Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-06 05:04:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
3x-ui/web/service
History
MHSanaei d10fa8f3c0
feat(clients): client-first tgbot add flow, tgId field, lightweight inbound options 
- tgbot: drop legacy per-protocol Add Client UI in favour of a client-first
  multi-inbound flow. New BuildClientDraftMessage / getInboundsAttachPicker
  let an admin pick one or more inbounds and submit a single client; per-
  protocol secrets are now generated server-side via fillProtocolDefaults.
  Drops awaiting_id/awaiting_password_tr/awaiting_password_sh state cases
  and add_client_ch_default_id/pass_tr/pass_sh/flow callbacks. Adds a
  setTGUser button + awaiting_tg_id state so the bot can set Client.TgID
  during Add.
- clients UI: add Telegram user ID input to ClientFormModal (0 = none).
  Hide IP Limit field entirely when ipLimitEnable is off — disabled fields
  still take layout space, this collapses Auth(Hysteria) to full width.
- inbounds API: new GET /panel/api/inbounds/options that returns just
  {id, remark, protocol, port, tlsFlowCapable}. Used by the clients page
  pickers so the dropdown payload stays small on panels with thousands of
  clients (drops settings JSON, clientStats, streamSettings). Server-side
  TlsFlowCapable mirrors Inbound.canEnableTlsFlow so the modal no longer
  needs to parse streamSettings client-side.
- clientInfoMsg now shows attached inbound remarks, and getInboundUsages
  reports the attached client count per inbound.
- api-docs: document the new /options endpoint and add tgId / flow to the
  clients add/update bodies.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-18 02:11:30 +02:00
..
api_token.go feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 2026-05-13 16:34:31 +02:00
client.go fix(shadowsocks): generate valid ss2022 keys and per-client method for legacy ciphers 2026-05-18 00:19:09 +02:00
client_test.go fix(clients): include inboundIds and traffic in /clients/list 2026-05-17 19:04:54 +02:00
config.json feat(inbounds): align tunnel, tun, and hysteria UI with Xray docs 2026-05-13 22:44:08 +02:00
custom_geo.go fix(security): SSRF-guard node and remote HTTP clients 2026-05-13 13:33:53 +02:00
custom_geo_test.go v3 2026-05-10 02:13:42 +02:00
fallback.go feat(inbounds): add Port-with-Fallback inbound type 2026-05-17 07:44:01 +02:00
inbound.go feat(clients): client-first tgbot add flow, tgId field, lightweight inbound options 2026-05-18 02:11:30 +02:00
metric_history.go refactor(server): move cached state and helpers into ServerService 2026-05-17 18:17:50 +02:00
node.go refactor(clients): switch client API endpoints from id to email 2026-05-17 16:41:48 +02:00
nord.go feat(xray/nord): searchable server list + colored load tag, surface API errors 2026-05-11 10:06:01 +02:00
outbound.go fix(outbound): probe UDP-based outbounds over UDP instead of TCP 2026-05-15 12:29:53 +02:00
panel.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
panel_other.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
panel_test.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
panel_unix.go feat: add panel update functionality via web GUI (#4117) 2026-04-28 18:46:55 +02:00
port_conflict.go fix(inbounds): scope port check to node and preserve caller tag 2026-05-11 12:51:45 +02:00
port_conflict_test.go fix(inbounds): scope port check to node and preserve caller tag 2026-05-11 12:51:45 +02:00
server.go refactor(server): move cached state and helpers into ServerService 2026-05-17 18:17:50 +02:00
server_vlessenc_test.go Feat: clarify VLESS encryption auth selection (#4271) 2026-05-12 11:39:28 +02:00
setting.go Add possibility to remove client email from sub (#4297) 2026-05-13 19:04:17 +02:00
setting_security_test.go feat(api-tokens): manage multiple named tokens; add tab/section anchor URLs 2026-05-13 16:34:31 +02:00
tgbot.go feat(clients): client-first tgbot add flow, tgId field, lightweight inbound options 2026-05-18 02:11:30 +02:00
tgbot_test.go Implement CSRF protection and security hardening across the application (#4179) 2026-05-07 23:36:11 +02:00
traffic_writer.go Fix: traffic writer restart freeze (#4265) 2026-05-12 11:36:05 +02:00
traffic_writer_test.go Fix: traffic writer restart freeze (#4265) 2026-05-12 11:36:05 +02:00
url_safety.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
user.go fix(auth): invalidate sessions when 2FA is enabled, fix dev 401 loop 2026-05-13 14:08:16 +02:00
warp.go fix(warp): set license against Cloudflare API and surface errors inline 2026-05-13 21:13:16 +02:00
websocket.go v3 2026-05-10 02:13:42 +02:00
xray.go fix(shadowsocks): generate valid ss2022 keys and per-client method for legacy ciphers 2026-05-18 00:19:09 +02:00
xray_metrics.go Security hardening: sessions, SSRF, CSP nonce, CSRF logout, trusted proxies (#4275) 2026-05-13 12:52:52 +02:00
xray_setting.go v3 2026-05-10 02:13:42 +02:00
xray_setting_test.go xray-setting: pin api routing rule to index 0 on save (#4124) 2026-04-28 17:49:39 +02:00