feat(admin): add dashboard and token management pages#150
Conversation
Codecov Report❌ Patch coverage is 📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Pull request overview
Adds new admin-facing pages for operational visibility and token lifecycle management.
Changes:
- Introduces an admin dashboard at
/adminshowing aggregated system counts plus a recent audit activity feed. - Adds an admin token management page at
/admin/tokenswith pagination, search, filtering, and revoke/disable/enable actions. - Refactors token pagination/filter parsing and store querying to reduce duplication; adds supporting store/service APIs and tests.
Reviewed changes
Copilot reviewed 23 out of 23 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| internal/templates/static/css/pages/admin-tokens.css | Styling for the admin tokens list (links, scopes truncation, filter dots, expired styling). |
| internal/templates/static/css/pages/admin-dashboard.css | Styling for dashboard metric cards, activity table, quick links, responsive layout. |
| internal/templates/props.go | Adds DashboardPageProps and TokensPageProps for new templates. |
| internal/templates/navbar_component.templ | Extends the admin dropdown to include Dashboard and Tokens links + active state logic. |
| internal/templates/admin_tokens.templ | New admin tokens list UI: search, status/category filters, table, and action forms. |
| internal/templates/admin_dashboard.templ | New admin dashboard UI: metric cards, recent activity table, quick links. |
| internal/store/types/dashboard.go | Adds DashboardCounts struct for raw SQL scan targets. |
| internal/store/token.go | Extracts shared token filtering/pagination helpers and adds GetTokensPaginated. |
| internal/store/token_admin_test.go | Adds store-level tests for token pagination/search/filters and dashboard counts. |
| internal/store/pagination.go | Re-exports DashboardCounts type. |
| internal/store/cleanup.go | Adds GetDashboardCounts raw SQL query used by the dashboard. |
| internal/services/token_query.go | Adds TokenWithUser and ListAllTokensPaginated for admin token listing. |
| internal/services/dashboard.go | Adds DashboardService to fetch counts + recent audit activity. |
| internal/services/dashboard_test.go | Adds tests for DashboardService.GetDashboardStats. |
| internal/mocks/mock_store.go | Updates mocks for new store interfaces/methods (GetTokensPaginated, GetDashboardCounts). |
| internal/handlers/utils.go | Extracts parseTokenPaginationParams (status/category filters) for reuse. |
| internal/handlers/token_admin.go | New handler for admin token list + actions (revoke/disable/enable). |
| internal/handlers/session.go | Uses the shared parseTokenPaginationParams. |
| internal/handlers/dashboard.go | New handler for rendering the admin dashboard page. |
| internal/core/store.go | Extends store interfaces to include dashboard + admin token pagination APIs. |
| internal/bootstrap/services.go | Wires DashboardService into service initialization. |
| internal/bootstrap/router.go | Adds /admin dashboard route and /admin/tokens routes. |
| internal/bootstrap/handlers.go | Wires new dashboard/token-admin handlers into bootstrap. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 8 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Add admin dashboard at /admin with system metrics (users, clients, tokens, pending approvals) fetched in a single raw SQL query using scalar subselects, plus recent audit activity and quick links - Add token management at /admin/tokens with paginated list, search across username/client/scopes, status and category filters, and revoke/disable/enable actions with confirmation dialogs - Extract shared token filter/pagination helpers in store and handler layers to reduce duplication with existing session token queries - Embed DashboardCounts in DashboardStats and TokenWithClient in TokenWithUser to eliminate redundant struct fields - Add Dashboard and Tokens links to admin navbar dropdown
- Use success/warning codes mapped server-side instead of raw query param text to prevent arbitrary content in admin alerts - Add Warning field to TokensPageProps and render AlertWarning for business-rule failures (cannot disable/enable) - Use errors.Is for sentinel error comparison in tokenAction - Rename page title from "Access Tokens" to "Tokens" since both access and refresh tokens are listed - Fix table caption to "List of tokens" - Use single time.Now() in GetDashboardCounts for consistent cutoff
- Add box-shadow: none to custom filter dot overrides for consistent styling with base search-filter-toolbar component - Add confirmation dialogs to Disable and Enable token actions for consistency with Revoke action - Fix singular/plural in dashboard metric detail labels using a pluralize helper
- Guard token ID slice to prevent panic on short IDs - Compute time.Now() once per page render instead of per row - Preserve query params on token action redirects - Add aria-label to icon-only dashboard metric links - Move GetDashboardCounts to dedicated store/dashboard.go
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Normalize CSS indentation to 2-space convention - Add dark mode overrides for token category dot colors - Change DashboardPageProps.Stats from pointer to value type - Move validTokenStatuses/Categories maps to token_admin.go
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Add test for search + status + category filters combined - Add test for search + category filter with no match
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Add title attr with full token ID on truncated prefix display - Fix gofmt formatting in dashboard counts test
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- CopyableValue now displays and copies the full token ID - Remove unused tokenIDPrefix helper
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 23 out of 23 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Import admin-dashboard.css and admin-tokens.css via main.css bundle - Remove standalone link tags for proper cache-busting - Rename "Active Tokens" to "Active Access Tokens" for clarity
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 24 out of 24 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Remove .sf-dot.dot-access/.dot-refresh overrides that leaked globally - Use shared toolbar default dot colors for consistency across pages
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 24 out of 24 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Add test for searching tokens by user email - Add test for searching tokens by scopes
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 24 out of 24 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Return 404 for gorm.ErrRecordNotFound instead of 500 - Guard empty userID from getUserIDFromContext
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 24 out of 24 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 24 out of 24 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 24 out of 24 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Summary
/admin) with system metrics (users, clients, tokens, pending approvals) fetched via single raw SQL query, recent audit activity feed, and quick links/admin/tokens) with paginated list, search across username/client/scopes, status and category filters, and revoke/disable/enable actionsTest plan
/admin— verify 4 metric cards show correct counts, recent activity table loads, quick links work/admin/tokens— verify token list loads with paginationmake test— all tests pass (except known Redis middleware failures)make lint— 0 issues🤖 Generated with Claude Code