ssr runner and more admin panel stuff

2024-09-30 00:40:54 -05:00
parent 66f8437351
commit c208e35e4c
27 changed files with 617 additions and 156 deletions
--- a/README.md
+++ b/README.md
@@ -10,11 +10,21 @@
 To run filething, run

 ```BASH
-go generate
+bun --cwd=./ui install
+bun --bun --cwd=./ui run generate
 go build -tags netgo -ldflags=-s
 DB_HOST=localhost:5432 DB_NAME=filething DB_USER=postgres STORAGE_PATH=data ./filething
 ```

+Or if you want to run filething with SSR (you will need node on the target server), run
+
+```BASH
+bun --cwd=./ui install
+bun --bun --cwd=./ui run build
+go build -tags netgo,ssr -ldflags=-s
+DB_HOST=localhost:5432 DB_NAME=filething DB_USER=postgres STORAGE_PATH=data ./filething
+```
+
 ### Contributing

 To run filething in dev mode with a hot reloading Ui server and auto rebuilding backend server, run
--- a/go.mod
+++ b/go.mod
@@ -21,10 +21,10 @@ require (
 	github.com/valyala/fasttemplate v1.2.2 // indirect
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
-	golang.org/x/crypto v0.26.0
+	golang.org/x/crypto v0.27.0
 	golang.org/x/net v0.25.0 // indirect
-	golang.org/x/sys v0.24.0 // indirect
-	golang.org/x/text v0.17.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/text v0.18.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	mellium.im/sasl v0.3.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -39,16 +39,16 @@ github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IU
 github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok=
 github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g=
 github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
-golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
-golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
 golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
-golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
-golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
+golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
+golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
 golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
--- a/main.go
+++ b/main.go
@@ -1,5 +1,3 @@
-//go:generate sh -c "NODE_ENV=production bun --cwd=./ui install"
-//go:generate sh -c "NODE_ENV=production bun --bun --cwd=./ui run generate"
 package main

 import (
@@ -87,9 +85,12 @@ func main() {
 		admin := api.Group("/admin")
 		{
 			admin.Use(middleware.AdminMiddleware())
-			admin.GET("/system-status", routes.SystemStatus)
-			admin.GET("/get-users/:page", routes.GetUsers)
-			admin.GET("/get-total-users", routes.GetUsersCount)
+			admin.GET("/status", routes.SystemStatus)
+			admin.GET("/plans", routes.GetPlans)
+			admin.GET("/users", routes.GetUsers)
+			admin.GET("/users/:id", routes.GetUser)
+			admin.POST("/users/edit/:id", routes.EditUser)
+			admin.POST("/users/new", routes.CreateUser)
 		}
 	}

--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -26,10 +26,7 @@ func SessionMiddleware(db *bun.DB) echo.MiddlewareFunc {
 				return echo.NewHTTPError(http.StatusBadRequest, "Bad request")
 			}

-			sessionToken := cookie.Value
-
-			// Query the session and user data from PostgreSQL
-			sessionId, err := uuid.Parse(sessionToken)
+			sessionId, err := uuid.Parse(cookie.Value)
 			if err != nil {
 				return echo.NewHTTPError(http.StatusBadRequest, "Bad request")
 			}
--- a/routes/admin.go
+++ b/routes/admin.go
@@ -5,51 +5,204 @@ import (
 	"filething/models"
 	"fmt"
 	"net/http"
+	"os"
+	"regexp"
 	"runtime"
 	"strconv"
 	"time"

 	"github.com/dustin/go-humanize"
+	"github.com/google/uuid"
 	"github.com/labstack/echo/v4"
 	"github.com/uptrace/bun"
+	"golang.org/x/crypto/bcrypt"
 )

 func GetUsers(c echo.Context) error {
 	db := c.Get("db").(*bun.DB)

-	pageStr := c.Param("page")
+	count, err := db.NewSelect().Model((*models.User)(nil)).Count(context.Background())
+
+	if err != nil {
+		fmt.Println(err)
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "Invalid page number"})
+	}
+
+	// this should be a query param not a URL param
+	pageStr := c.QueryParam("page")
+	if pageStr == "" {
+		pageStr = "0"
+	}
+
 	page, err := strconv.Atoi(pageStr)
 	if err != nil {
-		return echo.NewHTTPError(http.StatusBadRequest, "Invalid page number")
+		page = 0
 	}

 	offset := page * 30
 	limit := 30

+	if offset > count {
+		return c.JSON(http.StatusBadRequest, map[string]string{"message": "Invalid page number"})
+	}
+
 	var users []models.User
 	err = db.NewSelect().
 		Model(&users).
 		Limit(limit).
 		Offset(offset).
+		Order("created_at ASC").
 		Scan(context.Background())
 	if err != nil {
-		return echo.NewHTTPError(http.StatusInternalServerError, "Failed to retrieve users")
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "Failed to retrieve users"})
 	}

-	return c.JSON(http.StatusOK, users)
+	if users == nil {
+		return c.JSON(http.StatusBadRequest, map[string]string{"message": "Invalid page number"})
 	}

-func GetUsersCount(c echo.Context) error {
+	return c.JSON(http.StatusOK, map[string]interface{}{"users": users, "total_users": count})
+}
+
+type UserEdit struct {
+	Username string `json:"username"`
+	Email    string `json:"email"`
+	Password string `json:"password"`
+	PlanID   int64  `json:"plan_id"`
+	Admin    bool   `json:"is_admin"`
+}
+
+func EditUser(c echo.Context) error {
 	db := c.Get("db").(*bun.DB)
+	id := c.Param("id")

-	count, err := db.NewSelect().Model(&models.User{}).Count(context.Background())
+	var userEditData UserEdit
+	if err := c.Bind(&userEditData); err != nil {
+		fmt.Println(err)
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
+	}

+	if !regexp.MustCompile(`^[a-z0-9._%+\-]+@[a-z0-9.\-]+\.[a-z]{2,4}$`).MatchString(userEditData.Email) {
+		return c.JSON(http.StatusBadRequest, map[string]string{"message": "A valid email is required!"})
+	}
+
+	plan := models.Plan{
+		ID: userEditData.PlanID,
+	}
+	planCount, err := db.NewSelect().Model(&plan).WherePK().Count(context.Background())
+	if err != nil || planCount == 0 {
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "Invalid plan id!"})
+	}
+
+	userId, err := uuid.Parse(id)
+	if err != nil {
+		return c.JSON(http.StatusBadRequest, map[string]string{"message": "An unknown error occoured!"})
+	}
+
+	var userData models.User
+	userData.ID = userId
+
+	err = db.NewSelect().Model(&userData).WherePK().Relation("Plan").Scan(context.Background())
+	if err != nil {
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
+	}
+
+	if userEditData.Username != "" {
+		userData.Username = userEditData.Username
+	}
+
+	if userEditData.Email != "" {
+		userData.Email = userEditData.Email
+	}
+
+	if userEditData.Password != "" {
+		hash, err := bcrypt.GenerateFromPassword([]byte(userEditData.Password), 12)
+		if err != nil {
+			return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
+		}
+
+		userData.PasswordHash = string(hash)
+	}
+
+	if userEditData.PlanID != 0 {
+		userData.PlanID = userEditData.PlanID
+	}
+
+	userData.Admin = userEditData.Admin
+
+	// update the user, but, if the password is empty, but dont use OmitZero because it will ignore is_admin if it's false
+	_, err = db.NewUpdate().Model(&userData).WherePK().Exec(context.Background())
 	if err != nil {
 		fmt.Println(err)
-		return echo.NewHTTPError(http.StatusInternalServerError, "Failed to retrieve users")
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
 	}

-	return c.JSON(http.StatusOK, map[string]int{"total_users": count})
+	return c.JSON(http.StatusOK, map[string]string{"message": "Successfully updated user"})
+}
+
+func GetPlans(c echo.Context) error {
+	db := c.Get("db").(*bun.DB)
+
+	var plans []models.Plan
+	err := db.NewSelect().Model(&plans).Scan(context.Background())
+	if err != nil {
+		fmt.Println(err)
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
+	}
+
+	return c.JSON(http.StatusOK, plans)
+}
+
+func CreateUser(c echo.Context) error {
+	var signupData models.SignupData
+
+	if err := c.Bind(&signupData); err != nil {
+		fmt.Println(err)
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
+	}
+
+	if signupData.Username == "" || signupData.Password == "" || signupData.Email == "" {
+		return c.JSON(http.StatusBadRequest, map[string]string{"message": "A password, username and email are required!"})
+	}
+
+	// if email is not valid
+	if !regexp.MustCompile(`^[a-z0-9._%+\-]+@[a-z0-9.\-]+\.[a-z]{2,4}$`).MatchString(signupData.Email) {
+		return c.JSON(http.StatusBadRequest, map[string]string{"message": "A valid email is required!"})
+	}
+
+	db := c.Get("db").(*bun.DB)
+
+	hash, err := bcrypt.GenerateFromPassword([]byte(signupData.Password), 12)
+	if err != nil {
+		fmt.Println(err)
+		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
+	}
+
+	user := &models.User{
+		Username:     signupData.Username,
+		Email:        signupData.Email,
+		PasswordHash: string(hash),
+		PlanID:       1, // basic 10GB plan
+	}
+	_, err = db.NewInsert().Model(user).Exec(context.Background())
+
+	if err != nil {
+		return c.JSON(http.StatusConflict, map[string]string{"message": "A user with that email or username already exists!"})
+	}
+
+	err = db.NewSelect().Model(user).WherePK().Relation("Plan").Scan(context.Background())
+	if err != nil {
+		fmt.Println(err)
+		return c.JSON(http.StatusNotFound, map[string]string{"message": "An unknown error occoured!"})
+	}
+
+	err = os.Mkdir(fmt.Sprintf("%s/%s", os.Getenv("STORAGE_PATH"), user.ID), os.ModePerm)
+	if err != nil {
+		fmt.Println(err)
+		return err
+	}
+
+	return c.JSON(http.StatusOK, map[string]string{"message": "Successfully created user"})
 }

 // Stolen from Gitea https://github.com/go-gitea/gitea
--- a/routes/auth.go
+++ b/routes/auth.go
@@ -70,6 +70,7 @@ func SignupHandler(c echo.Context) error {
 	var signupData models.SignupData

 	if err := c.Bind(&signupData); err != nil {
+		fmt.Println(err)
 		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
 	}

@@ -86,6 +87,7 @@ func SignupHandler(c echo.Context) error {

 	hash, err := bcrypt.GenerateFromPassword([]byte(signupData.Password), 12)
 	if err != nil {
+		fmt.Println(err)
 		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
 	}

@@ -118,6 +120,7 @@ func SignupHandler(c echo.Context) error {

 	err = db.NewSelect().Model(user).WherePK().Relation("Plan").Scan(context.Background())
 	if err != nil {
+		fmt.Println(err)
 		return c.JSON(http.StatusNotFound, map[string]string{"message": "An unknown error occoured!"})
 	}

@@ -130,6 +133,7 @@ func SignupHandler(c echo.Context) error {
 	session, err := GenerateSessionToken(db, user.ID)

 	if err != nil {
+		fmt.Println(err)
 		return c.JSON(http.StatusInternalServerError, map[string]string{"message": "An unknown error occoured!"})
 	}

@@ -157,6 +161,7 @@ func GenerateSessionToken(db *bun.DB, userId uuid.UUID) (*models.Session, error)
 }

 func GetUser(c echo.Context) error {
+	if c.Param("id") == "" {
 		user := c.Get("user")
 		if user == nil {
 			return c.JSON(http.StatusNotFound, map[string]string{"message": "User not found"})
@@ -171,6 +176,34 @@ func GetUser(c echo.Context) error {
 		user.(*models.User).Usage = storageUsage

 		return c.JSON(http.StatusOK, user.(*models.User))
+	} else {
+		// get a user from the db using the id parameter, this *should* only be used for admin since /api/admin/users/:id has
+		// a middleware that checks if the user is an admin, and it should be impossible to pass a param to this endpoint if it isnt that route
+		db := c.Get("db").(*bun.DB)
+
+		user := new(models.User)
+		userId, err := uuid.Parse(c.Param("id"))
+		if err != nil {
+			return c.JSON(http.StatusBadRequest, map[string]string{"message": "An unknown error occoured!"})
+		}
+
+		user.ID = userId
+
+		err = db.NewSelect().Model(user).WherePK().Relation("Plan").Scan(context.Background())
+		if err != nil {
+			return c.JSON(http.StatusNotFound, map[string]string{"message": "User not found"})
+		}
+
+		basePath := fmt.Sprintf("%s/%s/", os.Getenv("STORAGE_PATH"), user.ID)
+		storageUsage, err := calculateStorageUsage(basePath)
+		if err != nil {
+			return err
+		}
+
+		user.Usage = storageUsage
+
+		return c.JSON(http.StatusOK, user)
+	}
 }

 func LogoutHandler(c echo.Context) error {
--- a/server.go
+++ b/server.go
@@ -1,19 +1,37 @@
-//go:build !dev
-// +build !dev
+//go:build !dev && !ssr
+// +build !dev,!ssr

 package main

 import (
 	"filething/ui"
+	"io/fs"
 	"net/http"
+	"path/filepath"
 	"strings"

 	"github.com/labstack/echo/v4"
 )

+type embeddedFS struct {
+	baseFS fs.FS
+	prefix string
+}
+
+func (fs *embeddedFS) Open(name string) (fs.File, error) {
+	// Prepend the prefix to the requested file name
+	publicPath := filepath.Join(fs.prefix, name)
+	return fs.baseFS.Open(publicPath)
+}
+
+var publicFS = &embeddedFS{
+	baseFS: ui.DistDirFS,
+	prefix: "public/",
+}
+
 func init() {
 	initUi = func(e *echo.Echo) {
-		e.GET("/*", echo.StaticDirectoryHandler(ui.DistDirFS, false))
+		// e.GET("/*", echo.StaticDirectoryHandler(publicFS, false))

 		e.HTTPErrorHandler = customHTTPErrorHandler
 	}
@@ -26,7 +44,7 @@ func customHTTPErrorHandler(err error, c echo.Context) {
 		path := c.Request().URL.Path

 		if !strings.HasPrefix(path, "/api") {
-			file, err := ui.DistDirFS.Open("404.html")
+			file, err := publicFS.Open("404.html")
 			if err != nil {
 				c.Logger().Error(err)
 			}
--- a/server_dev.go
+++ b/server_dev.go
@@ -4,13 +4,7 @@
 package main

 import (
-	"context"
-	"fmt"
 	"net/url"
-	"os"
-	"os/exec"
-	"os/signal"
-	"syscall"

 	"github.com/labstack/echo/v4"
 	echoMiddleware "github.com/labstack/echo/v4/middleware"
@@ -18,43 +12,7 @@ import (

 func init() {
 	initUi = func(e *echo.Echo) {
-		shutdown := make(chan os.Signal, 1)
-		signal.Notify(shutdown, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT)
-		go func() {
-			cmd := exec.Command("bun", "--cwd=ui", "run", "dev")
-			cmd.Stderr = os.Stderr
-
-			// use a preocess group since otherwise the node processes spawned by bun wont die
-			cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}
-
-			err := cmd.Start()
-			if err != nil {
-				if err := syscall.Kill(-cmd.Process.Pid, syscall.SIGTERM); err != nil {
-					fmt.Println("Error sending SIGTERM to Nuxt dev server group:", err)
-				}
-
-				fmt.Println("Error starting Nuxt dev server:", err)
-				return
-			}
-
-			go func() {
-				<-shutdown
-
-				if err := syscall.Kill(-cmd.Process.Pid, syscall.SIGTERM); err != nil {
-					fmt.Println("Error sending SIGTERM to Nuxt dev server group:", err)
-				}
-			}()
-
-			if err := cmd.Wait(); err != nil {
-				fmt.Println("Error waiting for Nuxt dev server to exit:", err)
-			}
-
-			fmt.Println("Nuxt dev server stopped")
-
-			if err := e.Shutdown(context.Background()); err != nil {
-				fmt.Println("Error shutting down HTTP server:", err)
-			}
-		}()
+		spawnProcess("bun", []string{"--cwd=ui", "run", "dev"}, e)

 		target := "localhost:3000"
 		e.Group("/*").Use(echoMiddleware.ProxyWithConfig(echoMiddleware.ProxyConfig{
--- a/server_ssr.go
+++ b/server_ssr.go
@@ -0,0 +1,81 @@
+//go:build ssr
+// +build ssr
+
+package main
+
+import (
+	"embed"
+	"filething/ui"
+	"io"
+	"net/url"
+	"os"
+	"path/filepath"
+
+	"github.com/labstack/echo/v4"
+	echoMiddleware "github.com/labstack/echo/v4/middleware"
+)
+
+func init() {
+	initUi = func(e *echo.Echo) {
+		tmpDir, err := os.MkdirTemp("", "filething-ssr")
+		if err != nil {
+			panic(err)
+		}
+
+		err = copyEmbeddedFiles(ui.DistDir, ".output", tmpDir)
+		if err != nil {
+			panic(err)
+		}
+
+		path := filepath.Join(tmpDir, "server/index.mjs")
+		spawnProcess("node", []string{path}, e)
+
+		target := "localhost:3000"
+		e.Group("/*").Use(echoMiddleware.ProxyWithConfig(echoMiddleware.ProxyConfig{
+			Balancer: echoMiddleware.NewRoundRobinBalancer([]*echoMiddleware.ProxyTarget{
+				{URL: &url.URL{
+					Scheme: "http",
+					Host:   target,
+				}},
+			}),
+		}))
+	}
+}
+
+func copyEmbeddedFiles(fs embed.FS, sourcePath string, targetDir string) error {
+	entries, err := fs.ReadDir(sourcePath)
+	if err != nil {
+		return err
+	}
+
+	for _, entry := range entries {
+		sourceFile := filepath.Join(sourcePath, entry.Name())
+		destFile := filepath.Join(targetDir, entry.Name())
+
+		if entry.IsDir() {
+			os.Mkdir(destFile, 0755)
+			err := copyEmbeddedFiles(fs, sourceFile, destFile)
+			if err != nil {
+				return err
+			}
+		} else {
+			source, err := fs.Open(sourceFile)
+			if err != nil {
+				return err
+			}
+			defer source.Close()
+
+			dest, err := os.Create(destFile)
+			if err != nil {
+				return err
+			}
+			defer dest.Close()
+
+			_, err = io.Copy(dest, source)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
--- a/ui/components/Input.vue
+++ b/ui/components/Input.vue
@@ -12,6 +12,6 @@ function updateValue(value) {

 <template>
    <input
-        class="py-2 px-4 resize-none bg-overlay rounded-md my-2 border hover:border-muted/40 focus:border-muted/60 placeholder:italic placeholder:text-subtle transition-[border-color] max-w-64"
+        class="py-2 px-4 resize-none bg-overlay rounded-md border hover:border-muted/40 focus:border-muted/60 placeholder:italic placeholder:text-subtle transition-[border-color] max-w-64"
        :placeholder="placeholder" :type="type" v-on:input="updateValue($event.target.value)" />
 </template>
--- a/ui/components/Nav/index.vue
+++ b/ui/components/Nav/index.vue
@@ -87,7 +87,7 @@ const changeTheme = () => {
        </nav>
        <nav class="hidden md:flex" aria-label="Main">
            <ul class="flex items-center gap-3" role="list">
-                <li>
+                <!-- <li>
                    <a href="#"
                        class="px-2.5 py-1.5 text-[15px] font-semibold transition-bg duration-300 hover:bg-muted/10 rounded-md focus-visible:outline-none focus-visible:ring focus-visible:ring-inset">Link</a>
                </li>
@@ -99,7 +99,7 @@ const changeTheme = () => {
                    <a href="#"
                        class="px-2.5 py-1.5 text-[15px] font-semibold transition-bg duration-300 hover:bg-muted/10 rounded-md focus-visible:outline-none focus-visible:ring focus-visible:ring-inset">Link</a>
                </li>
-                <li class="h-6 border-r"></li>
+                <li class="h-6 border-r"></li> -->
                <li v-if="user">
                    <span class="group relative flex items-center">
                        <button
--- a/ui/composables/useUser.ts
+++ b/ui/composables/useUser.ts
@@ -7,7 +7,7 @@ export const useUser = () => {

    // Fetch the user only if it's uninitialized (i.e., null)
    const getUser = async () => {
-        if (!user.value.fetched && import.meta.client) {
+        if (!user.value.fetched) {
            await fetchUser()
        }

--- a/ui/embed.go
+++ b/ui/embed.go
@@ -7,8 +7,8 @@ import (
 	"github.com/labstack/echo/v4"
 )

-//go:embed all:.output/public
-var distDir embed.FS
+//go:embed all:.output
+var DistDir embed.FS

 // DistDirFS contains the embedded dist directory files (without the "dist" prefix)
-var DistDirFS = echo.MustSubFS(distDir, ".output/public")
+var DistDirFS = echo.MustSubFS(DistDir, ".output/")
--- a/ui/layouts/admin.vue
+++ b/ui/layouts/admin.vue
@@ -9,16 +9,14 @@ definePageMeta({
 const user = await getUser();
 const route = useRoute();

-console.log("setup", route.path)
-
 const accordionMapping = {
-    '/admin': 'item-1',
-    '/admin/config/settings': 'item-2',
    '/admin/users': '',
+    '/admin/config/settings': 'item-2',
+    '/admin': 'item-1',
 };

 const getActiveAccordion = () => {
-    const path = Object.keys(accordionMapping).find(key => route.path === key);
+    const path = Object.keys(accordionMapping).find(key => route.path.startsWith(key));
    return path ? accordionMapping[path] : null;
 };

@@ -63,7 +61,7 @@ const isActiveLink = (path: string) => route.path === path;
                        </VlAccordionItem>
                        <NuxtLink
                            class="vl-accordion-header focus-visible:outline-none focus-visible:ring focus-visible:ring-inset flex flex-1 justify-between items-center w-full transition-bg px-4 py-3.5 text-sm"
-                            :class="isActiveLink('/admin/users') ? 'bg-muted/15' : 'hover:bg-muted/10'"
+                            :class="route.path.startsWith('/admin/users') ? 'bg-muted/15' : 'hover:bg-muted/10'"
                            to="/admin/users">
                            Users
                        </NuxtLink>
--- a/ui/middleware/admin.ts
+++ b/ui/middleware/admin.ts
@@ -2,10 +2,6 @@ import { useUser } from '~/composables/useUser'

 // We have server side things that does effectively this, but that wont stop SPA navigation
 export default defineNuxtRouteMiddleware(async (to, from) => {
-    if (import.meta.server) {
-        return
-    }
-
    const { getUser } = useUser()
    const user = await getUser()

--- a/ui/middleware/auth.ts
+++ b/ui/middleware/auth.ts
@@ -2,10 +2,6 @@ import { useUser } from '~/composables/useUser'

 // We have server side things that does effectively this, but that wont stop SPA navigation
 export default defineNuxtRouteMiddleware(async (to, from) => {
-    if (import.meta.server) {
-        return
-    }
-
    const { getUser } = useUser()
    const user = await getUser()

--- a/ui/middleware/unauth.ts
+++ b/ui/middleware/unauth.ts
@@ -2,10 +2,6 @@ import { useUser } from '~/composables/useUser'

 // We have server side things that does effectively this, but that wont stop SPA navigation
 export default defineNuxtRouteMiddleware(async (to, from) => {
-    if (import.meta.server) {
-        return
-    }
-
    const { getUser } = useUser()
    const user = await getUser()

--- a/ui/nuxt.config.ts
+++ b/ui/nuxt.config.ts
@@ -1,6 +1,6 @@
 // https://nuxt.com/docs/api/configuration/nuxt-config
 export default defineNuxtConfig({
-    ssr: process.env.NODE_ENV === 'production' ? true : false,
+    ssr: true,
    compatibilityDate: '2024-04-03',

    css: ['~/assets/css/main.css'],
@@ -9,6 +9,13 @@ export default defineNuxtConfig({
        classSuffix: ''
    },

+    nitro: {
+        routeRules: {
+            '/api/**': { proxy: 'http://localhost:1323/api/**' },
+            '/test/**': { proxy: 'http://localhost:1323/api/**' },
+        }
+    },
+
    devtools: { enabled: true },

    modules: ['@nuxtjs/color-mode', '@nuxtjs/tailwindcss']
--- a/ui/pages/admin/index.vue
+++ b/ui/pages/admin/index.vue
@@ -1,13 +1,10 @@
 <script setup lang="ts">
-import { useUser } from '~/composables/useUser'
-const { getUser } = useUser()
-
 definePageMeta({
    middleware: ["auth", "admin"],
    layout: "admin"
 });

-let systemStatusData = await $fetch("/api/admin/system-status")
+let {data: systemStatusData, refresh} = await useFetch("/api/admin/status")

 const calculateTimeSince = (time) => {
    const now = new Date();
@@ -29,23 +26,22 @@ const calculateTimeSince = (time) => {
    return timeParts.join(', ');
 }

-let uptime = ref('');
-let lastGcTime = ref('');
+let uptime = ref(calculateTimeSince(systemStatusData.value.uptime));
+let lastGcTime = ref(calculateTimeSince(systemStatusData.value.last_gc_time));

 let systemStatusInterval;
 let timeInterval;

 const updateTime = () => {
-    uptime.value = calculateTimeSince(systemStatusData.uptime);
-    lastGcTime.value = calculateTimeSince(systemStatusData.last_gc_time)
+    uptime.value = calculateTimeSince(systemStatusData.value.uptime);
+    lastGcTime.value = calculateTimeSince(systemStatusData.value.last_gc_time)
 };

 onMounted(() => {
    updateTime();

    systemStatusInterval = setInterval(async () => {
-        console.log("refresh")
-        systemStatusData = await $fetch("/api/admin/system-status")
+        refresh()
    }, 5000);

    timeInterval = setInterval(updateTime, 1000);
--- a/ui/pages/admin/users/[id]/edit.vue
+++ b/ui/pages/admin/users/[id]/edit.vue
@@ -0,0 +1,82 @@
+<script setup lang="ts">
+import type { Plan, User } from '~/types/user';
+
+definePageMeta({
+    middleware: ["auth", "admin"],
+    layout: "admin"
+});
+
+const route = useRoute();
+
+let { data: user } = await useFetch<User>('/api/admin/users/' + route.params.id);
+
+let username = ref(user.value?.username);
+let email = ref(user.value?.email);
+let password = ref('');
+let plan_id = ref(user.value?.plan.id);
+let is_admin = ref(user.value?.is_admin ? 'checked' : 'unchecked');
+
+const updateUser = async () => {
+    let body = {
+        username: username.value,
+        email: email.value,
+        password: password.value,
+        plan_id: plan_id.value,
+        is_admin: is_admin.value === 'checked' ? true : false,
+    }
+
+    if (password.value === '') {
+        delete body.password
+    }
+
+    await $fetch('/api/admin/users/edit/' + route.params.id, {
+        method: "POST",
+        body,
+    })
+}
+
+let { data: plans } = await useFetch<Plan[]>('/api/admin/plans');
+</script>
+
+<template>
+    <div class="w-full h-fit mb-4">
+        <div class="overflow-hidden rounded-md border text-[15px]">
+            <h4 class="bg-surface px-3.5 py-3 border-b">Edit User Account
+            </h4>
+            <div class="p-4">
+                <label for="username" class="block max-w-64 text-sm">Username</label>
+                <Input v-model="username" :value="username" id="username" placeholder="Username" class="w-full mb-2" />
+                <label for="email" class="block max-w-64 text-sm">Email</label>
+                <Input v-model="email" :value="email" id="email" placeholder="Email" class="w-full mb-2" />
+                <div class="mb-2">
+                    <label for="password" class="block max-w-64 text-sm">Password</label>
+                    <Input v-model="password" id="password" placeholder="Password" class="w-full" />
+                    <p class="text-muted text-sm">Leave the password empty to keep it unchanged</p>
+                </div>
+                <label for="plan_id" class="block max-w-64 text-sm">Plan</label>
+                <!-- select the one with the value of user.value.plan_id -->
+                <select v-model="plan_id" id="plan_id" :selected="plan_id"
+                    class="w-full max-w-64 px-4 py-2 rounded-md bg-overlay border hover:border-muted/40 focus:border-muted/60 cursor-pointer">
+                    <option v-for="plan in plans" :key="plan.id" :value="plan.id">
+                        {{ formatBytes(plan.max_storage) }}
+                    </option>
+                </select>
+                <hr class="my-4" />
+                <div class="flex items-center">
+                    <Checkbox v-model="is_admin" id="is_admin" type="checkbox" class="mr-2" />
+                    <label for="is_admin" class="text-sm">
+                        Is Admin
+                    </label>
+                </div>
+                <hr class="my-4" />
+                <div>
+                    <button
+                        class="transition-bg bg-pine/10 text-pine px-3 py-2 rounded-md hover:bg-pine/15 active:bg-pine/25"
+                        v-on:click="updateUser">
+                        Update User
+                    </button>
+                </div>
+            </div>
+        </div>
+    </div>
+</template>
--- a/ui/pages/admin/users/index.vue
+++ b/ui/pages/admin/users/index.vue
@@ -1,7 +1,5 @@
 <script setup lang="ts">
-import { useUser } from "~/composables/useUser"
 import type { User } from "~/types/user";
-const { getUser } = useUser()

 definePageMeta({
    middleware: ["auth", "admin"],
@@ -10,12 +8,18 @@ definePageMeta({

 let page = ref(0)

-const { data: users } = await useFetch<User[]>('/api/admin/get-users/' + page.value);
-const { data: usersCount } = await useFetch<{ total_users: number }>('/api/admin/get-total-users');
+const { data } = await useFetch<{ users: User[], total_users: number }>('/api/admin/users?page=' + page.value);

+if (data.value === null) {
+    throw new Error("Failed to fetch users");
+}
+
+// let { users, total_users } = data.value;
+let users = ref(data.value.users);
+let total_users = ref(data.value.total_users);
 const fetchNextPage = async () => {
    page.value += 1;
-    let moreUsers = await $fetch('/api/admin/get-users/' + page.value);
+    let { users: moreUsers } = await $fetch<{ users: User[], total_users: number }>('/api/admin/users?page=' + page.value);
    console.log(moreUsers)
    users.value = users.value?.concat(moreUsers)
 }
@@ -24,8 +28,17 @@ const fetchNextPage = async () => {
 <template>
    <div class="w-full h-fit mb-4">
        <div class="overflow-hidden rounded-md border text-[15px]">
-            <h4 class="bg-surface px-3.5 py-3 border-b">User Account Management (Total: {{ usersCount.total_users }})
+            <div class="flex bg-surface border-b items-center justify-between px-3.5 ">
+                <h4 class="py-3 w-fit">User Account Management (Total: {{ total_users }})
                </h4>
+                <NuxtLink to="/admin/users/new">
+                    <button
+                        class="transition-bg bg-pine/10 text-pine px-2 py-1.5 rounded-md hover:bg-pine/15 active:bg-pine/25 h-fit text-xs"
+                        v-on:click="updateUser">
+                        Create User Account
+                    </button>
+                </NuxtLink>
+            </div>
            <div class="overflow-x-scroll max-w-full">
                <table class="min-w-full">
                    <thead>
@@ -40,7 +53,10 @@ const fetchNextPage = async () => {
                    </thead>
                    <tbody>
                        <tr v-for="user in users" class="border-t">
-                            <td class="py-2 px-4 max-w-44" :title="user.id">{{ user.id }}</td>
+                            <td class="py-2 px-4 max-w-44 whitespace-nowrap overflow-hidden text-ellipsis"
+                                :title="user.id">
+                                {{ user.id }}
+                            </td>
                            <td class="py-2 px-4">
                                {{ user.username }}
                                <span v-if="user.is_admin"
@@ -65,7 +81,7 @@ const fetchNextPage = async () => {
                            }) }}</td>
                            <td class="py-2 px-4 h-full">
                                <div class="flex items-center justify-end">
-                                    <NuxtLink :to="`/admin/users/${user.id}/edit`"></NuxtLink>
+                                    <NuxtLink :to="`/admin/users/${user.id}/edit`">
                                        <button
                                            class="my-auto hover:bg-muted/10 p-1 transition-bg active:bg-muted/20 rounded-md">
                                            <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"
@@ -73,10 +89,12 @@ const fetchNextPage = async () => {
                                                <g class="stroke-blue-400/90" fill="none" stroke="currentColor"
                                                    stroke-linecap="round" stroke-linejoin="round" stroke-width="2">
                                                    <path d="M7 7H6a2 2 0 0 0-2 2v9a2 2 0 0 0 2 2h9a2 2 0 0 0 2-2v-1" />
-                                                <path d="M20.385 6.585a2.1 2.1 0 0 0-2.97-2.97L9 12v3h3zM16 5l3 3" />
+                                                    <path
+                                                        d="M20.385 6.585a2.1 2.1 0 0 0-2.97-2.97L9 12v3h3zM16 5l3 3" />
                                                </g>
                                            </svg>
                                        </button>
+                                    </NuxtLink>
                                </div>
                            </td>
                        </tr>
@@ -84,8 +102,9 @@ const fetchNextPage = async () => {
                </table>
            </div>
        </div>
-        <div class="w-full h-full flex justify-center mt-4" v-if="users?.length != usersCount.total_users">
-            <button class="bg-accent/10 text-accent px-2 py-1 rounded-md hover:" v-on:click="fetchNextPage()">Load
+        <div class="w-full h-full flex justify-center mt-4" v-if="users?.length != total_users">
+            <button class="transition-bg bg-pine/10 text-pine px-2 py-1 rounded-md hover:bg-pine/15 active:bg-pine/25"
+                v-on:click="fetchNextPage()">Load
                More</button>
        </div>
    </div>
--- a/ui/pages/admin/users/new.vue
+++ b/ui/pages/admin/users/new.vue
@@ -0,0 +1,64 @@
+<script setup lang="ts">
+import type { User } from '~/types/user';
+
+definePageMeta({
+    middleware: ["auth", "admin"],
+    layout: "admin"
+});
+
+let username = ref('')
+let email = ref('')
+let password = ref('')
+
+let error = ref('')
+
+let timeout;
+const submitForm = async () => {
+    let { data, error: fetchError } = await useAsyncData<User, NuxtError<{ message: string }>>(
+        () => $fetch('/api/admin/users/new', {
+            method: 'POST',
+            body: {
+                "username": username.value,
+                "email": email.value,
+                "password": password.value,
+            }
+        })
+    )
+
+    if (fetchError.value != null && fetchError.value.data !== undefined) {
+        error.value = fetchError.value.data.message
+        timeout = setTimeout(() => error.value = "", 15000)
+    } else if (data.value !== null) {
+        await navigateTo('/admin/users')
+    }
+}
+
+onUnmounted(() => {
+    clearTimeout(timeout)
+})
+</script>
+
+<template>
+    <div class="w-full h-fit mb-4">
+        <div class="overflow-hidden rounded-md border text-[15px]">
+            <h4 class="bg-surface px-3.5 py-3 border-b">Create User Account
+            </h4>
+            <div class="p-4">
+                <label for="username" class="block max-w-64 text-sm">Username</label>
+                <Input v-model="username" :value="username" id="username" placeholder="Username" class="w-full mb-2" />
+                <label for="email" class="block max-w-64 text-sm">Email</label>
+                <Input v-model="email" :value="email" id="email" placeholder="Email" class="w-full mb-2" />
+                <label for="password" class="block max-w-64 text-sm">Password</label>
+                <Input v-model="password" id="password" type="password" placeholder="Password" class="w-full mb-2" />
+                <p class="text-love mb-2">{{ error }}</p>
+                <div>
+                    <button
+                        class="transition-bg bg-pine/10 text-pine px-3 py-2 rounded-md hover:bg-pine/15 active:bg-pine/25"
+                        v-on:click="submitForm">
+                        Create User Account
+                    </button>
+                </div>
+            </div>
+        </div>
+    </div>
+</template>
--- a/ui/pages/login.vue
+++ b/ui/pages/login.vue
@@ -42,8 +42,8 @@ onUnmounted(() => {
    <div class="min-h-screen min-w-screen grid place-content-center bg-base">
        <div class="flex flex-col text-center bg-surface border shadow-md px-10 py-8 rounded-2xl min-w-0 max-w-[313px]">
            <h2 class="font-semibold text-2xl mb-2">Login</h2>
-            <Input v-model="username_or_email" placeholder="Username or Email..." />
-            <Input v-model="password" type="password" placeholder="Password..." />
+            <Input class="my-2" v-model="username_or_email" placeholder="Username or Email..." />
+            <Input class="my-2" v-model="password" type="password" placeholder="Password..." />
            <p class="text-love">{{ error }}</p>
            <button @click="submitForm"
                class="py-2 px-4 my-2 bg-pine/10 text-pine rounded-md transition-colors hover:bg-pine/15 active:bg-pine/25 focus:outline-none focus:ring focus:ring-inset">Login</button>
--- a/ui/pages/signup.vue
+++ b/ui/pages/signup.vue
@@ -45,9 +45,9 @@ onUnmounted(() => {
        <div
            class="flex flex-col text-center bg-surface border border-muted/20 shadow-md px-10 py-8 rounded-2xl min-w-0 max-w-[313px]">
            <h2 class="font-semibold text-2xl mb-2">Signup</h2>
-            <Input v-model="username" placeholder="Username..." />
-            <Input v-model="email" placeholder="Email..." />
-            <Input v-model="password" type="password" placeholder="Password..." />
+            <Input class="my-2" v-model="username" placeholder="Username..." />
+            <Input class="my-2" v-model="email" placeholder="Email..." />
+            <Input class="my-2" v-model="password" type="password" placeholder="Password..." />
            <p class="text-love">{{ error }}</p>
            <button @click="submitForm"
                class="py-2 px-4 my-2 bg-pine/10 text-pine rounded-md transition-colors hover:bg-pine/15 active:bg-pine/25 focus:outline-none focus:ring focus:ring-inset">Login</button>
--- a/ui/types/user.ts
+++ b/ui/types/user.ts
@@ -2,11 +2,13 @@ export interface User {
    id: string,
    username: string,
    email: string,
-    plan: {
-        id: number,
-        max_storage: number
-    },
+    plan: Plan,
    usage: number,
    created_at: string,
    is_admin: boolean,
 }
+
+export interface Plan {
+    id: number,
+    max_storage: number
+}
--- a/utils.go
+++ b/utils.go
@@ -0,0 +1,54 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"os/exec"
+	"os/signal"
+	"syscall"
+
+	"github.com/labstack/echo/v4"
+)
+
+func spawnProcess(cmd string, args []string, e *echo.Echo) error {
+	shutdown := make(chan os.Signal, 1)
+	signal.Notify(shutdown, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT)
+	go func() {
+		cmd := exec.Command(cmd, args...)
+		cmd.Stderr = os.Stderr
+
+		// use a preocess group since otherwise the node processes spawned by bun wont die
+		cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}
+
+		err := cmd.Start()
+		if err != nil {
+			if err := syscall.Kill(-cmd.Process.Pid, syscall.SIGTERM); err != nil {
+				fmt.Println("Error sending SIGTERM to sub process group:", err)
+			}
+
+			fmt.Println("Error starting sub process:", err)
+			return
+		}
+
+		go func() {
+			<-shutdown
+
+			if err := syscall.Kill(-cmd.Process.Pid, syscall.SIGTERM); err != nil {
+				fmt.Println("Error sending SIGTERM to sub process group:", err)
+			}
+		}()
+
+		if err := cmd.Wait(); err != nil {
+			fmt.Println("Error waiting for sub process to exit:", err)
+		}
+
+		fmt.Println("sub process server stopped")
+
+		if err := e.Shutdown(context.Background()); err != nil {
+			fmt.Println("Error shutting down HTTP server:", err)
+		}
+	}()
+
+	return nil
+}