replit/timmy-tower
2
0
Fork 0
Code Issues 26 Pull Requests 5 Actions Packages Projects Releases Wiki Activity
Files
c168081c7ef2b268bd2ea7eede51b94e4c416414
timmy-tower/artifacts
History
alexpaynex c168081c7e task/33: Relay admin panel at /api/admin/relay 
## What was built
A full operator dashboard for the Timmy relay, served as server-side HTML
from Express at GET /api/admin/relay — no build step, no separate frontend.
Follows the existing ui.ts pattern with vanilla JS.

## New API endpoint
GET /api/admin/relay/stats (added to admin-relay.ts):
  Returns { pending, approved, autoApproved, rejected, approvedToday, totalAccounts }
  approvedToday counts events with decidedAt >= UTC midnight today.
  Uses Drizzle groupBy on relayEventQueue.status + count(*) aggregate.
  Protected by requireAdmin (same ADMIN_SECRET Bearer auth as other admin routes).

## Admin panel (admin-relay-panel.ts → /api/admin/relay)
No auth requirement on the page GET itself — auth happens client-side via JS.

Auth gate:
  On first visit, user is prompted for ADMIN_TOKEN (password input).
  Token verified against GET /api/admin/relay/stats (401 = wrong token).
  Token stored in localStorage ('relay_admin_token'); loaded on boot.
  Logout clears localStorage and stops the 15s refresh timer.
  Token sent as Bearer Authorization header on every API call.

Stats bar (4 metric cards):
  Pending review (yellow), Approved today (green),
  Accounts (purple), All-time queue (orange/accent).

Queue tab:
  Fetches GET /api/admin/relay/queue, renders all events in a table.
  Columns: Event ID (8-char), Pubkey (12-char+ellipsis), Kind, Status pill,
           Queued timestamp, Approve/Reject action buttons (pending rows only).
  Auto-refreshes every 15 seconds alongside stats.
  Approve/Reject call POST /api/admin/relay/queue/:id/approve|reject.

Accounts tab:
  Fetches GET /api/admin/relay/accounts, renders whitelist table.
  Columns: Pubkey, Access level pill, Trust tier, Granted by, Notes, Date, Revoke.
  Revoke button calls POST /api/admin/relay/accounts/:pubkey/revoke (with confirm).
  Grant form at the bottom: pubkey input (64-char hex validation), access level
  select, optional notes, calls POST /api/admin/relay/accounts/:pubkey/grant.

Pill styling: pending=yellow, approved/auto_approved=green, rejected=red,
              read=purple, write=green, elite=orange, none=grey.

Navigation links: ← Timmy UI, Workshop, Log out.

## Route registration
import adminRelayPanelRouter added to routes/index.ts; router.use() registered
between adminRelayQueueRouter and demoRouter.

## TypeScript: 0 errors. Smoke tests:
- GET /api/admin/relay → 200 HTML with correct <title> ✓
- GET /api/admin/relay/stats (localhost) → 200 with all 6 fields ✓
- Auth gate renders correctly in browser ✓
2026-03-19 20:44:19 +00:00
..
api-server
task/33: Relay admin panel at /api/admin/relay
2026-03-19 20:44:19 +00:00
mockup-sandbox
Initial commit
2026-03-13 23:21:55 +00:00