feat: add web dashboard with dark mode, auth management, and cluster support#159
Merged
Conversation
…support - New dashboard/ module: pure JS frontend (no framework deps), dark mode OLED design, JWT auth with bcrypt - 9 pages: Overview, Clients, Subscriptions, Retained, Nodes, Publish, Auth, ACL, Login - mqtt/rest: 6 new handlers (clients, subscriptions, topics, retained, disconnect, deleteRetained), pagination support - mqtt/rest/auth: AuthManager with 8 Redis-backed auth/ACL CRUD endpoints (3s timeouts) - cluster/rest: 3 cluster aggregation endpoints (clients, subscriptions, retained) with node tagging - mqtt/topics: WalkTopicTree for topic tree inspection - mqtt/clients: ConnectedAt tracking, atomic BytesRecv/BytesSent counters - mqtt/server: added sync.RWMutex to Blacklist (fixes data race with attachClient) - mqtt/rest: replaced strings.Contains with slices.Contains for blacklist exact match - cluster/discovery: serf AdvertiseAddr DNS resolution, mlist Tags passthrough - mqtt/listeners: CORS middleware for dashboard cross-origin support - cmd: dashboard + auth wiring for single and cluster modes - Tests: 37 unit tests (dashboard 11, mqtt/rest 15, mqtt 11)
- Dashboard users configured in dashboard-users.json file (bcrypt hashes) - Add HandleChangePassword endpoint (POST /dashboard/profile/password, behind auth) - Add usersMu sync.Mutex for thread-safe user modification - Add saveUsers to persist updated hashes back to file - Add change password modal in sidebar footer with old/new password fields - Add showPwdModal/showToast JS utilities
- New config fields: dashboard-enable (default true), dashboard.secret-file, dashboard.users-file - dashboard-users.json moved from ./data/ to ./config/ (config directory, not runtime data dir) - cmd/single + cmd/cluster: conditional dashboard init via cfg.DashboardEnable - dashboard.New: auto-defaults AuthSecret/UsersFile when empty, no more hardcoded paths - dashboard/auth.go: built-in defaultAuthSecret constant (no external secret file required) - Docker: COPY config/dashboard-users.json to /app/, updated per-node configs - README: added Dashboard to Features, marked [x] in Roadmap - Added 3 config tests (TestDashboardConfigDefaults/FromYaml/Disabled)
…onfigs - Removed cluster-test/ from git tracking (added to .gitignore) - Added dashboard-users.json to cmd/config/ for non-Docker deployments - Added dashboard-enable + dashboard config to cmd/config/single.yml, node1-3.yml - Added dashboard config to docker/cluster/n1-3/conf.yml
debsahu
added a commit
to debsahu/comqtt-dashboard
that referenced
this pull request
May 13, 2026
Chart bumped to 0.2.0 and appVersion to 0.3.0 so helm install defaults to the matching image. README rewritten to surface the new Authentication and Authorization features, the four supported backends, and the positioning vs upstream's in-tree dashboard (wind-c/comqtt#159).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
dashboard/module: pure JS frontend (no framework deps), dark mode OLED design, JWT HMAC-SHA256 auth with bcrypt password hashingmqtt/rest/auth: AuthManager with 8 Redis-backed auth/ACL CRUD endpoints (3s timeouts)Changes
dashboard/mqtt/rest/mqtt/WalkTopicTree,ConnectedAt, atomicBytesRecv/BytesSent,BlacklistRWMutexcluster/cmd/config/Cluster.HttpPortfieldSecurity / Stability Fixes
Blacklistslice had no mutex: concurrent R/W between dashboard kick/blanch and MQTTattachClient→ data racesync.RWMutexwith exported lock methods;attachClientusesRLockfor readsstrings.Contains(join(Blacklist,","), cid)used substring match → false positivesslices.Containsexact matchauth.gousedcontext.Background()with no timeout → goroutine leak riskcontext.WithTimeout(3s)WalkTopicTreeholds root particle lock for full tree traversal → blocks all subscribe/unsubscribe