marco/buildmymcpserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c62fcd07ef
buildmymcpserver/apps/web/app/admin/layout.tsx
Marco Sadjadi c62fcd07ef feat(admin): password-auth admin panel with 8 pages + 15 API endpoints 
Schema migrations:
- users.is_admin boolean
- users.password_hash text (scrypt N=16384, 16-byte salt)
- users.last_login_at timestamp
- organizations.suspended + suspended_reason
- admin_settings table (DB-stored prompt override + future settings)

Auth (@bmm/auth):
- hashPassword + verifyPassword via node:crypto scrypt (no extra dep)
- loginWithPassword: scrypt-verifies, issues 30-day session, updates last_login_at
- seedAdmin: idempotent upsert keyed on email; creates org + membership on first run
- AuthedUser now carries isAdmin flag

API:
- POST /v1/auth/admin/login (email + password) — 300ms throttle on failure
- requireAdmin preHandler — 401 if no session, 403 if non-admin
- Bootstrap: api on boot calls seedAdmin(ADMIN_EMAIL, ADMIN_PASSWORD, ADMIN_NAME)
  if env present. Idempotent.

Admin API routes (all gated by requireAdmin):
- GET /v1/admin/overview (totals, trends 7d, server-status breakdown, builds 24h, recent activity)
- GET /v1/admin/users (search, per-row org + plan + serverCount)
- PATCH /v1/admin/users/:id (isAdmin, name)
- DELETE /v1/admin/users/:id (self-delete blocked)
- GET /v1/admin/orgs (member + server counts)
- PATCH /v1/admin/orgs/:id (plan, quota, suspended; cascades to mcp_servers.status=paused on suspend)
- GET /v1/admin/servers (cross-org with status filter)
- POST /v1/admin/servers/:id/rebuild (re-queues build using last prompt)
- DELETE /v1/admin/servers/:id
- GET /v1/admin/builds (status filter, error messages, prompt previews)
- GET /v1/admin/builds/:id/logs
- GET /v1/admin/audit (system-wide with user email join)
- GET /v1/admin/system (DB ping, Redis ping, BullMQ queue depth, docker ps count)
- GET /v1/admin/prompt (builtin + override + updatedAt)
- PATCH /v1/admin/prompt (value: string | null) — saves DB override or drops it

UI (apps/web/app/admin/*):
- /admin/login — password form, separate from /login magic-link
- AdminLayout — Linear-style sidebar (8 nav items), bottom panel with user email +
  'user view' shortcut + logout, client-side requireAdmin guard with redirect
- /admin — overview dashboard with 4 metric cards, 2 panels (status + 24h builds),
  recent activity table linking to full audit
- /admin/users — search + admin toggle + delete (self-delete blocked)
- /admin/orgs — plan/quota/suspend actions via prompts
- /admin/servers — cross-org table with rebuild + delete actions, status filter
- /admin/builds — every build cross-fleet with error vs prompt preview
- /admin/audit — system-wide log + CSV export + filter dropdowns
- /admin/system — auto-refreshing 5s health probes for Postgres, Redis, queue, Docker
- /admin/prompt — live editor for the LLM system prompt with built-in baseline,
  override-state badge, drop-override action, diff preview, save-as-override

End-to-end verified: login as marco.frangiskatos@gmail.com + Melusa112233.*, every
admin page returns 200, admin login + overview tested via screenshot, docker probe
returns true count of running MCP containers.
2026-05-19 23:01:26 +02:00

160 lines
5.2 KiB
TypeScript
Raw Blame History

'use client';
import Link from 'next/link';
import { usePathname, useRouter } from 'next/navigation';
import { useEffect, useState } from 'react';
import {
LayoutGrid,
Users,
Building2,
Server,
Hammer,
FileClock,
Activity,
Wand2,
LogOut,
ShieldAlert,
} from 'lucide-react';
import { apiFetch } from '@/lib/api';
import { cn } from '@/lib/cn';
import { Logo } from '@/components/logo';
interface MeUser {
userId: string;
email: string;
isAdmin: boolean;
}
const NAV: { href: string; label: string; icon: React.ComponentType<{ size?: number }> }[] = [
{ href: '/admin', label: 'Overview', icon: LayoutGrid },
{ href: '/admin/users', label: 'Users', icon: Users },
{ href: '/admin/orgs', label: 'Organizations', icon: Building2 },
{ href: '/admin/servers', label: 'MCP servers', icon: Server },
{ href: '/admin/builds', label: 'Builds', icon: Hammer },
{ href: '/admin/audit', label: 'Audit log', icon: FileClock },
{ href: '/admin/system', label: 'System health', icon: Activity },
{ href: '/admin/prompt', label: 'AI prompt', icon: Wand2 },
];
export default function AdminLayout({ children }: { children: React.ReactNode }) {
const pathname = usePathname();
const router = useRouter();
const [user, setUser] = useState<MeUser | null>(null);
const [authState, setAuthState] = useState<'checking' | 'ok' | 'forbidden'>('checking');
useEffect(() => {
if (pathname === '/admin/login') {
setAuthState('ok');
return;
}
apiFetch<{ user: MeUser }>('/v1/auth/me')
.then((r) => {
if (r.user.isAdmin) {
setUser(r.user);
setAuthState('ok');
} else {
setAuthState('forbidden');
}
})
.catch(() => setAuthState('forbidden'));
}, [pathname]);
useEffect(() => {
if (authState === 'forbidden' && pathname !== '/admin/login') {
router.replace('/admin/login');
}
}, [authState, pathname, router]);
async function logout() {
await apiFetch('/v1/auth/logout', { method: 'POST' }).catch(() => undefined);
router.replace('/admin/login');
}
if (pathname === '/admin/login') return <>{children}</>;
if (authState === 'checking') {
return (
<div className="flex min-h-screen items-center justify-center">
<p className="mono text-[12px] text-[--color-fg-subtle]">verifying admin</p>
</div>
);
}
if (authState === 'forbidden') {
return (
<div className="flex min-h-screen flex-col items-center justify-center gap-3">
<ShieldAlert size={24} className="text-[--color-danger]" />
<p className="text-[14px]">Admin access required.</p>
<Link
href="/admin/login"
className="mono text-[12px] text-[--color-accent] underline hover:text-white"
>
/admin/login
</Link>
</div>
);
}
return (
<div className="flex min-h-screen">
<aside className="sticky top-0 flex h-screen w-[230px] shrink-0 flex-col border-r border-[--color-border] bg-[--color-bg-elevated]">
<div className="flex h-12 items-center gap-2 border-b border-[--color-border] px-4">
<Logo />
<span className="mono text-[10.5px] uppercase tracking-wider text-[--color-fg-subtle]">
/ admin
</span>
</div>
<nav className="flex-1 overflow-y-auto p-2">
<ul className="space-y-0.5">
{NAV.map((item) => {
const Icon = item.icon;
const active =
pathname === item.href ||
(item.href !== '/admin' && pathname.startsWith(item.href));
return (
<li key={item.href}>
<Link
href={item.href}
className={cn(
'flex h-8 items-center gap-2 rounded-md px-2.5 text-[12.5px] transition-colors',
active
? 'bg-[--color-bg-subtle] text-[--color-fg]'
: 'text-[--color-fg-muted] hover:bg-[--color-bg-subtle] hover:text-[--color-fg]',
)}
>
<Icon size={13} />
{item.label}
</Link>
</li>
);
})}
</ul>
</nav>
<div className="border-t border-[--color-border] p-3 text-[12px]">
{user && (
<div className="mb-2 truncate text-[--color-fg-muted]" title={user.email}>
{user.email}
</div>
)}
<div className="flex gap-1">
<Link
href="/dashboard"
className="flex-1 rounded-md border border-[--color-border] px-2 py-1 text-center text-[11px] text-[--color-fg-muted] transition-colors hover:text-[--color-fg]"
>
user view
</Link>
<button
type="button"
onClick={logout}
className="rounded-md border border-[--color-border] px-2 py-1 text-[11px] text-[--color-fg-muted] transition-colors hover:text-[--color-danger]"
aria-label="logout"
>
<LogOut size={11} />
</button>
</div>
</div>
</aside>
<main className="flex-1 overflow-x-hidden">{children}</main>
</div>
);
}
Reference in New Issue View Git Blame Copy Permalink