mirror of
https://github.com/langhuihui/monibuca.git
synced 2025-12-24 13:48:04 +08:00
111 lines
3.0 KiB
Markdown
111 lines
3.0 KiB
Markdown
# Admin Service Mechanism
|
|
|
|
Monibuca provides powerful administrative service support for system monitoring, configuration management, plugin management, and other administrative functions. This document details the implementation mechanism and usage of the Admin service.
|
|
|
|
## Service Architecture
|
|
|
|
### 1. UI Interface
|
|
|
|
The Admin service provides a Web management interface by loading the `admin.zip` file. This interface has the following features:
|
|
|
|
- Unified management interface entry point
|
|
- Access to all server-provided HTTP interfaces
|
|
- Responsive design, supporting various devices
|
|
- Modular function organization
|
|
|
|
### 2. Configuration Management
|
|
|
|
Admin service configuration is located in the admin node within global configuration, including:
|
|
|
|
```yaml
|
|
admin:
|
|
enableLogin: false # Whether to enable login mechanism
|
|
filePath: admin.zip # Management interface file path
|
|
homePage: home # Management interface homepage
|
|
users: # User list (effective only when login is enabled)
|
|
- username: admin # Username
|
|
password: admin # Password
|
|
role: admin # Role, options: admin, user
|
|
```
|
|
|
|
When `enableLogin` is false, all users access as anonymous users.
|
|
When login is enabled and no users exist in the database, the system automatically creates a default admin account (username: admin, password: admin).
|
|
|
|
### 3. Authentication Mechanism
|
|
|
|
Admin provides dedicated user login verification interfaces for:
|
|
|
|
- User identity verification
|
|
- Access token management (JWT)
|
|
- Permission control
|
|
- Session management
|
|
|
|
### 4. Interface Specifications
|
|
|
|
All Admin APIs must follow these specifications:
|
|
|
|
- Response format uniformly includes code, message, and data fields
|
|
- Successful responses use code = 0
|
|
- Error handling uses unified error response format
|
|
- Must perform permission verification
|
|
|
|
## Function Modules
|
|
|
|
### 1. System Monitoring
|
|
|
|
- CPU usage monitoring
|
|
- Memory usage
|
|
- Network bandwidth statistics
|
|
- Disk usage
|
|
- System uptime
|
|
- Online user statistics
|
|
|
|
### 2. Plugin Management
|
|
|
|
- Plugin enable/disable
|
|
- Plugin configuration modification
|
|
- Plugin status viewing
|
|
- Plugin version management
|
|
- Plugin dependency checking
|
|
|
|
### 3. Stream Media Management
|
|
|
|
- Online stream list viewing
|
|
- Stream status monitoring
|
|
- Stream control (start/stop)
|
|
- Stream information statistics
|
|
- Recording management
|
|
- Transcoding task management
|
|
|
|
## Security Mechanism
|
|
|
|
### 1. Authentication Mechanism
|
|
|
|
- JWT token authentication
|
|
- Session timeout control
|
|
- IP whitelist control
|
|
|
|
### 2. Permission Control
|
|
|
|
- Role-Based Access Control (RBAC)
|
|
- Fine-grained permission management
|
|
- Operation audit logging
|
|
- Sensitive operation confirmation
|
|
|
|
## Best Practices
|
|
|
|
1. Security
|
|
- Use HTTPS encryption
|
|
- Implement strong password policies
|
|
- Regular key updates
|
|
- Monitor abnormal access
|
|
|
|
2. Performance Optimization
|
|
- Reasonable caching strategy
|
|
- Paginated query optimization
|
|
- Asynchronous processing of time-consuming operations
|
|
|
|
3. Maintainability
|
|
- Complete operation logs
|
|
- Clear error messages
|
|
- Hot configuration updates |