Dashboard is a NodeJS project that provides a reusable account management system for web applications.
Dashboard proxies your application server to create a single website where pages like signing in or changing your password are provided by Dashboard. Your application server can be anything you want, and use Dashboard's API to access data as required.
Using modules you can expand Dashboard to include organizations, subscriptions powered by Stripe, or a Stripe Connect platform.
Hastebin is an open source pastebin web application. It started as a service for anonymous guests only, and was transformed with Dashboard and modules into a web application for registered users, with support for sharing posts with organizations and paid subscriptions.
The user and administration documentation contain screenshots demonstrating Dashboard and its modules in use.
 |
|---|
| How content is separated between dashboard and application servers |
 |
|---|
| Administration page provided by Dashboard |
 |
|---|
| Dashboard's header with content served by application server |
You can use Dashboard with your local file system or other storage backends with various pros and cons. The storage may apply AES-256 encryption by specifying a 32-character encryption secret:
ENCRYPTION_KEY="abcdefghijklmnopqrstuvwxyz123456"
| Name | Description | Package | Repository |
|---|---|---|---|
| Redis | Very fast but expensive to scale | @userdashboard/storage-redis | github |
| Amazon S3 | Slow but cheap to scale | @userdashboard/storage-s3 | github |
| PostgreSQL | Fast but not cheap to scale | @userdashboard/storage-postgresql | github |
You can code your own alternatives for other databases by copying the Storage API's basic operations to read, write and list data.
Additional APIs, content and functionality can be added by npm install and nominating Dashboard modules in your package.json. You can read more about this on the Dashboard package.json documentation
"dashboard": {
"modules": [ "package", "package2" ]
}
Modules can supplement the global.sitemap with additional routes which automatically maps them into the Private API shared as global.api.
| Name | Description | Package | Repository |
|---|---|---|---|
| MaxMind GeoIP | IP address-based geolocation | @userdashboard/maxmind-geoip | github |
| Organizations | User created groups | @userdashboard/organizations | github |
| Stripe Subscriptions | SaaS functionality | @userdashboard/stripe-subscriptions | github |
| Stripe Connect | Marketplace functionality | @userdashboard/stripe-connect | github |
You must install NodeJS 8.12.0+ prior to these steps. Dashboard is installed via NPM which is bundled with NodeJS. It is installed within the node_modules/@userdashboard/dashboard folder. You can configure Dashboard within your package.json and start script.
$ mkdir project
$ cd project
$ npm init
$ npm install @userdashboard/dashboard
# create a main.js
# create a src/www/index.html to override home page
# create a src/www/account/register.html to override register page
$ NODE_ENV="development" \
DASHBOARD_SERVER=http://localhost:8000 \
APPLICATION_SERVER=http://localhost:8001 \
APPLICATION_SERVER_TOKEN="abcdef" \
DOMAIN=localhost \
node main.js
Your main.js should contain the code to start Dashboard:
const dashboard = require('@userdashboard/dashboard')
dashboard.start(__dirname)
Your sitemap will output the server address, by default you can access it at:
http://localhost:8000
Your application can server can be written using your preferred technology stack. When your server receives a request from your Dashboard server it includes identifiers for the user and session.
Requests can be verified via the APPLICATION_SERVER_TOKEN. This is a shared secret known by both the Dashboard and your application server. This token and account/session identifiers allow you to query the Dashboard server's API for additional information.
if (req.headers['x-dashboard-server'] === MY_DASHBOARD_SERVER)
if (req.headers['x-accountid']) {
const accountid = req.headers['x-accountid']
const sessionid = req.headers['x-sessionid']
if (!bcrypt.compareSync(`${APPLICATION_SERVER_TOKEN}/${accountid'}/${sessionid}`, req.headers['x-dashboard-token'])) {
res.statusCode = 404
return res.end()
}
}
}
If you are using NodeJS and Express or Connect for your web server the Express Application Server middleware will do this for you.
Dashboard accounts optionally support anonymous registration and irreversibly encrypt signin username and passwords. There are no third-party trackers, analytics or resources embedded in Dashboard pages.
Development takes place on Github with releases on NPM.
This software is distributed under the MIT license.