UNPKG

3xui-api-client

Version:

A Node.js client library for 3x-ui panel API with built-in credential generation, session management, and web integration support

github.com/iamhelitha/3xui-api-client

iamhelitha/3xui-api-client

155 lines (127 loc) โ€ข 7.06 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [2.1.1] - 2025-11-30 ### Fixed - ๐Ÿ› **Login Response**: `login()` method now explicitly returns the `cookie` in the response object, making it easier to store sessions in databases. - ๐Ÿ”ง **Configuration Auto-fix**: Automatically detects and fixes `PANEL_URL` configuration errors (removing trailing `/panel`) to prevent 404 errors. ### Documentation - ๐Ÿ“ **Configuration Guide**: Added critical warning about `PANEL_URL` format in README. ## [2.1.0] - 2025-08-30 ### Added - ๐Ÿ”ฅ **Firestore Session Store Support** - Custom session handler for Firebase Firestore integration - ๐Ÿ“ **Enhanced Wiki Documentation** - Comprehensive guides with real-world examples and integration patterns - ๐Ÿ” **Client Identifier Clarification** - Clear documentation that 'email' field is an identifier, not a real email address ### Enhanced - ๐Ÿ“š **Authentication Guide** - Added detailed session/cookie flow documentation and Firestore integration example - ๐Ÿ‘ฅ **Client Management Guide** - Clarified email field semantics and added identifier generation examples - ๐Ÿ› ๏ธ **Inbound Management Guide** - Added protocol-specific authentication method explanations - ๐Ÿ  **Home Documentation** - Improved navigation and cross-references between guides ### Documentation - **Session Management**: Added comprehensive Firestore adapter example with cleanup patterns - **API Flow Clarification**: Documented that all API calls automatically include stored session cookies - **Client Identifiers**: Clarified that 'email' fields use random strings (e.g., '5yhuih4hg93') for privacy - **Integration Examples**: Enhanced web integration patterns for Express.js and Next.js - **Security Best Practices**: Consolidated security guidance in Authentication Guide ### Removed - Removed any references to email generation functionality for clarity - Cleaned up duplicate content across wiki files ### Fixed - Corrected misconceptions about email field usage in 3x-ui - Improved consistency across documentation ## [2.0.0] - 2025-06-25 ### Added - ๐ŸŽฏ **Built-in Credential Generation System** - Automatic generation of random passwords, UUIDs, and client identifiers - ๐Ÿ”ง **Advanced Session Management** - Intelligent session caching, automatic renewal, and multi-server support - ๐ŸŒ **Web Integration Support** - Express.js and Next.js middleware for seamless web app integration - ๐Ÿ›ก๏ธ **Enhanced Security Framework** - Input validation, security monitoring, and secure headers management - ๐Ÿ“ฆ **Modular Architecture** - New `src/` directory structure with specialized modules: - `CredentialGenerator.js` - Random credential generation utilities - `SessionManager.js` - Advanced session handling and caching - `WebMiddleware.js` - Express/Next.js integration helpers - `ProtocolBuilders.js` - Automated inbound configuration builders - `SecurityEnhancer.js` - Security validation and monitoring ### Enhanced - ๐Ÿ” **Improved Authentication** - More robust session handling with automatic recovery - ๐Ÿ“Š **Better Error Handling** - Enhanced error messages and recovery mechanisms - ๐ŸŽจ **Developer Experience** - Improved TypeScript definitions and code documentation - ๐Ÿงช **Testing Framework** - Updated test suite with better coverage and reliability - ๐Ÿ“ **Documentation** - Comprehensive wiki updates with practical examples ### New Features - **Credential Generation**: - Random password generation with customizable complexity - UUID v4 generation for unique client identifiers - Secure random string generation for API keys - Email-like identifier generation for client management - **Session Management**: - Intelligent session caching with TTL support - Multi-server session handling - Automatic session renewal and cleanup - Database-ready session storage format - **Web Integration**: - Express.js middleware for route protection - Next.js API route helpers - Automatic cookie management - Request/response transformation utilities - **Protocol Builders**: - Automated VLESS configuration generation - VMess protocol setup helpers - Trojan and Shadowsocks builders - Reality and WireGuard configuration support ### Changed - **Breaking Change**: Enhanced API structure with new module organization - **Package Structure**: Moved from monolithic to modular architecture - **Dependencies**: Updated to latest stable versions - **Configuration**: Improved configuration options and defaults ### Security - Enhanced input validation and sanitization - Improved session security with automatic cleanup - Better error handling to prevent information leakage - Security monitoring and alerting capabilities ### Developer Experience - Better TypeScript support with comprehensive type definitions - Improved documentation with real-world examples - Enhanced testing framework with automated validation - ESLint configuration for code quality ### Performance - Optimized session management with intelligent caching - Reduced API call overhead through better request batching - Improved memory usage with automatic cleanup - Faster authentication flow with session reuse ## [1.0.0] - 2025-06-20 ### Added - Complete API client library for 3x-ui panel management - Authentication with automatic session management - Inbound management (5 methods): getInbounds, getInbound, addInbound, updateInbound, deleteInbound - Client management (7 methods): addClient, updateClient, deleteClient, getClientTrafficsByEmail, getClientTrafficsById, getClientIps, clearClientIps - Traffic management (4 methods): resetClientTraffic, resetAllTraffics, resetAllClientTraffics, deleteDepletedClients - System operations (2 methods): getOnlineClients, createBackup - Comprehensive error handling and automatic re-authentication - TypeScript definitions for better developer experience - ESM module support alongside CommonJS - Complete documentation and wiki guides - Interactive testing suite with 19 test files - Security best practices implementation ### Features - ๐Ÿ” Secure session-based authentication - ๐Ÿ”„ Automatic login retry on session expiry - ๐Ÿ“Š Complete API coverage (19 routes tested and working) - ๐Ÿ›ก๏ธ Server-side only design for security - ๐Ÿ“š Comprehensive documentation with real-world examples - ๐Ÿงช Extensive testing suite with actual API responses - ๐Ÿ“ TypeScript support for better DX - ๐Ÿ”— Both CommonJS and ESM module support ### Security - No vulnerabilities in dependencies - Secure session cookie handling - Server-side only architecture - Input validation and error handling - Automatic timeout and retry mechanisms ## [Unreleased] ### Planned - GitHub Actions CI/CD pipeline - Automated semantic releases - Enhanced unit test coverage - Performance benchmarking tools - Advanced monitoring and analytics