Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
pterodactyl
GitHub Repository: pterodactyl/panel
 Path: blob/1.0-develop/routes/auth.php
7382 views
1
<?php

2


3
use Illuminate\Support\Facades\Route;

4
use Pterodactyl\Http\Controllers\Auth;

5


6
/*

7
|--------------------------------------------------------------------------

8
| Authentication Routes

9
|--------------------------------------------------------------------------

10
|

11
| Endpoint: /auth

12
|

13
*/

14


15
// These routes are defined so that we can continue to reference them programmatically.

16
// They all route to the same controller function which passes off to React.

17
Route::get('/login', [Auth\LoginController::class, 'index'])->name('auth.login');

18
Route::get('/password', [Auth\LoginController::class, 'index'])->name('auth.forgot-password');

19
Route::get('/password/reset/{token}', [Auth\LoginController::class, 'index'])->name('auth.reset');

20


21
// Apply a throttle to authentication action endpoints, in addition to the

22
// recaptcha endpoints to slow down manual attack spammers even more. 🤷‍

23
//

24
// @see \Pterodactyl\Providers\RouteServiceProvider

25
Route::middleware(['throttle:authentication'])->group(function () {

26
    // Login endpoints.

27
    Route::post('/login', [Auth\LoginController::class, 'login'])->middleware('recaptcha');

28
    Route::post('/login/checkpoint', Auth\LoginCheckpointController::class)->name('auth.login-checkpoint');

29


30
    // Forgot password route. A post to this endpoint will trigger an

31
    // email to be sent containing a reset token.

32
    Route::post('/password', [Auth\ForgotPasswordController::class, 'sendResetLinkEmail'])

33
        ->name('auth.post.forgot-password')

34
        ->middleware('recaptcha');

35
});

36


37
// Password reset routes. This endpoint is hit after going through

38
// the forgot password routes to acquire a token (or after an account

39
// is created).

40
Route::post('/password/reset', Auth\ResetPasswordController::class)->name('auth.reset-password');

41


42
// Remove the guest middleware and apply the authenticated middleware to this endpoint,

43
// so it cannot be used unless you're already logged in.

44
Route::post('/logout', [Auth\LoginController::class, 'logout'])

45
    ->withoutMiddleware('guest')

46
    ->middleware('auth')

47
    ->name('auth.logout');

48


49
// Catch any other combinations of routes and pass them off to the React component.

50
Route::fallback([Auth\LoginController::class, 'index']);

51


52