alvis
e96ceb7ee1
Add POST /api/auth/token — validates ADMIN_TOKEN env var, creates a 24h session and sets the sid cookie so automated tools can access the admin panel without Google OAuth. Admin login page gains a token input form. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1.8 KiB
1.8 KiB
apps/admin — oO Admin Console
Next.js 15 app. Deployed at admin.o.alogins.net (dev: http://localhost:3080).
Contract
- All routes are admin-only. The Next.js middleware calls
GET /api/user/meon every request and checksrole === 'admin'. First admin is seeded viaADMIN_SEED_EMAILenv var at API startup. - Admin write actions are appended to the
admin_actionsaudit log in the DB.
Authentication
Two ways to sign in:
| Method | How |
|---|---|
| Google OAuth | Click "Sign in with Google" on the login page |
| Token | POST /api/auth/token with { token } matching ADMIN_TOKEN env var; sets sid cookie valid for 24 h. Used by Playwright tests and CI automation. |
Pages
| Route | Description |
|---|---|
/ |
Overview: DAU/WAU KPI cards, tips served, reaction breakdown, activation funnel |
/users |
User list (paginated) |
/users/:id |
User detail: identity, consents, integrations, profile features (#81 phase B), tip stats, reward history; revoke-integration + reset-bandit + rebuild-profile actions |
/audit |
Admin action audit log |
/events |
Event stream viewer (stub — pending API history endpoint) |
/reward-analytics |
Reaction distribution + per-policy / per-model / per-prompt-version / per-tip-kind breakdowns with avg reward |
Dev
pnpm --filter @oo/admin dev # starts on :3080
# also run the API: pnpm --filter @oo/api dev (port 3078)
Extraction criteria
Stays as a Next.js app in the monorepo permanently — it's not a candidate for extraction. It gets richer (more pages, embedded MLflow/Grafana) but not split.
Known issues
@tremor/react 3.xdeclares a peer dep on React 18; the workspace uses React 19. Works in practice. Will resolve naturally when Tremor ships React 19 support or when we switch to Tremor v4 (which targets React 18+).