Dashboard Overview

Loading...

Dashboard Overview

Welcome to AdvanceAuth Admin Panel - All data in IST timezone

0
Total Users
Loading...
0
Active Today
Real-time
0
New Registrations (30d)
Tracking
0
Banned Users
Monitor
Enhanced Performance
Multi-layer caching system with 3x faster data retrieval. All timestamps in IST.
External Email System
Integrated with nodemailer-five-sigma.vercel.app for OTPs and notifications.
Public API
Rate-limited API endpoints for external applications with 100 requests/15min.
Login Activity (24h)
Hourly login trends in IST
User Registrations
Last 30 days in Indian timezone

Advanced Analytics

Detailed statistics and performance metrics

Weekly Activity
Last 7 days login patterns
Monthly Overview
30-day user engagement
--:--
Peak Login Hour
IST Timezone
0%
7-Day Retention
Active users
0%
Cache Efficiency
Performance

User Management

Manage registered users and their permissions

Registered Users
Username Email Registered (IST) Last Login (IST) Status Actions
Loading users...

Email System

Manage email settings and password reset functionality

Email Configuration
Connected to external nodemailer server at: nodemailer-five-sigma.vercel.app
Password Reset
OTP-based password reset system with 10-minute expiry.

Email Management

Public API Access

API documentation and key management (granular permissions supported)

API Key Management
API Key Name Key (Partial) Permissions Rate Limit Created Expires Status Actions
Loading API keys...

Generate New API Key

Select the permissions you want to grant to this API key.

Public API Endpoint
Rate-limited API endpoint for external applications. 100 requests per 15 minutes per IP. Now supports granular permissions! Use the API key in the x-api-key header.

Available Endpoints (protected by permissions)

All endpoints require the x-api-key header with your API key. Replace YOUR_API_KEY with your actual key.

GET /api/dataapikey/query

Permission required: public_query (always included)

Description: Check if a user exists and validate password. Used by external applications.

Query parameters:
  • tag – username (required)
  • password – user password (required)
  • apikey – your API key (required)
  • serverKey – optional, to restrict to a specific server
Example request: 
GET /api/dataapikey/query?tag=john&password=123456&apikey=YOUR_API_KEY
Example response (success): 
{
    "valid": true,
    "exists": true,
    "username": "john",
    "email": "john@example.com",
    "isBanned": false,
    "timestamp": "23/01/2025, 14:30:45",
    "indianTime": "23/01/2025, 14:30:45",
    "serverTime": "23/01/2025, 14:30:45"
}
Example response (invalid password): 
{
    "valid": false,
    "exists": true,
    "username": "john",
    "email": "john@example.com",
    "isBanned": false,
    "timestamp": "23/01/2025, 14:31:02"
}
POST /api/register

Permission required: users.create

Description: Register a new user on your server.

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "username": "john",
    "password": "123456",
    "email": "john@example.com",
    "licenseKey": "optional-license-key"
}
Example response: 
{
    "message": "User registered successfully",
    "username": "john"
}
GET /api/admin/users

Permission required: users.read

Description: Get a paginated list of users on your server.

Headers: 
x-api-key: YOUR_API_KEY
Query parameters:
  • page – page number (default: 1)
  • limit – users per page (default: 50, max: 100)
Example request: 
GET /api/admin/users?page=1&limit=10
Example response: 
{
    "users": [
        {
            "_id": "65a1b2c3d4e5f6a7b8c9d0e1",
            "username": "john",
            "email": "john@example.com",
            "createdAt": "2025-01-20T10:30:00.000Z",
            "lastLogin": "2025-01-23T14:30:00.000Z",
            "isBanned": false
        }
    ],
    "totalUsers": 150,
    "page": 1,
    "totalPages": 15
}
POST /api/admin/deleteUser

Permission required: users.delete

Description: Permanently delete a user.

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "username": "john"
}
Example response: 
{
    "message": "User deleted successfully"
}
POST /api/admin/banUser

Permission required: users.ban

Description: Ban a user (prevents login).

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "username": "john",
    "banMessage": "Spamming the server"
}
Example response: 
{
    "message": "User banned successfully"
}
POST /api/admin/unbanUser

Permission required: users.unban

Description: Unban a previously banned user.

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "username": "john"
}
Example response: 
{
    "message": "User unbanned successfully"
}
POST /api/admin/changePassword

Permission required: users.change_password

Description: Change a user's password (admin action, does not require old password).

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "username": "john",
    "newPassword": "newpass123"
}
Example response: 
{
    "message": "Password changed successfully"
}
POST /api/admin/users/:username/resetPassword

Permission required: users.reset_password

Description: Reset a user's password and optionally send an email notification.

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "newPassword": "newpass123",
    "sendEmail": true
}
Example response: 
{
    "success": true,
    "message": "Password reset successfully",
    "username": "john",
    "emailSent": true
}
POST /api/admin/user/:username/forceLogout

Permission required: users.force_logout

Description: Invalidate all active sessions for a user, forcing them to log in again.

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body: 
{
    "username": "john"
}
Example response: 
{
    "success": true,
    "message": "All sessions invalidated",
    "username": "john",
    "timestamp": "23/01/2025, 15:45:12"
}
GET /api/admin/user/:username/ipStats

Permission required: users.view_ip

Description: Retrieve IP login history for a specific user.

Headers: 
x-api-key: YOUR_API_KEY
Example request: 
GET /api/admin/user/john/ipStats
Example response: 
{
    "username": "john",
    "totalLogins": 25,
    "uniqueIPs": 3,
    "ipList": ["192.168.1.1", "10.0.0.2", "172.16.0.3"],
    "mostFrequentIP": "192.168.1.1",
    "loginCountByIP": {
        "192.168.1.1": 15,
        "10.0.0.2": 7,
        "172.16.0.3": 3
    },
    "recentIPs": [
        {
            "ip": "192.168.1.1",
            "loginTime": "2025-01-23T14:30:00.000Z",
            "deviceInfo": "Mozilla/5.0 ..."
        }
    ]
}
GET /api/admin/users/export

Permission required: users.export

Description: Export all users as JSON or CSV.

Headers: 
x-api-key: YOUR_API_KEY
Query parameters:
  • formatjson (default) or csv
Example request (JSON): 
GET /api/admin/users/export?format=json
Example response (JSON): 
[
    {
        "username": "john",
        "email": "john@example.com",
        "createdAt": "2025-01-20T10:30:00.000Z",
        "lastLogin": "2025-01-23T14:30:00.000Z",
        "isBanned": false
    },
    ...
]
Example request (CSV): 
GET /api/admin/users/export?format=csv

The response will be a downloadable CSV file.

GET /api/admin/user/:username/sessions

Permission required: users.manage_sessions

Description: List all active sessions for a user.

Headers: 
x-api-key: YOUR_API_KEY
Example request: 
GET /api/admin/user/john/sessions
Example response: 
{
    "username": "john",
    "totalActiveSessions": 2,
    "sessions": [
        {
            "sessionToken": "abc123...",
            "ipAddress": "192.168.1.1",
            "userAgent": "Mozilla/5.0 ...",
            "createdAt": "2025-01-23T14:30:00.000Z",
            "expiresAt": "2025-01-24T14:30:00.000Z",
            "lastActivity": "2025-01-23T15:00:00.000Z",
            "timeRemaining": 1350
        }
    ]
}
POST /api/admin/users/bulk

Permission required: users.ban (for ban/unban) or users.delete (for delete)

Description: Perform bulk operations on multiple users.

Headers: 
x-api-key: YOUR_API_KEY
Content-Type: application/json
Request body (ban): 
{
    "action": "ban",
    "usernames": ["john", "jane", "doe"]
}
Example response: 
{
    "success": true,
    "message": "Bulk ban completed",
    "affected": 3
}

All API keys are automatically scoped to the server they were created for. Use the x-api-key header (not server-key) for external integrations.

System Information

System configuration and performance metrics

2.0.0
System Version
0
Total Servers
0h
System Uptime
0
Active Licenses
System Details
Plugin Name AdvanceAuth
Company Zenuxs
Developer DEVELOPER.RS (Rishabh)
Website https://rs.zenuxs.xyz
Timezone IST (Asia/Kolkata) - UTC+5:30
Total System Users 0
Cache Status Active