Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

feat: api tokens + deploy webhook

Browse Source
This commit is contained in:
Andras Bacsai 2023-10-20 14:51:01 +02:00
parent c19c13b4e2
commit a664174c02
13 changed files with 175 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Actions/Database/StartMongodb.php
View File

@ -2,7 +2,6 @@
namespace App\Actions\Database; namespace App\Actions\Database;
use App\Models\Server;
use App\Models\StandaloneMongodb; use App\Models\StandaloneMongodb;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Symfony\Component\Yaml\Yaml; use Symfony\Component\Yaml\Yaml;
@ -16,7 +15,7 @@ class StartMongodb
public array $commands = []; public array $commands = [];
public string $configuration_dir; public string $configuration_dir;
public function handle(Server $server, StandaloneMongodb $database) public function handle(StandaloneMongodb $database)
{ {
$this->database = $database; $this->database = $database;
@ -102,7 +101,7 @@ class StartMongodb
$this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md";
$this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
$this->commands[] = "echo '####### {$database->name} started.'"; $this->commands[] = "echo '####### {$database->name} started.'";
return remote_process($this->commands, $server); return remote_process($this->commands, $database->destination->server);
} }
private function generate_local_persistent_volumes() private function generate_local_persistent_volumes()
@ -160,6 +159,5 @@ class StartMongodb
$content = $this->database->mongo_conf; $content = $this->database->mongo_conf;
$content_base64 = base64_encode($content); $content_base64 = base64_encode($content);
$this->commands[] = "echo '{$content_base64}' | base64 -d > $this->configuration_dir/{$filename}"; $this->commands[] = "echo '{$content_base64}' | base64 -d > $this->configuration_dir/{$filename}";
} }
} }

5
app/Actions/Database/StartPostgresql.php
View File

@ -2,7 +2,6 @@
namespace App\Actions\Database; namespace App\Actions\Database;
use App\Models\Server;
use App\Models\StandalonePostgresql; use App\Models\StandalonePostgresql;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Symfony\Component\Yaml\Yaml; use Symfony\Component\Yaml\Yaml;
@ -17,7 +16,7 @@ class StartPostgresql
public array $init_scripts = []; public array $init_scripts = [];
public string $configuration_dir; public string $configuration_dir;
public function handle(Server $server, StandalonePostgresql $database) public function handle(StandalonePostgresql $database)
{ {
$this->database = $database; $this->database = $database;
$container_name = $this->database->uuid; $container_name = $this->database->uuid;
@ -104,7 +103,7 @@ class StartPostgresql
$this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md";
$this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
$this->commands[] = "echo '####### {$database->name} started.'"; $this->commands[] = "echo '####### {$database->name} started.'";
return remote_process($this->commands, $server); return remote_process($this->commands, $database->destination->server);
} }
private function generate_local_persistent_volumes() private function generate_local_persistent_volumes()

5
app/Actions/Database/StartRedis.php
View File

@ -2,7 +2,6 @@
namespace App\Actions\Database; namespace App\Actions\Database;
use App\Models\Server;
use App\Models\StandaloneRedis; use App\Models\StandaloneRedis;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Symfony\Component\Yaml\Yaml; use Symfony\Component\Yaml\Yaml;
@ -17,7 +16,7 @@ class StartRedis
public string $configuration_dir; public string $configuration_dir;
public function handle(Server $server, StandaloneRedis $database) public function handle(StandaloneRedis $database)
{ {
$this->database = $database; $this->database = $database;
@ -104,7 +103,7 @@ class StartRedis
$this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md";
$this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
$this->commands[] = "echo '####### {$database->name} started.'"; $this->commands[] = "echo '####### {$database->name} started.'";
return remote_process($this->commands, $server); return remote_process($this->commands, $database->destination->server);
} }
private function generate_local_persistent_volumes() private function generate_local_persistent_volumes()

4
app/Http/Livewire/Dashboard.php
View File

@ -17,10 +17,6 @@ class Dashboard extends Component
$this->servers = Server::ownedByCurrentTeam()->get(); $this->servers = Server::ownedByCurrentTeam()->get();
$this->projects = Project::ownedByCurrentTeam()->get(); $this->projects = Project::ownedByCurrentTeam()->get();
} }
// public function createToken() {
// $token = auth()->user()->createToken('test');
// ray($token);
// }
// public function getIptables() // public function getIptables()
// { // {
// $servers = Server::ownedByCurrentTeam()->get(); // $servers = Server::ownedByCurrentTeam()->get();

6
app/Http/Livewire/Project/Database/Heading.php
View File

@ -47,15 +47,15 @@ class Heading extends Component
public function start() public function start()
{ {
if ($this->database->type() === 'standalone-postgresql') { if ($this->database->type() === 'standalone-postgresql') {
$activity = StartPostgresql::run($this->database->destination->server, $this->database); $activity = StartPostgresql::run($this->database);
$this->emit('newMonitorActivity', $activity->id); $this->emit('newMonitorActivity', $activity->id);
} }
if ($this->database->type() === 'standalone-redis') { if ($this->database->type() === 'standalone-redis') {
$activity = StartRedis::run($this->database->destination->server, $this->database); $activity = StartRedis::run($this->database);
$this->emit('newMonitorActivity', $activity->id); $this->emit('newMonitorActivity', $activity->id);
} }
if ($this->database->type() === 'standalone-mongodb') { if ($this->database->type() === 'standalone-mongodb') {
$activity = StartMongodb::run($this->database->destination->server, $this->database); $activity = StartMongodb::run($this->database);
$this->emit('newMonitorActivity', $activity->id); $this->emit('newMonitorActivity', $activity->id);
} }
} }

38
app/Http/Livewire/Security/ApiTokens.php Normal file
View File

@ -0,0 +1,38 @@
<?php
namespace App\Http\Livewire\Security;
use Livewire\Component;
class ApiTokens extends Component
{
public ?string $description = null;
public $tokens = [];
public function render()
{
return view('livewire.security.api-tokens');
}
public function mount()
{
$this->tokens = auth()->user()->tokens;
}
public function addNewToken()
{
try {
$this->validate([
'description' => 'required|min:3|max:255',
]);
$token = auth()->user()->createToken($this->description);
$this->tokens = auth()->user()->tokens;
session()->flash('token', $token->plainTextToken);
} catch (\Exception $e) {
return handleError($e, $this);
}
}
public function revoke(int $id)
{
$token = auth()->user()->tokens()->where('id', $id)->first();
$token->delete();
$this->tokens = auth()->user()->tokens;
}
}

4
app/Providers/RouteServiceProvider.php
View File

@ -46,9 +46,9 @@ class RouteServiceProvider extends ServiceProvider
{ {
RateLimiter::for('api', function (Request $request) { RateLimiter::for('api', function (Request $request) {
if ($request->path() === 'api/health') { if ($request->path() === 'api/health') {
return Limit::perMinute(5000)->by($request->user()?->id ?: $request->ip()); return Limit::perMinute(1000)->by($request->user()?->id ?: $request->ip());
} }
return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip()); return Limit::perMinute(30)->by($request->user()?->id ?: $request->ip());
}); });
RateLimiter::for('5', function (Request $request) { RateLimiter::for('5', function (Request $request) {
return Limit::perMinute(5)->by($request->user()?->id ?: $request->ip()); return Limit::perMinute(5)->by($request->user()?->id ?: $request->ip());

33
bootstrap/helpers/shared.php
View File

@ -1,7 +1,12 @@
<?php <?php
use App\Models\Application;
use App\Models\InstanceSettings; use App\Models\InstanceSettings;
use App\Models\Server; use App\Models\Server;
use App\Models\Service;
use App\Models\StandaloneMongodb;
use App\Models\StandalonePostgresql;
use App\Models\StandaloneRedis;
use App\Models\Team; use App\Models\Team;
use App\Models\User; use App\Models\User;
use App\Notifications\Channels\DiscordChannel; use App\Notifications\Channels\DiscordChannel;
@ -453,3 +458,31 @@ function getServiceTemplates()
} }
return $services; return $services;
} }
function getResourceByUuid(string $uuid, ?int $teamId = null)
{
$resource = queryResourcesByUuid($uuid);
if (!is_null($teamId)) {
if ($resource->environment->project->team_id === $teamId) {
return $resource;
}
return null;
} else {
return $resource;
}
}
function queryResourcesByUuid(string $uuid)
{
$resource = null;
$application = Application::whereUuid($uuid)->first();
if ($application) return $application;
$service = Service::whereUuid($uuid)->first();
if ($service) return $service;
$postgresql = StandalonePostgresql::whereUuid($uuid)->first();
if ($postgresql) return $postgresql;
$redis = StandaloneRedis::whereUuid($uuid)->first();
if ($redis) return $redis;
$mongodb = StandaloneMongodb::whereUuid($uuid)->first();
if ($mongodb) return $mongodb;
return $resource;
}

9
resources/views/components/security/navbar.blade.php
View File

@ -10,8 +10,15 @@
</ol> </ol>
</nav> </nav>
<nav class="navbar-main"> <nav class="navbar-main">
<a class="{{ request()->routeIs('security.private-key.index') ? 'text-white' : '' }}" href="{{ route('security.private-key.index') }}"> <a href="{{ route('security.private-key.index') }}">
<button>Private Keys</button> <button>Private Keys</button>
</a> </a>
<a href="{{ route('security.api-tokens') }}">
<button>API tokens</button>
</a>
<div class="flex-1"></div>
<div class="-mt-9">
<livewire:switch-team />
</div>
</nav> </nav>
</div> </div>

3
resources/views/livewire/dashboard.blade.php
View File

@ -100,9 +100,6 @@
</a> </a>
@endforeach @endforeach
</div> </div>
{{-- <h3 class="py-4">Tokens</h3>
{{auth()->user()->tokens}}
<x-forms.button wire:click='createToken'>Create Token</x-forms.button> --}}
<script> <script>
function gotoProject(uuid, environment = 'production') { function gotoProject(uuid, environment = 'production') {
window.location.href = '/project/' + uuid + '/' + environment; window.location.href = '/project/' + uuid + '/' + environment;

36
resources/views/livewire/security/api-tokens.blade.php Normal file
View File

@ -0,0 +1,36 @@
<div>
<x-security.navbar />
<div class="flex gap-2">
<h2 class="pb-4">API Tokens</h2>
<x-helper
helper="Tokens are created with the current team as scope. You will only have access to this team's resources." />
</div>
<h4>Create New Token</h4>
<span>Currently active team: <span class="text-warning">{{ session('currentTeam.name') }}</span></span>
<form class="flex items-end gap-2 pt-4" wire:submit.prevent='addNewToken'>
<x-forms.input required id="description" label="Description" />
<x-forms.button type="submit">Create New Token</x-forms.button>
</form>
@if (session()->has('token'))
<div class="pb-4 font-bold text-warning">Please copy this token now. For your security, it won't be shown again.
</div>
<div class="pb-4 font-bold text-white"> {{ session('token') }}</div>
@endif
<h4 class="py-4">Issued Tokens</h4>
<div class="grid gap-2 lg:grid-cols-1">
@forelse ($tokens as $token)
<div class="flex items-center gap-2">
<div
class="flex items-center gap-2 group-hover:text-white p-2 border border-coolgray-200 hover:text-white hover:no-underline min-w-[24rem] cursor-default">
<div>{{ $token->name }}</div>
</div>
<x-forms.button wire:click="revoke('{{ $token->id }}')">Revoke</x-forms.button>
</div>
@empty
<div>
<div>No API tokens found.</div>
</div>
@endforelse
</div>
</div>

48
routes/api.php
View File

@ -1,7 +1,15 @@
<?php <?php
use App\Actions\Database\StartPostgresql;
use App\Models\Application;
use App\Models\Service;
use App\Models\StandaloneMongodb;
use App\Models\StandalonePostgresql;
use App\Models\StandaloneRedis;
use App\Models\User; use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
use Visus\Cuid2\Cuid2;
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
@ -17,9 +25,46 @@ use Illuminate\Support\Facades\Route;
Route::get('/health', function () { Route::get('/health', function () {
return 'OK'; return 'OK';
}); });
Route::group([
'middleware' => ['auth:sanctum'],
'prefix' => 'v1'
], function () {
Route::get('/deploy', function (Request $request) {
$token = auth()->user()->currentAccessToken();
$teamId = data_get($token, 'team_id');
$uuid = $request->query->get('uuid');
$force = $request->query->get('force') ?? false;
if (is_null($teamId)) {
return response()->json(['error' => 'Invalid token.'], 400);
}
if (!$uuid) {
return response()->json(['error' => 'No UUID provided.'], 400);
}
$resource = getResourceByUuid($uuid, $teamId);
if ($resource) {
$type = $resource->getMorphClass();
if ($type === 'App\Models\Application') {
queue_application_deployment(
application_id: $resource->id,
deployment_uuid: new Cuid2(7),
force_rebuild: $force,
);
return response()->json(['message' => 'Deployment queued.'], 200);
} else if ($type === 'App\Models\StandalonePostgresql') {
StartPostgresql::run($resource);
$resource->update([
'started_at' => now(),
]);
return response()->json(['message' => 'Database started.'], 200);
}
}
return response()->json(['error' => 'No resource found.'], 404);
});
});
Route::middleware(['throttle:5'])->group(function () { Route::middleware(['throttle:5'])->group(function () {
Route::get('/unsubscribe/{token}', function() { Route::get('/unsubscribe/{token}', function () {
try { try {
$token = request()->token; $token = request()->token;
$email = decrypt($token); $email = decrypt($token);
@ -34,6 +79,5 @@ Route::middleware(['throttle:5'])->group(function () {
} catch (\Throwable $e) { } catch (\Throwable $e) {
return 'Something went wrong. Please try again or contact support.'; return 'Something went wrong. Please try again or contact support.';
} }
})->name('unsubscribe.marketing.emails'); })->name('unsubscribe.marketing.emails');
}); });

3
routes/web.php
View File

@ -12,6 +12,7 @@ use App\Http\Livewire\Dev\Compose as Compose;
use App\Http\Livewire\Dashboard; use App\Http\Livewire\Dashboard;
use App\Http\Livewire\Project\CloneProject; use App\Http\Livewire\Project\CloneProject;
use App\Http\Livewire\Project\Shared\Logs; use App\Http\Livewire\Project\Shared\Logs;
use App\Http\Livewire\Security\ApiTokens;
use App\Http\Livewire\Server\All; use App\Http\Livewire\Server\All;
use App\Http\Livewire\Server\Create; use App\Http\Livewire\Server\Create;
use App\Http\Livewire\Server\Destination\Show as DestinationShow; use App\Http\Livewire\Server\Destination\Show as DestinationShow;
@ -164,6 +165,8 @@ Route::middleware(['auth'])->group(function () {
Route::get('/security/private-key/{private_key_uuid}', fn () => view('security.private-key.show', [ Route::get('/security/private-key/{private_key_uuid}', fn () => view('security.private-key.show', [
'private_key' => PrivateKey::ownedByCurrentTeam(['name', 'description', 'private_key', 'is_git_related'])->whereUuid(request()->private_key_uuid)->firstOrFail() 'private_key' => PrivateKey::ownedByCurrentTeam(['name', 'description', 'private_key', 'is_git_related'])->whereUuid(request()->private_key_uuid)->firstOrFail()
]))->name('security.private-key.show'); ]))->name('security.private-key.show');
Route::get('/security/api-tokens', ApiTokens::class)->name('security.api-tokens');
}); });