3x-ui/internal/web
MHSanaei 43500a5470
feat(mtproto): per-client ad-tags, management-API auth, and record secret sync
Catch the panel up to the mtg-multi README (v1.14.0):

- Each client can now carry its own 32-hex advertising tag overriding the
  inbound-level one. The tag lives on the client (settings JSON is the
  source of truth, clients.ad_tag is the UI projection), is rendered into
  the fork's [secret-ad-tags] section for active secrets only (mtg rejects
  a config whose override names an unknown secret), is pushed per entry
  through PUT /secrets, and is part of the reload fingerprint so a tag
  edit hot-applies without dropping connections.
- The loopback management API can replace the whole secret set, so every
  mtg process now gets a random per-process api-token; the manager sends
  it as a bearer token on PUT /secrets and GET /stats and reuses it across
  config rewrites, because mtg reads the token only at startup.
- Malformed tags are rejected at every save path and additionally dropped
  in InstanceFromInbound: one bad tag would otherwise fail the whole
  generated config and take every client of the inbound down with it.
- SyncInbound never copied a re-keyed mtproto secret into the canonical
  clients table, so the clients page and subscription links kept serving
  the old secret, which mtg then rejects. It is now guarded-copied like
  the other credentials.
2026-07-07 12:00:43 +02:00
..
controller feat(outbound): add real-delay connection test mode 2026-07-06 08:35:48 +02:00
entity feat: ldap skip tls verify (#5637) 2026-06-28 18:10:38 +02:00
global refactor: focused service files, leaf subpackages, and an internal/ layout (#5167) 2026-06-10 15:19:22 +02:00
job fix(mtproto): stop dropping connections on client/inbound edits; add live updates + ad-tag (#5838) 2026-07-07 01:13:24 +02:00
locale style: adopt golangci-lint v2 and resolve all findings 2026-06-27 15:42:22 +02:00
middleware fix(web): tighten database restore body-cap exemption (#5609) 2026-06-28 15:00:55 +02:00
network style: adopt golangci-lint v2 and resolve all findings 2026-06-27 15:42:22 +02:00
runtime fix(mtproto): stop dropping connections on client/inbound edits; add live updates + ad-tag (#5838) 2026-07-07 01:13:24 +02:00
service feat(mtproto): per-client ad-tags, management-API auth, and record secret sync 2026-07-07 12:00:43 +02:00
session refactor: focused service files, leaf subpackages, and an internal/ layout (#5167) 2026-06-10 15:19:22 +02:00
translation feat(mtproto): per-client ad-tags, management-API auth, and record secret sync 2026-07-07 12:00:43 +02:00
websocket feat(web): broadcast delta client stats above a snapshot threshold 2026-07-02 16:34:01 +02:00
cadence_test.go refactor(web): centralize background job cadences (#5269) 2026-06-14 22:50:24 +02:00
web.go fix(web): tighten database restore body-cap exemption (#5609) 2026-06-28 15:00:55 +02:00
web_mtls.go feat(node): node hardening — mTLS, hashed+zstd reconcile transport, per-node net metrics (#5382) 2026-06-16 12:19:33 +02:00
web_mtls_test.go feat(node): node hardening — mTLS, hashed+zstd reconcile transport, per-node net metrics (#5382) 2026-06-16 12:19:33 +02:00