ], - 'api' => [ - EnsureStatefulRequests::class, - 'auth:sanctum', - IsValidJson::class, - TrackAPIKey::class, - RequireTwoFactorAuthentication::class, - AuthenticateIPAccess::class, - ], - 'application-api' => [ - SubstituteBindings::class, - AuthenticateApplicationUser::class, - ], - 'client-api' => [ - SubstituteClientBindings::class, - RequireClientApiKey::class, - ], - 'daemon' => [ - SubstituteBindings::class, - DaemonAuthenticate::class, - ], - ]; + protected $middlewarePriority = [ + SubstituteClientBindings::class, + ]; - /** - * The application's route middleware. - */ - protected $middlewareAliases = [ - 'auth' => Authenticate::class, - 'auth.basic' => AuthenticateWithBasicAuth::class, - 'auth.session' => AuthenticateSession::class, - 'guest' => RedirectIfAuthenticated::class, - 'csrf' => VerifyCsrfToken::class, - 'throttle' => ThrottleRequests::class, - 'can' => Authorize::class, - 'bindings' => SubstituteBindings::class, - 'node.maintenance' => MaintenanceMiddleware::class, - 'captcha' => \Pterodactyl\Http\Middleware\VerifyCaptcha::class, - ]; + /** + * The application's route middleware groups. + */ + protected $middlewareGroups = [ + 'web' => [ + EncryptCookies::class, + AddQueuedCookiesToResponse::class, + StartSession::class, + ShareErrorsFromSession::class, + VerifyCsrfToken::class, + SubstituteBindings::class, + LanguageMiddleware::class, + ], + 'api' => [ + EncryptCookies::class, + AddQueuedCookiesToResponse::class, + StartSession::class, + EnsureStatefulRequests::class, + 'auth:sanctum', + IsValidJson::class, + TrackAPIKey::class, + RequireTwoFactorAuthentication::class, + AuthenticateIPAccess::class, + + ], + 'application-api' => [ + SubstituteBindings::class, + AuthenticateApplicationUser::class, + ], + 'client-api' => [ + SubstituteClientBindings::class, + RequireClientApiKey::class, + ], + 'daemon' => [ + SubstituteBindings::class, + DaemonAuthenticate::class, + ], + ]; + + /** + * The application's route middleware. + */ + protected $middlewareAliases = [ + 'auth' => Authenticate::class, + 'auth.basic' => AuthenticateWithBasicAuth::class, + 'auth.session' => AuthenticateSession::class, + 'guest' => RedirectIfAuthenticated::class, + 'csrf' => VerifyCsrfToken::class, + 'throttle' => ThrottleRequests::class, + 'can' => Authorize::class, + 'bindings' => SubstituteBindings::class, + 'node.maintenance' => MaintenanceMiddleware::class, + 'captcha' => \Pterodactyl\Http\Middleware\VerifyCaptcha::class, + ]; }