Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| f953fde2be | |||
| 9a37eda302 | |||
| 4b29f55518 | |||
| e8796d443e | |||
| 24aad5cdc0 | |||
| 27c1584dc3 | |||
| c89adeea97 | |||
| 8f51be8515 |
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "dashboard/unifi",
|
"name": "dashboard/unifi",
|
||||||
"description": "UniFi network management, WiFi stats, and captive portal authentication for the Dashboard platform",
|
"description": "UniFi network management, WiFi stats, and captive portal authentication for the Dashboard platform",
|
||||||
"version": "1.5.2",
|
"version": "1.7.0",
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@@ -27,7 +27,6 @@
|
|||||||
{ "label": "Devices", "route_name": "unifi.devices", "icon": "cpu-chip", "permission": "unifi.stats", "sort_order": 3 },
|
{ "label": "Devices", "route_name": "unifi.devices", "icon": "cpu-chip", "permission": "unifi.stats", "sort_order": 3 },
|
||||||
{ "label": "Clients", "route_name": "unifi.clients", "icon": "users", "permission": "unifi.stats", "sort_order": 4 },
|
{ "label": "Clients", "route_name": "unifi.clients", "icon": "users", "permission": "unifi.stats", "sort_order": 4 },
|
||||||
{ "label": "WiFi Networks", "route_name": "unifi.wifi", "icon": "wifi", "permission": "unifi.manage", "sort_order": 5 },
|
{ "label": "WiFi Networks", "route_name": "unifi.wifi", "icon": "wifi", "permission": "unifi.manage", "sort_order": 5 },
|
||||||
{ "label": "Portal", "route_name": "unifi.portal.settings", "icon": "shield-check", "permission": "unifi.auth", "sort_order": 6 },
|
|
||||||
{ "label": "Settings", "route_name": "unifi.settings", "icon": "cog-6-tooth", "permission": "unifi.settings", "sort_order": 99 }
|
{ "label": "Settings", "route_name": "unifi.settings", "icon": "cog-6-tooth", "permission": "unifi.settings", "sort_order": 99 }
|
||||||
],
|
],
|
||||||
"permissions": [
|
"permissions": [
|
||||||
|
|||||||
@@ -0,0 +1,32 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
use Illuminate\Database\Migrations\Migration;
|
||||||
|
use Illuminate\Database\Schema\Blueprint;
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
|
||||||
|
return new class extends Migration
|
||||||
|
{
|
||||||
|
public function up(): void
|
||||||
|
{
|
||||||
|
Schema::table('unifi_webhook_configs', function (Blueprint $table) {
|
||||||
|
if (! Schema::hasColumn('unifi_webhook_configs', 'tracked_clients')) {
|
||||||
|
$table->json('tracked_clients')->nullable()->after('device_filter');
|
||||||
|
}
|
||||||
|
if (! Schema::hasColumn('unifi_webhook_configs', 'templates')) {
|
||||||
|
$table->json('templates')->nullable()->after('tracked_clients');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
public function down(): void
|
||||||
|
{
|
||||||
|
Schema::table('unifi_webhook_configs', function (Blueprint $table) {
|
||||||
|
if (Schema::hasColumn('unifi_webhook_configs', 'templates')) {
|
||||||
|
$table->dropColumn('templates');
|
||||||
|
}
|
||||||
|
if (Schema::hasColumn('unifi_webhook_configs', 'tracked_clients')) {
|
||||||
|
$table->dropColumn('tracked_clients');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
};
|
||||||
@@ -0,0 +1,26 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
use Illuminate\Database\Migrations\Migration;
|
||||||
|
use Illuminate\Database\Schema\Blueprint;
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
|
||||||
|
return new class extends Migration
|
||||||
|
{
|
||||||
|
public function up(): void
|
||||||
|
{
|
||||||
|
Schema::table('unifi_device_states', function (Blueprint $table) {
|
||||||
|
if (! Schema::hasColumn('unifi_device_states', 'consecutive_count')) {
|
||||||
|
$table->unsignedSmallInteger('consecutive_count')->default(0)->after('in_alert');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
public function down(): void
|
||||||
|
{
|
||||||
|
Schema::table('unifi_device_states', function (Blueprint $table) {
|
||||||
|
if (Schema::hasColumn('unifi_device_states', 'consecutive_count')) {
|
||||||
|
$table->dropColumn('consecutive_count');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
};
|
||||||
@@ -32,9 +32,16 @@ class RotatePasswords extends Command
|
|||||||
$run = UnifiCronRun::record('rotate-passwords', $triggeredBy, null, function () use ($unifi, $force) {
|
$run = UnifiCronRun::record('rotate-passwords', $triggeredBy, null, function () use ($unifi, $force) {
|
||||||
$wlanIdsJson = Setting::get('unifi.password_rotation.wlan_ids', '[]');
|
$wlanIdsJson = Setting::get('unifi.password_rotation.wlan_ids', '[]');
|
||||||
$wlanIds = json_decode($wlanIdsJson, true);
|
$wlanIds = json_decode($wlanIdsJson, true);
|
||||||
|
if (! is_array($wlanIds)) $wlanIds = [];
|
||||||
|
|
||||||
if (empty($wlanIds) || ! is_array($wlanIds)) {
|
$ppskQuery = UnifiPpsk::where('rotate_password', true)
|
||||||
return ['status' => 'skipped', 'reason' => 'no SSIDs configured for rotation'];
|
->where('state', 'active')
|
||||||
|
->whereNotNull('unifi_id');
|
||||||
|
|
||||||
|
// Skip only if there's nothing at all to rotate — neither
|
||||||
|
// whole-SSID rotation targets nor per-PPSK rotation opt-ins.
|
||||||
|
if (empty($wlanIds) && ! $ppskQuery->exists()) {
|
||||||
|
return ['status' => 'skipped', 'reason' => 'no SSIDs or PPSKs configured for rotation'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$wordlist = Setting::get('unifi.password_rotation.wordlist', '');
|
$wordlist = Setting::get('unifi.password_rotation.wordlist', '');
|
||||||
@@ -61,16 +68,27 @@ class RotatePasswords extends Command
|
|||||||
|
|
||||||
if ($rotated) {
|
if ($rotated) {
|
||||||
Setting::set('unifi.password_rotation.last_rotated_at', now()->toIso8601String());
|
Setting::set('unifi.password_rotation.last_rotated_at', now()->toIso8601String());
|
||||||
|
// Persist the active password so it can be displayed in
|
||||||
|
// the Settings page and exposed via the API endpoint.
|
||||||
|
Setting::set('unifi.password_rotation.last_password', $password);
|
||||||
$this->info('Rotated password for ' . count($rotated) . ' SSID(s).');
|
$this->info('Rotated password for ' . count($rotated) . ' SSID(s).');
|
||||||
}
|
}
|
||||||
|
|
||||||
$rotatedPpsks = [];
|
$rotatedPpsks = [];
|
||||||
$failedPpsks = [];
|
$failedPpsks = [];
|
||||||
foreach (UnifiPpsk::where('rotate_password', true)->where('state', 'active')->whereNotNull('unifi_id')->get() as $ppsk) {
|
foreach ($ppskQuery->get() as $ppsk) {
|
||||||
$newPass = $passwords[array_rand($passwords)];
|
$newPass = $passwords[array_rand($passwords)];
|
||||||
try {
|
try {
|
||||||
$unifi->updatePpsk($ppsk->unifi_id, ['x_passphrase' => $newPass]);
|
if (str_starts_with((string) $ppsk->unifi_id, 'emb_')) {
|
||||||
$ppsk->update(['x_passphrase' => $newPass]);
|
// Embedded PPSK: update inside the parent WLAN object.
|
||||||
|
// Synthetic ID is derived from the new passphrase, so update it too.
|
||||||
|
$unifi->updateEmbeddedPpsk($ppsk->wlan_id, $ppsk->x_passphrase, $newPass);
|
||||||
|
$newUid = 'emb_' . substr(hash('sha256', $ppsk->wlan_id . ':' . $newPass), 0, 32);
|
||||||
|
$ppsk->update(['x_passphrase' => $newPass, 'unifi_id' => $newUid]);
|
||||||
|
} else {
|
||||||
|
$unifi->updatePpsk($ppsk->unifi_id, ['x_passphrase' => $newPass]);
|
||||||
|
$ppsk->update(['x_passphrase' => $newPass]);
|
||||||
|
}
|
||||||
$rotatedPpsks[] = $ppsk->name;
|
$rotatedPpsks[] = $ppsk->name;
|
||||||
} catch (\Throwable $e) {
|
} catch (\Throwable $e) {
|
||||||
$this->error("Failed to rotate PPSK \"{$ppsk->name}\": {$e->getMessage()}");
|
$this->error("Failed to rotate PPSK \"{$ppsk->name}\": {$e->getMessage()}");
|
||||||
|
|||||||
@@ -31,10 +31,26 @@ class UnifiSettingsController extends Controller
|
|||||||
'rotationMinute' => (int) Setting::get('unifi.password_rotation.minute', 0),
|
'rotationMinute' => (int) Setting::get('unifi.password_rotation.minute', 0),
|
||||||
'rotationWordlist' => Setting::get('unifi.password_rotation.wordlist', ''),
|
'rotationWordlist' => Setting::get('unifi.password_rotation.wordlist', ''),
|
||||||
'rotationLastRotatedAt' => Setting::get('unifi.password_rotation.last_rotated_at', null),
|
'rotationLastRotatedAt' => Setting::get('unifi.password_rotation.last_rotated_at', null),
|
||||||
|
'rotationLastPassword' => Setting::get('unifi.password_rotation.last_password', null),
|
||||||
'ppskSchedulingEnabled' => (bool) Setting::get('unifi.ppsk_scheduling.enabled', false),
|
'ppskSchedulingEnabled' => (bool) Setting::get('unifi.ppsk_scheduling.enabled', false),
|
||||||
|
'apiEnabled' => (bool) Setting::get('unifi.api.enabled', false),
|
||||||
|
'apiToken' => Setting::get('unifi.api_token', null),
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function regenerateApiToken()
|
||||||
|
{
|
||||||
|
$token = bin2hex(random_bytes(24));
|
||||||
|
Setting::set('unifi.api_token', $token);
|
||||||
|
return response()->json(['token' => $token]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function clearApiToken()
|
||||||
|
{
|
||||||
|
Setting::set('unifi.api_token', '');
|
||||||
|
return response()->json(['ok' => true]);
|
||||||
|
}
|
||||||
|
|
||||||
public function update(Request $request)
|
public function update(Request $request)
|
||||||
{
|
{
|
||||||
$request->validate([
|
$request->validate([
|
||||||
@@ -56,6 +72,7 @@ class UnifiSettingsController extends Controller
|
|||||||
'rotation_minute' => 'nullable|integer|min:0|max:59',
|
'rotation_minute' => 'nullable|integer|min:0|max:59',
|
||||||
'rotation_wordlist' => 'nullable|string|max:20000',
|
'rotation_wordlist' => 'nullable|string|max:20000',
|
||||||
'ppsk_scheduling_enabled' => 'boolean',
|
'ppsk_scheduling_enabled' => 'boolean',
|
||||||
|
'api_enabled' => 'boolean',
|
||||||
]);
|
]);
|
||||||
|
|
||||||
Setting::set('unifi.controller_url', rtrim($request->controller_url, '/'));
|
Setting::set('unifi.controller_url', rtrim($request->controller_url, '/'));
|
||||||
@@ -82,6 +99,7 @@ class UnifiSettingsController extends Controller
|
|||||||
Setting::set('unifi.password_rotation.minute', $request->input('rotation_minute', 0));
|
Setting::set('unifi.password_rotation.minute', $request->input('rotation_minute', 0));
|
||||||
Setting::set('unifi.password_rotation.wordlist', $request->input('rotation_wordlist', ''));
|
Setting::set('unifi.password_rotation.wordlist', $request->input('rotation_wordlist', ''));
|
||||||
Setting::set('unifi.ppsk_scheduling.enabled', $request->boolean('ppsk_scheduling_enabled') ? '1' : '');
|
Setting::set('unifi.ppsk_scheduling.enabled', $request->boolean('ppsk_scheduling_enabled') ? '1' : '');
|
||||||
|
Setting::set('unifi.api.enabled', $request->boolean('api_enabled') ? '1' : '');
|
||||||
|
|
||||||
\Illuminate\Support\Facades\Cache::forget('unifi:api_prefix:' . md5(rtrim($request->controller_url, '/')));
|
\Illuminate\Support\Facades\Cache::forget('unifi:api_prefix:' . md5(rtrim($request->controller_url, '/')));
|
||||||
|
|
||||||
|
|||||||
@@ -68,20 +68,49 @@ class WebhookController extends Controller
|
|||||||
|
|
||||||
public function test(WebhookConfig $webhook)
|
public function test(WebhookConfig $webhook)
|
||||||
{
|
{
|
||||||
$payload = [
|
return $this->fireTest($webhook->url, $webhook->secret);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test an arbitrary URL+secret before the webhook is saved. Lets the
|
||||||
|
* operator validate their endpoint from the form without first
|
||||||
|
* committing a row.
|
||||||
|
*/
|
||||||
|
public function testUrl(Request $request)
|
||||||
|
{
|
||||||
|
$data = $request->validate([
|
||||||
|
'url' => 'required|url|max:500',
|
||||||
|
'secret' => 'nullable|string|max:255',
|
||||||
|
]);
|
||||||
|
return $this->fireTest($data['url'], $data['secret'] ?? null);
|
||||||
|
}
|
||||||
|
|
||||||
|
private function fireTest(string $url, ?string $secret)
|
||||||
|
{
|
||||||
|
$message = '✅ Test webhook from ' . config('app.name') . ' — endpoint is reachable.';
|
||||||
|
$genericPayload = [
|
||||||
'event' => 'test',
|
'event' => 'test',
|
||||||
'timestamp' => now()->toIso8601String(),
|
'timestamp' => now()->toIso8601String(),
|
||||||
'data' => ['message' => 'This is a test webhook from ' . config('app.name')],
|
'message' => $message,
|
||||||
|
'data' => ['message' => $message],
|
||||||
];
|
];
|
||||||
|
// Shape the payload to match the target platform (Google Chat,
|
||||||
|
// Slack, Discord, Teams) so the test exercises the same code
|
||||||
|
// path real events use.
|
||||||
|
$payload = \Dashboard\Unifi\Services\WebhookCheckService::buildPlatformPayload($url, $message, $genericPayload);
|
||||||
|
|
||||||
$headers = ['Content-Type' => 'application/json'];
|
$headers = ['Content-Type' => 'application/json'];
|
||||||
if ($webhook->secret) {
|
if ($secret) {
|
||||||
$headers['X-Webhook-Signature'] = hash_hmac('sha256', json_encode($payload), $webhook->secret);
|
$headers['X-Webhook-Signature'] = hash_hmac('sha256', json_encode($payload), $secret);
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$response = \Illuminate\Support\Facades\Http::withHeaders($headers)->timeout(10)->post($webhook->url, $payload);
|
$response = \Illuminate\Support\Facades\Http::withHeaders($headers)->timeout(10)->post($url, $payload);
|
||||||
return response()->json(['ok' => true, 'status' => $response->status()]);
|
return response()->json([
|
||||||
|
'ok' => $response->successful(),
|
||||||
|
'status' => $response->status(),
|
||||||
|
'body' => mb_substr((string) $response->body(), 0, 500),
|
||||||
|
]);
|
||||||
} catch (\Throwable $e) {
|
} catch (\Throwable $e) {
|
||||||
return response()->json(['ok' => false, 'error' => $e->getMessage()], 422);
|
return response()->json(['ok' => false, 'error' => $e->getMessage()], 422);
|
||||||
}
|
}
|
||||||
|
|||||||
44
src/Http/Controllers/WifiApiController.php
Normal file
44
src/Http/Controllers/WifiApiController.php
Normal file
@@ -0,0 +1,44 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Dashboard\Unifi\Http\Controllers;
|
||||||
|
|
||||||
|
use App\Models\Setting;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Routing\Controller;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Token-protected JSON endpoints for external integrations (signage,
|
||||||
|
* kiosks, room displays, etc.) that need the current rotating WiFi
|
||||||
|
* password without going through the dashboard UI.
|
||||||
|
*/
|
||||||
|
class WifiApiController extends Controller
|
||||||
|
{
|
||||||
|
public function currentPassword(Request $request)
|
||||||
|
{
|
||||||
|
if (! Setting::get('unifi.api.enabled')) {
|
||||||
|
return response()->json(['error' => 'API disabled'], 503);
|
||||||
|
}
|
||||||
|
|
||||||
|
$expected = Setting::get('unifi.api_token');
|
||||||
|
if (! $expected) {
|
||||||
|
return response()->json(['error' => 'API token not configured'], 503);
|
||||||
|
}
|
||||||
|
|
||||||
|
$provided = $request->bearerToken() ?: $request->query('token');
|
||||||
|
if (! $provided || ! hash_equals($expected, $provided)) {
|
||||||
|
return response()->json(['error' => 'Unauthorized'], 401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$password = Setting::get('unifi.password_rotation.last_password');
|
||||||
|
if (! $password) {
|
||||||
|
return response()->json([
|
||||||
|
'error' => 'No rotated password recorded yet — wait for the next scheduled rotation or run unifi:rotate-passwords --force.',
|
||||||
|
], 404);
|
||||||
|
}
|
||||||
|
|
||||||
|
return response()->json([
|
||||||
|
'password' => $password,
|
||||||
|
'rotated_at' => Setting::get('unifi.password_rotation.last_rotated_at'),
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -291,11 +291,18 @@ class WifiController extends Controller
|
|||||||
fn ($v) => $v !== null
|
fn ($v) => $v !== null
|
||||||
);
|
);
|
||||||
if (! empty($unifiUpdate)) {
|
if (! empty($unifiUpdate)) {
|
||||||
$unifi->updatePpsk($record->unifi_id, $unifiUpdate);
|
if (str_starts_with($record->unifi_id, 'emb_') && isset($unifiUpdate['x_passphrase'])) {
|
||||||
|
// Embedded PPSK update path — modify the WLAN's embedded array.
|
||||||
|
$unifi->updateEmbeddedPpsk($record->wlan_id, $record->x_passphrase, $unifiUpdate['x_passphrase']);
|
||||||
|
// Synthetic id is derived from the new passphrase.
|
||||||
|
$data['unifi_id'] = 'emb_' . substr(hash('sha256', $record->wlan_id . ':' . $unifiUpdate['x_passphrase']), 0, 32);
|
||||||
|
} else {
|
||||||
|
$unifi->updatePpsk($record->unifi_id, $unifiUpdate);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$dbUpdate = array_intersect_key($data, array_flip(['name', 'x_passphrase']));
|
$dbUpdate = array_intersect_key($data, array_flip(['name', 'x_passphrase', 'unifi_id']));
|
||||||
// vlan can be explicitly set to null
|
// vlan can be explicitly set to null
|
||||||
if (array_key_exists('vlan', $data)) $dbUpdate['vlan'] = $data['vlan'];
|
if (array_key_exists('vlan', $data)) $dbUpdate['vlan'] = $data['vlan'];
|
||||||
if (! empty($dbUpdate)) $record->update($dbUpdate);
|
if (! empty($dbUpdate)) $record->update($dbUpdate);
|
||||||
|
|||||||
@@ -496,6 +496,63 @@ class UnifiApiClient
|
|||||||
return $this->normalizePpsk(is_array($result) && isset($result[0]) ? $result : [$result]);
|
return $this->normalizePpsk(is_array($result) && isset($result[0]) ? $result : [$result]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update an embedded PPSK (one that lives inside a WLAN's
|
||||||
|
* private_preshared_keys array rather than as its own REST resource).
|
||||||
|
*
|
||||||
|
* Matching is done by current passphrase since embedded entries have
|
||||||
|
* no controller-side ID. Only changes the entry's passphrase; name
|
||||||
|
* isn't separately addressable on embedded PPSKs.
|
||||||
|
*/
|
||||||
|
public function updateEmbeddedPpsk(string $wlanId, string $oldPassphrase, string $newPassphrase): array
|
||||||
|
{
|
||||||
|
$wlanResp = $this->get("/rest/wlanconf/{$wlanId}");
|
||||||
|
$wlan = $wlanResp[0] ?? $wlanResp;
|
||||||
|
$entries = $wlan['private_preshared_keys'] ?? [];
|
||||||
|
|
||||||
|
if (! is_array($entries) || empty($entries)) {
|
||||||
|
throw new \RuntimeException('WLAN has no embedded PPSKs to update.');
|
||||||
|
}
|
||||||
|
|
||||||
|
$matched = false;
|
||||||
|
foreach ($entries as &$e) {
|
||||||
|
$current = $e['x_passphrase'] ?? $e['password'] ?? $e['passphrase'] ?? null;
|
||||||
|
if ($current === $oldPassphrase) {
|
||||||
|
// Preserve whichever field name the controller is using.
|
||||||
|
if (array_key_exists('x_passphrase', $e)) $e['x_passphrase'] = $newPassphrase;
|
||||||
|
if (array_key_exists('password', $e)) $e['password'] = $newPassphrase;
|
||||||
|
if (array_key_exists('passphrase', $e)) $e['passphrase'] = $newPassphrase;
|
||||||
|
// If none of the above existed, default to password (most common on embedded).
|
||||||
|
if (! isset($e['x_passphrase']) && ! isset($e['password']) && ! isset($e['passphrase'])) {
|
||||||
|
$e['password'] = $newPassphrase;
|
||||||
|
}
|
||||||
|
$matched = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
unset($e);
|
||||||
|
|
||||||
|
if (! $matched) {
|
||||||
|
throw new \RuntimeException('Embedded PPSK not found by current passphrase.');
|
||||||
|
}
|
||||||
|
|
||||||
|
// UniFi REST expects the full WLAN object on PUT — send what we
|
||||||
|
// got back, with the mutated PPSK array.
|
||||||
|
$payload = $wlan;
|
||||||
|
$payload['private_preshared_keys'] = $entries;
|
||||||
|
// Strip internal fields the controller rejects on PUT.
|
||||||
|
unset($payload['_id'], $payload['site_id']);
|
||||||
|
|
||||||
|
$this->put("/rest/wlanconf/{$wlanId}", $payload);
|
||||||
|
|
||||||
|
// Return a normalized record so callers can read the new state.
|
||||||
|
return $this->normalizePpsk([[
|
||||||
|
'_id' => 'emb_' . substr(hash('sha256', $wlanId . ':' . $newPassphrase), 0, 32),
|
||||||
|
'wlan_id' => $wlanId,
|
||||||
|
'x_passphrase' => $newPassphrase,
|
||||||
|
]]);
|
||||||
|
}
|
||||||
|
|
||||||
public function deletePpsk(string $ppskId): void
|
public function deletePpsk(string $ppskId): void
|
||||||
{
|
{
|
||||||
// Try v2 hotspot endpoint first
|
// Try v2 hotspot endpoint first
|
||||||
|
|||||||
@@ -581,10 +581,19 @@ class WebhookCheckService
|
|||||||
|
|
||||||
private function formatPayloadForPlatform(string $url, string $message, array $fullPayload): array
|
private function formatPayloadForPlatform(string $url, string $message, array $fullPayload): array
|
||||||
{
|
{
|
||||||
if (str_contains($url, 'chat.googleapis.com')) return ['text' => $message];
|
return self::buildPlatformPayload($url, $message, $fullPayload);
|
||||||
if (str_contains($url, 'hooks.slack.com')) return ['text' => $message];
|
}
|
||||||
if (str_contains($url, 'discord.com/api/webhooks')) return ['content' => $message];
|
|
||||||
if (str_contains($url, 'webhook.office.com') || str_contains($url, 'workflows.office.com')) return ['text' => $message];
|
/**
|
||||||
|
* Public/static helper so the test-webhook endpoint produces the
|
||||||
|
* same per-platform payload shape that real events do.
|
||||||
|
*/
|
||||||
|
public static function buildPlatformPayload(string $url, string $message, array $fullPayload): array
|
||||||
|
{
|
||||||
|
if (str_contains($url, 'chat.googleapis.com')) return ['text' => $message];
|
||||||
|
if (str_contains($url, 'hooks.slack.com')) return ['text' => $message];
|
||||||
|
if (str_contains($url, 'discord.com/api/webhooks')) return ['content' => $message];
|
||||||
|
if (str_contains($url, 'webhook.office.com') || str_contains($url, 'workflows.office.com')) return ['text' => $message];
|
||||||
return $fullPayload;
|
return $fullPayload;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ use Dashboard\Unifi\Http\Controllers\UnifiPagesAccessController;
|
|||||||
use Dashboard\Unifi\Http\Controllers\UnifiSettingsController;
|
use Dashboard\Unifi\Http\Controllers\UnifiSettingsController;
|
||||||
use Dashboard\Unifi\Http\Controllers\VlanGroupController;
|
use Dashboard\Unifi\Http\Controllers\VlanGroupController;
|
||||||
use Dashboard\Unifi\Http\Controllers\WebhookController;
|
use Dashboard\Unifi\Http\Controllers\WebhookController;
|
||||||
|
use Dashboard\Unifi\Http\Controllers\WifiApiController;
|
||||||
use Dashboard\Unifi\Http\Controllers\WifiController;
|
use Dashboard\Unifi\Http\Controllers\WifiController;
|
||||||
use Illuminate\Support\Facades\Route;
|
use Illuminate\Support\Facades\Route;
|
||||||
|
|
||||||
@@ -83,15 +84,27 @@ Route::middleware(['web', 'auth', 'app.access:unifi'])
|
|||||||
// Cron logs — read-only history of scheduled-task runs.
|
// Cron logs — read-only history of scheduled-task runs.
|
||||||
Route::get('/settings/cron-logs', [UnifiCronLogsController::class, 'index'])->name('settings.cron-logs.index');
|
Route::get('/settings/cron-logs', [UnifiCronLogsController::class, 'index'])->name('settings.cron-logs.index');
|
||||||
|
|
||||||
// Webhooks
|
// Webhooks — lives under /settings/* so it reads as a settings tab.
|
||||||
Route::get('/webhooks', [WebhookController::class, 'index']) ->name('webhooks.index');
|
Route::get('/settings/webhooks', [WebhookController::class, 'index']) ->name('webhooks.index');
|
||||||
Route::post('/webhooks', [WebhookController::class, 'store']) ->name('webhooks.store');
|
Route::post('/settings/webhooks', [WebhookController::class, 'store']) ->name('webhooks.store');
|
||||||
Route::put('/webhooks/{webhook}', [WebhookController::class, 'update']) ->name('webhooks.update');
|
Route::put('/settings/webhooks/{webhook}', [WebhookController::class, 'update']) ->name('webhooks.update');
|
||||||
Route::delete('/webhooks/{webhook}', [WebhookController::class, 'destroy'])->name('webhooks.destroy');
|
Route::delete('/settings/webhooks/{webhook}', [WebhookController::class, 'destroy'])->name('webhooks.destroy');
|
||||||
Route::post('/webhooks/{webhook}/test', [WebhookController::class, 'test']) ->name('webhooks.test');
|
Route::post('/settings/webhooks/{webhook}/test', [WebhookController::class, 'test']) ->name('webhooks.test');
|
||||||
|
Route::post('/settings/webhooks/test-url', [WebhookController::class, 'testUrl'])->name('webhooks.test-url');
|
||||||
|
|
||||||
|
// API-token management
|
||||||
|
Route::post('/settings/api-token/regenerate', [UnifiSettingsController::class, 'regenerateApiToken'])->name('settings.api-token.regenerate');
|
||||||
|
Route::delete('/settings/api-token', [UnifiSettingsController::class, 'clearApiToken']) ->name('settings.api-token.clear');
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// ── Public API (token-protected) ──────────────────────────────────────────
|
||||||
|
// External integrations (signage, kiosks) hit these without session auth.
|
||||||
|
Route::prefix('api/unifi')->name('unifi.api.')->group(function () {
|
||||||
|
Route::get('/wifi/current-password', [WifiApiController::class, 'currentPassword'])
|
||||||
|
->name('wifi.current-password');
|
||||||
|
});
|
||||||
|
|
||||||
// ── Captive portal callback (public — user redirected here by UniFi) ─────
|
// ── Captive portal callback (public — user redirected here by UniFi) ─────
|
||||||
Route::middleware(['web', 'auth'])
|
Route::middleware(['web', 'auth'])
|
||||||
->get('/portal/wifi/callback', [PortalController::class, 'captiveCallback'])
|
->get('/portal/wifi/callback', [PortalController::class, 'captiveCallback'])
|
||||||
|
|||||||
Reference in New Issue
Block a user