release: 1.7.0 — rolls up the 1.6.1/1.6.2/1.6.3 patch series

Bundled cut for the stable channel. Contents since 1.6.0:

* fix(webhooks): test endpoint formats payload per platform (Google
  Chat / Slack / Discord / Teams) so the Test URL button actually
  succeeds against those targets instead of getting a 400 back.
* fix(schema): add missing unifi_device_states.consecutive_count
  column the scheduled snapshot capture was failing to insert.
* feat(rotate): persist the active rotated password as
  unifi.password_rotation.last_password whenever a whole-SSID
  rotation succeeds. Surfaced in Settings → Tasks under the wordlist.
* feat(api): new GET /api/unifi/wifi/current-password JSON endpoint
  for external signage / kiosks. Token-protected via
  Authorization: Bearer or ?token= query. 401 / 503 / 404 on missing
  auth, disabled API, or no rotation yet.
* feat(settings): "Expose WiFi password API" checkbox under the
  rotate-passwords block. Off by default. Generate / Regenerate /
  Clear token controls and a copy-paste curl example.

No breaking changes. Drop-in upgrade from 1.6.0.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

composer.json

@@ -1,7 +1,7 @@
 {
     "name": "dashboard/unifi",
     "description": "UniFi network management, WiFi stats, and captive portal authentication for the Dashboard platform",
-    "version": "1.6.2",
+    "version": "1.7.0",
     "type": "library",
     "license": "MIT",
     "autoload": {

src/Http/Controllers/UnifiSettingsController.php

@@ -33,6 +33,7 @@ class UnifiSettingsController extends Controller
             'rotationLastRotatedAt'   => Setting::get('unifi.password_rotation.last_rotated_at', null),
             'rotationLastPassword'    => Setting::get('unifi.password_rotation.last_password', null),
             'ppskSchedulingEnabled'   => (bool) Setting::get('unifi.ppsk_scheduling.enabled', false),
+            'apiEnabled'              => (bool) Setting::get('unifi.api.enabled', false),
             'apiToken'                => Setting::get('unifi.api_token', null),
         ]);
     }
@@ -71,6 +72,7 @@ class UnifiSettingsController extends Controller
             'rotation_minute'       => 'nullable|integer|min:0|max:59',
             'rotation_wordlist'       => 'nullable|string|max:20000',
             'ppsk_scheduling_enabled' => 'boolean',
+            'api_enabled'             => 'boolean',
         ]);
 
         Setting::set('unifi.controller_url', rtrim($request->controller_url, '/'));
@@ -97,6 +99,7 @@ class UnifiSettingsController extends Controller
         Setting::set('unifi.password_rotation.minute',      $request->input('rotation_minute', 0));
         Setting::set('unifi.password_rotation.wordlist',    $request->input('rotation_wordlist', ''));
         Setting::set('unifi.ppsk_scheduling.enabled',        $request->boolean('ppsk_scheduling_enabled') ? '1' : '');
+        Setting::set('unifi.api.enabled',                    $request->boolean('api_enabled')             ? '1' : '');
 
         \Illuminate\Support\Facades\Cache::forget('unifi:api_prefix:' . md5(rtrim($request->controller_url, '/')));
 

src/Http/Controllers/WifiApiController.php

@@ -15,6 +15,10 @@ class WifiApiController extends Controller
 {
     public function currentPassword(Request $request)
     {
+        if (! Setting::get('unifi.api.enabled')) {
+            return response()->json(['error' => 'API disabled'], 503);
+        }
+
         $expected = Setting::get('unifi.api_token');
         if (! $expected) {
             return response()->json(['error' => 'API token not configured'], 503);