Docs
Features

Admin Panel

Feature-rich dashboard for managing users, roles, products, orders, and content — with stats cards and Recharts line charts.

Accessing the Admin Panel

Navigate to the admin panel in your browser (default path: /admin, configurable via admin.path in src/config/site.ts). You will be redirected to the login page if not authenticated.

Hiding the Admin Path

By default the admin panel is accessible at /admin. You can change this to any path you like by editing admin.path in src/config/site.ts:

// src/config/site.ts
export const siteConfig = {
  admin: {
    // Change this to any secret path to obscure the admin panel URL
    path: '/my-secret-admin',
  },
}

All admin routes — login, dashboard, and every sub-page — are automatically served under the new path. No additional changes are required.

This is security through obscurity, not a replacement for strong authentication. Always use strong passwords and keep admin.path out of public version control.

Dashboard

The landing page of the admin panel (/admin) shows:

  • Stats cards — total users, orders, and revenue for the current period
  • Line charts (Recharts) — user registrations, order volume, and revenue over the last 30 days
  • Recent orders — last 10 orders with status badges
  • Quick links — shortcuts to the most common management screens

Member Management

Admin → Members (/admin/members)

Manage front-end (non-admin) user accounts:

ActionDescription
View listPaginated, searchable by email or name
Enable / DisableToggle account access without deleting
Reset passwordSend a password-reset email to the user
View ordersSee all orders placed by a specific member

Disabling a member immediately invalidates their active sessions.

Admin User Management

Admin → Admin Users (/admin/users)

Manage admin accounts:

  • Create new admin users with username, email, and password
  • Assign one or more roles per user
  • Edit profile details and change passwords
  • Delete admin accounts (audit log entry created automatically)
  • Toggle superuser flag (superusers bypass all permission checks)
// Programmatic creation uses the shared helper:
import { createAdminUser } from '@/lib/admin'

await createAdminUser({
  username: 'editor',
  email: 'editor@example.com',
  password: 'SecurePass1!',
  roleIds: [editorRole.id],
})

Role & Permission Management

Admin → Roles (/admin/roles)
Admin → Permissions (/admin/permissions)

Permissions

Create fine-grained permissions using the resource:action convention:

post:create
post:edit
post:delete
order:refund

Roles

Group permissions into named roles:

Editor
  ✅ post:create
  ✅ post:edit
  ✅ post:delete

Support
  ✅ order:view
  ✅ member:view

Assign roles to admin users from the Admin Users screen. A user can hold multiple roles; permissions are merged.

Product Management

Admin → Products (/admin/products)

Full CRUD for products:

FieldDescription
Name, descriptionRich text description
PriceAmount + currency
Stock quantityOptional inventory tracking
Featured imageUpload or URL
Payment methodsEnable Stripe / PayPal one-time or subscription per product
Statusactive / inactive

Changes take effect immediately — no rebuild needed.

Order Management

Admin → Orders (/admin/orders)

  • Filter by status (pending, completed, failed, refunded, expired)
  • Filter by payment provider (Stripe / PayPal)
  • Full-text search by order ID, product name, or user email
  • Manually update order status (e.g., mark as refunded after issuing a refund in the provider dashboard)
  • View full order detail including payment intent ID for cross-referencing in Stripe / PayPal dashboards

Content Management

Admin → Posts (/admin/posts)
Admin → Pages (/admin/pages)
Admin → Categories (/admin/categories)

Full editorial workflow for all content types — see Content Management for details.

Audit Logs

Admin → Audit Logs (/admin/audit-logs)

Every write action performed by any admin user is recorded:

  • Filter by admin user, action type, resource, or date range
  • Each entry shows: timestamp, admin, action, resource + ID, IP address, user agent
  • Logs are read-only and cannot be modified or deleted from the UI

Social Management

Admin → Social → Comments (/admin/social/comments)

Manage and moderate user comments, replies, and likes:

FeatureDescription
Comments listPaginated, filterable by status (pending/approved/rejected) and target type (blog/page/product)
Bulk approveSelect multiple comments and approve them in batch
Bulk rejectSelect multiple comments and reject them in batch
Bulk deleteSelect multiple comments and delete them in batch
View repliesClick to view all replies under a specific comment
Sensitive word filteringSystem automatically detects and flags comments containing sensitive words

Supported target types: blog (posts), page (pages), product (products).

System Settings

Admin → Settings (/admin/settings)

Unified settings management with the following tabs:

Social Settings

  • Enable/disable comments
  • Enable/disable likes
  • Require approval for comments and replies
  • Maximum length limits for comments and replies
  • Sensitive words list (one per line, comments/replies containing these words will be flagged)

System Settings

  • Support email address
  • Site favicon URL

Locale Settings

  • Default language configuration
  • Supported languages management (add/remove languages)
  • Supports any language: Chinese, English, Spanish, etc.

Upload Settings

  • Maximum image size (MB)
  • Allowed image types

Auth Settings

  • Login rate limiting toggle
  • Maximum login attempts
  • Lockout window (minutes)
  • Minimum password strength requirement

Admin Settings

  • Admin panel pagination size
  • Admin password minimum strength
  • Article import quantity limit

Payment Settings

  • Default currency
  • Default payment mode (sandbox/production)
  • Default subscription interval

Layout & Navigation

The admin panel uses a fixed sidebar layout defined in src/app/admin/layout.tsx. Navigation links are translated via useTranslations('admin.layout') — add new menu items by:

  1. Adding the route under src/app/admin/
  2. Adding the link in the sidebar navigation array
  3. Adding the translation key to src/locales/en.json and src/locales/zh.json

Permissions Reference

Every admin page enforces its own permission. The table below maps screens to required permissions:

ScreenRequired Permission
Dashboardany authenticated admin
MembersMEMBER_VIEW
Admin UsersADMIN_USER_VIEW
RolesADMIN_ROLE_VIEW
ProductsPRODUCT_VIEW
OrdersORDER_VIEW
Posts / PagesPOST_VIEW
Audit Logssuperuser only

Next Steps

Content Management

Full CMS for articles and standalone pages with TipTap rich-text editor, draft/publish/schedule workflow, categories, tags, SEO fields, and in-article product embeds.

Email

Transactional email with Mailgun and Resend dual-service support — verification codes, order notifications, and pre-built HTML templates.

On this page

Accessing the Admin PanelHiding the Admin PathDashboardMember ManagementAdmin User ManagementRole & Permission ManagementPermissionsRolesProduct ManagementOrder ManagementContent ManagementAudit LogsSocial ManagementSystem SettingsSocial SettingsSystem SettingsLocale SettingsUpload SettingsAuth SettingsAdmin SettingsPayment SettingsLayout & NavigationPermissions ReferenceNext Steps
Admin Panel | Tikship