marco/buildmymcpserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(admin): password-auth admin panel with 8 pages + 15 API endpoints

Browse Source 
Schema migrations:
- users.is_admin boolean
- users.password_hash text (scrypt N=16384, 16-byte salt)
- users.last_login_at timestamp
- organizations.suspended + suspended_reason
- admin_settings table (DB-stored prompt override + future settings)

Auth (@bmm/auth):
- hashPassword + verifyPassword via node:crypto scrypt (no extra dep)
- loginWithPassword: scrypt-verifies, issues 30-day session, updates last_login_at
- seedAdmin: idempotent upsert keyed on email; creates org + membership on first run
- AuthedUser now carries isAdmin flag

API:
- POST /v1/auth/admin/login (email + password) — 300ms throttle on failure
- requireAdmin preHandler — 401 if no session, 403 if non-admin
- Bootstrap: api on boot calls seedAdmin(ADMIN_EMAIL, ADMIN_PASSWORD, ADMIN_NAME)
  if env present. Idempotent.

Admin API routes (all gated by requireAdmin):
- GET /v1/admin/overview (totals, trends 7d, server-status breakdown, builds 24h, recent activity)
- GET /v1/admin/users (search, per-row org + plan + serverCount)
- PATCH /v1/admin/users/:id (isAdmin, name)
- DELETE /v1/admin/users/:id (self-delete blocked)
- GET /v1/admin/orgs (member + server counts)
- PATCH /v1/admin/orgs/:id (plan, quota, suspended; cascades to mcp_servers.status=paused on suspend)
- GET /v1/admin/servers (cross-org with status filter)
- POST /v1/admin/servers/:id/rebuild (re-queues build using last prompt)
- DELETE /v1/admin/servers/:id
- GET /v1/admin/builds (status filter, error messages, prompt previews)
- GET /v1/admin/builds/:id/logs
- GET /v1/admin/audit (system-wide with user email join)
- GET /v1/admin/system (DB ping, Redis ping, BullMQ queue depth, docker ps count)
- GET /v1/admin/prompt (builtin + override + updatedAt)
- PATCH /v1/admin/prompt (value: string | null) — saves DB override or drops it

UI (apps/web/app/admin/*):
- /admin/login — password form, separate from /login magic-link
- AdminLayout — Linear-style sidebar (8 nav items), bottom panel with user email +
  'user view' shortcut + logout, client-side requireAdmin guard with redirect
- /admin — overview dashboard with 4 metric cards, 2 panels (status + 24h builds),
  recent activity table linking to full audit
- /admin/users — search + admin toggle + delete (self-delete blocked)
- /admin/orgs — plan/quota/suspend actions via prompts
- /admin/servers — cross-org table with rebuild + delete actions, status filter
- /admin/builds — every build cross-fleet with error vs prompt preview
- /admin/audit — system-wide log + CSV export + filter dropdowns
- /admin/system — auto-refreshing 5s health probes for Postgres, Redis, queue, Docker
- /admin/prompt — live editor for the LLM system prompt with built-in baseline,
  override-state badge, drop-override action, diff preview, save-as-override

End-to-end verified: login as marco.frangiskatos@gmail.com + Melusa112233.*, every
admin page returns 200, admin login + overview tested via screenshot, docker probe
returns true count of running MCP containers.
This commit is contained in:
Marco Sadjadi 2026-05-19 23:01:26 +02:00
parent 9acc2adb0d
commit c62fcd07ef
18 changed files with 2319 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.env.example
View File

@ -22,6 +22,12 @@ ANTHROPIC_API_KEY=
# 32-byte hex for AES-256-GCM; generate with: openssl rand -hex 32
SECRETS_ENCRYPTION_KEY=0000000000000000000000000000000000000000000000000000000000000000
# ---- Admin bootstrap ----
# On API boot, an admin user is upserted with these credentials (idempotent).
ADMIN_EMAIL=
ADMIN_PASSWORD=
ADMIN_NAME=Admin
# ---- OAuth signing (RS256 JWKS) ----
# Path to PEM keypair; auto-generated on api boot if missing
OAUTH_KEY_DIR=./keys

7
apps/api/src/config.ts
View File

@ -13,6 +13,9 @@ const Env = z.object({
.min(64, '32 bytes hex required')
.default('0000000000000000000000000000000000000000000000000000000000000000'),
CONTROL_PLANE_PUBLIC_URL: z.string().default('http://localhost:4000'),
ADMIN_EMAIL: z.string().email().optional(),
ADMIN_PASSWORD: z.string().min(8).optional(),
ADMIN_NAME: z.string().optional(),
});
export const config = Env.parse({
@ -24,6 +27,10 @@ export const config = Env.parse({
OAUTH_KEY_DIR: process.env.OAUTH_KEY_DIR,
ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY,
SECRETS_ENCRYPTION_KEY: process.env.SECRETS_ENCRYPTION_KEY,
CONTROL_PLANE_PUBLIC_URL: process.env.CONTROL_PLANE_PUBLIC_URL,
ADMIN_EMAIL: process.env.ADMIN_EMAIL,
ADMIN_PASSWORD: process.env.ADMIN_PASSWORD,
ADMIN_NAME: process.env.ADMIN_NAME,
});
export type Config = z.infer<typeof Env>;

20
apps/api/src/index.ts
View File

@ -2,11 +2,13 @@ import Fastify from 'fastify';
import cors from '@fastify/cors';
import cookie from '@fastify/cookie';
import websocket from '@fastify/websocket';
import { seedAdmin } from '@bmm/auth';
import { config } from './config.js';
import { authRoutes } from './routes/auth.js';
import { serverRoutes } from './routes/servers.js';
import { oauthRoutes } from './routes/oauth.js';
import { settingsRoutes } from './routes/settings.js';
import { adminRoutes } from './routes/admin.js';
const app = Fastify({
logger: {
@ -27,6 +29,24 @@ await app.register(authRoutes);
await app.register(serverRoutes);
await app.register(oauthRoutes);
await app.register(settingsRoutes);
await app.register(adminRoutes);
// Bootstrap admin user from env (idempotent)
if (config.ADMIN_EMAIL && config.ADMIN_PASSWORD) {
try {
const result = await seedAdmin({
email: config.ADMIN_EMAIL,
password: config.ADMIN_PASSWORD,
name: config.ADMIN_NAME,
});
app.log.info(
{ email: config.ADMIN_EMAIL, created: result.created },
`[admin-seed] ${result.created ? 'created' : 'updated'} admin user`,
);
} catch (err) {
app.log.error({ err }, '[admin-seed] failed to seed admin user');
}
}
app.setErrorHandler((err, _req, reply) => {
app.log.error(err);

15
apps/api/src/plugins/session.ts
View File

@ -21,6 +21,21 @@ export async function requireAuth(
req.user = session;
}
export async function requireAdmin(
req: FastifyRequest,
reply: FastifyReply,
): Promise<FastifyReply | void> {
const token = req.cookies[SESSION_COOKIE];
const session = await getSession(token);
if (!session) {
return reply.code(401).send({ error: 'unauthorized' });
}
if (!session.isAdmin) {
return reply.code(403).send({ error: 'forbidden' });
}
req.user = session;
}
export function registerSession(_app: FastifyInstance): void {
// no-op; preHandler `requireAuth` does the work per-route
}

569
apps/api/src/routes/admin.ts Normal file
View File

@ -0,0 +1,569 @@
import type { FastifyInstance } from 'fastify';
import { spawn } from 'node:child_process';
import { z } from 'zod';
import {
adminSettings,
auditLog,
buildLogs,
builds,
count,
createDb,
desc,
eq,
gte,
inArray,
mcpServers,
memberships,
organizations,
sql,
toolCallMetrics,
users,
} from '@bmm/db';
import { SYSTEM_PROMPT } from '@bmm/llm';
import { requireAdmin } from '../plugins/session.js';
import { getRedis } from '../lib/redis.js';
import { getBuildQueue } from '../lib/queue.js';
import { audit } from '../lib/audit.js';
const db = createDb();
const PROMPT_KEY = 'system_prompt_override';
export async function adminRoutes(app: FastifyInstance): Promise<void> {
// ---- Overview metrics ----
app.get('/v1/admin/overview', { preHandler: requireAdmin }, async (_req, reply) => {
const dayAgo = new Date(Date.now() - 24 * 3600_000);
const sevenDaysAgo = new Date(Date.now() - 7 * 86400_000);
const [
userCount,
orgCount,
serverCount,
buildCount,
callCount,
liveCount,
failedBuildCount,
newUsersLast7d,
newServersLast7d,
] = await Promise.all([
db.select({ c: count() }).from(users).then((r) => Number(r[0]?.c ?? 0)),
db.select({ c: count() }).from(organizations).then((r) => Number(r[0]?.c ?? 0)),
db.select({ c: count() }).from(mcpServers).then((r) => Number(r[0]?.c ?? 0)),
db.select({ c: count() }).from(builds).then((r) => Number(r[0]?.c ?? 0)),
db.select({ c: count() }).from(toolCallMetrics).then((r) => Number(r[0]?.c ?? 0)),
db
.select({ c: count() })
.from(mcpServers)
.where(eq(mcpServers.status, 'live'))
.then((r) => Number(r[0]?.c ?? 0)),
db
.select({ c: count() })
.from(builds)
.where(eq(builds.status, 'failed'))
.then((r) => Number(r[0]?.c ?? 0)),
db
.select({ c: count() })
.from(users)
.where(gte(users.createdAt, sevenDaysAgo))
.then((r) => Number(r[0]?.c ?? 0)),
db
.select({ c: count() })
.from(mcpServers)
.where(gte(mcpServers.createdAt, sevenDaysAgo))
.then((r) => Number(r[0]?.c ?? 0)),
]);
// Server status breakdown
const statusBreakdown = await db
.select({ status: mcpServers.status, c: count() })
.from(mcpServers)
.groupBy(mcpServers.status);
// Recent activity from audit log
const recent = await db
.select()
.from(auditLog)
.orderBy(desc(auditLog.createdAt))
.limit(15);
// Builds in last 24h with status
const recentBuilds = await db
.select({ status: builds.status, c: count() })
.from(builds)
.where(gte(builds.createdAt, dayAgo))
.groupBy(builds.status);
return reply.send({
totals: {
users: userCount,
orgs: orgCount,
servers: serverCount,
liveServers: liveCount,
builds: buildCount,
failedBuilds: failedBuildCount,
toolCalls: callCount,
},
trends: {
newUsersLast7d,
newServersLast7d,
},
statusBreakdown,
recentBuilds24h: recentBuilds,
recentActivity: recent,
});
});
// ---- Users ----
app.get('/v1/admin/users', { preHandler: requireAdmin }, async (req, reply) => {
const Query = z.object({
search: z.string().optional(),
limit: z.coerce.number().min(1).max(500).default(100),
});
const parsed = Query.safeParse(req.query);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_query' });
const rows = await db.select().from(users).orderBy(desc(users.createdAt)).limit(parsed.data.limit);
const filtered = parsed.data.search
? rows.filter((u) =>
u.email.toLowerCase().includes(parsed.data.search!.toLowerCase()) ||
(u.name?.toLowerCase().includes(parsed.data.search!.toLowerCase()) ?? false),
)
: rows;
// attach org + server count
const enriched = await Promise.all(
filtered.map(async (u) => {
const [m] = await db
.select({
orgId: memberships.orgId,
orgName: organizations.name,
orgSlug: organizations.slug,
plan: organizations.plan,
role: memberships.role,
})
.from(memberships)
.innerJoin(organizations, eq(organizations.id, memberships.orgId))
.where(eq(memberships.userId, u.id))
.limit(1);
const [sc] = await db
.select({ c: count() })
.from(mcpServers)
.where(m ? eq(mcpServers.orgId, m.orgId) : sql`false`);
return {
id: u.id,
email: u.email,
name: u.name,
isAdmin: u.isAdmin,
emailVerified: u.emailVerified,
lastLoginAt: u.lastLoginAt,
createdAt: u.createdAt,
org: m ?? null,
serverCount: Number(sc?.c ?? 0),
};
}),
);
return reply.send({ users: enriched });
});
app.patch('/v1/admin/users/:id', { preHandler: requireAdmin }, async (req, reply) => {
const Params = z.object({ id: z.string().uuid() });
const Body = z.object({
isAdmin: z.boolean().optional(),
name: z.string().optional(),
});
const p = Params.safeParse(req.params);
const b = Body.safeParse(req.body);
if (!p.success || !b.success) return reply.code(400).send({ error: 'invalid_input' });
await db.update(users).set(b.data).where(eq(users.id, p.data.id));
await audit({
orgId: req.user!.orgId,
userId: req.user!.userId,
action: 'admin.user.update',
resourceType: 'user',
resourceId: p.data.id,
metadata: b.data,
ipAddress: req.ip,
});
return reply.send({ ok: true });
});
app.delete('/v1/admin/users/:id', { preHandler: requireAdmin }, async (req, reply) => {
const Params = z.object({ id: z.string().uuid() });
const p = Params.safeParse(req.params);
if (!p.success) return reply.code(400).send({ error: 'invalid_id' });
if (p.data.id === req.user!.userId) {
return reply.code(400).send({ error: 'cannot_delete_self' });
}
await db.delete(users).where(eq(users.id, p.data.id));
await audit({
orgId: req.user!.orgId,
userId: req.user!.userId,
action: 'admin.user.delete',
resourceType: 'user',
resourceId: p.data.id,
ipAddress: req.ip,
});
return reply.send({ ok: true });
});
// ---- Organizations ----
app.get('/v1/admin/orgs', { preHandler: requireAdmin }, async (_req, reply) => {
const rows = await db.select().from(organizations).orderBy(desc(organizations.createdAt));
const enriched = await Promise.all(
rows.map(async (o) => {
const [mc] = await db
.select({ c: count() })
.from(memberships)
.where(eq(memberships.orgId, o.id));
const [sc] = await db
.select({ c: count() })
.from(mcpServers)
.where(eq(mcpServers.orgId, o.id));
return {
...o,
memberCount: Number(mc?.c ?? 0),
serverCount: Number(sc?.c ?? 0),
};
}),
);
return reply.send({ orgs: enriched });
});
app.patch('/v1/admin/orgs/:id', { preHandler: requireAdmin }, async (req, reply) => {
const Params = z.object({ id: z.string().uuid() });
const Body = z.object({
plan: z.enum(['hobby', 'pro', 'team', 'enterprise']).optional(),
monthlyCallQuota: z.coerce.number().int().min(0).optional(),
suspended: z.boolean().optional(),
suspendedReason: z.string().max(500).nullable().optional(),
});
const p = Params.safeParse(req.params);
const b = Body.safeParse(req.body);
if (!p.success || !b.success) return reply.code(400).send({ error: 'invalid_input' });
await db.update(organizations).set(b.data).where(eq(organizations.id, p.data.id));
// If suspended, pause all the org's servers
if (b.data.suspended === true) {
await db
.update(mcpServers)
.set({ status: 'paused', updatedAt: new Date() })
.where(eq(mcpServers.orgId, p.data.id));
}
await audit({
orgId: req.user!.orgId,
userId: req.user!.userId,
action: 'admin.org.update',
resourceType: 'org',
resourceId: p.data.id,
metadata: b.data,
ipAddress: req.ip,
});
return reply.send({ ok: true });
});
// ---- Servers ----
app.get('/v1/admin/servers', { preHandler: requireAdmin }, async (req, reply) => {
const Query = z.object({
status: z.string().optional(),
limit: z.coerce.number().min(1).max(500).default(200),
});
const parsed = Query.safeParse(req.query);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_query' });
const rows = await db
.select({
server: mcpServers,
org: { id: organizations.id, name: organizations.name, slug: organizations.slug, plan: organizations.plan },
})
.from(mcpServers)
.innerJoin(organizations, eq(organizations.id, mcpServers.orgId))
.orderBy(desc(mcpServers.updatedAt))
.limit(parsed.data.limit);
const filtered = parsed.data.status
? rows.filter((r) => r.server.status === parsed.data.status)
: rows;
return reply.send({ servers: filtered });
});
app.post('/v1/admin/servers/:id/rebuild', { preHandler: requireAdmin }, async (req, reply) => {
const Params = z.object({ id: z.string().uuid() });
const p = Params.safeParse(req.params);
if (!p.success) return reply.code(400).send({ error: 'invalid_id' });
const [server] = await db.select().from(mcpServers).where(eq(mcpServers.id, p.data.id)).limit(1);
if (!server) return reply.code(404).send({ error: 'not_found' });
// Get last build's prompt
const [lastBuild] = await db
.select()
.from(builds)
.where(eq(builds.serverId, server.id))
.orderBy(desc(builds.version))
.limit(1);
if (!lastBuild) return reply.code(400).send({ error: 'no_previous_build' });
const nextVersion = (server.currentVersion ?? 0) + 1;
const [build] = await db
.insert(builds)
.values({
serverId: server.id,
version: nextVersion,
prompt: lastBuild.prompt,
status: 'queued',
})
.returning();
if (!build) return reply.code(500).send({ error: 'build_create_failed' });
await db
.update(mcpServers)
.set({ status: 'queued', updatedAt: new Date() })
.where(eq(mcpServers.id, server.id));
await getBuildQueue().add('generate', {
buildId: build.id,
serverId: server.id,
orgId: server.orgId,
prompt: lastBuild.prompt,
version: nextVersion,
slug: server.slug,
serverName: server.name,
secrets: {},
});
await audit({
orgId: req.user!.orgId,
userId: req.user!.userId,
action: 'admin.server.rebuild',
resourceType: 'server',
resourceId: server.id,
metadata: { newVersion: nextVersion },
ipAddress: req.ip,
});
return reply.send({ build });
});
app.delete('/v1/admin/servers/:id', { preHandler: requireAdmin }, async (req, reply) => {
const Params = z.object({ id: z.string().uuid() });
const p = Params.safeParse(req.params);
if (!p.success) return reply.code(400).send({ error: 'invalid_id' });
const [server] = await db.select().from(mcpServers).where(eq(mcpServers.id, p.data.id)).limit(1);
if (!server) return reply.code(404).send({ error: 'not_found' });
await db.delete(mcpServers).where(eq(mcpServers.id, server.id));
await audit({
orgId: req.user!.orgId,
userId: req.user!.userId,
action: 'admin.server.delete',
resourceType: 'server',
resourceId: server.id,
metadata: { slug: server.slug, name: server.name },
ipAddress: req.ip,
});
return reply.send({ ok: true });
});
// ---- Builds ----
app.get('/v1/admin/builds', { preHandler: requireAdmin }, async (req, reply) => {
const Query = z.object({
status: z.string().optional(),
limit: z.coerce.number().min(1).max(500).default(100),
});
const parsed = Query.safeParse(req.query);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_query' });
const rows = await db
.select({
build: builds,
server: { id: mcpServers.id, name: mcpServers.name, slug: mcpServers.slug },
org: { id: organizations.id, name: organizations.name },
})
.from(builds)
.innerJoin(mcpServers, eq(mcpServers.id, builds.serverId))
.innerJoin(organizations, eq(organizations.id, mcpServers.orgId))
.orderBy(desc(builds.createdAt))
.limit(parsed.data.limit);
const filtered = parsed.data.status
? rows.filter((r) => r.build.status === parsed.data.status)
: rows;
return reply.send({ builds: filtered });
});
app.get('/v1/admin/builds/:id/logs', { preHandler: requireAdmin }, async (req, reply) => {
const Params = z.object({ id: z.string().uuid() });
const p = Params.safeParse(req.params);
if (!p.success) return reply.code(400).send({ error: 'invalid_id' });
const logs = await db
.select()
.from(buildLogs)
.where(eq(buildLogs.buildId, p.data.id))
.orderBy(buildLogs.timestamp);
return reply.send({ logs });
});
// ---- Audit (system-wide) ----
app.get('/v1/admin/audit', { preHandler: requireAdmin }, async (req, reply) => {
const Query = z.object({
action: z.string().optional(),
resourceType: z.string().optional(),
limit: z.coerce.number().min(1).max(1000).default(200),
});
const parsed = Query.safeParse(req.query);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_query' });
let rows = await db
.select({
entry: auditLog,
userEmail: users.email,
})
.from(auditLog)
.leftJoin(users, eq(users.id, auditLog.userId))
.orderBy(desc(auditLog.createdAt))
.limit(parsed.data.limit);
if (parsed.data.action) {
rows = rows.filter((r) => r.entry.action === parsed.data.action);
}
if (parsed.data.resourceType) {
rows = rows.filter((r) => r.entry.resourceType === parsed.data.resourceType);
}
return reply.send({ entries: rows });
});
// ---- System health ----
app.get('/v1/admin/system', { preHandler: requireAdmin }, async (_req, reply) => {
const t0 = Date.now();
// DB probe
let dbOk = false;
let dbLatency: number | null = null;
try {
const start = Date.now();
await db.execute(sql`SELECT 1`);
dbLatency = Date.now() - start;
dbOk = true;
} catch {
// remains false
}
// Redis probe
let redisOk = false;
let redisLatency: number | null = null;
let queueDepth: number | null = null;
try {
const start = Date.now();
const pong = await getRedis().ping();
redisLatency = Date.now() - start;
redisOk = pong === 'PONG';
const q = getBuildQueue();
const counts = await q.getJobCounts('waiting', 'active', 'completed', 'failed', 'delayed');
queueDepth =
(counts.waiting ?? 0) +
(counts.active ?? 0) +
(counts.delayed ?? 0);
} catch {
// remains false
}
// Docker container count
const containerCount = await new Promise<number | null>((resolve) => {
const child = spawn('docker', ['ps', '--filter', 'name=bmm-mcp-', '-q'], {
stdio: ['ignore', 'pipe', 'ignore'],
shell: process.platform === 'win32',
});
let out = '';
child.stdout?.on('data', (d: Buffer) => {
out += d.toString();
});
child.on('close', (code) => {
if (code !== 0) {
resolve(null);
return;
}
const lines = out
.split(/\r?\n/)
.map((l) => l.trim())
.filter(Boolean);
resolve(lines.length);
});
child.on('error', () => resolve(null));
});
return reply.send({
probedAtMs: Date.now() - t0,
db: { ok: dbOk, latencyMs: dbLatency },
redis: { ok: redisOk, latencyMs: redisLatency, queueDepth },
docker: { containerCount },
});
});
// ---- System prompt (read + override) ----
app.get('/v1/admin/prompt', { preHandler: requireAdmin }, async (_req, reply) => {
const [row] = await db
.select()
.from(adminSettings)
.where(eq(adminSettings.key, PROMPT_KEY))
.limit(1);
return reply.send({
builtin: SYSTEM_PROMPT,
override: row?.value ?? null,
updatedAt: row?.updatedAt ?? null,
});
});
app.patch('/v1/admin/prompt', { preHandler: requireAdmin }, async (req, reply) => {
const Body = z.object({
value: z.string().min(1).max(20_000).nullable(),
});
const parsed = Body.safeParse(req.body);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_input' });
if (parsed.data.value === null) {
await db.delete(adminSettings).where(eq(adminSettings.key, PROMPT_KEY));
} else {
const [existing] = await db
.select()
.from(adminSettings)
.where(eq(adminSettings.key, PROMPT_KEY))
.limit(1);
if (existing) {
await db
.update(adminSettings)
.set({
value: parsed.data.value,
updatedAt: new Date(),
updatedBy: req.user!.userId,
})
.where(eq(adminSettings.id, existing.id));
} else {
await db.insert(adminSettings).values({
key: PROMPT_KEY,
value: parsed.data.value,
updatedBy: req.user!.userId,
});
}
}
await audit({
orgId: req.user!.orgId,
userId: req.user!.userId,
action: 'admin.prompt.update',
resourceType: 'admin_settings',
resourceId: PROMPT_KEY,
metadata: { hasOverride: parsed.data.value !== null },
ipAddress: req.ip,
});
return reply.send({ ok: true });
});
void inArray; // referenced for future bulk operations
}

53
apps/api/src/routes/auth.ts
View File

@ -1,6 +1,12 @@
import type { FastifyInstance } from 'fastify';
import { z } from 'zod';
import { consumeMagicLink, destroySession, getSession, issueMagicLink } from '@bmm/auth';
import {
consumeMagicLink,
destroySession,
getSession,
issueMagicLink,
loginWithPassword,
} from '@bmm/auth';
import { audit } from '../lib/audit.js';
import { config } from '../config.js';
@ -65,6 +71,51 @@ export async function authRoutes(app: FastifyInstance): Promise<void> {
return reply.send({ user: session });
});
app.post('/v1/auth/admin/login', async (req, reply) => {
const Body = z.object({
email: z.string().email(),
password: z.string().min(8),
});
const parsed = Body.safeParse(req.body);
if (!parsed.success) {
return reply.code(400).send({ error: 'invalid_input' });
}
try {
const session = await loginWithPassword(parsed.data.email, parsed.data.password, {
ipAddress: req.ip,
userAgent: req.headers['user-agent'],
});
if (!session.isAdmin) {
await destroySession(session.sessionToken);
return reply.code(403).send({ error: 'not_admin' });
}
reply.setCookie(SESSION_COOKIE, session.sessionToken, {
httpOnly: true,
sameSite: 'lax',
path: '/',
secure: config.NODE_ENV === 'production',
maxAge: 30 * 24 * 60 * 60,
});
await audit({
orgId: session.orgId,
userId: session.userId,
action: 'admin.login',
resourceType: 'session',
metadata: { email: session.email },
ipAddress: req.ip,
});
return reply.send({
ok: true,
user: { id: session.userId, email: session.email, orgId: session.orgId, isAdmin: true },
});
} catch (err) {
app.log.warn({ err }, 'admin login failed');
// Constant-time-ish to discourage username enumeration
await new Promise((r) => setTimeout(r, 300));
return reply.code(401).send({ error: 'invalid_credentials' });
}
});
app.post('/v1/auth/logout', async (req, reply) => {
const token = req.cookies[SESSION_COOKIE];
const session = token ? await getSession(token) : null;

166
apps/web/app/admin/audit/page.tsx Normal file
View File

@ -0,0 +1,166 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { Input } from '@/components/input';
import { Button } from '@/components/ui/button';
interface Row {
entry: {
id: string;
orgId: string | null;
userId: string | null;
action: string;
resourceType: string | null;
resourceId: string | null;
metadata: Record<string, unknown> | null;
ipAddress: string | null;
createdAt: string;
};
userEmail: string | null;
}
const ACTION_FILTERS = [
'',
'auth.login',
'auth.logout',
'admin.login',
'server.create',
'server.iterate',
'server.delete',
'admin.user.update',
'admin.user.delete',
'admin.org.update',
'admin.server.rebuild',
'admin.server.delete',
'admin.prompt.update',
];
export default function AdminAuditPage() {
const [rows, setRows] = useState<Row[] | null>(null);
const [action, setAction] = useState('');
const [search, setSearch] = useState('');
useEffect(() => {
apiFetch<{ entries: Row[] }>(`/v1/admin/audit${action ? `?action=${action}` : ''}`)
.then((r) => setRows(r.entries))
.catch(() => setRows([]));
}, [action]);
function exportCsv() {
if (!rows) return;
const header = ['when', 'action', 'user', 'resource', 'ip', 'metadata'];
const lines = rows.map((r) =>
[
new Date(r.entry.createdAt).toISOString(),
r.entry.action,
r.userEmail ?? '',
`${r.entry.resourceType ?? ''}/${r.entry.resourceId ?? ''}`,
r.entry.ipAddress ?? '',
r.entry.metadata ? JSON.stringify(r.entry.metadata).replace(/"/g, '""') : '',
]
.map((v) => `"${String(v).replace(/"/g, '""')}"`)
.join(','),
);
const csv = [header.join(','), ...lines].join('\n');
const blob = new Blob([csv], { type: 'text/csv' });
const url = URL.createObjectURL(blob);
const a = document.createElement('a');
a.href = url;
a.download = `bmm-audit-${Date.now()}.csv`;
a.click();
URL.revokeObjectURL(url);
}
const visible = rows?.filter((r) =>
search
? r.entry.action.includes(search) ||
r.userEmail?.includes(search) ||
r.entry.resourceId?.includes(search) ||
r.entry.ipAddress?.includes(search)
: true,
);
return (
<div className="px-8 py-8">
<header className="mb-6 flex items-baseline justify-between">
<div>
<h1 className="text-[22px] font-semibold tracking-tight">Audit log</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
System-wide. {visible?.length ?? 0} visible.
</p>
</div>
<Button variant="secondary" size="md" onClick={exportCsv}>
Export CSV
</Button>
</header>
<div className="mb-4 flex flex-wrap gap-2">
<select
value={action}
onChange={(e) => setAction(e.target.value)}
className="h-8 rounded-md border border-[--color-border] bg-[--color-bg-subtle] px-2 text-[13px] focus:border-[--color-accent] focus:outline-none"
>
{ACTION_FILTERS.map((a) => (
<option key={a} value={a}>
{a ? a : 'All actions'}
</option>
))}
</select>
<Input
value={search}
onChange={(e) => setSearch(e.target.value)}
placeholder="Filter by user email, resource id, or ip…"
className="w-96"
/>
</div>
<div className="panel">
{!visible && (
<p className="px-4 py-3 text-[12.5px] text-[--color-fg-muted]">Loading</p>
)}
{visible && visible.length === 0 && (
<p className="px-4 py-12 text-center text-[13px] text-[--color-fg-muted]">No matches.</p>
)}
{visible && visible.length > 0 && (
<table className="w-full text-[12px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">When</th>
<th className="px-4 py-2 text-left font-medium">Action</th>
<th className="px-4 py-2 text-left font-medium">User</th>
<th className="px-4 py-2 text-left font-medium">Resource</th>
<th className="px-4 py-2 text-left font-medium">IP</th>
<th className="px-4 py-2 text-left font-medium">Metadata</th>
</tr>
</thead>
<tbody>
{visible.map((r) => (
<tr key={r.entry.id} className="border-b border-[--color-border] last:border-0">
<td className="px-4 py-2 mono text-[--color-fg-muted] whitespace-nowrap">
{new Date(r.entry.createdAt).toLocaleString()}
</td>
<td className="px-4 py-2">
<span className="mono rounded-full border border-[--color-border] bg-[--color-bg-subtle] px-2 py-0.5 text-[11px]">
{r.entry.action}
</span>
</td>
<td className="px-4 py-2 mono text-[--color-fg-muted]">{r.userEmail ?? '—'}</td>
<td className="px-4 py-2 mono text-[--color-fg-muted]">
{r.entry.resourceType
? `${r.entry.resourceType}/${r.entry.resourceId?.slice(0, 8) ?? '—'}`
: '—'}
</td>
<td className="px-4 py-2 mono text-[--color-fg-muted]">{r.entry.ipAddress ?? '—'}</td>
<td className="px-4 py-2 mono text-[10.5px] text-[--color-fg-subtle] max-w-[280px] truncate">
{r.entry.metadata ? JSON.stringify(r.entry.metadata) : '—'}
</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
);
}

107
apps/web/app/admin/builds/page.tsx Normal file
View File

@ -0,0 +1,107 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { StatusPill } from '@/components/status-pill';
interface Row {
build: {
id: string;
version: number;
prompt: string;
status: string;
errorMessage: string | null;
startedAt: string | null;
finishedAt: string | null;
createdAt: string;
};
server: { id: string; name: string; slug: string };
org: { id: string; name: string };
}
const STATUS_FILTERS = ['', 'success', 'failed', 'queued', 'generating', 'building', 'deploying', 'cancelled'];
export default function AdminBuildsPage() {
const [rows, setRows] = useState<Row[] | null>(null);
const [status, setStatus] = useState('');
useEffect(() => {
apiFetch<{ builds: Row[] }>(`/v1/admin/builds${status ? `?status=${status}` : ''}`)
.then((r) => setRows(r.builds))
.catch(() => setRows([]));
}, [status]);
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">Builds</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Every spec image deploy run across the fleet.
</p>
</header>
<div className="mb-4 flex gap-2">
<select
value={status}
onChange={(e) => setStatus(e.target.value)}
className="h-8 rounded-md border border-[--color-border] bg-[--color-bg-subtle] px-2 text-[13px] focus:border-[--color-accent] focus:outline-none"
>
{STATUS_FILTERS.map((s) => (
<option key={s} value={s}>
{s ? s : 'All statuses'}
</option>
))}
</select>
</div>
<div className="panel">
{rows === null && (
<p className="px-4 py-3 text-[12.5px] text-[--color-fg-muted]">Loading</p>
)}
{rows && rows.length === 0 && (
<p className="px-4 py-12 text-center text-[13px] text-[--color-fg-muted]">No builds.</p>
)}
{rows && rows.length > 0 && (
<table className="w-full text-[12px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">When</th>
<th className="px-4 py-2 text-left font-medium">Server</th>
<th className="px-4 py-2 text-left font-medium">Org</th>
<th className="px-4 py-2 text-left font-medium">Status</th>
<th className="px-4 py-2 text-left font-medium">Prompt / Error</th>
</tr>
</thead>
<tbody>
{rows.map((r) => (
<tr key={r.build.id} className="border-b border-[--color-border] last:border-0 align-top">
<td className="px-4 py-2 mono text-[--color-fg-muted] whitespace-nowrap">
{new Date(r.build.createdAt).toLocaleString()}
<div className="text-[10px] text-[--color-fg-subtle]">v{r.build.version}</div>
</td>
<td className="px-4 py-2">
<div className="font-medium">{r.server.name}</div>
<div className="mono text-[10.5px] text-[--color-fg-subtle]">{r.server.slug}</div>
</td>
<td className="px-4 py-2 text-[--color-fg-muted]">{r.org.name}</td>
<td className="px-4 py-2">
<StatusPill status={r.build.status as never} />
</td>
<td className="px-4 py-2 mono text-[--color-fg-muted] max-w-[500px]">
{r.build.errorMessage ? (
<div className="text-[--color-danger] whitespace-pre-wrap">
{r.build.errorMessage}
</div>
) : (
<div className="line-clamp-3 whitespace-pre-wrap">{r.build.prompt}</div>
)}
</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
);
}

159
apps/web/app/admin/layout.tsx Normal file
View File

@ -0,0 +1,159 @@
'use client';
import Link from 'next/link';
import { usePathname, useRouter } from 'next/navigation';
import { useEffect, useState } from 'react';
import {
LayoutGrid,
Users,
Building2,
Server,
Hammer,
FileClock,
Activity,
Wand2,
LogOut,
ShieldAlert,
} from 'lucide-react';
import { apiFetch } from '@/lib/api';
import { cn } from '@/lib/cn';
import { Logo } from '@/components/logo';
interface MeUser {
userId: string;
email: string;
isAdmin: boolean;
}
const NAV: { href: string; label: string; icon: React.ComponentType<{ size?: number }> }[] = [
{ href: '/admin', label: 'Overview', icon: LayoutGrid },
{ href: '/admin/users', label: 'Users', icon: Users },
{ href: '/admin/orgs', label: 'Organizations', icon: Building2 },
{ href: '/admin/servers', label: 'MCP servers', icon: Server },
{ href: '/admin/builds', label: 'Builds', icon: Hammer },
{ href: '/admin/audit', label: 'Audit log', icon: FileClock },
{ href: '/admin/system', label: 'System health', icon: Activity },
{ href: '/admin/prompt', label: 'AI prompt', icon: Wand2 },
];
export default function AdminLayout({ children }: { children: React.ReactNode }) {
const pathname = usePathname();
const router = useRouter();
const [user, setUser] = useState<MeUser | null>(null);
const [authState, setAuthState] = useState<'checking' | 'ok' | 'forbidden'>('checking');
useEffect(() => {
if (pathname === '/admin/login') {
setAuthState('ok');
return;
}
apiFetch<{ user: MeUser }>('/v1/auth/me')
.then((r) => {
if (r.user.isAdmin) {
setUser(r.user);
setAuthState('ok');
} else {
setAuthState('forbidden');
}
})
.catch(() => setAuthState('forbidden'));
}, [pathname]);
useEffect(() => {
if (authState === 'forbidden' && pathname !== '/admin/login') {
router.replace('/admin/login');
}
}, [authState, pathname, router]);
async function logout() {
await apiFetch('/v1/auth/logout', { method: 'POST' }).catch(() => undefined);
router.replace('/admin/login');
}
if (pathname === '/admin/login') return <>{children}</>;
if (authState === 'checking') {
return (
<div className="flex min-h-screen items-center justify-center">
<p className="mono text-[12px] text-[--color-fg-subtle]">verifying admin</p>
</div>
);
}
if (authState === 'forbidden') {
return (
<div className="flex min-h-screen flex-col items-center justify-center gap-3">
<ShieldAlert size={24} className="text-[--color-danger]" />
<p className="text-[14px]">Admin access required.</p>
<Link
href="/admin/login"
className="mono text-[12px] text-[--color-accent] underline hover:text-white"
>
/admin/login
</Link>
</div>
);
}
return (
<div className="flex min-h-screen">
<aside className="sticky top-0 flex h-screen w-[230px] shrink-0 flex-col border-r border-[--color-border] bg-[--color-bg-elevated]">
<div className="flex h-12 items-center gap-2 border-b border-[--color-border] px-4">
<Logo />
<span className="mono text-[10.5px] uppercase tracking-wider text-[--color-fg-subtle]">
/ admin
</span>
</div>
<nav className="flex-1 overflow-y-auto p-2">
<ul className="space-y-0.5">
{NAV.map((item) => {
const Icon = item.icon;
const active =
pathname === item.href ||
(item.href !== '/admin' && pathname.startsWith(item.href));
return (
<li key={item.href}>
<Link
href={item.href}
className={cn(
'flex h-8 items-center gap-2 rounded-md px-2.5 text-[12.5px] transition-colors',
active
? 'bg-[--color-bg-subtle] text-[--color-fg]'
: 'text-[--color-fg-muted] hover:bg-[--color-bg-subtle] hover:text-[--color-fg]',
)}
>
<Icon size={13} />
{item.label}
</Link>
</li>
);
})}
</ul>
</nav>
<div className="border-t border-[--color-border] p-3 text-[12px]">
{user && (
<div className="mb-2 truncate text-[--color-fg-muted]" title={user.email}>
{user.email}
</div>
)}
<div className="flex gap-1">
<Link
href="/dashboard"
className="flex-1 rounded-md border border-[--color-border] px-2 py-1 text-center text-[11px] text-[--color-fg-muted] transition-colors hover:text-[--color-fg]"
>
user view
</Link>
<button
type="button"
onClick={logout}
className="rounded-md border border-[--color-border] px-2 py-1 text-[11px] text-[--color-fg-muted] transition-colors hover:text-[--color-danger]"
aria-label="logout"
>
<LogOut size={11} />
</button>
</div>
</div>
</aside>
<main className="flex-1 overflow-x-hidden">{children}</main>
</div>
);
}

105
apps/web/app/admin/login/page.tsx Normal file
View File

@ -0,0 +1,105 @@
'use client';
import { useState } from 'react';
import { useRouter } from 'next/navigation';
import Link from 'next/link';
import { Logo } from '@/components/logo';
import { Button } from '@/components/ui/button';
import { Input, Label } from '@/components/input';
import { apiFetch } from '@/lib/api';
export default function AdminLogin() {
const router = useRouter();
const [email, setEmail] = useState('');
const [password, setPassword] = useState('');
const [state, setState] = useState<'idle' | 'submitting' | 'error'>('idle');
const [error, setError] = useState<string | null>(null);
async function submit(e: React.FormEvent) {
e.preventDefault();
setState('submitting');
setError(null);
try {
await apiFetch('/v1/auth/admin/login', {
method: 'POST',
body: JSON.stringify({ email, password }),
});
router.replace('/admin');
} catch (err) {
const detail = (err as { detail?: { error?: string } }).detail;
const code = detail?.error;
setError(
code === 'not_admin'
? 'That account exists but is not an admin.'
: code === 'invalid_credentials'
? 'Wrong email or password.'
: (err as Error).message,
);
setState('error');
}
}
return (
<div className="flex min-h-screen items-center justify-center px-6">
<div className="w-full max-w-sm">
<Logo className="mb-10" />
<div className="flex items-baseline gap-2">
<h1 className="text-[20px] font-semibold tracking-tight">Admin sign in</h1>
<span className="mono rounded-full border border-[--color-border] bg-[--color-bg-elevated] px-2 py-0.5 text-[10.5px] tracking-wider text-[--color-fg-subtle]">
restricted
</span>
</div>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Email + password. Non-admin accounts use the magic link at{' '}
<Link href="/login" className="underline transition-colors hover:text-[--color-fg]">
/login
</Link>
.
</p>
<form onSubmit={submit} className="mt-7 space-y-3">
<div className="space-y-1.5">
<Label htmlFor="email">Email</Label>
<Input
id="email"
type="email"
required
autoComplete="email"
value={email}
onChange={(e) => setEmail(e.target.value)}
placeholder="admin@yourcompany.com"
/>
</div>
<div className="space-y-1.5">
<Label htmlFor="password">Password</Label>
<Input
id="password"
type="password"
required
autoComplete="current-password"
value={password}
onChange={(e) => setPassword(e.target.value)}
placeholder="••••••••"
/>
</div>
<Button
type="submit"
variant="primary"
size="lg"
className="w-full"
disabled={state === 'submitting'}
>
{state === 'submitting' ? 'Signing in…' : 'Sign in'}
</Button>
{error && <p className="text-[12px] text-[--color-danger]">{error}</p>}
</form>
<div className="mt-8 text-[12px] text-[--color-fg-subtle]">
<Link href="/" className="transition-colors hover:text-[--color-fg]">
Back to home
</Link>
</div>
</div>
</div>
);
}

182
apps/web/app/admin/orgs/page.tsx Normal file
View File

@ -0,0 +1,182 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { Button } from '@/components/ui/button';
import { Input } from '@/components/input';
interface AdminOrg {
id: string;
slug: string;
name: string;
plan: string;
monthlyCallQuota: number;
callsThisPeriod: number;
periodStartsAt: string;
suspended: boolean;
suspendedReason: string | null;
createdAt: string;
memberCount: number;
serverCount: number;
}
export default function AdminOrgsPage() {
const [orgs, setOrgs] = useState<AdminOrg[] | null>(null);
const [search, setSearch] = useState('');
async function reload() {
const r = await apiFetch<{ orgs: AdminOrg[] }>('/v1/admin/orgs');
setOrgs(r.orgs);
}
useEffect(() => {
reload();
}, []);
async function changePlan(o: AdminOrg) {
const plan = prompt(
`Change plan for "${o.name}". Current: ${o.plan}. Pick one of: hobby, pro, team, enterprise`,
o.plan,
);
if (!plan || !['hobby', 'pro', 'team', 'enterprise'].includes(plan)) return;
await apiFetch(`/v1/admin/orgs/${o.id}`, {
method: 'PATCH',
body: JSON.stringify({ plan }),
});
reload();
}
async function setQuota(o: AdminOrg) {
const next = prompt(`New monthly call quota for "${o.name}":`, String(o.monthlyCallQuota));
if (!next) return;
const parsed = Number(next);
if (!Number.isFinite(parsed) || parsed < 0) {
alert('Invalid number');
return;
}
await apiFetch(`/v1/admin/orgs/${o.id}`, {
method: 'PATCH',
body: JSON.stringify({ monthlyCallQuota: parsed }),
});
reload();
}
async function toggleSuspend(o: AdminOrg) {
if (o.suspended) {
if (!confirm(`Lift suspension on "${o.name}"?`)) return;
await apiFetch(`/v1/admin/orgs/${o.id}`, {
method: 'PATCH',
body: JSON.stringify({ suspended: false, suspendedReason: null }),
});
} else {
const reason = prompt(
`Suspend "${o.name}"? This pauses ALL their MCP servers. Reason (visible in audit log):`,
'',
);
if (reason === null) return;
await apiFetch(`/v1/admin/orgs/${o.id}`, {
method: 'PATCH',
body: JSON.stringify({ suspended: true, suspendedReason: reason || 'Suspended by admin' }),
});
}
reload();
}
const filtered = orgs?.filter((o) =>
search
? o.name.toLowerCase().includes(search.toLowerCase()) ||
o.slug.toLowerCase().includes(search.toLowerCase())
: true,
);
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">Organizations</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Plan management, quota overrides, suspension.
</p>
</header>
<div className="mb-4">
<Input
value={search}
onChange={(e) => setSearch(e.target.value)}
placeholder="Search by name or slug…"
className="w-80"
/>
</div>
<div className="panel">
{!filtered && (
<p className="px-4 py-3 text-[12.5px] text-[--color-fg-muted]">Loading</p>
)}
{filtered && filtered.length === 0 && (
<p className="px-4 py-12 text-center text-[13px] text-[--color-fg-muted]">No matches.</p>
)}
{filtered && filtered.length > 0 && (
<table className="w-full text-[12.5px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">Name</th>
<th className="px-4 py-2 text-left font-medium">Plan</th>
<th className="px-4 py-2 text-left font-medium">Members</th>
<th className="px-4 py-2 text-left font-medium">Servers</th>
<th className="px-4 py-2 text-left font-medium">Calls / quota</th>
<th className="px-4 py-2 text-left font-medium">Status</th>
<th className="px-4 py-2 text-right font-medium">Actions</th>
</tr>
</thead>
<tbody>
{filtered.map((o) => (
<tr key={o.id} className="border-b border-[--color-border] last:border-0">
<td className="px-4 py-2.5">
<div>{o.name}</div>
<div className="mono text-[11px] text-[--color-fg-subtle]">{o.slug}</div>
</td>
<td className="px-4 py-2.5">
<span className="mono rounded-full border border-[--color-border] bg-[--color-bg-subtle] px-2 py-0.5 text-[11px]">
{o.plan}
</span>
</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">{o.memberCount}</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">{o.serverCount}</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">
{o.callsThisPeriod.toLocaleString()} / {o.monthlyCallQuota.toLocaleString()}
</td>
<td className="px-4 py-2.5">
{o.suspended ? (
<span
className="inline-flex items-center gap-1 rounded-full border border-red-400/40 bg-red-400/10 px-2 py-0.5 text-[11px] text-red-300"
title={o.suspendedReason ?? ''}
>
suspended
</span>
) : (
<span className="inline-flex items-center gap-1 rounded-full border border-emerald-400/40 bg-emerald-400/10 px-2 py-0.5 text-[11px] text-emerald-300">
active
</span>
)}
</td>
<td className="px-4 py-2.5 text-right">
<div className="inline-flex gap-1">
<Button variant="ghost" size="sm" onClick={() => changePlan(o)}>
plan
</Button>
<Button variant="ghost" size="sm" onClick={() => setQuota(o)}>
quota
</Button>
<Button variant="danger" size="sm" onClick={() => toggleSuspend(o)}>
{o.suspended ? 'unsuspend' : 'suspend'}
</Button>
</div>
</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
);
}

198
apps/web/app/admin/page.tsx Normal file
View File

@ -0,0 +1,198 @@
'use client';
import { useEffect, useState } from 'react';
import Link from 'next/link';
import { apiFetch } from '@/lib/api';
import { StatusPill } from '@/components/status-pill';
interface Overview {
totals: {
users: number;
orgs: number;
servers: number;
liveServers: number;
builds: number;
failedBuilds: number;
toolCalls: number;
};
trends: { newUsersLast7d: number; newServersLast7d: number };
statusBreakdown: { status: string; c: number }[];
recentBuilds24h: { status: string; c: number }[];
recentActivity: {
id: string;
action: string;
resourceType: string | null;
resourceId: string | null;
metadata: Record<string, unknown> | null;
ipAddress: string | null;
createdAt: string;
}[];
}
export default function AdminOverview() {
const [data, setData] = useState<Overview | null>(null);
useEffect(() => {
apiFetch<Overview>('/v1/admin/overview').then(setData);
const t = setInterval(() => apiFetch<Overview>('/v1/admin/overview').then(setData), 8000);
return () => clearInterval(t);
}, []);
if (!data) {
return <div className="px-8 py-8 mono text-[12px] text-[--color-fg-muted]">Loading</div>;
}
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">Admin overview</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Live system metrics refreshes every 8 seconds.
</p>
</header>
<div className="grid gap-3 md:grid-cols-4">
<Card label="Users" value={data.totals.users} sub={`+${data.trends.newUsersLast7d} last 7d`} />
<Card
label="Organizations"
value={data.totals.orgs}
sub={`${data.totals.users / Math.max(1, data.totals.orgs)}× users/org avg`}
subRender={`${(data.totals.users / Math.max(1, data.totals.orgs)).toFixed(1)}× users/org avg`}
/>
<Card
label="MCP servers"
value={data.totals.servers}
sub={`${data.totals.liveServers} live · +${data.trends.newServersLast7d} last 7d`}
/>
<Card
label="Tool calls"
value={data.totals.toolCalls}
sub={
data.totals.builds === 0
? '0 builds'
: `${(((data.totals.builds - data.totals.failedBuilds) / data.totals.builds) * 100).toFixed(0)}% build success`
}
/>
</div>
<div className="mt-8 grid gap-6 md:grid-cols-2">
<Panel title="Server status">
{data.statusBreakdown.length === 0 ? (
<Empty text="No servers." />
) : (
<ul className="space-y-2">
{data.statusBreakdown.map((row) => (
<li
key={row.status}
className="flex items-center justify-between text-[12.5px]"
>
<StatusPill status={row.status as never} />
<span className="mono text-[--color-fg]">{row.c}</span>
</li>
))}
</ul>
)}
</Panel>
<Panel title="Builds (last 24h)">
{data.recentBuilds24h.length === 0 ? (
<Empty text="No builds in the last 24h." />
) : (
<ul className="space-y-2">
{data.recentBuilds24h.map((row) => (
<li
key={row.status}
className="flex items-center justify-between text-[12.5px]"
>
<StatusPill status={row.status as never} />
<span className="mono text-[--color-fg]">{row.c}</span>
</li>
))}
</ul>
)}
</Panel>
</div>
<div className="mt-8">
<div className="flex items-baseline justify-between">
<h2 className="text-[14px] font-semibold tracking-tight">Recent activity</h2>
<Link href="/admin/audit" className="text-[12px] text-[--color-fg-muted] hover:text-[--color-fg]">
Full audit log
</Link>
</div>
<div className="panel mt-3">
{data.recentActivity.length === 0 ? (
<Empty text="No activity yet." />
) : (
<table className="w-full text-[12px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">When</th>
<th className="px-4 py-2 text-left font-medium">Action</th>
<th className="px-4 py-2 text-left font-medium">Resource</th>
<th className="px-4 py-2 text-left font-medium">IP</th>
</tr>
</thead>
<tbody>
{data.recentActivity.map((e) => (
<tr key={e.id} className="border-b border-[--color-border] last:border-0">
<td className="px-4 py-2 mono text-[--color-fg-muted]">
{new Date(e.createdAt).toLocaleString()}
</td>
<td className="px-4 py-2">
<span className="mono rounded-full border border-[--color-border] bg-[--color-bg-subtle] px-2 py-0.5 text-[11px]">
{e.action}
</span>
</td>
<td className="px-4 py-2 mono text-[--color-fg-muted]">
{e.resourceType
? `${e.resourceType}/${e.resourceId?.slice(0, 8) ?? '—'}`
: '—'}
</td>
<td className="px-4 py-2 mono text-[--color-fg-muted]">{e.ipAddress ?? '—'}</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
</div>
);
}
function Card({
label,
value,
sub,
subRender,
}: {
label: string;
value: number;
sub?: string;
subRender?: string;
}) {
return (
<div className="panel p-4">
<div className="text-[11px] uppercase tracking-wider text-[--color-fg-subtle]">{label}</div>
<div className="mt-1.5 text-[24px] font-semibold tabular-nums tracking-tight">
{value.toLocaleString()}
</div>
{sub && (
<div className="mt-1 text-[12px] text-[--color-fg-muted]">{subRender ?? sub}</div>
)}
</div>
);
}
function Panel({ title, children }: { title: string; children: React.ReactNode }) {
return (
<div className="panel p-4">
<div className="text-[11px] uppercase tracking-wider text-[--color-fg-subtle]">{title}</div>
<div className="mt-3">{children}</div>
</div>
);
}
function Empty({ text }: { text: string }) {
return <p className="text-[12.5px] text-[--color-fg-muted]">{text}</p>;
}

157
apps/web/app/admin/prompt/page.tsx Normal file
View File

@ -0,0 +1,157 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { Button } from '@/components/ui/button';
import { Textarea } from '@/components/input';
import { CodeBlock } from '@/components/code-block';
interface PromptData {
builtin: string;
override: string | null;
updatedAt: string | null;
}
export default function AdminPromptPage() {
const [data, setData] = useState<PromptData | null>(null);
const [draft, setDraft] = useState('');
const [saving, setSaving] = useState(false);
const [message, setMessage] = useState<string | null>(null);
async function reload() {
const r = await apiFetch<PromptData>('/v1/admin/prompt');
setData(r);
setDraft(r.override ?? r.builtin);
}
useEffect(() => {
reload();
}, []);
async function save() {
if (!data) return;
setSaving(true);
setMessage(null);
try {
// Only persist as override if it differs from built-in
const value = draft === data.builtin ? null : draft;
await apiFetch('/v1/admin/prompt', {
method: 'PATCH',
body: JSON.stringify({ value }),
});
setMessage(value === null ? 'Reverted to built-in prompt.' : 'Override saved.');
await reload();
} catch (e) {
setMessage(`Failed: ${(e as Error).message}`);
} finally {
setSaving(false);
}
}
async function revert() {
if (!data) return;
if (!confirm('Drop the override and use the built-in prompt?')) return;
await apiFetch('/v1/admin/prompt', { method: 'PATCH', body: JSON.stringify({ value: null }) });
await reload();
setMessage('Reverted to built-in.');
}
if (!data) return <div className="px-8 py-8 mono text-[12px] text-[--color-fg-muted]">Loading</div>;
const dirty = draft !== (data.override ?? data.builtin);
const isOverridden = data.override !== null;
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">AI prompt</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
The system prompt the generator hands to Claude when parsing user requests. Override at
your own risk bad prompts cause low-quality builds.
</p>
</header>
<div className="grid gap-4 md:grid-cols-[1fr_280px]">
<div>
<div className="flex items-baseline justify-between">
<h2 className="text-[14px] font-semibold tracking-tight">Live prompt</h2>
<span className="mono text-[10.5px] uppercase tracking-wider text-[--color-fg-subtle]">
{draft.length} chars
</span>
</div>
<Textarea
rows={28}
value={draft}
onChange={(e) => setDraft(e.target.value)}
className="mt-3 mono text-[12px]"
spellCheck={false}
/>
{message && (
<p className="mt-2 text-[12px] text-[--color-fg-muted]">{message}</p>
)}
<div className="mt-4 flex justify-end gap-2">
{isOverridden && (
<Button variant="ghost" size="md" onClick={revert} disabled={saving}>
Drop override
</Button>
)}
<Button variant="primary" size="md" onClick={save} disabled={!dirty || saving}>
{saving ? 'Saving…' : isOverridden ? 'Save override' : 'Save as override'}
</Button>
</div>
</div>
<aside className="space-y-3">
<div className="panel p-3">
<div className="text-[11px] uppercase tracking-wider text-[--color-fg-subtle]">
Status
</div>
<div className="mt-2 text-[13px]">
{isOverridden ? (
<>
<span className="text-amber-300">Override active</span>
{data.updatedAt && (
<div className="mono text-[11px] text-[--color-fg-subtle]">
since {new Date(data.updatedAt).toLocaleString()}
</div>
)}
</>
) : (
<span className="text-emerald-300">Using built-in</span>
)}
</div>
</div>
<div className="panel p-3">
<div className="text-[11px] uppercase tracking-wider text-[--color-fg-subtle]">
Built-in baseline
</div>
<p className="mt-2 text-[12px] text-[--color-fg-muted]">
Shipped with <span className="mono">@bmm/llm</span>. Restored if you drop the
override.
</p>
</div>
<div className="panel p-3">
<div className="text-[11px] uppercase tracking-wider text-[--color-fg-subtle]">
Warning
</div>
<p className="mt-2 text-[12px] text-[--color-fg-muted]">
Prompt changes apply to <em>new builds only</em>. Existing servers run their
generated code as-is and aren&apos;t affected until iterated.
</p>
</div>
</aside>
</div>
{dirty && (
<div className="mt-6">
<h3 className="text-[13px] font-semibold tracking-tight">Diff preview</h3>
<CodeBlock
label="proposed → builtin"
code={`+ ${draft.length} chars\n- ${(data.override ?? data.builtin).length} chars\n→ ${
draft.length - (data.override ?? data.builtin).length > 0 ? '+' : ''
}${draft.length - (data.override ?? data.builtin).length} chars`}
/>
</div>
)}
</div>
);
}

152
apps/web/app/admin/servers/page.tsx Normal file
View File

@ -0,0 +1,152 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { Button } from '@/components/ui/button';
import { StatusPill } from '@/components/status-pill';
import { Trash2, RefreshCw } from 'lucide-react';
interface Row {
server: {
id: string;
slug: string;
name: string;
status: string;
currentVersion: number;
publicUrl: string | null;
hostPort: number | null;
createdAt: string;
updatedAt: string;
};
org: { id: string; name: string; slug: string; plan: string };
}
const STATUS_FILTERS = ['', 'live', 'building', 'deploying', 'generating', 'failed', 'paused', 'draft'];
export default function AdminServersPage() {
const [rows, setRows] = useState<Row[] | null>(null);
const [status, setStatus] = useState('');
async function reload() {
const r = await apiFetch<{ servers: Row[] }>(
`/v1/admin/servers${status ? `?status=${status}` : ''}`,
);
setRows(r.servers);
}
useEffect(() => {
reload();
}, [status]);
async function rebuild(s: Row['server']) {
if (!confirm(`Trigger a force rebuild of "${s.name}" (v${s.currentVersion} → v${s.currentVersion + 1})?`)) return;
try {
await apiFetch(`/v1/admin/servers/${s.id}/rebuild`, { method: 'POST' });
reload();
} catch (e) {
alert(`Failed: ${(e as Error).message}`);
}
}
async function remove(s: Row['server']) {
if (!confirm(`Permanently delete "${s.name}" and stop its container?`)) return;
await apiFetch(`/v1/admin/servers/${s.id}`, { method: 'DELETE' });
reload();
}
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">MCP servers</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Cross-organization view. Force rebuilds, deletions, status filtering.
</p>
</header>
<div className="mb-4 flex gap-2">
<select
value={status}
onChange={(e) => setStatus(e.target.value)}
className="h-8 rounded-md border border-[--color-border] bg-[--color-bg-subtle] px-2 text-[13px] focus:border-[--color-accent] focus:outline-none"
>
{STATUS_FILTERS.map((s) => (
<option key={s} value={s}>
{s ? s : 'All statuses'}
</option>
))}
</select>
</div>
<div className="panel">
{rows === null && (
<p className="px-4 py-3 text-[12.5px] text-[--color-fg-muted]">Loading</p>
)}
{rows && rows.length === 0 && (
<p className="px-4 py-12 text-center text-[13px] text-[--color-fg-muted]">No servers.</p>
)}
{rows && rows.length > 0 && (
<table className="w-full text-[12.5px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">Name</th>
<th className="px-4 py-2 text-left font-medium">Org</th>
<th className="px-4 py-2 text-left font-medium">Status</th>
<th className="px-4 py-2 text-left font-medium">URL</th>
<th className="px-4 py-2 text-left font-medium">Updated</th>
<th className="px-4 py-2 text-right font-medium">Actions</th>
</tr>
</thead>
<tbody>
{rows.map((r) => (
<tr key={r.server.id} className="border-b border-[--color-border] last:border-0">
<td className="px-4 py-2.5">
<div className="font-medium">{r.server.name}</div>
<div className="mono text-[11px] text-[--color-fg-subtle]">
{r.server.slug} · v{r.server.currentVersion}
</div>
</td>
<td className="px-4 py-2.5">
<div>{r.org.name}</div>
<div className="mono text-[11px] text-[--color-fg-subtle]">
{r.org.plan}
</div>
</td>
<td className="px-4 py-2.5">
<StatusPill status={r.server.status as never} />
</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">
{r.server.publicUrl ? (
<a
href={`${r.server.publicUrl}/mcp`}
target="_blank"
rel="noreferrer"
className="hover:text-[--color-fg]"
>
{r.server.publicUrl}
</a>
) : (
'—'
)}
</td>
<td className="px-4 py-2.5 text-[--color-fg-muted]">
{new Date(r.server.updatedAt).toLocaleString()}
</td>
<td className="px-4 py-2.5 text-right">
<div className="inline-flex gap-1">
<Button variant="ghost" size="sm" onClick={() => rebuild(r.server)}>
<RefreshCw size={11} /> rebuild
</Button>
<Button variant="danger" size="sm" onClick={() => remove(r.server)}>
<Trash2 size={11} />
</Button>
</div>
</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
);
}

124
apps/web/app/admin/system/page.tsx Normal file
View File

@ -0,0 +1,124 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { cn } from '@/lib/cn';
interface SystemHealth {
probedAtMs: number;
db: { ok: boolean; latencyMs: number | null };
redis: { ok: boolean; latencyMs: number | null; queueDepth: number | null };
docker: { containerCount: number | null };
}
export default function AdminSystemPage() {
const [health, setHealth] = useState<SystemHealth | null>(null);
useEffect(() => {
apiFetch<SystemHealth>('/v1/admin/system').then(setHealth);
const t = setInterval(() => apiFetch<SystemHealth>('/v1/admin/system').then(setHealth), 5000);
return () => clearInterval(t);
}, []);
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">System health</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
Live probes Postgres, Redis, BullMQ queue depth, Docker container count. Refreshes
every 5 seconds.
</p>
</header>
{!health && (
<p className="mono text-[12px] text-[--color-fg-muted]">Probing</p>
)}
{health && (
<div className="grid gap-4 md:grid-cols-2">
<ServiceCard
title="Postgres"
ok={health.db.ok}
primary={
health.db.latencyMs !== null ? `${health.db.latencyMs}ms` : '—'
}
sub="DATABASE_URL · primary store"
/>
<ServiceCard
title="Redis"
ok={health.redis.ok}
primary={
health.redis.latencyMs !== null ? `${health.redis.latencyMs}ms` : '—'
}
sub="REDIS_URL · BullMQ + pubsub + preview cache"
/>
<ServiceCard
title="Build queue"
ok={health.redis.queueDepth !== null}
primary={
health.redis.queueDepth === null
? '—'
: `${health.redis.queueDepth} pending`
}
sub="waiting + active + delayed jobs"
/>
<ServiceCard
title="Docker containers"
ok={health.docker.containerCount !== null}
primary={
health.docker.containerCount === null
? '—'
: `${health.docker.containerCount} running`
}
sub="bmm-mcp-* matching containers"
/>
</div>
)}
{health && (
<p className="mt-6 mono text-[10.5px] text-[--color-fg-subtle]">
probed in {health.probedAtMs}ms
</p>
)}
</div>
);
}
function ServiceCard({
title,
ok,
primary,
sub,
}: {
title: string;
ok: boolean;
primary: string;
sub: string;
}) {
return (
<div className="panel p-4">
<div className="flex items-baseline justify-between">
<div className="text-[11px] uppercase tracking-wider text-[--color-fg-subtle]">{title}</div>
<span
className={cn(
'inline-flex items-center gap-1.5 rounded-full border px-2 py-0.5 text-[10.5px] font-medium',
ok
? 'border-emerald-400/40 bg-emerald-400/10 text-emerald-300'
: 'border-red-400/40 bg-red-400/10 text-red-300',
)}
>
<span
className={cn(
'size-1.5 rounded-full',
ok ? 'bg-emerald-400' : 'bg-red-400',
)}
style={ok ? { animation: 'pulse-dot 1.6s ease-in-out infinite' } : undefined}
/>
{ok ? 'ok' : 'down'}
</span>
</div>
<div className="mt-2 mono text-[22px] font-semibold tabular-nums">{primary}</div>
<div className="mt-1 text-[12px] text-[--color-fg-muted]">{sub}</div>
</div>
);
}

144
apps/web/app/admin/users/page.tsx Normal file
View File

@ -0,0 +1,144 @@
'use client';
import { useEffect, useState } from 'react';
import { apiFetch } from '@/lib/api';
import { Input } from '@/components/input';
import { Button } from '@/components/ui/button';
import { ShieldCheck, Trash2 } from 'lucide-react';
interface AdminUser {
id: string;
email: string;
name: string | null;
isAdmin: boolean;
emailVerified: boolean;
lastLoginAt: string | null;
createdAt: string;
org: { orgId: string; orgName: string; orgSlug: string; plan: string; role: string } | null;
serverCount: number;
}
export default function AdminUsersPage() {
const [users, setUsers] = useState<AdminUser[] | null>(null);
const [search, setSearch] = useState('');
async function reload() {
const r = await apiFetch<{ users: AdminUser[] }>(
`/v1/admin/users${search ? `?search=${encodeURIComponent(search)}` : ''}`,
);
setUsers(r.users);
}
useEffect(() => {
reload();
}, [search]);
async function toggleAdmin(u: AdminUser) {
if (!confirm(`${u.isAdmin ? 'Revoke' : 'Grant'} admin for ${u.email}?`)) return;
await apiFetch(`/v1/admin/users/${u.id}`, {
method: 'PATCH',
body: JSON.stringify({ isAdmin: !u.isAdmin }),
});
reload();
}
async function remove(u: AdminUser) {
if (!confirm(`Delete user ${u.email}? This cascades to their org and servers.`)) return;
try {
await apiFetch(`/v1/admin/users/${u.id}`, { method: 'DELETE' });
reload();
} catch (e) {
const detail = (e as { detail?: { error?: string } }).detail;
alert(`Failed: ${detail?.error ?? (e as Error).message}`);
}
}
return (
<div className="px-8 py-8">
<header className="mb-6">
<h1 className="text-[22px] font-semibold tracking-tight">Users</h1>
<p className="mt-1 text-[13px] text-[--color-fg-muted]">
{users?.length ?? 0} total. Click admin toggle to elevate or revoke privileges.
</p>
</header>
<div className="mb-4">
<Input
value={search}
onChange={(e) => setSearch(e.target.value)}
placeholder="Search by email or name…"
className="w-80"
/>
</div>
<div className="panel">
{users === null && (
<p className="px-4 py-3 text-[12.5px] text-[--color-fg-muted]">Loading</p>
)}
{users && users.length === 0 && (
<p className="px-4 py-12 text-center text-[13px] text-[--color-fg-muted]">No matches.</p>
)}
{users && users.length > 0 && (
<table className="w-full text-[12.5px]">
<thead className="border-b border-[--color-border] text-[--color-fg-subtle]">
<tr>
<th className="px-4 py-2 text-left font-medium">Email</th>
<th className="px-4 py-2 text-left font-medium">Org</th>
<th className="px-4 py-2 text-left font-medium">Plan</th>
<th className="px-4 py-2 text-left font-medium">Servers</th>
<th className="px-4 py-2 text-left font-medium">Last login</th>
<th className="px-4 py-2 text-left font-medium">Joined</th>
<th className="px-4 py-2 text-right font-medium">Actions</th>
</tr>
</thead>
<tbody>
{users.map((u) => (
<tr key={u.id} className="border-b border-[--color-border] last:border-0">
<td className="px-4 py-2.5">
<div className="flex items-center gap-2">
{u.isAdmin && (
<span
className="inline-flex h-4 items-center gap-0.5 rounded-full border border-[--color-accent]/40 bg-[--color-accent]/10 px-1.5 text-[10px] font-medium text-[--color-accent]"
title="admin"
>
<ShieldCheck size={9} /> admin
</span>
)}
<span className="mono">{u.email}</span>
</div>
{u.name && (
<div className="text-[11px] text-[--color-fg-subtle]">{u.name}</div>
)}
</td>
<td className="px-4 py-2.5 text-[--color-fg-muted]">{u.org?.orgName ?? '—'}</td>
<td className="px-4 py-2.5">
<span className="mono rounded-full border border-[--color-border] bg-[--color-bg-subtle] px-2 py-0.5 text-[11px]">
{u.org?.plan ?? '—'}
</span>
</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">{u.serverCount}</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">
{u.lastLoginAt ? new Date(u.lastLoginAt).toLocaleString() : '—'}
</td>
<td className="px-4 py-2.5 mono text-[--color-fg-muted]">
{new Date(u.createdAt).toLocaleDateString()}
</td>
<td className="px-4 py-2.5 text-right">
<div className="inline-flex gap-1">
<Button variant="ghost" size="sm" onClick={() => toggleAdmin(u)}>
{u.isAdmin ? 'revoke admin' : 'make admin'}
</Button>
<Button variant="danger" size="sm" onClick={() => remove(u)}>
<Trash2 size={11} />
</Button>
</div>
</td>
</tr>
))}
</tbody>
</table>
)}
</div>
</div>
);
}

144
packages/auth/src/index.ts
View File

@ -3,6 +3,8 @@ import { and, createDb, eq, gt, type Database, magicLinks, memberships, organiza
const MAGIC_LINK_TTL_MS = 15 * 60 * 1000; // 15 min
const SESSION_TTL_MS = 30 * 24 * 60 * 60 * 1000; // 30 days
const SCRYPT_KEYLEN = 64;
const SCRYPT_N = 16_384;
function sha256(input: string): string {
return crypto.createHash('sha256').update(input).digest('hex');
@ -12,6 +14,27 @@ function randomToken(bytes = 32): string {
return crypto.randomBytes(bytes).toString('base64url');
}
export function hashPassword(password: string): string {
const salt = crypto.randomBytes(16).toString('hex');
const derived = crypto
.scryptSync(password, salt, SCRYPT_KEYLEN, { N: SCRYPT_N })
.toString('hex');
return `scrypt$${SCRYPT_N}$${salt}$${derived}`;
}
export function verifyPassword(password: string, stored: string): boolean {
const parts = stored.split('$');
if (parts.length !== 4 || parts[0] !== 'scrypt') return false;
const N = Number.parseInt(parts[1] ?? '', 10);
const salt = parts[2];
const expectedHex = parts[3];
if (!Number.isFinite(N) || !salt || !expectedHex) return false;
const expected = Buffer.from(expectedHex, 'hex');
const actual = crypto.scryptSync(password, salt, expected.length, { N });
if (actual.length !== expected.length) return false;
return crypto.timingSafeEqual(actual, expected);
}
function slugify(input: string): string {
return input
.toLowerCase()
@ -105,6 +128,7 @@ export interface AuthedUser {
orgId: string;
email: string;
role: string;
isAdmin: boolean;
}
export async function getSession(
@ -118,6 +142,7 @@ export async function getSession(
userId: sessions.userId,
expiresAt: sessions.expiresAt,
email: users.email,
isAdmin: users.isAdmin,
})
.from(sessions)
.innerJoin(users, eq(users.id, sessions.userId))
@ -130,7 +155,13 @@ export async function getSession(
.where(eq(memberships.userId, row.userId))
.limit(1);
if (!membership) return null;
return { userId: row.userId, orgId: membership.orgId, email: row.email, role: membership.role };
return {
userId: row.userId,
orgId: membership.orgId,
email: row.email,
role: membership.role,
isAdmin: row.isAdmin,
};
}
export async function destroySession(sessionToken: string, db: Database = createDb()): Promise<void> {
@ -138,4 +169,115 @@ export async function destroySession(sessionToken: string, db: Database = create
await db.delete(sessions).where(eq(sessions.tokenHash, hash));
}
export interface PasswordLoginResult {
sessionToken: string;
userId: string;
orgId: string;
email: string;
isAdmin: boolean;
}
export async function loginWithPassword(
emailRaw: string,
password: string,
meta: { ipAddress?: string; userAgent?: string } = {},
db: Database = createDb(),
): Promise<PasswordLoginResult> {
const email = emailRaw.trim().toLowerCase();
const [user] = await db.select().from(users).where(eq(users.email, email)).limit(1);
if (!user || !user.passwordHash) {
throw new Error('invalid_credentials');
}
if (!verifyPassword(password, user.passwordHash)) {
throw new Error('invalid_credentials');
}
const [membership] = await db
.select()
.from(memberships)
.where(eq(memberships.userId, user.id))
.limit(1);
if (!membership) throw new Error('no_org_membership');
const sessionToken = randomToken(32);
await db.insert(sessions).values({
userId: user.id,
tokenHash: sha256(sessionToken),
expiresAt: new Date(Date.now() + SESSION_TTL_MS),
ipAddress: meta.ipAddress,
userAgent: meta.userAgent,
});
await db.update(users).set({ lastLoginAt: new Date() }).where(eq(users.id, user.id));
return {
sessionToken,
userId: user.id,
orgId: membership.orgId,
email: user.email,
isAdmin: user.isAdmin,
};
}
export interface SeedAdminInput {
email: string;
password: string;
name?: string;
}
export async function seedAdmin(
input: SeedAdminInput,
db: Database = createDb(),
): Promise<{ created: boolean; userId: string; orgId: string }> {
const email = input.email.trim().toLowerCase();
const existing = (await db.select().from(users).where(eq(users.email, email)).limit(1))[0];
if (existing) {
const updates: Partial<typeof users.$inferInsert> = {};
if (!existing.isAdmin) updates.isAdmin = true;
if (!existing.passwordHash) updates.passwordHash = hashPassword(input.password);
if (!existing.emailVerified) updates.emailVerified = true;
if (input.name && !existing.name) updates.name = input.name;
if (Object.keys(updates).length > 0) {
await db.update(users).set(updates).where(eq(users.id, existing.id));
}
const [m] = await db
.select()
.from(memberships)
.where(eq(memberships.userId, existing.id))
.limit(1);
if (!m) {
// Has a user but no org — bootstrap one
const orgSlug = `admin-${randomToken(3).toLowerCase()}`;
const [org] = await db
.insert(organizations)
.values({ slug: orgSlug, name: `${input.name ?? 'Admin'} workspace`, plan: 'enterprise' })
.returning();
if (!org) throw new Error('org_create_failed');
await db.insert(memberships).values({ orgId: org.id, userId: existing.id, role: 'owner' });
return { created: false, userId: existing.id, orgId: org.id };
}
return { created: false, userId: existing.id, orgId: m.orgId };
}
const [user] = await db
.insert(users)
.values({
email,
emailVerified: true,
isAdmin: true,
name: input.name,
passwordHash: hashPassword(input.password),
})
.returning();
if (!user) throw new Error('user_create_failed');
const orgSlug = `admin-${randomToken(3).toLowerCase()}`;
const [org] = await db
.insert(organizations)
.values({ slug: orgSlug, name: `${input.name ?? 'Admin'} workspace`, plan: 'enterprise' })
.returning();
if (!org) throw new Error('org_create_failed');
await db.insert(memberships).values({ orgId: org.id, userId: user.id, role: 'owner' });
return { created: true, userId: user.id, orgId: org.id };
}
export const __test = { sha256, randomToken, slugify };

13
packages/db/src/schema.ts
View File

@ -45,15 +45,28 @@ export const organizations = pgTable('organizations', {
monthlyCallQuota: bigint('monthly_call_quota', { mode: 'number' }).default(100_000).notNull(),
callsThisPeriod: bigint('calls_this_period', { mode: 'number' }).default(0).notNull(),
periodStartsAt: timestamp('period_starts_at').defaultNow().notNull(),
suspended: boolean('suspended').default(false).notNull(),
suspendedReason: text('suspended_reason'),
createdAt: timestamp('created_at').defaultNow().notNull(),
});
export const adminSettings = pgTable('admin_settings', {
id: uuid('id').defaultRandom().primaryKey(),
key: varchar('key', { length: 64 }).notNull().unique(),
value: text('value'),
updatedBy: uuid('updated_by').references(() => users.id, { onDelete: 'set null' }),
updatedAt: timestamp('updated_at').defaultNow().notNull(),
});
export const users = pgTable('users', {
id: uuid('id').defaultRandom().primaryKey(),
email: varchar('email', { length: 255 }).notNull().unique(),
name: varchar('name', { length: 128 }),
avatarUrl: text('avatar_url'),
emailVerified: boolean('email_verified').default(false).notNull(),
isAdmin: boolean('is_admin').default(false).notNull(),
passwordHash: text('password_hash'),
lastLoginAt: timestamp('last_login_at'),
createdAt: timestamp('created_at').defaultNow().notNull(),
});