Dockerfile

.env.example

@@ -21,3 +21,6 @@ S3_Bucket=abc
 
 CACHE_DRIVER=file
 QUEUE_CONNECTION=sync
+
+ENABLED_CORS=1
+CORS_URL=*

app/Http/Controllers/API/AppController.php

@@ -208,6 +208,31 @@ class AppController extends BaseController
 
         return $response->withData(["url" => $result['ObjectURL']]);
     }
+    public function getAppIcon($id) {
+        $app = \App\Models\App::query()->where("id", "=", $id)->firstOrFail();
+
+        if(!is_dir(storage_path("icon"))) {
+            mkdir(storage_path("icon"));
+        }
+
+        $cacheFile = storage_path("icon/".$app->id.".png");
+
+        if(file_exists($cacheFile)) {
+            $icon = file_get_contents($cacheFile);
+        } else {
+            if(!empty($app->iconURL)) {
+                $icon = file_get_contents($app->iconURL);
+                file_put_contents($cacheFile, $icon);
+            } else {
+                $icon = file_get_contents(resource_path("images/app.png"));
+            }
+        }
+
+        $r = getimagesizefromstring($icon);
+
+        return response($icon)
+            ->header('Content-Type',$r["mime"]);
+    }
 
 
 

app/Http/Controllers/API/ServerController.php

@@ -28,7 +28,6 @@ class ServerController extends BaseController
 
             $settings = Setting::all();
         }
-
         return $response->withData(\App\Http\Resources\API\Setting::collection(collect($settings)));
     }
 

app/Http/Controllers/API/UserController.php

@@ -15,6 +15,7 @@ use App\Models\Invite;
 use App\Models\Mail;
 use App\Models\Setting;
 use App\Models\User;
+use Domnikl\Statsd\Client;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
@@ -27,14 +28,16 @@ class UserController extends BaseController
     /*
      * The Password login is just for the WebGUI
      */
-    public function passwordLogin(Request $request, Response $response)
+    public function passwordLogin(Request $request, Response $response, Client $statsd)
     {
+        $statsd->count("login.try", 1);
         //If Recptache is enabled check it at the beginning
         if(Setting::getSettingValue("recaptcha_v2_login")) {
             $reCaptcha = new ReCaptcha(Setting::getSettingValue("recaptcha_v2_secret"));
             $reresponse = $reCaptcha->verify($request->input("g-recaptcha-response"));
 
             if(!$reresponse->isSuccess()) {
+                $statsd->count("login.wrongcaptcha", 1);
                 throw new HTTPException(400, "Captcha validation failed");
             }
         }
@@ -51,10 +54,12 @@ class UserController extends BaseController
 
         //Check if a user is found
         if($user == null) {
+            $statsd->count("login.wronguser", 1);
             throw new HTTPException("400", "Username or Password wrong");
         }
 
         if(!password_verify($request->input("password"), $user->password)) {
+            $statsd->count("login.wrongpassword", 1);
             throw new HTTPException("400", "Username or Password wrong");
         }
 
@@ -69,10 +74,12 @@ class UserController extends BaseController
             $_SESSION["token"] = $token->token;
         }
 
+        $statsd->count("login.success", 1);
+
         return $response->withData(new AccessToken($token));
     }
 
-    public function checkPassword(Request $request, Response $response) {
+    public function checkPassword(Request $request, Response $response, Client $statsd) {
         //Validate Input
         $this->validate($request, [
             'username' => 'required',
@@ -84,13 +91,16 @@ class UserController extends BaseController
 
         //Check if a user is found
         if($user == null) {
+            $statsd->count("pwcheck.user_wrong", 1);
             throw new HTTPException("400", "Username or Password wrong");
         }
 
         if(!password_verify($request->input("password"), $user->password)) {
+            $statsd->count("pwcheck.password_wrong", 1);
             throw new HTTPException("400", "Username or Password wrong");
         }
 
+        $statsd->count("pwcheck.ok", 1);
         $response->setMessage("Account ok");
 
         return $response;

app/Http/Middleware/CorsMiddleware.php

@@ -14,8 +14,11 @@ class CorsMiddleware
      */
     public function handle($request, Closure $next)
     {
+        if(getenv("ENABLED_CORS") == 0) {
+            return $next($request);
+        }
         $headers = [
-            'Access-Control-Allow-Origin'      => '*',
+            'Access-Control-Allow-Origin'      => getenv("CORS_URL"),
             'Access-Control-Allow-Methods'     => 'POST, GET, OPTIONS, PUT, DELETE',
             'Access-Control-Allow-Credentials' => 'true',
             'Access-Control-Max-Age'           => '86400',

app/Http/Middleware/StatsdMiddelware.php

@@ -0,0 +1,31 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+use Domnikl\Statsd\Client;
+
+class StatsdMiddelware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        /* @var $statsd \Domnikl\Statsd\Client */
+        $statsd = app(Client::class);
+
+        $statsd->count("request.all", 1);
+
+        /* @var $response \Illuminate\Http\Response */
+        $response = $next($request);
+
+
+        $statsd->count("request.".$response->getStatusCode(), 1);
+
+        return $response;
+    }
+}

app/Providers/AppServiceProvider.php

@@ -3,6 +3,7 @@
 namespace App\Providers;
 
 use Aws\S3\S3Client;
+use Domnikl\Statsd\Connection\Blackhole;
 use Illuminate\Support\Facades\Schema;
 use Illuminate\Support\ServiceProvider;
 
@@ -31,5 +32,16 @@ class AppServiceProvider extends ServiceProvider
             ]);
             return $s3;
         });
+
+        $this->app->singleton(\Domnikl\Statsd\Client::class, function() {
+            $server = getenv("STATSD");
+            if($server && $server != "") {
+                $connection = new \Domnikl\Statsd\Connection\UdpSocket($server, 8125);
+            } else {
+                $connection = new Blackhole();
+            }
+            $statsd = new \Domnikl\Statsd\Client($connection, "account.".getenv("STATSD_PREFIX"));
+            return $statsd;
+        });
     }
 }

bootstrap/app.php

@@ -62,6 +62,7 @@ $app->singleton(
 // ]);
 
 $app->middleware(array(
+    \App\Http\Middleware\StatsdMiddelware::class,
     TaGeSo\APIResponse\Middelware::class,
     \App\Http\Middleware\CorsMiddleware::class
 ));

composer.json

@@ -11,7 +11,8 @@
         "phpmailer/phpmailer": "~6.0",
         "tageso/api-response": "*",
         "google/recaptcha": "^1.2",
-        "aws/aws-sdk-php":"^3."
+        "aws/aws-sdk-php":"^3.",
+        "domnikl/statsd": "~3.0"
     },
     "require-dev": {
         "fzaninotto/faker": "^1.4",

resources/concourse/commit.yml

@@ -0,0 +1,9 @@
+resources:
+  - name: source-code
+    type: git
+    source:
+      branch: master
+      params:
+        depth: 1
+      uri: ssh://git@git.keks.cloud:32222/keksCloud/keksAccount.git
+    check_every: 5m

resources/docker/api/Dockerfile

@@ -0,0 +1 @@
+../../../Dockerfile-app

routes/web.php

@@ -58,6 +58,7 @@ $router->group(['prefix' => 'api'], function () use ($router) {
             $router->post("/", ['uses' => 'API\AppController@createApp']);
             $router->get("/find", ['uses' => 'API\AppController@findApp']);
             $router->group(['prefix' => '{id}'], function () use ($router) {
+                $router->get("/icon", ["uses" => "API\AppController@getAppIcon"]);
                 $router->get("/", ['uses' => 'API\AppController@appDetails']);
                 $router->put("/", ['uses' => 'API\AppController@updateApp']);
                 $router->get("/access", ["uses" => "API\oAuthController@getAccess"]);