SBDevelopment/ThemeParkPlus-Panel
Archived
3
0
Fork 0
Code Activity

Initial commit

Browse source
This commit is contained in:
BuildTools 2020-02-26 14:59:58 +01:00
commit b105bd7db7
171 changed files with 28322 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

101
app/Cache/Cache.php Normal file
View file

@ -0,0 +1,101 @@
<?php
namespace App\Cache;
class Cache {
public static function getUsername($uuid) {
if(file_exists(storage_path('app/uuid/'.$uuid.'.json'))) {
$json = file_get_contents(storage_path('app/uuid/'.$uuid.'.json'));
$json = json_decode($json, true);
if((time() - strtotime($json['time'])) > 3600) {
$json = file_get_contents('https://api.mojang.com/users/profiles/'.$uuid.'./names');
if(empty($json)) {
$json = file_get_contents(storage_path('app/uuid/'.$uuid.'.json'));
$json = json_decode($json, true);
return $json['name'];
}
$json = json_decode($json, true);
if(isset($json['error'])) {
$json = file_get_contents(storage_path('app/uuid/'.$uuid.'.json'));
$json = json_decode($json, true);
return $json['name'];
}
$name = $json[count($json) -1]['name'];
$json = [];
$json['id'] = $uuid;
$json['name'] = $name;
self::saveJson($json);
return $json['name'];
} else {
return $json['name'];
}
} else {
$json = file_get_contents('https://api.mojang.com/user/profiles/'.$uuid.'/names');
if(empty($json))
return $uuid;
$json = json_decode($json, true);
if(isset($json['error']))
return $uuid;
$name = $json[count($json) -1]['name'];
$json = [];
$json['id'] = $uuid;
$json['name'] = $name;
self::saveJson($json);
return $json['name'];
}
}
public static function getUUID($username) {
foreach(glob(storage_path('app/uuid/*')) as $file) {
$json = file_get_contents($file);
$json = json_decode($json, true);
if($json['name'] !== $username)
continue;
if((time() - strtotime($json['time'])) > 3600) {
$json = file_get_contents('https://api.mojang.com/users/profiles/minecraft/'.$username);
if(empty($json)) {
unlink(storage_path('app/uuid/'.$file));
return $username;
}
$json = json_decode($json, true);
if(isset($json['error'])) {
unlink(storage_path('app/uuid/'.$file));
return $username;
}
self::saveJson($json);
return $json['id'];
} else {
return $json['id'];
}
}
$json = file_get_contents('https://api.mojang.com/users/profiles/minecraft/'.$username);
if(empty($json))
return $username;
$json = json_decode($json, true);
if(isset($json['error']))
return $username;
self::saveJson($json);
return $json['id'];
}
public static function saveJson($json) {
$array = [
'id' => $json['id'],
'name' => $json['name'],
'time' => date('d-m-Y H:m:s')
];
file_put_contents(storage_path('app/uuid/'.$json['id'].'.json'), json_encode($array));
}
}

27
app/ChangeEmail.php Normal file
View file

@ -0,0 +1,27 @@
<?php
namespace App;
use App\Notifications\SendMailChange;
use Illuminate\Database\Eloquent\Model;
class ChangeEmail extends Model
{
protected $table = 'change_user_email';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'user_id', 'email', 'token'
];
public function sendMail() {
$user = User::findOrFail($this->user_id);
$user->notify(new SendMailChange($this));
}
}

52
app/Console/Kernel.php Normal file
View file

@ -0,0 +1,52 @@
<?php
namespace App\Console;
use App\ChangeEmail;
use App\License;
use Illuminate\Console\Scheduling\Schedule;
use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
class Kernel extends ConsoleKernel
{
/**
* The Artisan commands provided by your application.
*
* @var array
*/
protected $commands = [
//
];
/**
* Define the application's command schedule.
*
* @param \Illuminate\Console\Scheduling\Schedule $schedule
* @return void
*/
protected function schedule(Schedule $schedule)
{
$schedule->call(function () {
$date = new \DateTime();
$date->modify('-60 minutes');
$formatted = $date->format('Y-m-d H:i:s');
ChangeEmail::where('updated_at', '<=', $formatted)->delete();
})->hourly();
$schedule->call(function () {
DB::delete('DELETE licenses, usages FROM licenses INNER JOIN usages ON licenses.id=usages.license_id WHERE licenses.expires_at<=CURRENT_TIMESTAMP()');
})->hourly();
}
/**
* Register the commands for the application.
*
* @return void
*/
protected function commands()
{
$this->load(__DIR__.'/Commands');
require base_path('routes/console.php');
}
}

51
app/Exceptions/Handler.php Normal file
View file

@ -0,0 +1,51 @@
<?php
namespace App\Exceptions;
use Exception;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
class Handler extends ExceptionHandler
{
/**
* A list of the exception types that are not reported.
*
* @var array
*/
protected $dontReport = [
//
];
/**
* A list of the inputs that are never flashed for validation exceptions.
*
* @var array
*/
protected $dontFlash = [
'password',
'password_confirmation',
];
/**
* Report or log an exception.
*
* @param \Exception $exception
* @return void
*/
public function report(Exception $exception)
{
parent::report($exception);
}
/**
* Render an exception into an HTTP response.
*
* @param \Illuminate\Http\Request $request
* @param \Exception $exception
* @return \Illuminate\Http\Response
*/
public function render($request, Exception $exception)
{
return parent::render($request, $exception);
}
}

30
app/Http/Controllers/AccountController.php Normal file
View file

@ -0,0 +1,30 @@
<?php
namespace App\Http\Controllers\Panel;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class AccountController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware(['auth', 'verified', '2fa']);
}
/**
* Show the application dashboard.
*
* @param Request $request
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('account');
}
}

32
app/Http/Controllers/Auth/ForgotPasswordController.php Normal file
View file

@ -0,0 +1,32 @@
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
class ForgotPasswordController extends Controller
{
/*
|--------------------------------------------------------------------------
| Password Reset Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling password reset emails and
| includes a trait which assists in sending these notifications from
| your application to your users. Feel free to explore this trait.
|
*/
use SendsPasswordResetEmails;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
}

82
app/Http/Controllers/Auth/LoginController.php Normal file
View file

@ -0,0 +1,82 @@
<?php
namespace App\Http\Controllers\Auth;
use App\Cache\Cache;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class LoginController extends Controller
{
/*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/
use AuthenticatesUsers;
/**
* Where to redirect users after login.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
/**
* Get username property.
*
* @return string
*/
public function username()
{
return 'uuid';
}
public function login(Request $request)
{
$this->validateLogin($request);
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
$request->merge([
'uuid' => Cache::getUUID($request->get('uuid'))
]);
if($this->guard()->validate($this->credentials($request))) {
if(Auth::attempt(['uuid' => $request->get('uuid'), 'password' => $request->get('password')])) {
return redirect()->intended('home');
} else {
$this->incrementLoginAttempts($request);
return response()->json([
'error' => 'This account is not activated.'
], 401);
}
} else {
$this->incrementLoginAttempts($request);
return response()->json([
'error' => 'Credentials do not match our database.'
], 401);
}
}
}

85
app/Http/Controllers/Auth/RegisterController.php Normal file
View file

@ -0,0 +1,85 @@
<?php
namespace App\Http\Controllers\Auth;
use App\Cache\Cache;
use App\Http\Controllers\Controller;
use App\Rules\UUID;
use App\User;
use Illuminate\Auth\Events\Registered;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
class RegisterController extends Controller
{
/*
|--------------------------------------------------------------------------
| Register Controller
|--------------------------------------------------------------------------
|
| This controller handles the registration of new users as well as their
| validation and creation. By default this controller uses a trait to
| provide this functionality without requiring any additional code.
|
*/
use RegistersUsers;
/**
* Where to redirect users after registration.
*
* @var string
*/
protected $redirectTo = '/login';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'username' => ['required', 'string', 'max:255', 'uuid' => new UUID()],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:8'],
'password_confirmation' => ['required', 'same:password']
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return \App\User
*/
protected function create(array $data)
{
return User::create([
'uuid' => '', Cache::getUUID($data['username']),
'email' => $data['email'],
'password' => bcrypt($data['password'])
]);
}
public function register(Request $request)
{
$this->validator($request->all())->validate();
event(new Registered($user = $this->create($request->all())));
return $this->registered($request, $user)
?: redirect($this->redirectPath());
}
}

39
app/Http/Controllers/Auth/ResetPasswordController.php Normal file
View file

@ -0,0 +1,39 @@
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ResetsPasswords;
class ResetPasswordController extends Controller
{
/*
|--------------------------------------------------------------------------
| Password Reset Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling password reset requests
| and uses a simple trait to include this behavior. You're free to
| explore this trait and override any methods you wish to tweak.
|
*/
use ResetsPasswords;
/**
* Where to redirect users after resetting their password.
*
* @var string
*/
protected $redirectTo = '/panel/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest');
}
}

41
app/Http/Controllers/Auth/VerificationController.php Normal file
View file

@ -0,0 +1,41 @@
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\VerifiesEmails;
class VerificationController extends Controller
{
/*
|--------------------------------------------------------------------------
| Email Verification Controller
|--------------------------------------------------------------------------
|
| This controller is responsible for handling email verification for any
| user that recently registered with the application. Emails may also
| be re-sent if the user didn't receive the original email message.
|
*/
use VerifiesEmails;
/**
* Where to redirect users after verification.
*
* @var string
*/
protected $redirectTo = '/home';
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('auth');
$this->middleware('signed')->only('verify');
$this->middleware('throttle:6,1')->only('verify', 'resend');
}
}

117
app/Http/Controllers/ChangeController.php Normal file
View file

@ -0,0 +1,117 @@
<?php
namespace App\Http\Controllers\Panel;
use App\ChangeEmail;
use App\Http\Controllers\Controller;
use App\Notifications\SendMailChange;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Validator;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Str;
class ChangeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware(['auth', 'verified', '2fa']);
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('change');
}
public function changePassword(Request $request) {
$validator = Validator::make($request->all(), [
'password' => ['required', 'max:255'],
'new_password' => ['required', 'min:6', 'confirmed', 'regex:/[a-z]/', 'regex:/[A-Z]/', 'regex:/[0-9]/', 'regex:/[@$!%*#?&]/'],
'new_confirm_password' => ['required', 'same:new_password']
]);
if(!$validator->passes())
return Redirect::back()->withErrors($validator);
$user = Auth::user();
if(!Hash::check($request->get('password'), $user->password)) {
$validator->getMessageBag()->add('pass_password', 'Wrong user password.');
return Redirect::back()->withErrors($validator);
}
$user->password = Hash::make($request->get('new_password'));
if(!$user->save()) {
$validator->getMessageBag()->add('new_password', 'Unable to change password.');
return Redirect::back()->withErrors($validator);
}
session()->flash('pass_success', 'Successfully changed password.');
return Redirect::back();
}
public function changeEmail(Request $request) {
$validator = Validator::make($request->all(), [
'password' => ['required', 'max:255'],
'new_email' => ['required', 'email', 'unique:users,email', 'max:255'],
'new_confirm_email' => ['required', 'same:new_email']
]);
if(!$validator->passes())
return Redirect::back()->withErrors($validator);
$user = Auth::user();
if(!Hash::check($request->get('password'), $user->password)) {
$validator->getMessageBag()->add('email_password', 'Wrong user password.');
return Redirect::back()->withErrors($validator);
}
$user->email = $request->get('new_email');
$change = ChangeEmail::create([
'user_id' => $user->id,
'email' => $request->get('new_email'),
'token' => Str::random(12)
]);
Mail::to($user)->send(new SendMailChange($change));
session()->flash('email_success', 'Successfully requested email change');
return Redirect::back();
}
public function verifyEmail($id, $token, $email) {
if(Auth::id() != $id) {
session()->flash('email_error', 'Incorrect email change request: '.$email);
return Redirect::route('panel.change');
}
$user = Auth::user();
$model = ChangeEmail::where([
'user_id' => $user->id,
'token' => $token,
'email' => $email
])->first();
if(empty($model)) {
session()->flash('email_error', 'Unable to change email address to: '.$email);
return Redirect::route('panel.change');
}
$user->email = $email;
$user->save();
$model->delete();
session()->flash('email_success', 'Successfully changed email address to: '.$email);
return Redirect::route('panel.change');
}
}

13
app/Http/Controllers/Controller.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Routing\Controller as BaseController;
class Controller extends BaseController
{
use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
}

39
app/Http/Controllers/HomeController.php Normal file
View file

@ -0,0 +1,39 @@
<?php
namespace App\Http\Controllers;
use App\Http\Controllers\Controller;
use App\Order;
use App\OrderedProject;
use App\Project;
use App\Status;
use App\Utils\Numbers;
use Illuminate\Support\Facades\DB;
class HomeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware(['auth', 'verified', '2fa']);
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('home')->with([
'message' => ''
]);
}
}

39
app/Http/Controllers/Panel/HomeController.php Normal file
View file

@ -0,0 +1,39 @@
<?php
namespace App\Http\Controllers\Panel;
use App\Http\Controllers\Controller;
use App\Order;
use App\OrderedProject;
use App\Project;
use App\Status;
use App\Utils\Numbers;
use Illuminate\Support\Facades\DB;
class HomeController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware(['auth', 'verified', '2fa']);
}
/**
* Show the application dashboard.
*
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index()
{
return view('panel.home')->with([
'data' => ''
]);
}
}

128
app/Http/Controllers/Panel/UMSController.php Normal file
View file

@ -0,0 +1,128 @@
<?php
namespace App\Http\Controllers\Panel;
use App\ChangeEmail;
use App\Http\Controllers\Controller;
use App\Notifications\SendMailChange;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Str;
class UMSController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware(['auth', 'verified', '2fa']);
}
/**
* Show the application dashboard.
*
* @param int $page
* @return \Illuminate\Contracts\Support\Renderable
*/
public function index($page = 1)
{
$pages = User::count();
$pages = (int) ceil($pages/25);
if($pages < 1 && $page == 1)
$page = 1;
if($page < 1 || ($pages > 0 && $page > $pages))
return redirect()->route('panel.ums', [
'page' => ($pages > 0 ? $pages : 1)
]);
$data = User::select('id', 'uuid', 'last_active', 'is_admin', 'is_root')->get();
return view('panel.ums.index')->with([
'users' => $data,
'page' => $page,
'pages' => $pages
]);
}
public function info($id) {
$user = User::findOrFail($id);
return view('panel.ums.info')->with([
'user' => $user
]);
}
public function edit($id) {
$user = Auth::user();
if(!$user->is_root && !$user->is_admin)
return Redirect::route('panel.ums');
return view('panel.ums.edit')->with([
'user' => $user
]);
}
public function update(Request $request) {
if(!$request->has('id'))
return Redirect::back();
$user = User::findOrFail($request->get('id'));
if($request->get('email') !== $user->email) {
$validator = Validator::make($request->all(), [
'email' => ['required', 'email', 'unique:users,email', 'max:255']
]);
if(!$validator->passes())
return Redirect::back()->withErrors($validator);
$change = ChangeEmail::create([
'user_id' => $user->id,
'email' => $request->get('email'),
'token' => Str::random(12)
]);
Mail::to($user)->send(new SendMailChange($change));
}
if(Auth::user()->is_root) {
$validator = Validator::make($request->all(), [
'is_admin' => ['required', 'boolean'],
'is_root' => ['required', 'boolean']
]);
if(!$validator->passes())
return Redirect::back()->withErrors($validator);
$user->is_admin = $request->get('is_admin');
$user->is_root = $request->get('is_root');
if($user->save()) {
session()->flash('success', 'Successfully edited user: '.$user->uuid);
} else {
session()->flash('error', 'Unable to edit user: '.$user->uuid);
}
}
return Redirect::route('panel.ums');
}
public function delete($id) {
$auth = Auth::user();
if(!$auth->is_admin && !$auth->is_root)
return Redirect::route('panel.home');
$user = User::findOrFail($id);
if($user->delete()) {
session()->flash('success', 'Successfully deleted user: '.$user->firstname);
} else {
session()->flash('error', 'Unable to delete user: '.$user->firstname);
}
return Redirect::back();
}
}

76
app/Http/Controllers/SecurityController.php Normal file
View file

@ -0,0 +1,76 @@
<?php
namespace App\Http\Controllers\Panel;
use App\Http\Controllers\Controller;
use App\Session;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Jenssegers\Agent\Agent;
class SecurityController extends Controller
{
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware(['mobile', 'auth', 'verified', '2fa']);
}
/**
* Show the application dashboard.
*
* @param Request $request
* @param int $page
* @return \Illuminate\Contracts\Support\Renderable
* @throws \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException
* @throws \PragmaRX\Google2FA\Exceptions\InvalidCharactersException
*/
public function index(Request $request, $page = 1)
{
$google2fa = new \PragmaRX\Google2FALaravel\Google2FA($request);
$tfa = $google2fa->isActivated();
$pages = Session::where('user_id', Auth::id())->count();
$pages = (int) ceil($pages/10);
if($page > $pages)
return redirect()->route('security', ['page' => $pages]);
$sessions = Session::where('user_id', Auth::id())->where('id', '!=', session()->getId())->skip(($page - 1)*10)->take(($page != 1 ? 10 : 9))->orderBy('last_activity', 'desc')->get();
$array = ['TFA' => $tfa, 'pages' => $pages, 'page' => $page, 'sessions' => $sessions, 'agent' => new Agent()];
if(!$tfa) {
if(!session()->has('redirected')) {
$secret = $google2fa->generateSecretKey();
session()->flash('google_secret', $secret);
} else {
$secret = session()->get('google_secret');
session()->keep(['google_secret']);
}
$google2fa = new \PragmaRX\Google2FAQRCode\Google2FA();
$QR = $google2fa->getQRCodeInline(
config('app.name'),
Auth::user()->email,
$secret
);
$array['QRCode'] = $QR;
return view('security')->with($array);
}
return view('security')->with($array);
}
public function session($id)
{
if(session()->getId() === $id)
return redirect()->route('security');
Session::where(['id' => $id, 'user_id' => Auth::id()])->forceDelete();
return redirect()->route('security');
}
}

68
app/Http/Controllers/ToggleTwoFactorController.php Normal file
View file

@ -0,0 +1,68 @@
<?php
namespace App\Http\Controllers\Panel;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Facades\Validator;
class ToggleTwoFactorController extends Controller
{
public function __construct()
{
$this->middleware(['auth', 'verified']);
}
public function toggle(Request $request) {
$google2fa = new \PragmaRX\Google2FALaravel\Google2FA($request);
$validator = Validator::make($request->all(), [
'two_factor' => ['required', 'digits:6']
]);
if(!$google2fa->isActivated()) {
$secret = session()->get('google_secret');
if (!$validator->passes()) {
session()->flash('redirected', true);
session()->keep(['google_secret']);
return Redirect::back()->withErrors($validator);
}
$google2fa = new \PragmaRX\Google2FALaravel\Google2FA($request);
if (!$google2fa->verifyGoogle2FA($secret, $request->two_factor)) {
$validator->getMessageBag()->add('two_factor', 'Incorrect 2FA Code');
session()->flash('redirected', true);
session()->keep(['google_secret']);
return Redirect::back()->withErrors($validator);
}
$google2fa->login();
Auth::user()->update([
'google2fa_secret' => $secret
]);
session()->flash('success', 'Successfully enabled 2FA');
return redirect()->route('account');
} else {
if(!$validator->passes())
return Redirect::back()->withErrors($validator);
$google2fa = new \PragmaRX\Google2FALaravel\Google2FA($request);
if(!$google2fa->verifyGoogle2FA(Auth::user()->google2fa_secret, $request->two_factor)) {
$validator->getMessageBag()->add('two_factor', 'Incorrect 2FA Code');
return Redirect::back()->withErrors($validator);
}
$google2fa->logout();
Auth::user()->update([
'google2fa_secret' => null
]);
session()->flash('success', 'Successfully disabled 2FA');
return redirect()->route('security');
}
}
}

49
app/Http/Controllers/TwoFactorController.php Normal file
View file

@ -0,0 +1,49 @@
<?php
namespace App\Http\Controllers\Panel;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Facades\Validator;
class TwoFactorController extends Controller
{
public function __construct()
{
$this->middleware(['auth', 'verified']);
}
protected function index(Request $request)
{
$google2fa = new \PragmaRX\Google2FALaravel\Google2FA($request);
if(!$google2fa->isActivated())
return redirect()->route('home');
$google2fa = new \PragmaRX\Google2FALaravel\Support\Authenticator($request);
if($google2fa->isAuthenticated())
return redirect()->route('home');
return view('2fa.authenticate');
}
protected function authenticate(Request $request)
{
$validator = Validator::make($request->all(), [
'two_factor' => ['required', 'digits:6']
]);
if(!$validator->passes())
return Redirect::back()->withErrors($validator);
$google2fa = new \PragmaRX\Google2FALaravel\Google2FA($request);
if(!$google2fa->verifyGoogle2FA(Auth::user()->google2fa_secret, $request->two_factor)) {
$validator->getMessageBag()->add('two_factor', 'Incorrect 2FA Code');
return Redirect::back()->withErrors($validator);
}
$google2fa->login();
return redirect()->route('home');
}
}

85
app/Http/Kernel.php Normal file
View file

@ -0,0 +1,85 @@
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\HttpsProtocol::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\UserActive::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'2fa' => \App\Http\Middleware\TwoFactorAuthentication::class,
'mobile' => \App\Http\Middleware\NoMobile::class,
];
/**
* The priority-sorted list of middleware.
*
* This forces non-global middleware to always be in the given order.
*
* @var array
*/
protected $middlewarePriority = [
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\Authenticate::class,
\Illuminate\Routing\Middleware\ThrottleRequests::class,
\Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\Illuminate\Auth\Middleware\Authorize::class,
];
}

21
app/Http/Middleware/Authenticate.php Normal file
View file

@ -0,0 +1,21 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*
* @param \Illuminate\Http\Request $request
* @return string
*/
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('login');
}
}
}

17
app/Http/Middleware/CheckForMaintenanceMode.php Normal file
View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware;
class CheckForMaintenanceMode extends Middleware
{
/**
* The URIs that should be reachable while maintenance mode is enabled.
*
* @var array
*/
protected $except = [
//
];
}

17
app/Http/Middleware/EncryptCookies.php Normal file
View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
class EncryptCookies extends Middleware
{
/**
* The names of the cookies that should not be encrypted.
*
* @var array
*/
protected $except = [
//
];
}

17
app/Http/Middleware/HttpsProtocol.php Normal file
View file

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\App;
class HttpsProtocol
{
public function handle($request, Closure $next)
{
if (!$request->secure() && in_array(App::environment(), ['stage', 'production']))
return redirect()->secure($request->getRequestUri());
return $next($request);
}
}

26
app/Http/Middleware/NoMobile.php Normal file
View file

@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Redirect;
use Jenssegers\Agent\Agent;
class NoMobile
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$agent = new Agent();
if($agent->isMobile())
return Redirect::route('panel.home');
return $next($request);
}
}

26
app/Http/Middleware/RedirectIfAuthenticated.php Normal file
View file

@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
return redirect('/home');
}
return $next($request);
}
}

18
app/Http/Middleware/TrimStrings.php Normal file
View file

@ -0,0 +1,18 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
/**
* The names of the attributes that should not be trimmed.
*
* @var array
*/
protected $except = [
'password',
'password_confirmation',
];
}

23
app/Http/Middleware/TrustProxies.php Normal file
View file

@ -0,0 +1,23 @@
<?php
namespace App\Http\Middleware;
use Fideloper\Proxy\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array|string
*/
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}

27
app/Http/Middleware/TwoFactorAuthentication.php Normal file
View file

@ -0,0 +1,27 @@
<?php
namespace App\Http\Middleware;
use Closure;
use PragmaRX\Google2FALaravel\Support\Authenticator;
class TwoFactorAuthentication
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$authenticator = app(Authenticator::class)->boot($request);
if ($authenticator->isAuthenticated()) {
return $next($request);
}
return redirect()->route('2fa.authenticate');
}
}

26
app/Http/Middleware/UserActive.php Normal file
View file

@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class UserActive
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (Auth::check()) {
$user = Auth::user();
$user->last_active = date('Y-m-d H:i:s');
$user->save();
}
return $next($request);
}
}

24
app/Http/Middleware/VerifyCsrfToken.php Normal file
View file

@ -0,0 +1,24 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* Indicates whether the XSRF-TOKEN cookie should be set on the response.
*
* @var bool
*/
protected $addHttpCookie = true;
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
//
];
}

26
app/Message.php Normal file
View file

@ -0,0 +1,26 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Message extends Model
{
/**
* The table associated with the model.
*
* @var string
*/
protected $table = 'messages';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'uuid', 'content'
];
}

49
app/Notifications/SendMailChange.php Normal file
View file

@ -0,0 +1,49 @@
<?php
namespace App\Notifications;
use App\ChangeEmail;
use App\User;
use Illuminate\Bus\Queueable;
use Illuminate\Mail\Mailable;
use Illuminate\Notifications\Messages\MailMessage;
use Illuminate\Queue\SerializesModels;
class SendMailChange extends Mailable
{
use Queueable, SerializesModels;
/**
* The order instance.
*
* @var ChangeEmail
*/
public $change;
/**
* Create a new message instance.
*
* @param ChangeEmail $change
*/
public function __construct(ChangeEmail $change)
{
$this->change = $change;
}
/**
* Build the message.
*
* @return MailMessage
*/
public function build()
{
$user = User::findOrFail($this->change->user_id);
return (new MailMessage)
->subject('Change Email')
->line('Dear '.$user->firstname.',')
->line('Press the button bellow if you wish to change your current email-address')
->action('Change Email', url('/change/email/'.$user->id.'/'.$this->change->token.'/'.$this->change->email))
->line('Is this email not directed to you or do you not wish to change your email? Than you may ignore this.');
}
}

28
app/Providers/AppServiceProvider.php Normal file
View file

@ -0,0 +1,28 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
public function register()
{
//
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
//
}
}

30
app/Providers/AuthServiceProvider.php Normal file
View file

@ -0,0 +1,30 @@
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
// 'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
//
}
}

21
app/Providers/BroadcastServiceProvider.php Normal file
View file

@ -0,0 +1,21 @@
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Broadcast;
use Illuminate\Support\ServiceProvider;
class BroadcastServiceProvider extends ServiceProvider
{
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
Broadcast::routes();
require base_path('routes/channels.php');
}
}

34
app/Providers/EventServiceProvider.php Normal file
View file

@ -0,0 +1,34 @@
<?php
namespace App\Providers;
use Illuminate\Auth\Events\Registered;
use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Event;
class EventServiceProvider extends ServiceProvider
{
/**
* The event listener mappings for the application.
*
* @var array
*/
protected $listen = [
Registered::class => [
SendEmailVerificationNotification::class,
],
];
/**
* Register any events for your application.
*
* @return void
*/
public function boot()
{
parent::boot();
//
}
}

73
app/Providers/RouteServiceProvider.php Normal file
View file

@ -0,0 +1,73 @@
<?php
namespace App\Providers;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Route;
class RouteServiceProvider extends ServiceProvider
{
/**
* This namespace is applied to your controller routes.
*
* In addition, it is set as the URL generator's root namespace.
*
* @var string
*/
protected $namespace = 'App\Http\Controllers';
/**
* Define your route model bindings, pattern filters, etc.
*
* @return void
*/
public function boot()
{
//
parent::boot();
}
/**
* Define the routes for the application.
*
* @return void
*/
public function map()
{
$this->mapApiRoutes();
$this->mapWebRoutes();
//
}
/**
* Define the "web" routes for the application.
*
* These routes all receive session state, CSRF protection, etc.
*
* @return void
*/
protected function mapWebRoutes()
{
Route::middleware('web')
->namespace($this->namespace)
->group(base_path('routes/web.php'));
}
/**
* Define the "api" routes for the application.
*
* These routes are typically stateless.
*
* @return void
*/
protected function mapApiRoutes()
{
Route::prefix('api')
->middleware('api')
->namespace($this->namespace)
->group(base_path('routes/api.php'));
}
}

47
app/Rules/UUID.php Normal file
View file

@ -0,0 +1,47 @@
<?php
namespace App\Rules;
use App\Cache\Cache;
use App\User;
use Illuminate\Contracts\Validation\Rule;
class UUID implements Rule
{
/**
* Create a new rule instance.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Determine if the validation rule passes.
*
* @param string $attribute
* @param mixed $value
* @return bool
*/
public function passes($attribute, $value)
{
$uuid = Cache::getUUID($value);
if(empty($uuid))
return false;
$user = User::where('uuid', '=', $uuid)->first();
return empty($user);
}
/**
* Get the validation error message.
*
* @return string
*/
public function message()
{
return 'Username: :attribute is already in use';
}
}

39
app/Session.php Normal file
View file

@ -0,0 +1,39 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Session extends Model
{
/**
* The table associated with the model.
*
* @var string
*/
protected $table = 'sessions';
/**
* Indicates if the model should be timestamped.
*
* @var bool
*/
public $timestamps = false;
/**
* The "type" of the auto-incrementing ID.
*
* @var string
*/
protected $keyType = 'string';
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'user_agent', 'payload'
];
}

58
app/User.php Normal file
View file

@ -0,0 +1,58 @@
<?php
namespace App;
use App\Cache\Cache;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class User extends Authenticatable implements MustVerifyEmail
{
use Notifiable;
protected $guard_name = 'web';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'uuid', 'email', 'password', 'google2fa_secret',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token', 'google2fa_secret',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
private $username;
public function username() {
if(!empty($this->username))
return $this->username;
$username = Cache::getUsername($this->uuid);
$this->username = $username;
return $username;
}
public function photo() {
return 'https://crafatar.com/avatars/'.$this->uuid.'?overlay';
}
}