build(deps): bump pydantic from 2.13.3 to 2.13.4 in /src

Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.13.3 to 2.13.4. - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/v2.13.4/HISTORY.md) - [Commits](https://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4) --- updated-dependencies: - dependency-name: pydantic dependency-version: 2.13.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #1273 from sgtdeagle/name-attachment-file-after-configname
2026-05-13 14:56:18 +00:00 · 2026-05-12 03:06:07 +00:00 · 2026-05-10 13:34:52 +08:00 · 2026-05-10 13:33:05 +08:00 · 2026-05-10 13:13:59 +08:00 · 2026-05-07 14:27:31 +00:00
2 changed files with 14 additions and 6 deletions
--- a/src/dashboard.py
+++ b/src/dashboard.py
@@ -335,7 +335,10 @@ def API_AuthenticateLogin():
    totpEnabled = DashboardConfig.GetConfig("Account", "enable_totp")[1]
    totpValid = False
    if totpEnabled:
-        totpValid = pyotp.TOTP(DashboardConfig.GetConfig("Account", "totp_key")[1]).now() == data['totp']
+        totp_code = str(data.get("totp", "")).strip()
        totpValid = pyotp.TOTP(
 	    DashboardConfig.GetConfig("Account", "totp_key")[1]
        ).verify(totp_code, valid_window=1)
    if (valid
            and data['username'] == DashboardConfig.GetConfig("Account", "username")[1]
@@ -1455,11 +1458,15 @@ def API_Welcome_GetTotpLink():
@app.post(f'{APP_PREFIX}/api/Welcome_VerifyTotpLink')
 def API_Welcome_VerifyTotpLink():
    data = request.get_json()
-    totp = pyotp.TOTP(DashboardConfig.GetConfig("Account", "totp_key")[1]).now()
+    totp_code = str(data.get("totp", "")).strip()
-    if totp == data['totp']:
+    totpValid = pyotp.TOTP(
 	DashboardConfig.GetConfig("Account", "totp_key")[1]
    ).verify(totp_code, valid_window=1)
    if totpValid:
        DashboardConfig.SetConfig("Account", "totp_verified", "true")
        DashboardConfig.SetConfig("Account", "enable_totp", "true")
-    return ResponseObject(totp == data['totp'])
+    return ResponseObject(totpValid)
@app.post(f'{APP_PREFIX}/api/Welcome_Finish')
 def API_Welcome_Finish():
@@ -1551,7 +1558,8 @@ def API_Email_Send():
                    subject = Template(data.get('Subject', '')).render(peer=p.toJson(), configurationFile=download)
                    if data.get('IncludeAttachment', False):
                        u = str(uuid4())
-                        attachmentName = f'{u}.conf'
+                        peerName = p.toJson().get('name', '').strip()
                        attachmentName = f'{peerName if peerName else u}.conf'
                        with open(os.path.join('./attachments', attachmentName,), 'w+') as f:
                            f.write(download['file'])   
--- a/src/requirements.txt
+++ b/src/requirements.txt
@@ -14,4 +14,4 @@ psycopg[binary]==3.3.3
 PyMySQL==1.1.2
 tzlocal==5.3.1
 python-jose==3.5.0
-pydantic==2.13.3
+pydantic==2.13.4
Author	SHA1	Message	Date
dependabot[bot]	aa8bfe179a	build(deps): bump pydantic from 2.13.3 to 2.13.4 in /src Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.13.3 to 2.13.4. - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/v2.13.4/HISTORY.md) - [Commits](https://github.com/pydantic/pydantic/compare/v2.13.3...v2.13.4) --- updated-dependencies: - dependency-name: pydantic dependency-version: 2.13.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-12 03:06:07 +00:00
Donald Zou	71077880ad	Merge pull request #1273 from sgtdeagle/name-attachment-file-after-configname Some checks failed Docker Build and Push / docker_build (push) Has been cancelled Details Docker Build and Push / docker_scan (push) Has been cancelled Details change email attachmentname to peerName if not empty	2026-05-10 13:34:52 +08:00
Donald Zou	d51889a222	Merge pull request #1276 from WGDashboard/#1257-fix #1257 fix	2026-05-10 13:33:05 +08:00
Donald Zou	4d20d00631	Merge pull request #1258 from SnedS91/fix-totp-verification Some checks failed Docker Build and Push / docker_build (push) Has been cancelled Details Docker Build and Push / docker_scan (push) Has been cancelled Details Fix TOTP verification with valid window	2026-05-10 13:13:59 +08:00
sgtdeagle	6ec8d2f201	change email attachmentname to peerName if not empty	2026-05-07 14:27:31 +00:00
sneds91	91de807557	Fix TOTP verification with valid window	2026-05-02 10:54:21 +00:00
Mikhail Solovev	fedf7db8a4	Quote table and column identifiers using SQLAlchemy dialect preparer when adding missing columns to avoid SQL injection and syntax errors. (#1237 ) Some checks failed Mark stale issues and pull requests / stale (push) Has been cancelled Details CodeQL / Analyze (javascript) (push) Has been cancelled Details CodeQL / Analyze (python) (push) Has been cancelled Details Docker Build and Push / docker_build (push) Has been cancelled Details Docker Build and Push / docker_scan (push) Has been cancelled Details	2026-04-16 20:56:16 +02:00
Donald Zou	cdd85b659c	Merge pull request #1227 from WGDashboard/v4.3.3-quick-fix Some checks failed CodeQL / Analyze (javascript) (push) Has been cancelled Details CodeQL / Analyze (python) (push) Has been cancelled Details Docker Build and Push / docker_build (push) Has been cancelled Details Docker Build and Push / docker_scan (push) Has been cancelled Details Mark stale issues and pull requests / stale (push) Has been cancelled Details Update wgd.sh	2026-04-10 16:27:04 +08:00
Donald Zou	42f9460369	Update wgd.sh	2026-04-10 16:18:12 +08:00
Donald Zou	ba11a7a355	Merge pull request #1226 from WGDashboard/v4.3.3-quick-fix Fixed quotation marks	2026-04-10 15:50:10 +08:00
Donald Zou	71f4449741	Fixed quotation marks	2026-04-10 15:45:26 +08:00
Donald Zou	081c63cd43	Merge pull request #1197 from WGDashboard/development v4.3.3 Merge	2026-04-10 14:50:10 +08:00