Skip to content

Admin Panel

Files: admin_routes.py, admin_db_operations.py, admin_subscription_routes.py, admin_control_flags.py


What the Admin Panel Does

The admin panel is the control center for Lenzeye operations. All user management, subscription assignment, encryption key management, feature toggles, and association management flows through here.


Admin Authentication

  • Admin login uses OTP-based email verification (same as users, separate OTP storage)
  • otp_storage dict in admin_routes.py holds pending OTPs in memory
  • After OTP verification, admin session is set
  • Separate verify_admin_otp.html and admin_login.html templates

Dashboard Capabilities

Section What It Does
User Management View all users, delete users, update plans, toggle admin status
Storage Management Set per-user storage limits, trigger Wasabi storage recalculation
Encryption Dashboard Enable/disable encryption per user, rotate user keys, view key versions
Subscription Management Assign subscription plans, view active subscriptions
Lab Portal Access Grant/revoke lab portal access per user, set lab ID and PIN
Feature Toggles Enable/disable platform-wide features via AdminControlFlags
Association Management Create and manage photography associations
Collaboration Oversight View, approve, or reject collaboration requests

AdminControlFlags Model

File: admin_control_flags.py

Global feature toggles stored in the database:

Flag Default Effect
auto_approve_collaboration_requests False Auto-approve collaboration matches
enable_razorpay_payment False Show Razorpay payment UI
enable_choosing_plan_options False Allow users to self-select plans
enable_wasabi_cloudflare_setup False Use Cloudflare-fronted Wasabi URLs
enable_dark_theme False Enable dark theme across all pages

Accessed via get_admin_flags() — returns the single row from admin_control_flags table.


Key Admin Operations

Encryption Management

```python

From admin_routes.py imports:

from lenzeye_encryption_service import ( generate_master_key, has_master_key, get_or_create_user_key, rotate_user_key, ) ```

  • Admin can enable encryption for a user (encrypt_data_b = True) — triggers key generation
  • Admin can rotate a user's key — old key retained, new key created as active
  • Admin can check master key status — confirms MASTER_KEY env var is set
  • Admin can generate a new master key (for initial setup only)

Storage Calculation

python from admin_db_operations import calculate_storage_used_from_wasabi

  • Queries Wasabi S3 to sum all object sizes under a user's email prefix
  • Updates user.storage_used in PostgreSQL
  • SKIP_WASABI_ON_LOAD = True by default — skip auto-calculation on dashboard load for performance

Lab Portal Management

python from lab_portal_async import async_set_lab_portal_access

  • Async function to grant/revoke lab portal access
  • Generates unique lab_id (e.g., LNZ-LAB-XXXX) and sets lab_pin
  • Runs in background thread to avoid blocking dashboard request

Local DB Mirror

admin_routes.py maintains a read-only local SQLite mirror (DSS_local.db) for fast dashboard queries:

python def fetch_all_users_from_local() -> list[dict] def fetch_user_from_local(email: str) -> dict | None

  • SQLite reads are fast and don't hit PostgreSQL
  • Used for display-only operations (user list, search)
  • Writes always go to PostgreSQL (the authoritative DB)

TL;DR

What it does: Full platform control — user management, encryption, subscriptions, lab access, feature flags, associations.

Key techniques: OTP admin auth, in-memory OTP storage, AdminControlFlags DB model for feature toggles, async lab portal operations, local SQLite mirror for fast user listing, encryption key management via lenzeye_encryption_service.