Added OAuth2 Sign In support

[jer3m01]

Added the option to use OAuth2 to sign in instead of default username/email & password method

Functionality

Once enabled the route <domain>/auth/login/oauth2 and <domain>/auth/login/oauth2/callback will be available.
When a user goes to that link it'll either redirect them to the OAuth2 authorization url or log them in he if already authorized.
This does not affect in any way the default sign in method.

Features (disabled if OAuth2 is disabled)

• OAuth2 Sign In
• OAuth2 in depth configuration command p:environment:oauth2
• Create an account using oauth2
• Convert an account to OAuth2 or back to default
• Disables default login for OAuth2 users
• Disables 2FA for OAuth2 users (enable it on your OAuth2 server/provider instead)

Screenshots (doesn't appear if OAuth2 is disabled)

User

Obvious password reminder for OAuth2 users

Admin

OAuth2 user

Non Oauth2 user

Demo

If you would like to test yourself (only for project team members) send me a message on discord with your github username and i'll create you an account and give you admin credentials.
https://pterodactyl.amnesia-network.com

EDIT: Re enabled password for OAuth2 users
EDIT 2: SFTP notice

[codecov]

Codecov Report

Merging #1488 into develop will decrease coverage by 0.86%.
The diff coverage is 1.84%.

@@              Coverage Diff              @@
##             develop    #1488      +/-   ##
=============================================
- Coverage         35%   34.14%   -0.87%     
- Complexity      1846     1891      +45     
=============================================
  Files            368      370       +2     
  Lines           6062     6224     +162     
=============================================
+ Hits            2122     2125       +3     
- Misses          3940     4099     +159

[lancepioch]

Thanks for the contributions. I think it's a good feature and is close to being finished.

Some important things to note:

1. We would prefer for only the thephpleague/oauth2-client package to be included. We can't expect your package wrapper to remain up to date as well as the official package.

2. "Convert this account into an OAuth2 account" - Instead of being a separate "type of account", a user should be allowed to login with their 3rd party provider or their password normally. Also there shouldn't be any reason a user can't have multiple Oauth providers and be able to disconnect or reconnect them.

3. This looks to require Pt users to setup and maintain their own Oauth providers which can be useful, but since the installation process is already lengthy enough I think it'd be best to include some default providers like Google, Facebook, Steam, maybe Github even.

[DaneEveritt]

I appreciate the effort, so don't let this review discourage you. Just pointing out areas that need improvement, looking forward to the final product. I've stopped here since theres a lot of things that apply to all of the files I've commented on. I'll continue this review once you've addressed these things.

[DaneEveritt]

Why are these not just being JSON encoded before storage?

[jer3m01]

It's easier to edit manually and to store in the php file & inside the html input fields.

[jer3m01]

Bump cuz I forgot to mark as resolved and would need the rest to be reviewed,
If you would like me to change the UI to be the same as feature/vuejs and clean it up a little more (using vue) tell me.

[jer3m01]

It's easier to edit manually and to store in the php file & inside the html input fields.

[DaneEveritt]

As we discussed on Discord, this is just too big of a change for me to feel okay merging in right now, especially with all of the massive changes in the development branch right now. Let's have a discussion and come back to this once 0.8 is released and we have a better idea of how things should work.

[VibeGAMESNL]

Shame we need this!

[FoksVHox]

@VibeGAMESNL Look at #1964