Chameleon

Admin System

Admin dashboard and management features

Admin System

The Admin System provides complete control over users, orders, content, and AI configuration.

Access

Setting Up Admin Access

  1. Set admin email in environment variables:

    ADMIN_EMAILS="your-email@example.com,another@example.com"

  2. Deploy or restart server

  3. Sign in with admin email

  4. Access admin at /admin

Multiple admins supported - separate emails with commas.

Admin Dashboard

Location

/admin

Features

Dashboard Overview:

  • Total users count
  • Paid orders count
  • System posts count
  • User feedbacks count
  • Users growth chart (90 days)
  • Orders trend chart (90 days)

Navigation:

  • Dashboard - Overview and analytics
  • Users - User management
  • Orders - Order management
  • Posts - Content management
  • Feedbacks - User feedback
  • AI Configuration - AI provider keys

User Management

Location

/admin/users

Features

User List:

  • View all registered users
  • See user avatar, email, nickname
  • Check registration date
  • View user UUID

User Data:

  • Total credits
  • Order history
  • Referral stats
  • API keys

Common Tasks

Find user by email:

SELECT * FROM users WHERE email = 'user@example.com';

View user's orders:

SELECT * FROM orders WHERE user_uuid = 'xxx';

Add credits to user:

import { increaseCredits, CreditsTransType } from "@/services/credit";

await increaseCredits({
  user_uuid: "user-uuid",
  trans_type: CreditsTransType.SystemAdd,
  credits: 500,
  expired_at: "2026-12-31T23:59:59Z",
});

Order Management

Location

/admin/orders

Features

Order List:

  • View all paid orders
  • Filter by status
  • See order details
  • Track revenue

Order Information:

  • Order number
  • Customer email
  • Product name
  • Amount paid
  • Payment date
  • Subscription ID (if applicable)

Refund Process

Refunds are handled in Stripe Dashboard:

  1. Go to Stripe Dashboard
  2. Find the payment
  3. Click Refund
  4. Enter amount (full or partial)
  5. Confirm refund

Note: Update order status manually in database if needed:

UPDATE orders 
SET status = 'refunded' 
WHERE order_no = 'order_xxx';

Content Management

Posts

Location: /admin/posts

Features:

  • Create new blog posts
  • Edit existing posts
  • Delete posts
  • Publish/unpublish
  • Multi-language support

Create Post:

  1. Click Add Post
  2. Enter title, description
  3. Write content (Markdown)
  4. Set slug (URL)
  5. Choose language
  6. Set status (draft/published)
  7. Save

Edit Post:

  1. Click Edit on post row
  2. Modify content
  3. Save changes

Feedbacks

Location: /admin/feedbacks

View user feedback:

  • User avatar and name
  • Feedback content
  • Rating (1-5 stars)
  • Submission date
  • Link to view user details

Managing Feedback:

  • Review for product improvements
  • Identify issues
  • Engage with users
  • Feature requests

AI Configuration

Location

/admin/ai-config

Features

Manage AI Provider Keys:

  • Add/edit/delete provider configurations
  • Enable/disable providers
  • View masked API keys
  • Test provider connectivity

Adding a Provider

  1. Click provider name (e.g., openai)
  2. Enter API key
  3. Add model config (JSON, optional): 
    {
  "max_tokens": 4096,
  "temperature": 0.7
}
  4. Toggle Enabled
  5. Click Save

Editing Provider

  1. Click Edit Provider on existing provider
  2. Update API key (leave blank to keep existing)
  3. Modify configuration
  4. Save

Deleting Provider

  1. Click delete icon (trash bin)
  2. Confirm deletion
  3. System falls back to environment variable if set

Provider Priority

  1. Database (configured in AI Config) - Used first
  2. Environment Variable - Fallback
  3. None - Provider unavailable

Cache: API keys are cached for 5 minutes for performance.

System Monitoring

Metrics to Watch

User Growth:

SELECT DATE(created_at) as date, COUNT(*) as new_users
FROM users
WHERE created_at > NOW() - INTERVAL '30 days'
GROUP BY DATE(created_at)
ORDER BY date;

Revenue Tracking:

SELECT DATE(paid_at) as date, 
       SUM(amount) / 100 as revenue_usd,
       COUNT(*) as orders
FROM orders
WHERE status = 'paid'
AND paid_at > NOW() - INTERVAL '30 days'
GROUP BY DATE(paid_at);

AI Usage:

SELECT provider, ai_type, COUNT(*) as generations,
       SUM(credits_cost) as total_credits
FROM generations
WHERE status = 'completed'
AND created_at > NOW() - INTERVAL '7 days'
GROUP BY provider, ai_type;

Active Subscriptions:

SELECT product_id, interval, COUNT(*) as subscribers
FROM orders
WHERE status = 'paid'
AND sub_id IS NOT NULL
AND sub_id != ''
GROUP BY product_id, interval;

Security

Admin Authentication

Only users in ADMIN_EMAILS can access /admin.

Verification:

// In src/app/[locale]/(admin)/layout.tsx
const adminEmails = process.env.ADMIN_EMAILS?.split(",");
if (!adminEmails?.includes(userInfo?.email)) {
  return <Empty message="No access" />;
}

Best Practices

  1. Use strong admin passwords
  2. Enable 2FA on admin accounts
  3. Audit admin actions (add logging)
  4. Restrict admin access to trusted emails only
  5. Review admin activity regularly

Common Admin Tasks

Reset User Password

Users can reset via NextAuth. For manual reset:

  1. User must use "Forgot Password" in OAuth provider
  2. Or revoke session and force re-login

Ban User

-- Option 1: Delete user account
DELETE FROM users WHERE uuid = 'user-uuid';

-- Option 2: Revoke affiliate status
UPDATE users SET is_affiliate = false WHERE uuid = 'user-uuid';

-- Option 3: Zero out credits
UPDATE credits SET left_credits = 0 WHERE user_uuid = 'user-uuid';

Approve Affiliate Commission

UPDATE affiliates 
SET status = 'approved' 
WHERE id = 123;

Grant Credits

Via API or directly:

INSERT INTO credits_trans (user_uuid, trans_type, credits, expired_at)
VALUES ('user-uuid', 'system_add', 1000, '2026-12-31T23:59:59Z');

UPDATE credits 
SET left_credits = left_credits + 1000,
    total_credits = total_credits + 1000
WHERE user_uuid = 'user-uuid';

Troubleshooting

Can't access admin panel

Check:

  1. Your email is in ADMIN_EMAILS
  2. Environment variable is set correctly
  3. Redeploy after adding ADMIN_EMAILS
  4. Sign out and sign in again

Admin pages show "No access"

Solution:

# Check admin emails configuration
ADMIN_EMAILS="your-email@example.com"

# Restart server
pnpm dev

AI Config not saving

Check:

  1. Database connection is working
  2. ai_provider_keys table exists (run pnpm db:push)
  3. Check browser console for errors
  4. Verify API key format is correct

Next Steps