Merge pull request #527 from donaldzou/fix-#516

Security Patch
donaldzou · Nov 25, 2024 · 4524a55 · 4524a55
2 parents fa04ad1 + f942eaf
commit 4524a55
Show file tree

Hide file tree

Showing 36 changed files with 41 additions and 40 deletions.
diff --git a/src/dashboard.py b/src/dashboard.py
@@ -27,7 +27,7 @@
 
 from flask.json.provider import DefaultJSONProvider
 
-DASHBOARD_VERSION = 'v4.1.1'
+DASHBOARD_VERSION = 'v4.1.2'
 CONFIGURATION_PATH = os.getenv('CONFIGURATION_PATH', '.')
 DB_PATH = os.path.join(CONFIGURATION_PATH, 'db')
 if not os.path.isdir(DB_PATH):
@@ -1726,7 +1726,6 @@ def API_ValidateAuthentication():
 def API_AuthenticateLogin():
     data = request.get_json()
     if DashboardConfig.APIAccessed:
-
         authToken = hashlib.sha256(f"{request.headers.get('wg-dashboard-apikey')}{datetime.now()}".encode()).hexdigest()
         session['username'] = authToken
         resp = ResponseObject(True, DashboardConfig.GetConfig("Other", "welcome_session")[1])
@@ -1761,6 +1760,7 @@ def API_AuthenticateLogin():
 def API_SignOut():
     resp = ResponseObject(True, "")
     resp.delete_cookie("authToken")
+    session.clear()
     return resp
 
 @app.route(f'{APP_PREFIX}/api/getWireguardConfigurations', methods=["GET"])

diff --git a/...app/dist/assets/configuration-DnwxX2Kf.js → ...app/dist/assets/configuration-uNlCMC_w.js b/...app/dist/assets/configuration-DnwxX2Kf.js → ...app/dist/assets/configuration-uNlCMC_w.js
diff --git a/...ts/configurationBackupRestore-DCnhMSrv.js → ...ts/configurationBackupRestore-CQ4b2uK5.js b/...ts/configurationBackupRestore-DCnhMSrv.js → ...ts/configurationBackupRestore-CQ4b2uK5.js