AIGCS

Admin Panel

Complete guide to the AIGCS management panel

Overview

The AIGCS admin panel is a single-page application (React + TanStack Router) with the following sections:

SectionRouteDescription
Dashboard/System overview and statistics
Sites/sitesMulti-tenant site management
Providers/providersAI provider configuration
Prompts/promptsSystem prompt templates
Cache/cachePage cache management
Reactions/reactionsEmoji reaction types
Users/usersUser management (admin only)
Plugins/pluginsPlugin management
Webhooks/webhooksWebhook configuration
API Tokens/api-tokensAPI access tokens
Audit Log/audit-logActivity audit trail
Profile/profilePersonal settings
Settings/settingsGlobal system settings

Dashboard

The dashboard shows:

  • Total Sites — number of registered sites
  • Total Providers — AI provider count across all sites
  • Total Comments — generated AI comments
  • Cached Pages — pages with cached content

Notification Center

The bell icon at the top right of the admin panel serves as a global Notification Center. It automatically polls the background every 30 seconds. You will receive real-time push notifications with an unread red dot for the following events:

  • Batch cache warming tasks (Success/Failure)
  • RSS feed comment import completion
  • New visitor submissions via the native plugin

Site Management

Each Site represents a website where AIGCS comments are embedded.

Site Settings

SettingTypeDefaultDescription
autoGeneratebooleanfalseAuto-generate comments on page view
cacheTtlnumber3600Cache TTL in seconds
themestringautoWidget theme (auto/light/dark)
commentPluginstringActive comment plugin name
avatarModestringaigcsAvatar mode (aigcs/mravatar/off)
contentSelectorstringCSS selector for page content extraction
aiBadgePositionstringnickAI badge position (nick/br/tl/bl/tr/tl-inline)
reactionEnabledbooleantrueEnable emoji reactions
pingTokenstringPing webhook token

Comment Markdown

Comments in the admin panel are rendered as Markdown (GFM). Both AI-generated and visitor-submitted comments support bold, italic, inline code, code blocks, links, lists, and blockquotes. Content is sanitized server-side via DOMPurify.

Creating a Site

  1. Click Add Site
  2. Enter the Domain (e.g., blog.example.com)
  3. Enter the Name (e.g., My Blog)
  4. Click Save

AI Provider Management

See the AI Providers section for detailed configuration of all 14+ providers.

Provider Features

  • Encrypted API Keys — all API keys are encrypted at rest using AES-256-GCM
  • Test Provider — generate a sample comment to verify configuration
  • Drag-and-Drop Sort — reorder providers to control comment generation priority
  • Custom Avatars — upload SVG avatars for each provider

Provider Defaults

Global provider defaults can be configured in the Providers page. These serve as templates when adding providers to individual sites.

Prompt Templates

Prompt templates are system prompts used to instruct AI models on how to generate comments.

Features

  • 8 Languages — zh, en, ja, ko, fr, es, de, pt
  • Categories — organize prompts by purpose
  • Import — bulk import from GitHub raw JSON URL
  • Global System Prompt — prepended to all generation prompts

Prompt Format

{
  "name": "technical-review",
  "content": "You are a technical reviewer...",
  "lang": "en",
  "category": "technical",
  "isSystem": true
}

Cache Management

The cache system manages page content and AI comment generation.

Cache States

StateDescription
pendingAwaiting content fetch and generation
generatingContent being fetched, AI providers generating
readyComments available and cached
failedAll providers errored during generation

Operations

  • Fetch & Generate — fetch page content and generate comments
  • Warm Cache — batch generate for multiple pages. This process runs silently in the background. A generation report will be pushed to the site owner via the top "Notification Center" when finished.
  • Clear Cache — remove cached entries
  • Restore — recover deleted cache entries

Reaction Management

Six built-in emoji reactions are provided:

EmojiLabelSort
👍Thumbs Up1
😄Smile2
🎉Tada3
❤️Heart4
🚀Rocket5
👀Eyes6

Custom reactions can be added, and any reaction can be enabled/disabled.

User Management

Available to admin role users only.

  • List all users
  • Create new users
  • Edit user details and role

Comment Import/Export

Available per site in the site dashboard. Supports bulk import/export of native visitor comments.

Export

Click Export Comments to download all visitor comments for the site as JSON. Each comment includes: id, path, parentId, authorName, authorEmail, content, status, timestamps.

Import

  1. Prepare a JSON file with a comments array (or use an exported file)
  2. Click Select File → choose your JSON
  3. Click Import Comments
  4. Results show: { imported, skipped, total }

Duplicate IDs are automatically skipped.

RSS Auto Import

In addition to manual JSON imports, you can provide an RSS feed URL for a site. The system will automatically parse articles from the RSS and fetch data to build or synchronize the comment article structure for that site. Once fetched, the results will be reported to you via the Notification Center.

Download Template

Click Download Template to get a sample JSON with example comments (including replies) to guide your import format.

Plugin Management

See the Plugins section for details.

Webhook Management

See the Webhooks section for details.

API Tokens

Three scope levels:

ScopePermissions
readRead-only access to public APIs
read_writeRead and write access
adminFull administrative access

Tokens start with aigcs_ prefix and are stored as SHA-256 hashes.

Audit Log

Tracks all admin actions with:

  • User ID
  • Action type
  • IP address
  • User agent
  • Details (JSON)

Audit logs are user-scoped — regular users only see their own actions.

Profile Settings

Avatar

  • Max 2MB, formats: png/jpg/gif/webp
  • Stored as file in data/avatars/
  • Gravatar fallback with timeout handling

TOTP Two-Factor Authentication

  1. Setup — click Enable, scan QR code with authenticator app
  2. Verify — enter a code from the app
  3. Backup Codes — 8 one-time recovery codes (save them securely)
  4. Login — after password, enter TOTP code

Change Password

Requires current password verification. Passwords are hashed with Argon2id.

System Settings

SMTP

FieldDescription
HostSMTP server hostname
PortSMTP port (default: 587)
UserSMTP username
PasswordEncrypted at rest
From EmailSender address
From NameSender display name

Email Language — set the locale for notification email templates (en or zh). This controls the language of subject lines and body content for all email types (welcome, verification codes, comment notifications, etc.). Templates are fully bilingual.

CAPTCHA

Supported providers:

ProviderEnv Variables
Cloudflare TurnstileTURNSTILE_SITE_KEY, TURNSTILE_SECRET_KEY
Google reCAPTCHARECAPTCHA_SITE_KEY, RECAPTCHA_SECRET_KEY
GeeTestGEETEST_CAPTCHA_ID, GEETEST_CAPTCHA_KEY
hCaptchaHCAPTCHA_SITE_KEY, HCAPTCHA_SECRET_KEY
AltchaALTCHA_SITE_KEY, ALTCHA_SECRET_KEY
CAP.soCAP_SITE_KEY, CAP_SECRET_KEY, CAP_VERIFY_URL

CORS

  • Empty list: only the site's domain is allowed
  • *: allow all origins
  • Comma-separated URLs: specific origins allowed

When creating or updating a site, http://{domain} and https://{domain} are automatically added to the allowed origins list.

Rate Limiting

LimitDefaultScope
Admin API100 req/60sPer IP
Widget Reactions50 req/hourPer visitor
Verification Codes5 req/dayPer email