Dashboard Overview

Complete guide to the Ticket System web dashboard and administration panel

Dashboard Overview

The Ticket System dashboard provides a web interface for managing your ticket system. This guide covers:

  • Dashboard features and capabilities
  • System configuration management
  • User authentication and permissions
  • Administrative functions

Dashboard Features

1. System Configuration

The dashboard allows administrators to configure system settings:

  • Guild Management: Configure settings for each Discord server
  • Auto-Close Settings: Configure auto-close timers and behavior
  • Category Management: Set up ticket categories and permissions
  • User Management: Manage staff roles and permissions

2. Authentication System

The dashboard uses Discord OAuth2 for authentication:

  • Discord Login: Users authenticate with their Discord account
  • Role-Based Access: Access based on Discord roles
  • Session Management: Secure session handling with JWT
  • Permission Checks: Verify user permissions for actions

3. Administrative Functions

Administrators can perform various management tasks:

  • System Configuration: Update global system settings
  • Guild Settings: Configure per-server settings
  • User Management: Manage staff access and permissions
  • Monitoring: View system status and logs

Dashboard Architecture

1. Technology Stack

Frontend

  • Next.js 14 (App Router)
  • React 18
  • TypeScript
  • Tailwind CSS

Backend

  • Next.js API Routes
  • MongoDB with Mongoose
  • JWT Authentication
  • Discord OAuth2

Security

  • Argon2id Password Hashing
  • AES-256-GCM Encryption
  • EdDSA JWT Signing
  • Role-Based Access Control

2. Database Schema

// System configuration schema
interface ISystemConfig {
  id: string;
  maintenanceMode: boolean;
  registrationEnabled: boolean;
  maxGuildsPerUser: number;
  defaultAutoCloseHours: number;
  defaultCooldownMinutes: number;
  transcriptRetentionDays: number;
  maxFileSize: number;
  allowedFileTypes: string[];
  rateLimitRequests: number;
  rateLimitWindow: number;
}

3. API Structure

// API routes structure
/api/admin/
  /system-config/     # System configuration
  /guilds/           # Guild management
  /users/            # User management
  /tickets/          # Ticket management
  /analytics/        # Analytics and reports

/api/auth/
  /discord/          # Discord OAuth2
  /logout/           # Session logout
  /refresh/          # Token refresh

/api/webhooks/
  /discord/          # Discord webhook handling

Authentication System

1. Discord OAuth2 Flow

The dashboard uses Discord OAuth2 for secure authentication:

  1. User clicks "Login with Discord"
  2. Redirected to Discord authorization page
  3. User authorizes the application
  4. Discord redirects back with authorization code
  5. Server exchanges code for access token
  6. Server fetches user information from Discord
  7. JWT token is created and sent to client
  8. User is logged in and redirected to dashboard

2. JWT Token Structure

// JWT payload structure
{
  userId: string;
  discordId: string;
  username: string;
  avatar: string;
  guilds: Array<{
    id: string;
    name: string;
    permissions: string[];
  }>;
  roles: string[];
  iat: number;  // Issued at
  exp: number;  // Expiration
}

3. Permission System

Access control is based on Discord roles and permissions:

  • Administrator: Full access to all features
  • Manage Server: Can configure guild settings
  • Manage Channels: Can manage ticket categories
  • View Channels: Can view tickets and reports

System Configuration

1. Global Settings

System Configuration

  • Maintenance Mode: Enable/disable system maintenance
  • Registration Enabled: Allow new user registrations
  • Max Guilds Per User: Limit guilds per user account
  • Default Auto-Close Hours: Default auto-close timer
  • Default Cooldown Minutes: Default cooldown between tickets
  • Transcript Retention Days: How long to keep transcripts

2. Security Settings

Security Configuration

  • Max File Size: Maximum file upload size
  • Allowed File Types: Permitted file extensions
  • Rate Limit Requests: API rate limiting
  • Rate Limit Window: Rate limit time window
  • Session Timeout: JWT token expiration time

3. API Configuration

// System config API endpoints
GET  /api/admin/system-config     # Get current configuration
POST /api/admin/system-config     # Update configuration
GET  /api/admin/system-config/validate  # Validate configuration

// Example configuration update
{
  "maintenanceMode": false,
  "registrationEnabled": true,
  "maxGuildsPerUser": 5,
  "defaultAutoCloseHours": 72,
  "defaultCooldownMinutes": 60,
  "transcriptRetentionDays": 30,
  "maxFileSize": 10485760,  // 10MB
  "allowedFileTypes": [".png", ".jpg", ".pdf"],
  "rateLimitRequests": 100,
  "rateLimitWindow": 900  // 15 minutes
}

Guild Management

1. Guild Configuration

Each Discord server (guild) has its own configuration:

  • Auto-Close Settings: Per-guild auto-close configuration
  • Cooldown Settings: Ticket creation cooldown
  • Category Management: Ticket categories and permissions
  • User Management: Staff roles and blocked users
  • Logging: Log channels and transcript storage

2. Guild Settings Schema

interface IGuild {
  guildId: string;
  name: string;
  icon?: string;
  ownerId: string;
  memberCount: number;
  autoCloseEnabled: boolean;
  autoCloseHours: number;
  cooldownEnabled: boolean;
  cooldownMinutes: number;
  devModeEnabled: boolean;
  devModeRoles: string[];
  logChannelId?: string;
  transcriptChannelId?: string;
  blockedUsers: string[];
  maxActiveTickets: number;
  activeTickets: number;
  totalTickets: number;
  categories: ITicketCategory[];
  subscription: {
    tier: 'free' | 'pro' | 'enterprise';
    expiresAt?: Date;
    features: string[];
  };
}

3. Guild API Endpoints

// Guild management API
GET    /api/admin/guilds              # List user's guilds
GET    /api/admin/guilds/:guildId     # Get guild configuration
PUT    /api/admin/guilds/:guildId     # Update guild configuration
DELETE /api/admin/guilds/:guildId     # Remove guild

// Guild statistics
GET    /api/admin/guilds/:guildId/stats     # Get guild statistics
GET    /api/admin/guilds/:guildId/tickets   # Get guild tickets
GET    /api/admin/guilds/:guildId/logs      # Get guild logs

User Management

1. User Roles and Permissions

The dashboard supports role-based access control:

  • Administrator: Full system access
  • Guild Manager: Can manage specific guilds
  • Support Staff: Can view and manage tickets
  • Viewer: Read-only access to reports

2. User Session Management

// User session management
interface IUser {
  id: string;
  discordId: string;
  username: string;
  avatar?: string;
  email?: string;
  guilds: Array<{
    id: string;
    name: string;
    permissions: string[];
  }>;
  roles: string[];
  lastLogin: Date;
  createdAt: Date;
  updatedAt: Date;
}

3. Authentication Flow

// Authentication flow
1. User clicks "Login with Discord"
2. Redirect to Discord OAuth2
3. User authorizes application
4. Discord redirects with code
5. Server exchanges code for token
6. Server fetches user info
7. Create/update user in database
8. Generate JWT token
9. Set cookie and redirect to dashboard

Security Features

1. Data Encryption

  • Password Hashing: Argon2id with configurable parameters
  • Token Encryption: AES-256-GCM for sensitive data
  • JWT Signing: EdDSA (Ed25519) for authentication
  • Session Security: Secure HTTP-only cookies

2. Access Control

  • Role-Based Access: Permissions based on Discord roles
  • Guild-Specific Access: Users can only access their guilds
  • API Rate Limiting: Prevent abuse and DDoS attacks
  • Input Validation: Sanitize all user inputs

3. Audit Logging

  • Authentication Logs: Track login attempts and sessions
  • Configuration Changes: Log all system changes
  • API Access Logs: Monitor API usage and errors
  • Security Events: Track suspicious activities

Troubleshooting

Common Issues

Login Issues

  • Check Discord OAuth2 configuration
  • Verify redirect URI settings
  • Check client ID and secret
  • Review Discord application settings

Permission Errors

  • Check user's Discord roles
  • Verify guild permissions
  • Check JWT token validity
  • Review role-based access rules

Configuration Issues

  • Check system configuration
  • Verify guild settings
  • Review database connection
  • Check API endpoint responses

Session Problems

  • Check JWT token expiration
  • Verify cookie settings
  • Check browser security settings
  • Review session management

Debug Information

// Check user session
GET /api/auth/me

// Check guild access
GET /api/admin/guilds

// Check system status
GET /api/admin/system-config

// Check authentication status
GET /api/auth/status

Next Steps

After setting up the dashboard:

  1. Configure Users - Set up staff access and permissions
  2. Set Up Categories - Configure ticket categories
  3. Configure Auto-Close - Set up automatic ticket management
  4. Set Up Analytics - Configure reporting and monitoring