mickeydarrenlau
commented
1 year ago The problem is there's no way to detect the domain the token is made on
Open JordanPlayz158 opened 1 year ago
mickeydarrenlau
commented
1 year ago The problem is there's no way to detect the domain the token is made on
JordanPlayz158
commented
1 year ago It's not so much as knowing where the token has come from, just ensuring that the url entered is running pterodactyl for my exact suggestion
For reference, what is the current latest app version?
Is your feature request related to a problem? Please describe. Sort of, it is possible to misspell your domain or enter in the wrong one (which could result to leaking your api token if it is sent to the wrong domain and the app only shows unknown error on login with wrong domain so it is also not immediately obvious your domain could be wrong) so it would be nice to have some domain validation to ensure the domain is running default pterodactyl (as when you bring in custom themes, it would become virtually impossible to accurately detect a custom theme/login page, unless in the future pterodactyl introduces an anonymous pterodactyl endpoint)
Describe the solution you'd like Find an HTML element to check for on the base URL/login page that matches the latest panel, to cover the cases of a non-standard login page or custom theme though (or if the login page UI changes dramatically or slightly that breaks your check if doesn't make logging in on old versions impossible), you can add a prompt to ask if they are sure the domain is correct (shouldn't be too much of a pester as it is only when logging in) and if so, it will proceed like normal and if no... then, tell them to enter in the correct domain name? (or whatever you feel is best)
Describe alternatives you've considered Double checking the domain you enter before going to the next screen.
Additional context The failure to check for an invalid pterodactyl domain also results in an error that causes the app to get stuck on that failed url until restart (it seems)