marco/buildmymcpserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c62fcd07ef
buildmymcpserver/apps/web/app/admin/servers/page.tsx

153 lines
5.5 KiB
TypeScript
Raw Normal View History

feat(admin): password-auth admin panel with 8 pages + 15 API endpoints Schema migrations: - users.is_admin boolean - users.password_hash text (scrypt N=16384, 16-byte salt) - users.last_login_at timestamp - organizations.suspended + suspended_reason - admin_settings table (DB-stored prompt override + future settings) Auth (@bmm/auth): - hashPassword + verifyPassword via node:crypto scrypt (no extra dep) - loginWithPassword: scrypt-verifies, issues 30-day session, updates last_login_at - seedAdmin: idempotent upsert keyed on email; creates org + membership on first run - AuthedUser now carries isAdmin flag API: - POST /v1/auth/admin/login (email + password) — 300ms throttle on failure - requireAdmin preHandler — 401 if no session, 403 if non-admin - Bootstrap: api on boot calls seedAdmin(ADMIN_EMAIL, ADMIN_PASSWORD, ADMIN_NAME) if env present. Idempotent. Admin API routes (all gated by requireAdmin): - GET /v1/admin/overview (totals, trends 7d, server-status breakdown, builds 24h, recent activity) - GET /v1/admin/users (search, per-row org + plan + serverCount) - PATCH /v1/admin/users/:id (isAdmin, name) - DELETE /v1/admin/users/:id (self-delete blocked) - GET /v1/admin/orgs (member + server counts) - PATCH /v1/admin/orgs/:id (plan, quota, suspended; cascades to mcp_servers.status=paused on suspend) - GET /v1/admin/servers (cross-org with status filter) - POST /v1/admin/servers/:id/rebuild (re-queues build using last prompt) - DELETE /v1/admin/servers/:id - GET /v1/admin/builds (status filter, error messages, prompt previews) - GET /v1/admin/builds/:id/logs - GET /v1/admin/audit (system-wide with user email join) - GET /v1/admin/system (DB ping, Redis ping, BullMQ queue depth, docker ps count) - GET /v1/admin/prompt (builtin + override + updatedAt) - PATCH /v1/admin/prompt (value: string | null) — saves DB override or drops it UI (apps/web/app/admin/*): - /admin/login — password form, separate from /login magic-link - AdminLayout — Linear-style sidebar (8 nav items), bottom panel with user email + 'user view' shortcut + logout, client-side requireAdmin guard with redirect - /admin — overview dashboard with 4 metric cards, 2 panels (status + 24h builds), recent activity table linking to full audit - /admin/users — search + admin toggle + delete (self-delete blocked) - /admin/orgs — plan/quota/suspend actions via prompts - /admin/servers — cross-org table with rebuild + delete actions, status filter - /admin/builds — every build cross-fleet with error vs prompt preview - /admin/audit — system-wide log + CSV export + filter dropdowns - /admin/system — auto-refreshing 5s health probes for Postgres, Redis, queue, Docker - /admin/prompt — live editor for the LLM system prompt with built-in baseline, override-state badge, drop-override action, diff preview, save-as-override End-to-end verified: login as marco.frangiskatos@gmail.com + Melusa112233.*, every admin page returns 200, admin login + overview tested via screenshot, docker probe returns true count of running MCP containers.
2026-05-19 23:01:26 +02:00
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { Button } from '@/components/ui/button';
import { StatusPill } from '@/components/status-pill';
import { Trash2, RefreshCw } from 'lucide-react';
interface Row {
server: {
id: string;
slug: string;
name: string;
status: string;
currentVersion: number;
publicUrl: string | null;
hostPort: number | null;
createdAt: string;
updatedAt: string;
};
org: { id: string; name: string; slug: string; plan: string };
}
const STATUS_FILTERS = ['', 'live', 'building', 'deploying', 'generating', 'failed', 'paused', 'draft'];
export default function AdminServersPage() {
const [rows, setRows] = useState<Row[] | null>(null);
const [status, setStatus] = useState('');
async function reload() {
const r = await apiFetch<{ servers: Row[] }>(
`/v1/admin/servers${status ? `?status=${status}` : ''}`,
);
setRows(r.servers);
}
useEffect(() => {
reload();
}, [status]);
async function rebuild(s: Row['server']) {
if (!confirm(`Trigger a force rebuild of "${s.name}" (v${s.currentVersion} → v${s.currentVersion + 1})?`)) return;
try {
await apiFetch(`/v1/admin/servers/${s.id}/rebuild`, { method: 'POST' });
reload();
} catch (e) {
alert(`Failed: ${(e as Error).message}`);
}
}
async function remove(s: Row['server']) {
if (!confirm(`Permanently delete "${s.name}" and stop its container?`)) return;
await apiFetch(`/v1/admin/servers/${s.id}`, { method: 'DELETE' });
reload();
}
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">MCP servers</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Cross-organization view. Force rebuilds, deletions, status filtering.
</p>
</header>
<div className="mb-4 flex gap-2">
<select
value={status}
onChange={(e) => setStatus(e.target.value)}
className="h-8 rounded-md border border-[--color-border] bg-[--color-bg-subtle] px-2 text-[13px] focus:border-[--color-accent] focus:outline-none"
>
{STATUS_FILTERS.map((s) => (
<option key={s} value={s}>
{s ? s : 'All statuses'}
</option>
))}
</select>
</div>
<div className="panel">
{rows === null && (
<p className="px-4 py-3 text-[12.5px] text-[--color-fg-muted]">Loading</p>
)}
{rows && rows.length === 0 && (
<p className="px-4 py-12 text-center text-[13px] text-[--color-fg-muted]">No servers.</p>
)}
{rows && rows.length > 0 && (
<table className="w-full text-[12.5px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">Name</th>
<th className="px-4 py-2 text-left font-medium">Org</th>
<th className="px-4 py-2 text-left font-medium">Status</th>
<th className="px-4 py-2 text-left font-medium">URL</th>
<th className="px-4 py-2 text-left font-medium">Updated</th>
<th className="px-4 py-2 text-right font-medium">Actions</th>
</tr>
</thead>
<tbody>
{rows.map((r) => (
<tr key={r.server.id} className="border-b border-[--color-border] last:border-0">
<td className="px-4 py-2.5">
<div className="font-medium">{r.server.name}</div>
<div className="mono text-[11px] text-[--color-fg-subtle]">
{r.server.slug} · v{r.server.currentVersion}
</div>
</td>
<td className="px-4 py-2.5">
<div>{r.org.name}</div>
<div className="mono text-[11px] text-[--color-fg-subtle]">
{r.org.plan}
</div>
</td>
<td className="px-4 py-2.5">
<StatusPill status={r.server.status as never} />
</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">
{r.server.publicUrl ? (
<a
href={`${r.server.publicUrl}/mcp`}
target="_blank"
rel="noreferrer"
className="hover:text-[--color-fg]"
>
{r.server.publicUrl}
</a>
) : (
'—'
)}
</td>
<td className="px-4 py-2.5 text-[--color-fg-muted]">
{new Date(r.server.updatedAt).toLocaleString()}
</td>
<td className="px-4 py-2.5 text-right">
<div className="inline-flex gap-1">
<Button variant="ghost" size="sm" onClick={() => rebuild(r.server)}>
<RefreshCw size={11} /> rebuild
</Button>
<Button variant="danger" size="sm" onClick={() => remove(r.server)}>
<Trash2 size={11} />
</Button>
</div>
</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
);
}
Reference in New Issue Copy Permalink