v11.0.35

.gitignore

@@ -21,3 +21,4 @@ dist_*/
 **/.claude/settings.local.json
 .nogit/data/
 readme.plan.md
+.playwright-mcp/

.playwright-mcp/console-2026-02-23T10-44-24-024Z.log

@@ -1,7 +0,0 @@
-[      74ms] TypeError: Cannot read properties of null (reading 'appendChild')
-    at TypedserverStatusPill.show (http://localhost:3000/typedserver/devtools:17607:21)
-    at TypedserverStatusPill.updateStatus (http://localhost:3000/typedserver/devtools:17567:10)
-    at ReloadChecker.checkReload (http://localhost:3000/typedserver/devtools:18137:23)
-    at async ReloadChecker.start (http://localhost:3000/typedserver/devtools:18224:9)
-[     587ms] [ERROR] method: >>getMergedRoutes<< got an ERROR: "unauthorized" with data undefined @ http://localhost:3000/bundle.js:13
-[     697ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/routes:0

.playwright-mcp/console-2026-02-23T11-19-21-255Z.log

@@ -1,12 +0,0 @@
-[     669ms] [WARNING] Lit is in dev mode. Not recommended for production! See https://lit.dev/msg/dev-mode for more information. @ http://localhost:3000/chunk-3L5NJTXF.js:13541
-[     729ms] [ERROR] Failed to load resource: the server responded with a status of 404 (Not Found) @ http://localhost:3000/favicon.ico:0
-[   27973ms] [ERROR] WebSocket connection to 'ws://localhost:3000/ws/reload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/main.js:115
-[   27973ms] [ERROR] [ReloadService] WebSocket error: Event @ http://localhost:3000/main.js:141
-[   29975ms] [ERROR] WebSocket connection to 'ws://localhost:3000/ws/reload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/main.js:115
-[   29975ms] [ERROR] [ReloadService] WebSocket error: Event @ http://localhost:3000/main.js:141
-[   33977ms] [ERROR] WebSocket connection to 'ws://localhost:3000/ws/reload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/main.js:115
-[   33978ms] [ERROR] [ReloadService] WebSocket error: Event @ http://localhost:3000/main.js:141
-[   41980ms] [ERROR] WebSocket connection to 'ws://localhost:3000/ws/reload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/main.js:115
-[   41980ms] [ERROR] [ReloadService] WebSocket error: Event @ http://localhost:3000/main.js:141
-[   51983ms] [ERROR] WebSocket connection to 'ws://localhost:3000/ws/reload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/main.js:115
-[   51983ms] [ERROR] [ReloadService] WebSocket error: Event @ http://localhost:3000/main.js:141

.playwright-mcp/console-2026-02-23T11-20-31-682Z.log

@@ -1,6 +0,0 @@
-[      55ms] TypeError: Cannot read properties of null (reading 'appendChild')
-    at TypedserverStatusPill.show (http://localhost:3000/typedserver/devtools:17607:21)
-    at TypedserverStatusPill.updateStatus (http://localhost:3000/typedserver/devtools:17567:10)
-    at ReloadChecker.checkReload (http://localhost:3000/typedserver/devtools:18137:23)
-    at async ReloadChecker.start (http://localhost:3000/typedserver/devtools:18224:9)
-[     791ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0

.playwright-mcp/console-2026-02-23T11-21-09-382Z.log

@@ -1,50 +0,0 @@
-[     272ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for Refresh-cw
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078)
-    at async N._$EP (http://localhost:3000/bundle.js:1:9024) @ http://localhost:3000/bundle.js:1203
-[     272ms] [WARNING] Lucide icon 'Refresh-cw' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     274ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for Pause-circle
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078)
-    at async N._$EP (http://localhost:3000/bundle.js:1:9024) @ http://localhost:3000/bundle.js:1203
-[     274ms] [WARNING] Lucide icon 'Pause-circle' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     275ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for Refresh-cw
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[     275ms] [WARNING] Lucide icon 'Refresh-cw' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     276ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for Refresh-cw
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078)
-    at async N._$EP (http://localhost:3000/bundle.js:1:9024) @ http://localhost:3000/bundle.js:1203
-[     276ms] [WARNING] Lucide icon 'Refresh-cw' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     276ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for Refresh-cw
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[     276ms] [WARNING] Lucide icon 'Refresh-cw' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     297ms] [ERROR] method: >>getMergedRoutes<< got an ERROR: "unauthorized" with data undefined @ http://localhost:3000/bundle.js:13
-[     377ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/routes:0
-[   78064ms] [ERROR] method: >>getMergedRoutes<< got an ERROR: "unauthorized" with data undefined @ http://localhost:3000/bundle.js:13
-[   78237ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/routes:0
-[  127969ms] [ERROR] WebSocket connection to 'ws://localhost:3000/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/typedserver/devtools:16227
-[  127969ms] [ERROR] TypedSocket WebSocket error: Event @ http://localhost:3000/typedserver/devtools:16251
-[  129695ms] [ERROR] WebSocket connection to 'ws://localhost:3000/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/typedserver/devtools:16227
-[  129695ms] [ERROR] TypedSocket WebSocket error: Event @ http://localhost:3000/typedserver/devtools:16251
-[  133309ms] [ERROR] WebSocket connection to 'ws://localhost:3000/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED @ http://localhost:3000/typedserver/devtools:16227
-[  133309ms] [ERROR] TypedSocket WebSocket error: Event @ http://localhost:3000/typedserver/devtools:16251
-[  141762ms] [ERROR] method: >>getMergedRoutes<< got an ERROR: "unauthorized" with data undefined @ http://localhost:3000/bundle.js:13
-[  141910ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/routes:0

.playwright-mcp/console-2026-02-23T11-23-44-606Z.log

@@ -1,23 +0,0 @@
-[     437ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0
-[   38948ms] [WARNING] FontAwesome icon not found: circle-check @ http://localhost:3000/bundle.js:1203
-[   52895ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   52896ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   52896ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   52897ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   99401ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   99401ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174

.playwright-mcp/console-2026-02-23T12-47-06-007Z.log

@@ -1,31 +0,0 @@
-[      75ms] TypeError: Cannot read properties of null (reading 'appendChild')
-    at TypedserverStatusPill.show (http://localhost:3000/typedserver/devtools:17607:21)
-    at TypedserverStatusPill.updateStatus (http://localhost:3000/typedserver/devtools:17567:10)
-    at ReloadChecker.checkReload (http://localhost:3000/typedserver/devtools:18137:23)
-    at async ReloadChecker.start (http://localhost:3000/typedserver/devtools:18224:9)
-[     763ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0
-[   22315ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   22315ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   22316ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   22316ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   22321ms] [ERROR] method: >>listApiTokens<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13
-[   22322ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   22322ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   22322ms] [ERROR] method: >>listApiTokens<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13
-[   65371ms] [ERROR] method: >>createApiToken<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13
-[   65371ms] [ERROR] Failed to create token: zs @ http://localhost:3000/bundle.js:38142

.playwright-mcp/console-2026-02-23T12-48-31-563Z.log

@@ -1,25 +0,0 @@
-[     642ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0
-[  114916ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0
-[  179731ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[  179731ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[  179731ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[  179732ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[  179737ms] [ERROR] method: >>listApiTokens<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13
-[  179738ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[  179738ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[  179738ms] [ERROR] method: >>listApiTokens<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13

.playwright-mcp/console-2026-02-23T12-53-33-702Z.log

@@ -1 +0,0 @@
-[     603ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0

.playwright-mcp/console-2026-02-23T12-55-40-311Z.log

@@ -1,24 +0,0 @@
-[     308ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[     309ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     309ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[     310ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     349ms] [ERROR] method: >>listApiTokens<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13
-[     350ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[     350ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[     351ms] [ERROR] method: >>listApiTokens<< got an ERROR: "admin access required" with data undefined @ http://localhost:3000/bundle.js:13
-[     500ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/apitokens:0

.playwright-mcp/console-2026-02-23T12-57-47-953Z.log

@@ -1,30 +0,0 @@
-[     427ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0
-[   44124ms] [WARNING] FontAwesome icon not found: circle-check @ http://localhost:3000/bundle.js:1203
-[   59106ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   59106ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   59107ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   59107ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   59116ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   59116ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174
-[   89192ms] [ERROR] Error rendering Lucide icon: Error: Could not create element for MagnifyingGlass
-    at N.updated (http://localhost:3000/bundle.js:1204:736)
-    at N._$AE (http://localhost:3000/bundle.js:1:9837)
-    at N.performUpdate (http://localhost:3000/bundle.js:1:9701)
-    at N.scheduleUpdate (http://localhost:3000/bundle.js:1:9170)
-    at N._$EP (http://localhost:3000/bundle.js:1:9078) @ http://localhost:3000/bundle.js:1203
-[   89192ms] [WARNING] Lucide icon 'MagnifyingGlass' not found in lucideIcons object @ http://localhost:3000/bundle.js:1174

changelog.md

@@ -1,5 +1,384 @@
 # Changelog
 
+## 2026-03-05 - 11.0.35 - fix(dev-deps)
+bump @git.zone/tsbuild devDependency to ^4.1.23
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.22 to ^4.1.23 in package.json
+
+## 2026-03-05 - 11.0.34 - fix(dcrouter)
+empty diff — no changes detected; no version bump suggested
+
+- No file changes in the provided git diff
+- Current package.json version is 11.0.33 — keep unchanged
+
+## 2026-03-05 - 11.0.33 - fix(build)
+bump @git.zone/tsbuild to ^4.1.22
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.21 to ^4.1.22
+- Change affects build tooling only (devDependencies) — no runtime or API changes expected
+
+## 2026-03-05 - 11.0.32 - fix(dev-deps)
+bump @git.zone/tsbuild devDependency to ^4.1.21
+
+- Updated package.json devDependency @git.zone/tsbuild from ^4.1.20 to ^4.1.21
+- Change affects development tooling only (no runtime/source changes)
+- Bump package patch version from 11.0.31 to 11.0.32 recommended
+
+## 2026-03-05 - 11.0.31 - fix(deps)
+bump @git.zone/tsbuild devDependency to ^4.1.20
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.19 to ^4.1.20
+
+## 2026-03-05 - 11.0.30 - fix(devDependencies)
+bump @git.zone/tsbuild devDependency to ^4.1.19
+
+- Updated @git.zone/tsbuild from ^4.1.18 to ^4.1.19 in package.json
+- Change is limited to devDependencies (build toolchain) and should not affect runtime behavior
+
+## 2026-03-05 - 11.0.29 - fix(build)
+bump @git.zone/tsbuild devDependency to ^4.1.18
+
+- Updated @git.zone/tsbuild from ^4.1.17 to ^4.1.18
+- Change is a devDependency update only; no runtime behavior expected to change
+- Recommend patch version bump
+
+## 2026-03-05 - 11.0.28 - fix(devDependencies)
+bump @git.zone/tsbuild devDependency to ^4.1.17
+
+- package.json: updated @git.zone/tsbuild from ^4.1.16 to ^4.1.17 (devDependency)
+
+## 2026-03-05 - 11.0.27 - fix(deps)
+bump @git.zone/tsbuild to ^4.1.16
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.15 to ^4.1.16 in package.json
+- No runtime code or dependency changes; only a dev/build tool bump
+
+## 2026-03-05 - 11.0.26 - fix(devDependencies)
+bump @git.zone/tsbuild devDependency to ^4.1.15
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.14 to ^4.1.15 in package.json
+- No runtime changes; development tooling update only
+
+## 2026-03-05 - 11.0.25 - fix(logger)
+remove build verification comment from logger export
+
+- Removed parenthetical '(build verification)' from export comment in ts/logger.ts
+- No functional changes — this is a comment-only cleanup
+
+## 2026-03-05 - 11.0.24 - fix(dcrouter)
+no changes detected — no release necessary
+
+- No files changed in the provided diff; no code, docs, or dependency updates to release.
+
+## 2026-03-05 - 11.0.23 - fix(deps)
+bump @git.zone/tsbuild devDependency to ^4.1.14
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.13 to ^4.1.14 in package.json
+- Change affects build tooling only (devDependencies); no production code changes
+
+## 2026-03-05 - 11.0.22 - fix(deps)
+bump @git.zone/tsbuild devDependency to ^4.1.13
+
+- Updated @git.zone/tsbuild from ^4.1.9 to ^4.1.13 in devDependencies
+- No runtime code changes; build/dev dependency update only
+
+## 2026-03-05 - 11.0.21 - fix()
+no changes detected
+
+- No files changed in this diff; no release required.
+
+## 2026-03-05 - 11.0.20 - fix(logger)
+annotate singleton logger export comment for build verification
+
+- Changed comment in ts/logger.ts to add '(build verification)'
+- No functional code changes; only a comment update
+- Intended to mark the export for build verification purposes
+
+## 2026-03-05 - 11.0.19 - fix(dcrouter)
+no changes
+
+- No files changed in this commit.
+- Package version remains 11.0.18.
+
+## 2026-03-05 - 11.0.18 - fix(dcrouter)
+no changes detected; no version bump required
+
+- Git diff contains no changes — nothing to release
+
+## 2026-03-05 - 11.0.17 - fix(dcrouter)
+no changes detected in diff; no code or documentation updates
+
+- No files changed in this diff
+- No code, tests, or documentation modified; no release required
+
+## 2026-03-05 - 11.0.16 - fix(dcrouter)
+noop commit: no changes detected
+
+- No files changed in this diff.
+- No code or configuration modifications detected.
+
+## 2026-03-05 - 11.0.15 - fix()
+no changes detected; no version bump necessary
+
+- Diff contains no changes; no files were modified
+
+## 2026-03-05 - 11.0.14 - fix(dcrouter)
+no changes detected
+
+- Provided git diff contains no changes; nothing to release or bump
+- Create a commit only if an empty/placeholder commit is intentionally required
+
+## 2026-03-05 - 11.0.13 - fix()
+no code changes
+
+- No files were changed in this commit.
+
+## 2026-03-05 - 11.0.12 - fix(dcrouter)
+no changes detected — nothing to commit
+
+- Diff reported: No changes
+- No files were modified or staged; no functional or documentation changes to release
+
+## 2026-03-05 - 11.0.11 - fix(deps)
+bump @git.zone/tsbuild devDependency to ^4.1.9
+
+- Updated @git.zone/tsbuild from ^4.1.4 to ^4.1.9 in package.json
+
+## 2026-03-05 - 11.0.10 - fix(playwright-mcp)
+remove committed Playwright artifacts and add .playwright-mcp/ to .gitignore
+
+- Added .playwright-mcp/ to .gitignore to avoid committing transient Playwright outputs
+- Removed many Playwright-generated logs, screenshots and console dumps under .playwright-mcp/ to reduce repository noise/size
+- Prevents accidental check-in of large test artifacts generated by Playwright runs
+
+## 2026-03-05 - 11.0.9 - fix(devDependencies)
+bump @git.zone/tsbuild devDependency to ^4.1.4
+
+- package.json: Updated @git.zone/tsbuild from ^4.1.3 to ^4.1.4
+
+## 2026-03-05 - 11.0.8 - fix()
+no changes detected
+
+- No files changed in this commit
+- No version bump recommended
+
+## 2026-03-05 - 11.0.7 - fix(deps)
+bump @git.zone/tsbuild to ^4.1.3 and @push.rocks/lik to ^6.3.1
+
+- Updated devDependency @git.zone/tsbuild from ^4.1.2 to ^4.1.3 in package.json
+- Updated dependency @push.rocks/lik from ^6.2.2 to ^6.3.1 in package.json
+- Changes are non-breaking dependency bumps; no source code changes
+
+## 2026-03-04 - 11.0.5 - fix(none)
+no changes detected; nothing to release
+
+- Diff contained no changes
+- No files modified; no version bump required
+
+## 2026-03-04 - 11.0.4 - fix()
+no changes
+
+- No files changed in the provided diff; no release or version bump required.
+
+## 2026-03-04 - 11.0.3 - fix()
+no changes detected
+
+- Diff shows no file changes; no code changes to release.
+
+## 2026-03-04 - 11.0.2 - fix(dcrouter)
+no changes detected; no files were modified
+
+- diff was empty
+- no source or package changes detected
+
+## 2026-03-04 - 11.0.1 - fix(auth)
+treat expired JWTs as no identity, improve logout and token verification flow, and bump deps
+
+- App: getActionContext now treats expired JWTs as null to avoid using stale identities for requests.
+- Logout action always clears local login state; server-side adminLogout is attempted only when a valid identity exists.
+- Dashboard: verify persisted JWT with server (verifyIdentity) on startup; if verification fails, clear state and show login.
+- Auto-refresh: on combined refresh failure, detect auth-related errors (invalid/unauthorized/401), dispatch logout and reload to force re-login.
+- Deps: bumped devDependencies @git.zone/tstest (^3.2.0) and @git.zone/tswatch (^3.2.5); added runtime dependency @push.rocks/lik (^6.2.2).
+- Tests/artifacts: added Playwright console logs and page screenshots (test artifacts) to the commit.
+
+## 2026-03-03 - 11.0.0 - BREAKING CHANGE(opsserver)
+Require authentication for OpsServer endpoints, split handlers into authenticated view/admin routers, and make identity required on many TypedRequest interfaces
+
+- Added viewRouter and adminRouter to OpsServer and wired middleware to enforce identity/admin checks (requireValidIdentity, requireAdminIdentity).
+- Moved handlers to appropriate routers (viewRouter for read endpoints, adminRouter for write/admin endpoints) instead of registering on the unauthenticated main typedrouter.
+- Made identity a required field on numerous ts_interfaces request types (breaking change to request typings).
+- Refactored ApiTokenHandler to register directly on adminRouter and use dataArg.identity.userId (no per-handler admin checks needed thanks to middleware).
+- Updated tests: added admin login to obtain identity, adjusted protected endpoint tests to expect rejection when unauthenticated, and adapted other tests to pass identity where required.
+- Added IReq_GetNetworkStats request/response typings to ts_interfaces/requests/stats.ts.
+- Bumped dependencies: @api.global/typedrequest ^3.3.0 and @api.global/typedserver ^8.4.2.
+
+## 2026-03-03 - 10.1.9 - fix(deps)
+bump @push.rocks/smartproxy to ^25.9.1
+
+- Updated package.json dependency @push.rocks/smartproxy from ^25.9.0 to ^25.9.1
+- No other code changes; current package version is 10.1.8, recommend a patch release
+
+## 2026-03-03 - 10.1.8 - fix(deps)
+bump dependencies: @push.rocks/smartmetrics to ^3.0.2, @push.rocks/smartproxy to ^25.9.0, @serve.zone/remoteingress to ^4.4.0
+
+- @push.rocks/smartmetrics: 3.0.1 -> 3.0.2 (patch)
+- @push.rocks/smartproxy: 25.8.5 -> 25.9.0 (minor)
+- @serve.zone/remoteingress: 4.3.0 -> 4.4.0 (minor)
+
+## 2026-03-03 - 10.1.7 - fix(ops-view-apitokens)
+use correct lucide icon name for roll/rotate actions in API tokens view
+
+- Updated iconName from 'lucide:rotate-cw' to 'lucide:rotateCw' in ts_web/elements/ops-view-apitokens.ts (two occurrences) to match lucide icon naming and ensure icons render correctly
+- Non-functional UI fix; no API or behavior changes
+
+## 2026-03-02 - 10.1.6 - fix(ts_web)
+use actionContext for dispatches in web state actions and bump @push.rocks/smartstate to ^2.2.0
+
+- Action handlers in ts_web/appstate.ts now accept an actionContext parameter and call await actionContext.dispatch(...) instead of using statePartArg.dispatchAction(...).
+- Handlers return the awaited dispatch result (ensuring callers receive refreshed state) instead of returning the previous statePartArg.getState().
+- Dependency bumped in package.json: @push.rocks/smartstate from ^2.1.1 to ^2.2.0.
+- Playwright artifacts (logs and page screenshots) were added under .playwright-mcp.
+
+## 2026-03-02 - 10.1.5 - fix(monitoring)
+use a per-second ring buffer for DNS query metrics, improve DNS logging rate limiting and security event aggregation, and bump smartmta dependency
+
+- Replace unbounded query timestamp array with a fixed-size per-second Int32Array ring buffer (300s) to calculate queries-per-second with O(1) updates and bounded memory
+- Add incrementQueryRing and getQueryRingSum helpers to correctly zero stale slots and sum recent seconds
+- Change metrics cache interval from 200ms to 1000ms to better match dashboard polling and reduce update frequency
+- Refactor DNS adaptive logging to use per-second counters (dnsLogWindowSecond / dnsLogWindowCount) instead of timestamp arrays to avoid per-query array filtering and improve rate limiting accuracy; reset counters on flush
+- Security logger: avoid mutating source when sorting/filtering, and implement single-pass aggregation with optional time-window filtering for byLevel/byType/top lists
+- Bump dependency @push.rocks/smartmta from ^5.3.0 to ^5.3.1
+
+## 2026-03-02 - 10.1.4 - fix(no-changes)
+no changes detected; no version bump required
+
+- package version is 10.1.3
+- git diff contains no changes
+
+## 2026-03-02 - 10.1.3 - fix(deps)
+bump @api.global/typedrequest to ^3.2.7
+
+- Updated @api.global/typedrequest from ^3.2.6 to ^3.2.7 in package.json
+- Dependency patch bump only — no source code changes detected
+- Current package version 10.1.2 -> recommended next version 10.1.3 (patch)
+
+## 2026-03-01 - 10.1.2 - fix(core)
+improve shutdown cleanup, socket/stream robustness, and memory/cache handling
+
+- Reset security singletons and CacheDb on shutdown to allow GC (SecurityLogger, ContentScanner, IPReputationChecker, CacheDb).
+- Add DNS socket 'error' handler and only destroy socket when not already destroyed to avoid uncaught exceptions.
+- Move pruning of dnsMetrics.queryTimestamps to a periodic interval to avoid O(n) work on every query.
+- Debounce IPReputationChecker cache saves (save timer + reset on instance reset) to reduce IO and prevent duplicate saves.
+- Fix virtualStream send timeout handling by keeping/clearing a timeout handle to avoid leaks and hung promises.
+- Add memory store eviction in StorageManager to cap entries (MAX_MEMORY_ENTRIES) and evict oldest entries when exceeded.
+- Add terminal-ready timeout in ops-view-logs to avoid blocking UI initialization if xterm CDN fails to initialize.
+- Bump dev dependency @types/node and push.rocks/smartstate versions.
+
+## 2026-02-27 - 10.1.1 - fix(ops-view-apitokens)
+replace lucide:refresh-cw with lucide:rotate-cw for Roll action icon
+
+- Updated ts_web/elements/ops-view-apitokens.ts: changed iconName in two locations to 'lucide:rotate-cw' for the Roll/Roll Token actions.
+- UI-only change — no functional or API behavior modified.
+- Current package version is 10.1.0; recommended patch bump to 10.1.1. 
+
+## 2026-02-27 - 10.1.0 - feat(api-tokens)
+add ability to roll (regenerate) API token secrets and UI to display the newly generated token once
+
+- Server: added ApiTokenManager.rollToken(id) to regenerate a token secret, update its hash, persist it and log the action.
+- Server: added opsserver handler 'rollApiToken' which requires admin identity and returns the new raw token value (shown once) or error messages.
+- API: added typed request interface IReq_RollApiToken for the rollApiToken RPC.
+- Web: added appstate.rollApiToken wrapper to call the new typed request.
+- UI: ops-view-apitokens updated with a 'Roll' action and a modal flow to confirm rolling, call the API, refresh token list, and present the new token value to copy (token value is shown only once).
+- Security: operation is admin-only and the raw token is returned only once after rolling.
+
+## 2026-02-27 - 10.0.0 - BREAKING CHANGE(remote-ingress)
+replace tlsConfigured boolean with tlsMode ('custom' | 'acme' | 'self-signed') and compute TLS mode server-side
+
+- Server: compute remoteIngress.tlsMode = 'custom' when custom certPath/keyPath provided; else attempt to detect ACME by checking stored certs for hubDomain; default to 'self-signed' as fallback.
+- API: replaced remoteIngress.tlsConfigured:boolean with tlsMode:'custom'|'acme'|'self-signed' — this is a breaking change for consumers of the config API.
+- UI: ops view updated to display TLS Mode as a badge instead of a boolean "TLS Configured" field.
+- Action required: update clients and integrations to read remoteIngress.tlsMode instead of tlsConfigured.
+
+## 2026-02-26 - 9.3.0 - feat(remoteingress)
+add TLS certificate resolution and passthrough for RemoteIngress tunnel
+
+- Resolve TLS certs for the RemoteIngress tunnel with priority: explicit certPath/keyPath files → stored ACME cert for hubDomain → fallback to self-signed
+- Expose tls option on ITunnelManagerConfig and forward certPem/keyPem into hub.start so the hub can use the provided TLS materials
+- Add logging for cert selection and file read failures
+- Bump dependency @serve.zone/remoteingress from ^4.2.0 to ^4.3.0
+
+## 2026-02-26 - 9.2.0 - feat(remoteingress)
+expose connected edge IPs and detected public IP; resolve proxy IPs from SmartProxy and improve ops UI
+
+- Add detectedPublicIp to DC Router and populate it when a configured or auto-discovered public IP is chosen
+- Use dcRouter.detectedPublicIp as a fallback for system.publicIp in the config handler
+- Resolve proxy IPs from SmartProxy runtime settings when opts.proxyIps is not provided
+- TunnelManager: capture peerAddr on edgeConnected and from Rust heartbeats, store per-edge publicIp, and add getConnectedEdgeIps()
+- Expose connectedEdgeIps in the config API and return it in remoteIngress config
+- Ops UI: show Connected Edge IPs, annotate 127.0.0.1 proxy IP as 'Remote Ingress' when applicable, and refresh remote ingress data during combined refresh when viewing remoteingress
+- Bump dependency @serve.zone/remoteingress to ^4.2.0
+
+## 2026-02-26 - 9.1.10 - fix(deps)
+bump @push.rocks/smartproxy to ^25.8.5
+
+- package.json: @push.rocks/smartproxy version updated from ^25.8.4 to ^25.8.5
+- No other files changed
+
+## 2026-02-26 - 9.1.9 - fix(deps(smartmta))
+bump @push.rocks/smartmta to ^5.3.0
+
+- Updated @push.rocks/smartmta from ^5.2.6 to ^5.3.0 in package.json
+- Patch release recommended (no source code changes)
+
+## 2026-02-26 - 9.1.8 - fix(deps)
+bump @serve.zone/remoteingress to ^4.1.0
+
+- Updated dependency @serve.zone/remoteingress from ^4.0.1 to ^4.1.0 in package.json
+- Non-breaking dependency update; recommend patch version bump
+
+## 2026-02-26 - 9.1.7 - fix(dcrouter)
+bump @push.rocks/smartproxy to ^25.8.4 and remove custom smartProxy timeout/connection lifetime settings from dcrouter
+
+- Bumped dependency @push.rocks/smartproxy from ^25.8.3 to ^25.8.4 in package.json
+- Removed explicit smartProxy options: socketTimeout, inactivityTimeout, keepAliveInactivityMultiplier, extendedKeepAliveLifetime, and maxConnectionLifetime from ts/classes.dcrouter.ts
+
+## 2026-02-26 - 9.1.6 - fix(cleanup)
+prevent event listener and log stream leaks, tighten smartProxy connection timeouts, and improve graceful shutdown behavior
+
+- Tightened smartProxy connection timeouts and lifetimes (5m socketTimeout, 10m inactivityTimeout, keep-alive multiplier, 1h extendedKeepAliveLifetime, 4h maxConnectionLifetime).
+- Remove event listeners before stopping services to avoid leaks (smartProxy, emailServer, dnsServer, remote ingress hub).
+- OpsServer.stop now invokes logsHandler.cleanup to tear down active log streams and avoid duplicate push destinations.
+- LogsHandler rewritten to use a module-level singleton push destination, track active stream stop callbacks, add cleanup(), guard against hung VirtualStream.sendData with a 10s timeout, and ensure intervals are cleared on stop.
+- updateSmartProxyConfig removes listeners on the old instance before stopping it.
+- Dependency bumps: @api.global/typedsocket ^4.1.2, @push.rocks/smartdata ^7.1.0, @push.rocks/smartmta ^5.2.6, @push.rocks/smartproxy ^25.8.3.
+
+## 2026-02-26 - 9.1.5 - fix(remoteingress)
+Reconcile tunnel manager edge statuses with authoritative Rust hub periodically; update active tunnel counts and heartbeats, add missed edges, remove stale entries, and clear reconcile interval on stop
+
+- Add reconcile() to sync TS-side edgeStatuses with hub.getStatus and overwrite activeTunnels with the authoritative activeStreams.
+- Start a periodic reconcile (setInterval every 15s) and store the interval handle on the tunnel manager.
+- Clear the reconcile interval in stop() to avoid background timers; remove edgeStatuses entries that are no longer connected in Rust.
+- Bump dependency @serve.zone/remoteingress from ^4.0.0 to ^4.0.1.
+
+## 2026-02-25 - 9.1.4 - fix(deps)
+bump @push.rocks/smartproxy to ^25.8.1
+
+- Updated package.json dependency @push.rocks/smartproxy from ^25.8.0 to ^25.8.1
+
+## 2026-02-24 - 9.1.3 - fix(deps)
+bump @api.global/typedserver to ^8.4.0 and @push.rocks/smartproxy to ^25.8.0
+
+- Updated @api.global/typedserver from ^8.3.1 to ^8.4.0
+- Updated @push.rocks/smartproxy from ^25.7.9 to ^25.8.0
+
+## 2026-02-24 - 9.1.2 - fix(deps)
+bump dependency versions for build and runtime packages
+
+- @git.zone/tsbundle: ^2.8.3 -> ^2.9.0
+- @git.zone/tswatch: ^3.1.0 -> ^3.2.0
+- @api.global/typedserver: ^8.3.0 -> ^8.3.1
+- @design.estate/dees-catalog: ^3.43.2 -> ^3.43.3
+
 ## 2026-02-23 - 9.1.1 - fix(dcrouter)
 no changes detected — no files modified, no release necessary
 

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@serve.zone/dcrouter",
   "private": false,
-  "version": "9.1.1",
+  "version": "11.0.35",
   "description": "A multifaceted routing service handling mail and SMS delivery functions.",
   "type": "module",
   "exports": {
@@ -19,45 +19,46 @@
     "watch": "tswatch"
   },
   "devDependencies": {
-    "@git.zone/tsbuild": "^4.1.2",
+    "@git.zone/tsbuild": "^4.1.23",
-    "@git.zone/tsbundle": "^2.8.3",
+    "@git.zone/tsbundle": "^2.9.0",
     "@git.zone/tsrun": "^2.0.1",
-    "@git.zone/tstest": "^3.1.8",
+    "@git.zone/tstest": "^3.2.0",
-    "@git.zone/tswatch": "^3.1.0",
+    "@git.zone/tswatch": "^3.2.5",
-    "@types/node": "^25.3.0"
+    "@types/node": "^25.3.3"
   },
   "dependencies": {
-    "@api.global/typedrequest": "^3.2.6",
+    "@api.global/typedrequest": "^3.3.0",
     "@api.global/typedrequest-interfaces": "^3.0.19",
-    "@api.global/typedserver": "^8.3.0",
+    "@api.global/typedserver": "^8.4.2",
-    "@api.global/typedsocket": "^4.1.0",
+    "@api.global/typedsocket": "^4.1.2",
     "@apiclient.xyz/cloudflare": "^7.1.0",
-    "@design.estate/dees-catalog": "^3.43.2",
+    "@design.estate/dees-catalog": "^3.43.3",
     "@design.estate/dees-element": "^2.1.6",
+    "@push.rocks/lik": "^6.3.1",
     "@push.rocks/projectinfo": "^5.0.2",
     "@push.rocks/qenv": "^6.1.3",
     "@push.rocks/smartacme": "^9.1.3",
-    "@push.rocks/smartdata": "^7.0.15",
+    "@push.rocks/smartdata": "^7.1.0",
     "@push.rocks/smartdns": "^7.9.0",
     "@push.rocks/smartfile": "^13.1.2",
     "@push.rocks/smartguard": "^3.1.0",
     "@push.rocks/smartjwt": "^2.2.1",
     "@push.rocks/smartlog": "^3.2.1",
-    "@push.rocks/smartmetrics": "^3.0.1",
+    "@push.rocks/smartmetrics": "^3.0.2",
     "@push.rocks/smartmongo": "^5.1.0",
-    "@push.rocks/smartmta": "^5.2.2",
+    "@push.rocks/smartmta": "^5.3.1",
     "@push.rocks/smartnetwork": "^4.4.0",
     "@push.rocks/smartpath": "^6.0.0",
     "@push.rocks/smartpromise": "^4.2.3",
-    "@push.rocks/smartproxy": "^25.7.9",
+    "@push.rocks/smartproxy": "^25.9.1",
     "@push.rocks/smartradius": "^1.1.1",
     "@push.rocks/smartrequest": "^5.0.1",
     "@push.rocks/smartrx": "^3.0.10",
-    "@push.rocks/smartstate": "^2.0.30",
+    "@push.rocks/smartstate": "^2.2.0",
     "@push.rocks/smartunique": "^3.0.9",
     "@serve.zone/catalog": "^2.5.0",
     "@serve.zone/interfaces": "^5.3.0",
-    "@serve.zone/remoteingress": "^4.0.0",
+    "@serve.zone/remoteingress": "^4.4.0",
     "@tsclass/tsclass": "^9.3.0",
     "lru-cache": "^11.2.6",
     "uuid": "^13.0.0"

test/test.opsserver-api.ts

@@ -4,27 +4,44 @@ import { TypedRequest } from '@api.global/typedrequest';
 import * as interfaces from '../ts_interfaces/index.js';
 
 let testDcRouter: DcRouter;
+let adminIdentity: interfaces.data.IIdentity;
 
 tap.test('should start DCRouter with OpsServer', async () => {
   testDcRouter = new DcRouter({
     // Minimal config for testing
     cacheConfig: { enabled: false },
   });
-  
+
   await testDcRouter.start();
   expect(testDcRouter.opsServer).toBeInstanceOf(Object);
 });
 
+tap.test('should login as admin', async () => {
+  const loginRequest = new TypedRequest<interfaces.requests.IReq_AdminLoginWithUsernameAndPassword>(
+    'http://localhost:3000/typedrequest',
+    'adminLoginWithUsernameAndPassword'
+  );
+
+  const response = await loginRequest.fire({
+    username: 'admin',
+    password: 'admin',
+  });
+
+  expect(response).toHaveProperty('identity');
+  adminIdentity = response.identity;
+});
+
 tap.test('should respond to health status request', async () => {
   const healthRequest = new TypedRequest<interfaces.requests.IReq_GetHealthStatus>(
     'http://localhost:3000/typedrequest',
     'getHealthStatus'
   );
-  
+
   const response = await healthRequest.fire({
-    detailed: false
+    identity: adminIdentity,
+    detailed: false,
   });
-  
+
   expect(response).toHaveProperty('health');
   expect(response.health.healthy).toBeTrue();
   expect(response.health.services).toHaveProperty('OpsServer');
@@ -35,11 +52,12 @@ tap.test('should respond to server statistics request', async () => {
     'http://localhost:3000/typedrequest',
     'getServerStatistics'
   );
-  
+
   const response = await statsRequest.fire({
-    includeHistory: false
+    identity: adminIdentity,
+    includeHistory: false,
   });
-  
+
   expect(response).toHaveProperty('stats');
   expect(response.stats).toHaveProperty('uptime');
   expect(response.stats).toHaveProperty('cpuUsage');
@@ -51,9 +69,11 @@ tap.test('should respond to configuration request', async () => {
     'http://localhost:3000/typedrequest',
     'getConfiguration'
   );
-  
+
-  const response = await configRequest.fire({});
+  const response = await configRequest.fire({
-  
+    identity: adminIdentity,
+  });
+
   expect(response).toHaveProperty('config');
   expect(response.config).toHaveProperty('system');
   expect(response.config).toHaveProperty('smartProxy');
@@ -70,19 +90,34 @@ tap.test('should handle log retrieval request', async () => {
     'http://localhost:3000/typedrequest',
     'getRecentLogs'
   );
-  
+
   const response = await logsRequest.fire({
-    limit: 10
+    identity: adminIdentity,
+    limit: 10,
   });
-  
+
   expect(response).toHaveProperty('logs');
   expect(response).toHaveProperty('total');
   expect(response).toHaveProperty('hasMore');
   expect(response.logs).toBeArray();
 });
 
+tap.test('should reject unauthenticated requests', async () => {
+  const healthRequest = new TypedRequest<interfaces.requests.IReq_GetHealthStatus>(
+    'http://localhost:3000/typedrequest',
+    'getHealthStatus'
+  );
+
+  try {
+    await healthRequest.fire({} as any);
+    expect(true).toBeFalse(); // Should not reach here
+  } catch (error) {
+    expect(error).toBeTruthy();
+  }
+});
+
 tap.test('should stop DCRouter', async () => {
   await testDcRouter.stop();
 });
 
-export default tap.start();
+export default tap.start();

test/test.protected-endpoint.ts

@@ -82,28 +82,31 @@ tap.test('should reject verify identity with invalid JWT', async () => {
   }
 });
 
-tap.test('should allow access to public endpoints without auth', async () => {
+tap.test('should reject protected endpoints without auth', async () => {
   const healthRequest = new TypedRequest<interfaces.requests.IReq_GetHealthStatus>(
     'http://localhost:3000/typedrequest',
     'getHealthStatus'
   );
 
-  // No identity provided
+  try {
-  const response = await healthRequest.fire({});
+    // No identity provided — should be rejected
-
+    await healthRequest.fire({} as any);
-  expect(response).toHaveProperty('health');
+    expect(true).toBeFalse(); // Should not reach here
-  expect(response.health.healthy).toBeTrue();
+  } catch (error) {
-  console.log('Public endpoint accessible without auth');
+    expect(error).toBeTruthy();
+    console.log('Protected endpoint correctly rejects unauthenticated request');
+  }
 });
 
-tap.test('should allow read-only config access', async () => {
+tap.test('should allow authenticated access to protected endpoints', async () => {
   const configRequest = new TypedRequest<interfaces.requests.IReq_GetConfiguration>(
     'http://localhost:3000/typedrequest',
     'getConfiguration'
   );
 
-  // Config is read-only and doesn't require auth
+  const response = await configRequest.fire({
-  const response = await configRequest.fire({});
+    identity: adminIdentity,
+  });
 
   expect(response).toHaveProperty('config');
   expect(response.config).toHaveProperty('system');
@@ -114,7 +117,7 @@ tap.test('should allow read-only config access', async () => {
   expect(response.config).toHaveProperty('cache');
   expect(response.config).toHaveProperty('radius');
   expect(response.config).toHaveProperty('remoteIngress');
-  console.log('Configuration read successfully');
+  console.log('Authenticated access to config successful');
 });
 
 tap.test('should stop DCRouter', async () => {

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '9.1.1',
+  version: '11.0.35',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts/classes.dcrouter.ts

@@ -23,6 +23,7 @@ import { MetricsManager } from './monitoring/index.js';
 import { RadiusServer, type IRadiusServerConfig } from './radius/index.js';
 import { RemoteIngressManager, TunnelManager } from './remoteingress/index.js';
 import { RouteConfigManager, ApiTokenManager } from './config/index.js';
+import { SecurityLogger, ContentScanner, IPReputationChecker } from './security/index.js';
 
 export interface IDcRouterOptions {
   /** Base directory for all dcrouter data. Defaults to ~/.serve.zone/dcrouter */
@@ -217,8 +218,12 @@ export class DcRouter {
   public routeConfigManager?: RouteConfigManager;
   public apiTokenManager?: ApiTokenManager;
 
+  // Auto-discovered public IP (populated by generateAuthoritativeRecords)
+  public detectedPublicIp: string | null = null;
+
   // DNS query logging rate limiter state
-  private dnsLogWindow: number[] = [];
+  private dnsLogWindowSecond: number = 0; // epoch second of current window
+  private dnsLogWindowCount: number = 0;  // queries logged this second
   private dnsBatchCount: number = 0;
   private dnsBatchTimer: ReturnType<typeof setTimeout> | null = null;
 
@@ -897,12 +902,27 @@ export class DcRouter {
       }
       this.dnsBatchTimer = null;
       this.dnsBatchCount = 0;
-      this.dnsLogWindow = [];
+      this.dnsLogWindowSecond = 0;
+      this.dnsLogWindowCount = 0;
     }
 
     await this.opsServer.stop();
 
     try {
+      // Remove event listeners before stopping services to prevent leaks
+      if (this.smartProxy) {
+        this.smartProxy.removeAllListeners();
+      }
+      if (this.emailServer) {
+        if ((this.emailServer as any).deliverySystem) {
+          (this.emailServer as any).deliverySystem.removeAllListeners();
+        }
+        this.emailServer.removeAllListeners();
+      }
+      if (this.dnsServer) {
+        this.dnsServer.removeAllListeners();
+      }
+
       // Stop all services in parallel for faster shutdown
       await Promise.all([
         // Stop cache cleaner if running
@@ -939,6 +959,7 @@ export class DcRouter {
       // Stop cache database after other services (they may need it during shutdown)
       if (this.cacheDb) {
         await this.cacheDb.stop().catch(err => logger.log('error', 'Error stopping CacheDb', { error: String(err) }));
+        CacheDb.resetInstance();
       }
 
       // Clear backoff cache in cert scheduler
@@ -962,6 +983,11 @@ export class DcRouter {
       this.apiTokenManager = undefined;
       this.certificateStatusMap.clear();
 
+      // Reset security singletons to allow GC
+      SecurityLogger.resetInstance();
+      ContentScanner.resetInstance();
+      IPReputationChecker.resetInstance();
+
       logger.log('info', 'All DcRouter services stopped');
     } catch (error) {
       logger.log('error', 'Error during DcRouter shutdown', { error: String(error) });
@@ -976,10 +1002,11 @@ export class DcRouter {
   public async updateSmartProxyConfig(config: plugins.smartproxy.ISmartProxyOptions): Promise<void> {
     // Stop existing SmartProxy if running
     if (this.smartProxy) {
+      this.smartProxy.removeAllListeners();
       await this.smartProxy.stop();
       this.smartProxy = undefined;
     }
-    
+
     // Update configuration
     this.options.smartProxyConfig = config;
 
@@ -1103,6 +1130,11 @@ export class DcRouter {
     try {
       // Stop the unified email server which contains all components
       if (this.emailServer) {
+        // Remove listeners before stopping to prevent leaks on config update cycles
+        if ((this.emailServer as any).deliverySystem) {
+          (this.emailServer as any).deliverySystem.removeAllListeners();
+        }
+        this.emailServer.removeAllListeners();
         await this.emailServer.stop();
         logger.log('info', 'Unified email server stopped');
         this.emailServer = undefined;
@@ -1282,11 +1314,14 @@ export class DcRouter {
         }
 
         // Adaptive logging: individual logs up to 2/sec, then batch
-        const now = Date.now();
+        const nowSec = Math.floor(Date.now() / 1000);
-        this.dnsLogWindow = this.dnsLogWindow.filter(t => now - t < 1000);
+        if (nowSec !== this.dnsLogWindowSecond) {
+          this.dnsLogWindowSecond = nowSec;
+          this.dnsLogWindowCount = 0;
+        }
 
-        if (this.dnsLogWindow.length < 2) {
+        if (this.dnsLogWindowCount < 2) {
-          this.dnsLogWindow.push(now);
+          this.dnsLogWindowCount++;
           const summary = event.questions.map(q => `${q.type} ${q.name}`).join(', ');
           logger.log('info', `DNS query: ${summary} (${event.responseTimeMs}ms, ${event.answered ? 'answered' : 'unanswered'})`, { zone: 'dns' });
         } else {
@@ -1340,15 +1375,25 @@ export class DcRouter {
         return;
       }
       
+      // Prevent uncaught exception from socket 'error' events
+      socket.on('error', (err) => {
+        logger.log('error', `DNS socket error: ${err.message}`);
+        if (!socket.destroyed) {
+          socket.destroy();
+        }
+      });
+
       logger.log('debug', 'DNS socket handler: passing socket to DnsServer');
-      
+
       try {
         // Use the built-in socket handler from smartdns
         // This handles HTTP/2, DoH protocol, etc.
         await (this.dnsServer as any).handleHttpsSocket(socket);
       } catch (error) {
         logger.log('error', `DNS socket handler error: ${error.message}`);
-        socket.destroy();
+        if (!socket.destroyed) {
+          socket.destroy();
+        }
       }
     };
   }
@@ -1554,6 +1599,7 @@ export class DcRouter {
     } else if (this.options.publicIp) {
       // Use explicitly configured public IP
       publicIp = this.options.publicIp;
+      this.detectedPublicIp = publicIp;
       logger.log('info', `Using configured public IP for nameserver A records: ${publicIp}`);
     } else {
       // Auto-discover public IP using smartnetwork
@@ -1564,6 +1610,7 @@ export class DcRouter {
         
         if (publicIps.v4) {
           publicIp = publicIps.v4;
+          this.detectedPublicIp = publicIp;
           logger.log('info', `Auto-discovered public IPv4: ${publicIp}`);
         } else {
           logger.log('warn', 'Could not auto-discover public IPv4 address');
@@ -1689,10 +1736,42 @@ export class DcRouter {
     const currentRoutes = this.options.smartProxyConfig?.routes || [];
     this.remoteIngressManager.setRoutes(currentRoutes as any[]);
 
+    // Resolve TLS certs for tunnel: explicit paths > ACME for hubDomain > self-signed (Rust default)
+    const riCfg = this.options.remoteIngressConfig;
+    let tlsConfig: { certPem: string; keyPem: string } | undefined;
+
+    // Priority 1: Explicit cert/key file paths
+    if (riCfg.tls?.certPath && riCfg.tls?.keyPath) {
+      try {
+        const certPem = plugins.fs.readFileSync(riCfg.tls.certPath, 'utf8');
+        const keyPem = plugins.fs.readFileSync(riCfg.tls.keyPath, 'utf8');
+        tlsConfig = { certPem, keyPem };
+        logger.log('info', 'Using explicit TLS cert/key for RemoteIngress tunnel');
+      } catch (err) {
+        logger.log('warn', `Failed to read RemoteIngress TLS cert/key files: ${err.message}`);
+      }
+    }
+
+    // Priority 2: Existing cert from SmartProxy cert store for hubDomain
+    if (!tlsConfig && riCfg.hubDomain) {
+      try {
+        const stored = await this.storageManager.getJSON(`/proxy-certs/${riCfg.hubDomain}`);
+        if (stored?.publicKey && stored?.privateKey) {
+          tlsConfig = { certPem: stored.publicKey, keyPem: stored.privateKey };
+          logger.log('info', `Using stored ACME cert for RemoteIngress tunnel TLS: ${riCfg.hubDomain}`);
+        }
+      } catch { /* no stored cert, fall through */ }
+    }
+
+    if (!tlsConfig) {
+      logger.log('info', 'No TLS cert configured for RemoteIngress tunnel — using auto-generated self-signed');
+    }
+
     // Create and start the tunnel manager
     this.tunnelManager = new TunnelManager(this.remoteIngressManager, {
-      tunnelPort: this.options.remoteIngressConfig.tunnelPort ?? 8443,
+      tunnelPort: riCfg.tunnelPort ?? 8443,
       targetHost: '127.0.0.1',
+      tls: tlsConfig,
     });
     await this.tunnelManager.start();
 

ts/config/classes.api-token-manager.ts

@@ -122,6 +122,24 @@ export class ApiTokenManager {
     return true;
   }
 
+  /**
+   * Roll (regenerate) a token's secret while keeping its identity.
+   * Returns the new raw token value (shown once).
+   */
+  public async rollToken(id: string): Promise<{ id: string; rawToken: string } | null> {
+    const stored = this.tokens.get(id);
+    if (!stored) return null;
+
+    const randomBytes = plugins.crypto.randomBytes(32);
+    const rawPayload = `${id}:${randomBytes.toString('base64url')}`;
+    const rawToken = `${TOKEN_PREFIX_STR}${rawPayload}`;
+
+    stored.tokenHash = plugins.crypto.createHash('sha256').update(rawToken).digest('hex');
+    await this.persistToken(stored);
+    logger.log('info', `API token '${stored.name}' rolled (id: ${id})`);
+    return { id, rawToken };
+  }
+
   /**
    * Enable or disable a token.
    */

ts/monitoring/classes.metricsmanager.ts

@@ -35,7 +35,9 @@ export class MetricsManager {
     queryTypes: {} as Record<string, number>,
     topDomains: new Map<string, number>(),
     lastResetDate: new Date().toDateString(),
-    queryTimestamps: [] as number[], // Track query timestamps for rate calculation
+    // Per-second query count ring buffer (300 entries = 5 minutes)
+    queryRing: new Int32Array(300),
+    queryRingLastSecond: 0, // last epoch second that was written
     responseTimes: [] as number[], // Track response times in ms
     recentQueries: [] as Array<{ timestamp: number; domain: string; type: string; answered: boolean; responseTimeMs: number }>,
   };
@@ -95,12 +97,13 @@ export class MetricsManager {
         this.dnsMetrics.cacheMisses = 0;
         this.dnsMetrics.queryTypes = {};
         this.dnsMetrics.topDomains.clear();
-        this.dnsMetrics.queryTimestamps = [];
+        this.dnsMetrics.queryRing.fill(0);
+        this.dnsMetrics.queryRingLastSecond = 0;
         this.dnsMetrics.responseTimes = [];
         this.dnsMetrics.recentQueries = [];
         this.dnsMetrics.lastResetDate = currentDate;
       }
-      
+
       if (currentDate !== this.securityMetrics.lastResetDate) {
         this.securityMetrics.blockedIPs = 0;
         this.securityMetrics.authFailures = 0;
@@ -141,16 +144,16 @@ export class MetricsManager {
       const smartMetricsData = await this.smartMetrics.getMetrics();
       const proxyMetrics = this.dcRouter.smartProxy ? this.dcRouter.smartProxy.getMetrics() : null;
       const proxyStats = this.dcRouter.smartProxy ? await this.dcRouter.smartProxy.getStatistics() : null;
+      const { heapUsed, heapTotal, external, rss } = process.memoryUsage();
 
       return {
         uptime: process.uptime(),
         startTime: Date.now() - (process.uptime() * 1000),
         memoryUsage: {
-          heapUsed: process.memoryUsage().heapUsed,
+          heapUsed,
-          heapTotal: process.memoryUsage().heapTotal,
+          heapTotal,
-          external: process.memoryUsage().external,
+          external,
-          rss: process.memoryUsage().rss,
+          rss,
-          // Add SmartMetrics memory data
           maxMemoryMB: this.smartMetrics.maxMemoryMB,
           actualUsageBytes: smartMetricsData.memoryUsageBytes,
           actualUsagePercentage: smartMetricsData.memoryPercentage,
@@ -219,11 +222,8 @@ export class MetricsManager {
         .slice(0, 10)
         .map(([domain, count]) => ({ domain, count }));
       
-      // Calculate queries per second from recent timestamps
+      // Calculate queries per second from ring buffer (sum last 60 seconds)
-      const now = Date.now();
+      const queriesPerSecond = this.getQueryRingSum(60) / 60;
-      const oneMinuteAgo = now - 60000;
-      const recentQueries = this.dnsMetrics.queryTimestamps.filter(ts => ts >= oneMinuteAgo);
-      const queriesPerSecond = recentQueries.length / 60;
       
       // Calculate average response time
       const avgResponseTime = this.dnsMetrics.responseTimes.length > 0
@@ -427,12 +427,8 @@ export class MetricsManager {
       this.dnsMetrics.cacheMisses++;
     }
     
-    // Track query timestamp
+    // Increment per-second query counter in ring buffer
-    this.dnsMetrics.queryTimestamps.push(Date.now());
+    this.incrementQueryRing();
-    
-    // Keep only timestamps from last 5 minutes
-    const fiveMinutesAgo = Date.now() - 300000;
-    this.dnsMetrics.queryTimestamps = this.dnsMetrics.queryTimestamps.filter(ts => ts >= fiveMinutesAgo);
     
     // Track response time if provided
     if (responseTimeMs) {
@@ -604,7 +600,7 @@ export class MetricsManager {
         requestsPerSecond,
         requestsTotal,
       };
-    }, 200); // Use 200ms cache for more frequent updates
+    }, 1000); // 1s cache — matches typical dashboard poll interval
   }
 
   // --- Time-series helpers ---
@@ -633,6 +629,63 @@ export class MetricsManager {
     bucket.queries++;
   }
 
+  /**
+   * Increment the per-second query counter in the ring buffer.
+   * Zeros any stale slots between the last write and the current second.
+   */
+  private incrementQueryRing(): void {
+    const currentSecond = Math.floor(Date.now() / 1000);
+    const ring = this.dnsMetrics.queryRing;
+    const last = this.dnsMetrics.queryRingLastSecond;
+
+    if (last === 0) {
+      // First call — zero and anchor
+      ring.fill(0);
+      this.dnsMetrics.queryRingLastSecond = currentSecond;
+      ring[currentSecond % ring.length] = 1;
+      return;
+    }
+
+    const gap = currentSecond - last;
+    if (gap >= ring.length) {
+      // Entire ring is stale — clear all
+      ring.fill(0);
+    } else if (gap > 0) {
+      // Zero slots from (last+1) to currentSecond (inclusive)
+      for (let s = last + 1; s <= currentSecond; s++) {
+        ring[s % ring.length] = 0;
+      }
+    }
+
+    this.dnsMetrics.queryRingLastSecond = currentSecond;
+    ring[currentSecond % ring.length]++;
+  }
+
+  /**
+   * Sum query counts from the ring buffer for the last N seconds.
+   */
+  private getQueryRingSum(seconds: number): number {
+    const currentSecond = Math.floor(Date.now() / 1000);
+    const ring = this.dnsMetrics.queryRing;
+    const last = this.dnsMetrics.queryRingLastSecond;
+
+    if (last === 0) return 0;
+
+    // First, zero stale slots so reads are accurate even without writes
+    const gap = currentSecond - last;
+    if (gap >= ring.length) return 0; // all data is stale
+
+    let sum = 0;
+    const limit = Math.min(seconds, ring.length);
+    for (let i = 0; i < limit; i++) {
+      const sec = currentSecond - i;
+      if (sec < last - (ring.length - 1)) break; // slot is from older cycle
+      if (sec > last) continue; // no writes yet for this second
+      sum += ring[sec % ring.length];
+    }
+    return sum;
+  }
+
   private pruneOldBuckets(): void {
     const cutoff = Date.now() - 86400000; // 24h
     for (const key of this.emailMinuteBuckets.keys()) {

ts/opsserver/classes.opsserver.ts

@@ -2,14 +2,20 @@ import type DcRouter from '../classes.dcrouter.js';
 import * as plugins from '../plugins.js';
 import * as paths from '../paths.js';
 import * as handlers from './handlers/index.js';
+import * as interfaces from '../../ts_interfaces/index.js';
+import { requireValidIdentity, requireAdminIdentity } from './helpers/guards.js';
 
 export class OpsServer {
   public dcRouterRef: DcRouter;
   public server: plugins.typedserver.utilityservers.UtilityWebsiteServer;
-  
+
-  // TypedRouter for OpsServer-specific handlers
+  // Main TypedRouter — unauthenticated endpoints (login/logout/verify) and own-auth handlers
   public typedrouter = new plugins.typedrequest.TypedRouter();
-  
+
+  // Auth-enforced routers — middleware validates identity before any handler runs
+  public viewRouter = new plugins.typedrequest.TypedRouter<{ request: { identity: interfaces.data.IIdentity } }>();
+  public adminRouter = new plugins.typedrequest.TypedRouter<{ request: { identity: interfaces.data.IIdentity } }>();
+
   // Handler instances
   public adminHandler: handlers.AdminHandler;
   private configHandler: handlers.ConfigHandler;
@@ -25,7 +31,7 @@ export class OpsServer {
 
   constructor(dcRouterRefArg: DcRouter) {
     this.dcRouterRef = dcRouterRefArg;
-    
+
     // Add our typedrouter to the dcRouter's main typedrouter
     this.dcRouterRef.typedrouter.addTypedRouter(this.typedrouter);
   }
@@ -51,10 +57,25 @@ export class OpsServer {
    * Set up all TypedRequest handlers
    */
   private async setupHandlers(): Promise<void> {
-    // Instantiate all handlers - they self-register with the typedrouter
+    // AdminHandler must be initialized first (JWT setup needed for guards)
     this.adminHandler = new handlers.AdminHandler(this);
-    await this.adminHandler.initialize(); // JWT needs async initialization
+    await this.adminHandler.initialize();
-    
+
+    // viewRouter middleware: requires valid identity (any logged-in user)
+    this.viewRouter.addMiddleware(async (typedRequest) => {
+      await requireValidIdentity(this.adminHandler, typedRequest.request);
+    });
+
+    // adminRouter middleware: requires admin identity
+    this.adminRouter.addMiddleware(async (typedRequest) => {
+      await requireAdminIdentity(this.adminHandler, typedRequest.request);
+    });
+
+    // Connect auth routers to the main typedrouter
+    this.typedrouter.addTypedRouter(this.viewRouter);
+    this.typedrouter.addTypedRouter(this.adminRouter);
+
+    // Instantiate all handlers — they self-register with the appropriate router
     this.configHandler = new handlers.ConfigHandler(this);
     this.logsHandler = new handlers.LogsHandler(this);
     this.securityHandler = new handlers.SecurityHandler(this);
@@ -70,6 +91,10 @@ export class OpsServer {
   }
 
   public async stop() {
+    // Clean up log handler streams and push destination before stopping the server
+    if (this.logsHandler) {
+      this.logsHandler.cleanup();
+    }
     if (this.server) {
       await this.server.stop();
     }

ts/opsserver/handlers/api-token.handler.ts

@@ -3,34 +3,20 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 
 export class ApiTokenHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-
   constructor(private opsServerRef: OpsServer) {
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
 
-  /**
-   * Token management requires admin JWT only (tokens cannot manage tokens).
-   */
-  private async requireAdmin(identity?: interfaces.data.IIdentity): Promise<string> {
-    if (!identity?.jwt) {
-      throw new plugins.typedrequest.TypedResponseError('unauthorized');
-    }
-    const isAdmin = await this.opsServerRef.adminHandler.adminIdentityGuard.exec({ identity });
-    if (!isAdmin) {
-      throw new plugins.typedrequest.TypedResponseError('admin access required');
-    }
-    return identity.userId;
-  }
-
   private registerHandlers(): void {
+    // All token management endpoints register directly on adminRouter
+    // (middleware enforces admin JWT check, so no per-handler requireAdmin needed)
+    const router = this.opsServerRef.adminRouter;
+
     // Create API token
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_CreateApiToken>(
         'createApiToken',
         async (dataArg) => {
-          const userId = await this.requireAdmin(dataArg.identity);
           const manager = this.opsServerRef.dcRouterRef.apiTokenManager;
           if (!manager) {
             return { success: false, message: 'Token management not initialized' };
@@ -39,7 +25,7 @@ export class ApiTokenHandler {
             dataArg.name,
             dataArg.scopes,
             dataArg.expiresInDays ?? null,
-            userId,
+            dataArg.identity.userId,
           );
           return { success: true, tokenId: result.id, tokenValue: result.rawToken };
         },
@@ -47,11 +33,10 @@ export class ApiTokenHandler {
     );
 
     // List API tokens
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ListApiTokens>(
         'listApiTokens',
         async (dataArg) => {
-          await this.requireAdmin(dataArg.identity);
           const manager = this.opsServerRef.dcRouterRef.apiTokenManager;
           if (!manager) {
             return { tokens: [] };
@@ -62,11 +47,10 @@ export class ApiTokenHandler {
     );
 
     // Revoke API token
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RevokeApiToken>(
         'revokeApiToken',
         async (dataArg) => {
-          await this.requireAdmin(dataArg.identity);
           const manager = this.opsServerRef.dcRouterRef.apiTokenManager;
           if (!manager) {
             return { success: false, message: 'Token management not initialized' };
@@ -77,12 +61,29 @@ export class ApiTokenHandler {
       ),
     );
 
+    // Roll API token
+    router.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RollApiToken>(
+        'rollApiToken',
+        async (dataArg) => {
+          const manager = this.opsServerRef.dcRouterRef.apiTokenManager;
+          if (!manager) {
+            return { success: false, message: 'Token management not initialized' };
+          }
+          const result = await manager.rollToken(dataArg.id);
+          if (!result) {
+            return { success: false, message: 'Token not found' };
+          }
+          return { success: true, tokenValue: result.rawToken };
+        },
+      ),
+    );
+
     // Toggle API token
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ToggleApiToken>(
         'toggleApiToken',
         async (dataArg) => {
-          await this.requireAdmin(dataArg.identity);
           const manager = this.opsServerRef.dcRouterRef.apiTokenManager;
           if (!manager) {
             return { success: false, message: 'Token management not initialized' };

ts/opsserver/handlers/certificate.handler.ts

@@ -3,16 +3,18 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 
 export class CertificateHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-
   constructor(private opsServerRef: OpsServer) {
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
 
   private registerHandlers(): void {
+    const viewRouter = this.opsServerRef.viewRouter;
+    const adminRouter = this.opsServerRef.adminRouter;
+
+    // ---- Read endpoints (viewRouter — valid identity required via middleware) ----
+
     // Get Certificate Overview
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetCertificateOverview>(
         'getCertificateOverview',
         async (dataArg) => {
@@ -23,8 +25,10 @@ export class CertificateHandler {
       )
     );
 
+    // ---- Write endpoints (adminRouter — admin identity required via middleware) ----
+
     // Legacy route-based reprovision (backward compat)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ReprovisionCertificate>(
         'reprovisionCertificate',
         async (dataArg) => {
@@ -34,7 +38,7 @@ export class CertificateHandler {
     );
 
     // Domain-based reprovision (preferred)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ReprovisionCertificateDomain>(
         'reprovisionCertificateDomain',
         async (dataArg) => {
@@ -44,7 +48,7 @@ export class CertificateHandler {
     );
 
     // Delete certificate
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteCertificate>(
         'deleteCertificate',
         async (dataArg) => {
@@ -54,7 +58,7 @@ export class CertificateHandler {
     );
 
     // Export certificate
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ExportCertificate>(
         'exportCertificate',
         async (dataArg) => {
@@ -64,7 +68,7 @@ export class CertificateHandler {
     );
 
     // Import certificate
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ImportCertificate>(
         'importCertificate',
         async (dataArg) => {

ts/opsserver/handlers/config.handler.ts

@@ -4,17 +4,16 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 
 export class ConfigHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-
   constructor(private opsServerRef: OpsServer) {
-    // Add this handler's router to the parent
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
 
   private registerHandlers(): void {
+    // Config endpoint registers directly on viewRouter (valid identity required via middleware)
+    const router = this.opsServerRef.viewRouter;
+
     // Get Configuration Handler (read-only)
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetConfiguration>(
         'getConfiguration',
         async (dataArg, toolsArg) => {
@@ -40,11 +39,20 @@ export class ConfigHandler {
         ? 'filesystem'
         : 'memory';
 
+    // Resolve proxy IPs: fall back to SmartProxy's runtime proxyIPs if not in opts
+    let proxyIps = opts.proxyIps || [];
+    if (proxyIps.length === 0 && dcRouter.smartProxy) {
+      const spSettings = (dcRouter.smartProxy as any).settings;
+      if (spSettings?.proxyIPs?.length > 0) {
+        proxyIps = spSettings.proxyIPs;
+      }
+    }
+
     const system: interfaces.requests.IConfigData['system'] = {
       baseDir: resolvedPaths.dcrouterHomeDir,
       dataDir: resolvedPaths.dataDir,
-      publicIp: opts.publicIp || null,
+      publicIp: opts.publicIp || dcRouter.detectedPublicIp || null,
-      proxyIps: opts.proxyIps || [],
+      proxyIps,
       uptime: Math.floor(process.uptime()),
       storageBackend,
       storagePath: opts.storage?.fsPath || null,
@@ -169,11 +177,27 @@ export class ConfigHandler {
 
     // --- Remote Ingress ---
     const riCfg = opts.remoteIngressConfig;
+    const connectedEdgeIps = dcRouter.tunnelManager?.getConnectedEdgeIps() || [];
+
+    // Determine TLS mode: custom certs > ACME from cert store > self-signed fallback
+    let tlsMode: 'custom' | 'acme' | 'self-signed' = 'self-signed';
+    if (riCfg?.tls?.certPath && riCfg?.tls?.keyPath) {
+      tlsMode = 'custom';
+    } else if (riCfg?.hubDomain) {
+      try {
+        const stored = await dcRouter.storageManager.getJSON(`/proxy-certs/${riCfg.hubDomain}`);
+        if (stored?.publicKey && stored?.privateKey) {
+          tlsMode = 'acme';
+        }
+      } catch { /* no stored cert */ }
+    }
+
     const remoteIngress: interfaces.requests.IConfigData['remoteIngress'] = {
       enabled: !!dcRouter.remoteIngressManager,
       tunnelPort: riCfg?.tunnelPort || null,
       hubDomain: riCfg?.hubDomain || null,
-      tlsConfigured: !!(riCfg?.tls?.certPath && riCfg?.tls?.keyPath),
+      tlsMode,
+      connectedEdgeIps,
     };
 
     return {

ts/opsserver/handlers/email-ops.handler.ts

@@ -3,17 +3,18 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 
 export class EmailOpsHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-
   constructor(private opsServerRef: OpsServer) {
-    // Add this handler's router to the parent
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
 
   private registerHandlers(): void {
+    const viewRouter = this.opsServerRef.viewRouter;
+    const adminRouter = this.opsServerRef.adminRouter;
+
+    // ---- Read endpoints (viewRouter — valid identity required via middleware) ----
+
     // Get All Emails Handler
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetAllEmails>(
         'getAllEmails',
         async (dataArg) => {
@@ -24,7 +25,7 @@ export class EmailOpsHandler {
     );
 
     // Get Email Detail Handler
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetEmailDetail>(
         'getEmailDetail',
         async (dataArg) => {
@@ -34,8 +35,10 @@ export class EmailOpsHandler {
       )
     );
 
+    // ---- Write endpoints (adminRouter) ----
+
     // Resend Failed Email Handler
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ResendEmail>(
         'resendEmail',
         async (dataArg) => {

ts/opsserver/handlers/logs.handler.ts

@@ -3,19 +3,40 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 import { logBuffer, baseLogger } from '../../logger.js';
 
+// Module-level singleton: the log push destination is added once and reuses
+// the current OpsServer reference so it survives OpsServer restarts without
+// accumulating duplicate destinations.
+let logPushDestinationInstalled = false;
+let currentOpsServerRef: OpsServer | null = null;
+
 export class LogsHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
+  private activeStreamStops: Set<() => void> = new Set();
 
   constructor(private opsServerRef: OpsServer) {
-    // Add this handler's router to the parent
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
     this.setupLogPushDestination();
   }
-  
+
+  /**
+   * Clean up all active log streams and deactivate the push destination.
+   * Called when OpsServer stops.
+   */
+  public cleanup(): void {
+    // Stop all active follow-mode log streams
+    for (const stop of this.activeStreamStops) {
+      stop();
+    }
+    this.activeStreamStops.clear();
+    // Deactivate the push destination (it stays registered but becomes a no-op)
+    currentOpsServerRef = null;
+  }
+
   private registerHandlers(): void {
+    // All log endpoints register directly on viewRouter (valid identity required via middleware)
+    const router = this.opsServerRef.viewRouter;
+
     // Get Recent Logs Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRecentLogs>(
         'getRecentLogs',
         async (dataArg, toolsArg) => {
@@ -27,24 +48,24 @@ export class LogsHandler {
             dataArg.search,
             dataArg.timeRange
           );
-          
+
           return {
             logs,
-            total: logs.length, // TODO: Implement proper total count
+            total: logs.length,
-            hasMore: false, // TODO: Implement proper pagination
+            hasMore: false,
           };
         }
       )
     );
-    
+
     // Get Log Stream Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetLogStream>(
         'getLogStream',
         async (dataArg, toolsArg) => {
           // Create a virtual stream for log streaming
           const virtualStream = new plugins.typedrequest.VirtualStream<Uint8Array>();
-          
+
           // Set up log streaming
           const streamLogs = this.setupLogStream(
             virtualStream,
@@ -52,20 +73,21 @@ export class LogsHandler {
             dataArg.filters?.category,
             dataArg.follow
           );
-          
+
           // Start streaming
           streamLogs.start();
-          
+
-          // VirtualStream handles cleanup automatically
+          // Track the stop function so we can clean up on shutdown
-          
+          this.activeStreamStops.add(streamLogs.stop);
+
           return {
-            logStream: virtualStream as any, // Cast to IVirtualStream interface
+            logStream: virtualStream as any,
           };
         }
       )
     );
   }
-  
+
   private static mapLogLevel(smartlogLevel: string): 'debug' | 'info' | 'warn' | 'error' {
     switch (smartlogLevel) {
       case 'silly':
@@ -165,18 +187,30 @@ export class LogsHandler {
 
     return mapped;
   }
-  
+
   /**
    * Add a log destination to the base logger that pushes entries
    * to all connected ops_dashboard TypedSocket clients.
+   *
+   * Uses a module-level singleton so the destination is added only once,
+   * even across OpsServer restart cycles. The destination reads
+   * `currentOpsServerRef` dynamically so it always uses the active server.
    */
   private setupLogPushDestination(): void {
-    const opsServerRef = this.opsServerRef;
+    // Update the module-level reference so the existing destination uses the new server
+    currentOpsServerRef = this.opsServerRef;
+
+    if (logPushDestinationInstalled) {
+      return; // destination already registered — just updated the ref
+    }
+    logPushDestinationInstalled = true;
 
     baseLogger.addLogDestination({
       async handleLog(logPackage: any) {
-        // Access the TypedSocket server instance from OpsServer
+        const opsServer = currentOpsServerRef;
-        const typedsocket = opsServerRef.server?.typedserver?.typedsocket;
+        if (!opsServer) return;
+
+        const typedsocket = opsServer.server?.typedserver?.typedsocket;
         if (!typedsocket) return;
 
         let connections: any[];
@@ -220,8 +254,18 @@ export class LogsHandler {
     stop: () => void;
   } {
     let intervalId: NodeJS.Timeout | null = null;
+    let stopped = false;
     let logIndex = 0;
-    
+
+    const stop = () => {
+      stopped = true;
+      if (intervalId) {
+        clearInterval(intervalId);
+        intervalId = null;
+      }
+      this.activeStreamStops.delete(stop);
+    };
+
     const start = () => {
       if (!follow) {
         // Send existing logs and close
@@ -236,13 +280,19 @@ export class LogsHandler {
             const encoder = new TextEncoder();
             virtualStream.sendData(encoder.encode(logData));
           });
-          // VirtualStream doesn't have end() method - it closes automatically
         });
         return;
       }
-      
+
       // For follow mode, simulate real-time log streaming
       intervalId = setInterval(async () => {
+        if (stopped) {
+          // Guard: clear interval if stop() was called between ticks
+          clearInterval(intervalId!);
+          intervalId = null;
+          return;
+        }
+
         const categories: Array<'smtp' | 'dns' | 'security' | 'system' | 'email'> = ['smtp', 'dns', 'security', 'system', 'email'];
         const levels: Array<'debug' | 'info' | 'warn' | 'error'> = ['info', 'warn', 'error', 'debug'];
 
@@ -266,30 +316,25 @@ export class LogsHandler {
         const logData = JSON.stringify(logEntry);
         const encoder = new TextEncoder();
         try {
-          await virtualStream.sendData(encoder.encode(logData));
+          // Use a timeout to detect hung streams (sendData can hang if the
+          // VirtualStream's keepAlive loop has ended)
+          let timeoutHandle: ReturnType<typeof setTimeout>;
+          await Promise.race([
+            virtualStream.sendData(encoder.encode(logData)).then((result) => {
+              clearTimeout(timeoutHandle);
+              return result;
+            }),
+            new Promise<never>((_, reject) => {
+              timeoutHandle = setTimeout(() => reject(new Error('stream send timeout')), 10_000);
+            }),
+          ]);
         } catch {
-          // Stream closed or errored — clean up to prevent interval leak
+          // Stream closed, errored, or timed out — clean up
-          clearInterval(intervalId!);
+          stop();
-          intervalId = null;
         }
-      }, 2000); // Send a log every 2 seconds
+      }, 2000);
-      
-      // TODO: Hook into actual logger events
-      // logger.on('log', (logEntry) => {
-      //   if (matchesCriteria(logEntry, level, service)) {
-      //     virtualStream.sendData(formatLogEntry(logEntry));
-      //   }
-      // });
     };
-    
+
-    const stop = () => {
-      if (intervalId) {
-        clearInterval(intervalId);
-        intervalId = null;
-      }
-      // TODO: Unhook from logger events
-    };
-    
     return { start, stop };
   }
-}
+}

ts/opsserver/handlers/radius.handler.ts

@@ -3,21 +3,19 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 
 export class RadiusHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-
   constructor(private opsServerRef: OpsServer) {
-    // Add this handler's router to the parent
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
 
   private registerHandlers(): void {
+    const viewRouter = this.opsServerRef.viewRouter;
+    const adminRouter = this.opsServerRef.adminRouter;
     // ========================================================================
     // RADIUS Client Management
     // ========================================================================
 
-    // Get all RADIUS clients
+    // Get all RADIUS clients (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRadiusClients>(
         'getRadiusClients',
         async (dataArg, toolsArg) => {
@@ -40,8 +38,8 @@ export class RadiusHandler {
       )
     );
 
-    // Add or update a RADIUS client
+    // Add or update a RADIUS client (write)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_SetRadiusClient>(
         'setRadiusClient',
         async (dataArg, toolsArg) => {
@@ -61,8 +59,8 @@ export class RadiusHandler {
       )
     );
 
-    // Remove a RADIUS client
+    // Remove a RADIUS client (write)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RemoveRadiusClient>(
         'removeRadiusClient',
         async (dataArg, toolsArg) => {
@@ -85,8 +83,8 @@ export class RadiusHandler {
     // VLAN Mapping Management
     // ========================================================================
 
-    // Get all VLAN mappings
+    // Get all VLAN mappings (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetVlanMappings>(
         'getVlanMappings',
         async (dataArg, toolsArg) => {
@@ -121,8 +119,8 @@ export class RadiusHandler {
       )
     );
 
-    // Add or update a VLAN mapping
+    // Add or update a VLAN mapping (write)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_SetVlanMapping>(
         'setVlanMapping',
         async (dataArg, toolsArg) => {
@@ -153,8 +151,8 @@ export class RadiusHandler {
       )
     );
 
-    // Remove a VLAN mapping
+    // Remove a VLAN mapping (write)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RemoveVlanMapping>(
         'removeVlanMapping',
         async (dataArg, toolsArg) => {
@@ -174,8 +172,8 @@ export class RadiusHandler {
       )
     );
 
-    // Update VLAN configuration
+    // Update VLAN configuration (write)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_UpdateVlanConfig>(
         'updateVlanConfig',
         async (dataArg, toolsArg) => {
@@ -206,8 +204,8 @@ export class RadiusHandler {
       )
     );
 
-    // Test VLAN assignment
+    // Test VLAN assignment (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_TestVlanAssignment>(
         'testVlanAssignment',
         async (dataArg, toolsArg) => {
@@ -240,8 +238,8 @@ export class RadiusHandler {
     // Accounting / Session Management
     // ========================================================================
 
-    // Get active sessions
+    // Get active sessions (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRadiusSessions>(
         'getRadiusSessions',
         async (dataArg, toolsArg) => {
@@ -289,8 +287,8 @@ export class RadiusHandler {
       )
     );
 
-    // Disconnect a session
+    // Disconnect a session (write)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DisconnectRadiusSession>(
         'disconnectRadiusSession',
         async (dataArg, toolsArg) => {
@@ -314,8 +312,8 @@ export class RadiusHandler {
       )
     );
 
-    // Get accounting summary
+    // Get accounting summary (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRadiusAccountingSummary>(
         'getRadiusAccountingSummary',
         async (dataArg, toolsArg) => {
@@ -351,8 +349,8 @@ export class RadiusHandler {
     // Statistics
     // ========================================================================
 
-    // Get RADIUS statistics
+    // Get RADIUS statistics (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRadiusStatistics>(
         'getRadiusStatistics',
         async (dataArg, toolsArg) => {

ts/opsserver/handlers/remoteingress.handler.ts

@@ -3,16 +3,18 @@ import type { OpsServer } from '../classes.opsserver.js';
 import * as interfaces from '../../../ts_interfaces/index.js';
 
 export class RemoteIngressHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-
   constructor(private opsServerRef: OpsServer) {
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
 
   private registerHandlers(): void {
+    const viewRouter = this.opsServerRef.viewRouter;
+    const adminRouter = this.opsServerRef.adminRouter;
+
+    // ---- Read endpoints (viewRouter — valid identity required via middleware) ----
+
     // Get all remote ingress edges
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRemoteIngresses>(
         'getRemoteIngresses',
         async (dataArg, toolsArg) => {
@@ -36,8 +38,10 @@ export class RemoteIngressHandler {
       ),
     );
 
+    // ---- Write endpoints (adminRouter) ----
+
     // Create a new remote ingress edge
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_CreateRemoteIngress>(
         'createRemoteIngress',
         async (dataArg, toolsArg) => {
@@ -69,7 +73,7 @@ export class RemoteIngressHandler {
     );
 
     // Delete a remote ingress edge
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteRemoteIngress>(
         'deleteRemoteIngress',
         async (dataArg, toolsArg) => {
@@ -94,7 +98,7 @@ export class RemoteIngressHandler {
     );
 
     // Update a remote ingress edge
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_UpdateRemoteIngress>(
         'updateRemoteIngress',
         async (dataArg, toolsArg) => {
@@ -138,7 +142,7 @@ export class RemoteIngressHandler {
     );
 
     // Regenerate secret for an edge
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_RegenerateRemoteIngressSecret>(
         'regenerateRemoteIngressSecret',
         async (dataArg, toolsArg) => {
@@ -164,8 +168,8 @@ export class RemoteIngressHandler {
       ),
     );
 
-    // Get runtime status of all edges
+    // Get runtime status of all edges (read)
-    this.typedrouter.addTypedHandler(
+    viewRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRemoteIngressStatus>(
         'getRemoteIngressStatus',
         async (dataArg, toolsArg) => {
@@ -178,8 +182,8 @@ export class RemoteIngressHandler {
       ),
     );
 
-    // Get a connection token for an edge
+    // Get a connection token for an edge (write — exposes secret)
-    this.typedrouter.addTypedHandler(
+    adminRouter.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRemoteIngressConnectionToken>(
         'getRemoteIngressConnectionToken',
         async (dataArg, toolsArg) => {

ts/opsserver/handlers/security.handler.ts

@@ -4,17 +4,16 @@ import * as interfaces from '../../../ts_interfaces/index.js';
 import { MetricsManager } from '../../monitoring/index.js';
 
 export class SecurityHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-  
   constructor(private opsServerRef: OpsServer) {
-    // Add this handler's router to the parent
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
-  
+
   private registerHandlers(): void {
+    // All security endpoints register directly on viewRouter (valid identity required via middleware)
+    const router = this.opsServerRef.viewRouter;
+
     // Security Metrics Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetSecurityMetrics>(
         'getSecurityMetrics',
         async (dataArg, toolsArg) => {
@@ -40,7 +39,7 @@ export class SecurityHandler {
     );
     
     // Active Connections Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetActiveConnections>(
         'getActiveConnections',
         async (dataArg, toolsArg) => {
@@ -77,8 +76,8 @@ export class SecurityHandler {
     );
     
     // Network Stats Handler - provides comprehensive network metrics
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
-      new plugins.typedrequest.TypedHandler(
+      new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetNetworkStats>(
         'getNetworkStats',
         async (dataArg, toolsArg) => {
           // Get network stats from MetricsManager if available
@@ -121,7 +120,7 @@ export class SecurityHandler {
     );
     
     // Rate Limit Status Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRateLimitStatus>(
         'getRateLimitStatus',
         async (dataArg, toolsArg) => {

ts/opsserver/handlers/stats.handler.ts

@@ -5,17 +5,16 @@ import { MetricsManager } from '../../monitoring/index.js';
 import { SecurityLogger } from '../../security/classes.securitylogger.js';
 
 export class StatsHandler {
-  public typedrouter = new plugins.typedrequest.TypedRouter();
-  
   constructor(private opsServerRef: OpsServer) {
-    // Add this handler's router to the parent
-    this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
     this.registerHandlers();
   }
-  
+
   private registerHandlers(): void {
+    // All stats endpoints register directly on viewRouter (valid identity required via middleware)
+    const router = this.opsServerRef.viewRouter;
+
     // Server Statistics Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetServerStatistics>(
         'getServerStatistics',
         async (dataArg, toolsArg) => {
@@ -38,7 +37,7 @@ export class StatsHandler {
     );
     
     // Email Statistics Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetEmailStatistics>(
         'getEmailStatistics',
         async (dataArg, toolsArg) => {
@@ -77,7 +76,7 @@ export class StatsHandler {
     );
     
     // DNS Statistics Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetDnsStatistics>(
         'getDnsStatistics',
         async (dataArg, toolsArg) => {
@@ -114,7 +113,7 @@ export class StatsHandler {
     );
     
     // Queue Status Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetQueueStatus>(
         'getQueueStatus',
         async (dataArg, toolsArg) => {
@@ -142,7 +141,7 @@ export class StatsHandler {
     );
     
     // Health Status Handler
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetHealthStatus>(
         'getHealthStatus',
         async (dataArg, toolsArg) => {
@@ -167,7 +166,7 @@ export class StatsHandler {
     );
     
     // Combined Metrics Handler - More efficient for frontend polling
-    this.typedrouter.addTypedHandler(
+    router.addTypedHandler(
       new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetCombinedMetrics>(
         'getCombinedMetrics',
         async (dataArg, toolsArg) => {

ts/opsserver/helpers/guards.ts

@@ -22,16 +22,17 @@ export async function passGuards<T extends { identity?: any }>(
 }
 
 /**
- * Helper to check admin identity in handlers
+ * Helper to check admin identity in handlers and middleware.
+ * Accepts both optional and required identity for flexibility.
  */
-export async function requireAdminIdentity<T extends { identity?: interfaces.data.IIdentity }>(
+export async function requireAdminIdentity(
   adminHandler: AdminHandler,
-  dataArg: T
+  dataArg: { identity?: interfaces.data.IIdentity }
 ): Promise<void> {
   if (!dataArg.identity) {
     throw new plugins.typedrequest.TypedResponseError('No identity provided');
   }
-  
+
   const passed = await adminHandler.adminIdentityGuard.exec({ identity: dataArg.identity });
   if (!passed) {
     throw new plugins.typedrequest.TypedResponseError('Admin access required');
@@ -39,16 +40,17 @@ export async function requireAdminIdentity<T extends { identity?: interfaces.dat
 }
 
 /**
- * Helper to check valid identity in handlers
+ * Helper to check valid identity in handlers and middleware.
+ * Accepts both optional and required identity for flexibility.
  */
-export async function requireValidIdentity<T extends { identity?: interfaces.data.IIdentity }>(
+export async function requireValidIdentity(
   adminHandler: AdminHandler,
-  dataArg: T
+  dataArg: { identity?: interfaces.data.IIdentity }
 ): Promise<void> {
   if (!dataArg.identity) {
     throw new plugins.typedrequest.TypedResponseError('No identity provided');
   }
-  
+
   const passed = await adminHandler.validIdentityGuard.exec({ identity: dataArg.identity });
   if (!passed) {
     throw new plugins.typedrequest.TypedResponseError('Valid identity required');

ts/remoteingress/classes.tunnel-manager.ts

@@ -5,6 +5,10 @@ import type { RemoteIngressManager } from './classes.remoteingress-manager.js';
 export interface ITunnelManagerConfig {
   tunnelPort?: number;
   targetHost?: string;
+  tls?: {
+    certPem?: string;
+    keyPem?: string;
+  };
 }
 
 /**
@@ -15,6 +19,7 @@ export class TunnelManager {
   private manager: RemoteIngressManager;
   private config: ITunnelManagerConfig;
   private edgeStatuses: Map<string, IRemoteIngressStatus> = new Map();
+  private reconcileInterval: ReturnType<typeof setInterval> | null = null;
 
   constructor(manager: RemoteIngressManager, config: ITunnelManagerConfig = {}) {
     this.manager = manager;
@@ -22,12 +27,11 @@ export class TunnelManager {
     this.hub = new plugins.remoteingress.RemoteIngressHub();
 
     // Listen for edge connect/disconnect events
-    this.hub.on('edgeConnected', (data: { edgeId: string }) => {
+    this.hub.on('edgeConnected', (data: { edgeId: string; peerAddr: string }) => {
-      const existing = this.edgeStatuses.get(data.edgeId);
       this.edgeStatuses.set(data.edgeId, {
         edgeId: data.edgeId,
         connected: true,
-        publicIp: existing?.publicIp ?? null,
+        publicIp: data.peerAddr || null,
         activeTunnels: 0,
         lastHeartbeat: Date.now(),
         connectedAt: Date.now(),
@@ -61,20 +65,73 @@ export class TunnelManager {
     await this.hub.start({
       tunnelPort: this.config.tunnelPort ?? 8443,
       targetHost: this.config.targetHost ?? '127.0.0.1',
+      tls: this.config.tls,
     });
 
     // Send allowed edges to the hub
     await this.syncAllowedEdges();
+
+    // Periodically reconcile with authoritative Rust hub status
+    this.reconcileInterval = setInterval(() => {
+      this.reconcile().catch(() => {});
+    }, 15_000);
   }
 
   /**
    * Stop the tunnel hub.
    */
   public async stop(): Promise<void> {
+    if (this.reconcileInterval) {
+      clearInterval(this.reconcileInterval);
+      this.reconcileInterval = null;
+    }
+    // Remove event listeners before stopping to prevent leaks
+    this.hub.removeAllListeners();
     await this.hub.stop();
     this.edgeStatuses.clear();
   }
 
+  /**
+   * Reconcile TS-side edge statuses with the authoritative Rust hub status.
+   * Overwrites event-derived activeTunnels with the real activeStreams count.
+   */
+  private async reconcile(): Promise<void> {
+    const hubStatus = await this.hub.getStatus();
+    if (!hubStatus || !hubStatus.connectedEdges) return;
+
+    const rustEdgeIds = new Set<string>();
+
+    for (const rustEdge of hubStatus.connectedEdges) {
+      rustEdgeIds.add(rustEdge.edgeId);
+      const existing = this.edgeStatuses.get(rustEdge.edgeId);
+      if (existing) {
+        existing.activeTunnels = rustEdge.activeStreams;
+        existing.lastHeartbeat = Date.now();
+        // Update peer address if available from Rust hub
+        if (rustEdge.peerAddr) {
+          existing.publicIp = rustEdge.peerAddr;
+        }
+      } else {
+        // Missed edgeConnected event — add entry
+        this.edgeStatuses.set(rustEdge.edgeId, {
+          edgeId: rustEdge.edgeId,
+          connected: true,
+          publicIp: rustEdge.peerAddr || null,
+          activeTunnels: rustEdge.activeStreams,
+          lastHeartbeat: Date.now(),
+          connectedAt: rustEdge.connectedAt * 1000,
+        });
+      }
+    }
+
+    // Remove entries for edges no longer connected in Rust (missed edgeDisconnected)
+    for (const edgeId of this.edgeStatuses.keys()) {
+      if (!rustEdgeIds.has(edgeId)) {
+        this.edgeStatuses.delete(edgeId);
+      }
+    }
+  }
+
   /**
    * Sync allowed edges from the manager to the hub.
    * Call this after creating/deleting/updating edges.
@@ -109,6 +166,19 @@ export class TunnelManager {
     return count;
   }
 
+  /**
+   * Get the public IPs of all connected edges.
+   */
+  public getConnectedEdgeIps(): string[] {
+    const ips: string[] = [];
+    for (const status of this.edgeStatuses.values()) {
+      if (status.connected && status.publicIp) {
+        ips.push(status.publicIp);
+      }
+    }
+    return ips;
+  }
+
   /**
    * Get the total number of active tunnels across all edges.
    */

ts/security/classes.contentscanner.ts

@@ -182,7 +182,14 @@ export class ContentScanner {
     }
     return ContentScanner.instance;
   }
-  
+
+  /**
+   * Reset the singleton instance (for shutdown/testing)
+   */
+  public static resetInstance(): void {
+    ContentScanner.instance = undefined;
+  }
+
   /**
    * Scan an email for malicious content
    * @param email The email to scan

ts/security/classes.ipreputationchecker.ts

@@ -65,6 +65,8 @@ export class IPReputationChecker {
   private reputationCache: LRUCache<string, IReputationResult>;
   private options: Required<IIPReputationOptions>;
   private storageManager?: any; // StorageManager instance
+  private saveCacheTimer: ReturnType<typeof setTimeout> | null = null;
+  private static readonly SAVE_CACHE_DEBOUNCE_MS = 30_000;
   
   // Default DNSBL servers
   private static readonly DEFAULT_DNSBL_SERVERS = [
@@ -143,7 +145,20 @@ export class IPReputationChecker {
     }
     return IPReputationChecker.instance;
   }
-  
+
+  /**
+   * Reset the singleton instance (for shutdown/testing)
+   */
+  public static resetInstance(): void {
+    if (IPReputationChecker.instance) {
+      if (IPReputationChecker.instance.saveCacheTimer) {
+        clearTimeout(IPReputationChecker.instance.saveCacheTimer);
+        IPReputationChecker.instance.saveCacheTimer = null;
+      }
+    }
+    IPReputationChecker.instance = undefined;
+  }
+
   /**
    * Check an IP address's reputation
    * @param ip IP address to check
@@ -213,12 +228,9 @@ export class IPReputationChecker {
       // Update cache with result
       this.reputationCache.set(ip, result);
       
-      // Save cache if enabled
+      // Schedule debounced cache save if enabled
       if (this.options.enableLocalCache) {
-        // Fire and forget the save operation
+        this.debouncedSaveCache();
-        this.saveCache().catch(error => {
-          logger.log('error', `Failed to save IP reputation cache: ${error.message}`);
-        });
       }
       
       // Log the reputation check
@@ -447,6 +459,21 @@ export class IPReputationChecker {
     });
   }
   
+  /**
+   * Schedule a debounced cache save (at most once per SAVE_CACHE_DEBOUNCE_MS)
+   */
+  private debouncedSaveCache(): void {
+    if (this.saveCacheTimer) {
+      return; // already scheduled
+    }
+    this.saveCacheTimer = setTimeout(() => {
+      this.saveCacheTimer = null;
+      this.saveCache().catch(error => {
+        logger.log('error', `Failed to save IP reputation cache: ${error.message}`);
+      });
+    }, IPReputationChecker.SAVE_CACHE_DEBOUNCE_MS);
+  }
+
   /**
    * Save cache to disk or storage manager
    */

ts/security/classes.securitylogger.ts

@@ -83,7 +83,14 @@ export class SecurityLogger {
     }
     return SecurityLogger.instance;
   }
-  
+
+  /**
+   * Reset the singleton instance (for shutdown/testing)
+   */
+  public static resetInstance(): void {
+    SecurityLogger.instance = undefined;
+  }
+
   /**
    * Log a security event
    * @param event The security event to log
@@ -155,8 +162,9 @@ export class SecurityLogger {
       }
     }
     
-    // Return most recent events up to limit
+    // Return most recent events up to limit (slice first to avoid mutating source)
     return filteredEvents
+      .slice()
       .sort((a, b) => b.timestamp - a.timestamp)
       .slice(0, limit);
   }
@@ -242,58 +250,46 @@ export class SecurityLogger {
     topIPs: Array<{ ip: string; count: number }>;
     topDomains: Array<{ domain: string; count: number }>;
   } {
-    // Filter by time window if provided
+    const cutoff = timeWindow ? Date.now() - timeWindow : 0;
-    let events = this.securityEvents;
+
-    if (timeWindow) {
+    // Initialize counters
-      const cutoff = Date.now() - timeWindow;
+    const byLevel = {} as Record<SecurityLogLevel, number>;
-      events = events.filter(e => e.timestamp >= cutoff);
+    for (const level of Object.values(SecurityLogLevel)) {
+      byLevel[level] = 0;
+    }
+    const byType = {} as Record<SecurityEventType, number>;
+    for (const type of Object.values(SecurityEventType)) {
+      byType[type] = 0;
     }
-    
-    // Count by level
-    const byLevel = Object.values(SecurityLogLevel).reduce((acc, level) => {
-      acc[level] = events.filter(e => e.level === level).length;
-      return acc;
-    }, {} as Record<SecurityLogLevel, number>);
-    
-    // Count by type
-    const byType = Object.values(SecurityEventType).reduce((acc, type) => {
-      acc[type] = events.filter(e => e.type === type).length;
-      return acc;
-    }, {} as Record<SecurityEventType, number>);
-    
-    // Count by IP
     const ipCounts = new Map<string, number>();
-    events.forEach(e => {
+    const domainCounts = new Map<string, number>();
+
+    // Single pass over all events
+    let total = 0;
+    for (const e of this.securityEvents) {
+      if (cutoff && e.timestamp < cutoff) continue;
+      total++;
+      byLevel[e.level]++;
+      byType[e.type]++;
       if (e.ipAddress) {
         ipCounts.set(e.ipAddress, (ipCounts.get(e.ipAddress) || 0) + 1);
       }
-    });
-    
-    // Count by domain
-    const domainCounts = new Map<string, number>();
-    events.forEach(e => {
       if (e.domain) {
         domainCounts.set(e.domain, (domainCounts.get(e.domain) || 0) + 1);
       }
-    });
+    }
-    
+
     // Sort and limit top entries
     const topIPs = Array.from(ipCounts.entries())
       .map(([ip, count]) => ({ ip, count }))
       .sort((a, b) => b.count - a.count)
       .slice(0, 10);
-    
+
     const topDomains = Array.from(domainCounts.entries())
       .map(([domain, count]) => ({ domain, count }))
       .sort((a, b) => b.count - a.count)
       .slice(0, 10);
-    
+
-    return {
+    return { total, byLevel, byType, topIPs, topDomains };
-      total: events.length,
-      byLevel,
-      byType,
-      topIPs,
-      topDomains
-    };
   }
 }

ts/storage/classes.storagemanager.ts

@@ -30,6 +30,7 @@ export type StorageBackend = 'filesystem' | 'custom' | 'memory';
  * Provides unified key-value storage with multiple backend support
  */
 export class StorageManager {
+  private static readonly MAX_MEMORY_ENTRIES = 10_000;
   private backend: StorageBackend;
   private memoryStore: Map<string, string> = new Map();
   private config: IStorageConfig;
@@ -227,6 +228,11 @@ export class StorageManager {
         
         case 'memory': {
           this.memoryStore.set(key, value);
+          // Evict oldest entries if memory store exceeds limit
+          while (this.memoryStore.size > StorageManager.MAX_MEMORY_ENTRIES) {
+            const firstKey = this.memoryStore.keys().next().value;
+            this.memoryStore.delete(firstKey);
+          }
           break;
         }
         

ts_interfaces/requests/api-tokens.ts

@@ -16,7 +16,7 @@ export interface IReq_CreateApiToken extends plugins.typedrequestInterfaces.impl
 > {
   method: 'createApiToken';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     name: string;
     scopes: TApiTokenScope[];
     expiresInDays?: number | null;
@@ -38,7 +38,7 @@ export interface IReq_ListApiTokens extends plugins.typedrequestInterfaces.imple
 > {
   method: 'listApiTokens';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     tokens: IApiTokenInfo[];
@@ -54,7 +54,7 @@ export interface IReq_RevokeApiToken extends plugins.typedrequestInterfaces.impl
 > {
   method: 'revokeApiToken';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     id: string;
   };
   response: {
@@ -63,6 +63,26 @@ export interface IReq_RevokeApiToken extends plugins.typedrequestInterfaces.impl
   };
 }
 
+/**
+ * Roll (regenerate) an API token's secret. Returns the new raw token value once.
+ * Admin JWT only.
+ */
+export interface IReq_RollApiToken extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_RollApiToken
+> {
+  method: 'rollApiToken';
+  request: {
+    identity: authInterfaces.IIdentity;
+    id: string;
+  };
+  response: {
+    success: boolean;
+    tokenValue?: string;
+    message?: string;
+  };
+}
+
 /**
  * Enable or disable an API token.
  */
@@ -72,7 +92,7 @@ export interface IReq_ToggleApiToken extends plugins.typedrequestInterfaces.impl
 > {
   method: 'toggleApiToken';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     id: string;
     enabled: boolean;
   };

ts_interfaces/requests/certificate.ts

@@ -28,7 +28,7 @@ export interface IReq_GetCertificateOverview extends plugins.typedrequestInterfa
 > {
   method: 'getCertificateOverview';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     certificates: ICertificateInfo[];
@@ -50,7 +50,7 @@ export interface IReq_ReprovisionCertificate extends plugins.typedrequestInterfa
 > {
   method: 'reprovisionCertificate';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     routeName: string;
   };
   response: {
@@ -66,7 +66,7 @@ export interface IReq_ReprovisionCertificateDomain extends plugins.typedrequestI
 > {
   method: 'reprovisionCertificateDomain';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     domain: string;
   };
   response: {
@@ -82,7 +82,7 @@ export interface IReq_DeleteCertificate extends plugins.typedrequestInterfaces.i
 > {
   method: 'deleteCertificate';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     domain: string;
   };
   response: {
@@ -98,7 +98,7 @@ export interface IReq_ExportCertificate extends plugins.typedrequestInterfaces.i
 > {
   method: 'exportCertificate';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     domain: string;
   };
   response: {
@@ -123,7 +123,7 @@ export interface IReq_ImportCertificate extends plugins.typedrequestInterfaces.i
 > {
   method: 'importCertificate';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     cert: {
       id: string;
       domainName: string;

ts_interfaces/requests/config.ts

@@ -69,7 +69,8 @@ export interface IConfigData {
     enabled: boolean;
     tunnelPort: number | null;
     hubDomain: string | null;
-    tlsConfigured: boolean;
+    tlsMode: 'custom' | 'acme' | 'self-signed';
+    connectedEdgeIps: string[];
   };
 }
 
@@ -80,7 +81,7 @@ export interface IReq_GetConfiguration extends plugins.typedrequestInterfaces.im
 > {
   method: 'getConfiguration';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     section?: string;
   };
   response: {

ts_interfaces/requests/email-ops.ts

@@ -68,7 +68,7 @@ export interface IReq_GetAllEmails extends plugins.typedrequestInterfaces.implem
 > {
   method: 'getAllEmails';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     emails: IEmail[];
@@ -84,7 +84,7 @@ export interface IReq_GetEmailDetail extends plugins.typedrequestInterfaces.impl
 > {
   method: 'getEmailDetail';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     emailId: string;
   };
   response: {
@@ -101,7 +101,7 @@ export interface IReq_ResendEmail extends plugins.typedrequestInterfaces.impleme
 > {
   method: 'resendEmail';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     emailId: string;
   };
   response: {

ts_interfaces/requests/logs.ts

@@ -9,7 +9,7 @@ export interface IReq_GetRecentLogs extends plugins.typedrequestInterfaces.imple
 > {
   method: 'getRecentLogs';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     level?: 'debug' | 'info' | 'warn' | 'error';
     category?: 'smtp' | 'dns' | 'security' | 'system' | 'email';
     limit?: number;
@@ -31,7 +31,7 @@ export interface IReq_GetLogStream extends plugins.typedrequestInterfaces.implem
 > {
   method: 'getLogStream';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     follow?: boolean;
     filters?: {
       level?: string[];

ts_interfaces/requests/radius.ts

@@ -14,7 +14,7 @@ export interface IReq_GetRadiusClients extends plugins.typedrequestInterfaces.im
 > {
   method: 'getRadiusClients';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     clients: Array<{
@@ -35,7 +35,7 @@ export interface IReq_SetRadiusClient extends plugins.typedrequestInterfaces.imp
 > {
   method: 'setRadiusClient';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     client: {
       name: string;
       ipRange: string;
@@ -59,7 +59,7 @@ export interface IReq_RemoveRadiusClient extends plugins.typedrequestInterfaces.
 > {
   method: 'removeRadiusClient';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     name: string;
   };
   response: {
@@ -81,7 +81,7 @@ export interface IReq_GetVlanMappings extends plugins.typedrequestInterfaces.imp
 > {
   method: 'getVlanMappings';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     mappings: Array<{
@@ -108,7 +108,7 @@ export interface IReq_SetVlanMapping extends plugins.typedrequestInterfaces.impl
 > {
   method: 'setVlanMapping';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     mapping: {
       mac: string;
       vlan: number;
@@ -139,7 +139,7 @@ export interface IReq_RemoveVlanMapping extends plugins.typedrequestInterfaces.i
 > {
   method: 'removeVlanMapping';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     mac: string;
   };
   response: {
@@ -157,7 +157,7 @@ export interface IReq_UpdateVlanConfig extends plugins.typedrequestInterfaces.im
 > {
   method: 'updateVlanConfig';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     defaultVlan?: number;
     allowUnknownMacs?: boolean;
   };
@@ -179,7 +179,7 @@ export interface IReq_TestVlanAssignment extends plugins.typedrequestInterfaces.
 > {
   method: 'testVlanAssignment';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     mac: string;
   };
   response: {
@@ -207,7 +207,7 @@ export interface IReq_GetRadiusSessions extends plugins.typedrequestInterfaces.i
 > {
   method: 'getRadiusSessions';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     filter?: {
       username?: string;
       nasIpAddress?: string;
@@ -243,7 +243,7 @@ export interface IReq_DisconnectRadiusSession extends plugins.typedrequestInterf
 > {
   method: 'disconnectRadiusSession';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     sessionId: string;
     reason?: string;
   };
@@ -262,7 +262,7 @@ export interface IReq_GetRadiusAccountingSummary extends plugins.typedrequestInt
 > {
   method: 'getRadiusAccountingSummary';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     startTime: number;
     endTime: number;
   };
@@ -296,7 +296,7 @@ export interface IReq_GetRadiusStatistics extends plugins.typedrequestInterfaces
 > {
   method: 'getRadiusStatistics';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     stats: {

ts_interfaces/requests/remoteingress.ts

@@ -15,7 +15,7 @@ export interface IReq_CreateRemoteIngress extends plugins.typedrequestInterfaces
 > {
   method: 'createRemoteIngress';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     name: string;
     listenPorts?: number[];
     autoDerivePorts?: boolean;
@@ -36,7 +36,7 @@ export interface IReq_DeleteRemoteIngress extends plugins.typedrequestInterfaces
 > {
   method: 'deleteRemoteIngress';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     id: string;
   };
   response: {
@@ -54,7 +54,7 @@ export interface IReq_UpdateRemoteIngress extends plugins.typedrequestInterfaces
 > {
   method: 'updateRemoteIngress';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     id: string;
     name?: string;
     listenPorts?: number[];
@@ -77,7 +77,7 @@ export interface IReq_RegenerateRemoteIngressSecret extends plugins.typedrequest
 > {
   method: 'regenerateRemoteIngressSecret';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     id: string;
   };
   response: {
@@ -95,7 +95,7 @@ export interface IReq_GetRemoteIngresses extends plugins.typedrequestInterfaces.
 > {
   method: 'getRemoteIngresses';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     edges: IRemoteIngress[];
@@ -111,7 +111,7 @@ export interface IReq_GetRemoteIngressStatus extends plugins.typedrequestInterfa
 > {
   method: 'getRemoteIngressStatus';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
   };
   response: {
     statuses: IRemoteIngressStatus[];
@@ -128,7 +128,7 @@ export interface IReq_GetRemoteIngressConnectionToken extends plugins.typedreque
 > {
   method: 'getRemoteIngressConnectionToken';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     edgeId: string;
     hubHost?: string;
   };

ts_interfaces/requests/stats.ts

@@ -9,7 +9,7 @@ export interface IReq_GetServerStatistics extends plugins.typedrequestInterfaces
 > {
   method: 'getServerStatistics';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     includeHistory?: boolean;
     timeRange?: '1h' | '6h' | '24h' | '7d' | '30d';
   };
@@ -29,7 +29,7 @@ export interface IReq_GetEmailStatistics extends plugins.typedrequestInterfaces.
 > {
   method: 'getEmailStatistics';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     timeRange?: '1h' | '6h' | '24h' | '7d' | '30d';
     domain?: string;
     includeDetails?: boolean;
@@ -49,7 +49,7 @@ export interface IReq_GetDnsStatistics extends plugins.typedrequestInterfaces.im
 > {
   method: 'getDnsStatistics';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     timeRange?: '1h' | '6h' | '24h' | '7d' | '30d';
     domain?: string;
     includeQueryTypes?: boolean;
@@ -69,7 +69,7 @@ export interface IReq_GetRateLimitStatus extends plugins.typedrequestInterfaces.
 > {
   method: 'getRateLimitStatus';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     domain?: string;
     ip?: string;
     includeBlocked?: boolean;
@@ -91,7 +91,7 @@ export interface IReq_GetSecurityMetrics extends plugins.typedrequestInterfaces.
 > {
   method: 'getSecurityMetrics';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     timeRange?: '1h' | '6h' | '24h' | '7d' | '30d';
     includeDetails?: boolean;
   };
@@ -112,7 +112,7 @@ export interface IReq_GetActiveConnections extends plugins.typedrequestInterface
 > {
   method: 'getActiveConnections';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     protocol?: 'smtp' | 'smtps' | 'http' | 'https';
     state?: string;
   };
@@ -137,7 +137,7 @@ export interface IReq_GetQueueStatus extends plugins.typedrequestInterfaces.impl
 > {
   method: 'getQueueStatus';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     queueName?: string;
   };
   response: {
@@ -153,10 +153,31 @@ export interface IReq_GetHealthStatus extends plugins.typedrequestInterfaces.imp
 > {
   method: 'getHealthStatus';
   request: {
-    identity?: authInterfaces.IIdentity;
+    identity: authInterfaces.IIdentity;
     detailed?: boolean;
   };
   response: {
     health: statsInterfaces.IHealthStatus;
   };
+}
+
+// Network Stats (raw SmartProxy network data)
+export interface IReq_GetNetworkStats extends plugins.typedrequestInterfaces.implementsTR<
+  plugins.typedrequestInterfaces.ITypedRequest,
+  IReq_GetNetworkStats
+> {
+  method: 'getNetworkStats';
+  request: {
+    identity: authInterfaces.IIdentity;
+  };
+  response: {
+    connectionsByIP: Array<{ ip: string; count: number }>;
+    throughputRate: { bytesInPerSecond: number; bytesOutPerSecond: number };
+    topIPs: Array<{ ip: string; count: number }>;
+    totalDataTransferred: { bytesIn: number; bytesOut: number };
+    throughputHistory: Array<{ timestamp: number; in: number; out: number }>;
+    throughputByIP: Array<{ ip: string; in: number; out: number }>;
+    requestsPerSecond: number;
+    requestsTotal: number;
+  };
 }

ts_web/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '9.1.1',
+  version: '11.0.35',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts_web/appstate.ts

@@ -238,9 +238,12 @@ interface IActionContext {
 }
 
 const getActionContext = (): IActionContext => {
-  return {
+  const identity = loginStatePart.getState().identity;
-    identity: loginStatePart.getState().identity,
+  // Treat expired JWTs as no identity — prevents stale persisted sessions from firing requests
-  };
+  if (identity && identity.expiresAt && identity.expiresAt < Date.now()) {
+    return { identity: null };
+  }
+  return { identity };
 };
 
 // Login Action
@@ -271,24 +274,23 @@ export const loginAction = loginStatePart.createAction<{
   }
 });
 
-// Logout Action
+// Logout Action — always clears state, even if identity is expired/missing
 export const logoutAction = loginStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
-  if (!context.identity) return statePartArg.getState();
 
-  const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
+  // Try to notify server, but don't block logout if identity is missing/expired
-    interfaces.requests.IReq_AdminLogout
+  if (context.identity) {
-  >('/typedrequest', 'adminLogout');
+    const typedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-
+      interfaces.requests.IReq_AdminLogout
-  try {
+    >('/typedrequest', 'adminLogout');
-    await typedRequest.fire({
+    try {
-      identity: context.identity,
+      await typedRequest.fire({ identity: context.identity });
-    });
+    } catch (error) {
-  } catch (error) {
+      console.error('Logout error:', error);
-    console.error('Logout error:', error);
+    }
   }
 
-  // Clear login state regardless
+  // Always clear login state
   return {
     identity: null,
     isLoggedIn: false,
@@ -298,8 +300,8 @@ export const logoutAction = loginStatePart.createAction(async (statePartArg) =>
 // Fetch All Stats Action - Using combined endpoint for efficiency
 export const fetchAllStatsAction = statsStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
-  
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     // Use combined metrics endpoint - single request instead of 4
@@ -340,8 +342,8 @@ export const fetchAllStatsAction = statsStatePart.createAction(async (statePartA
 // Fetch Configuration Action (read-only)
 export const fetchConfigurationAction = configStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
-
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     const configRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -373,6 +375,7 @@ export const fetchRecentLogsAction = logStatePart.createAction<{
   category?: 'smtp' | 'dns' | 'security' | 'system' | 'email';
 }>(async (statePartArg, dataArg) => {
   const context = getActionContext();
+  if (!context.identity) return statePartArg.getState();
 
   const logsRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
     interfaces.requests.IReq_GetRecentLogs
@@ -448,8 +451,8 @@ export const setActiveViewAction = uiStatePart.createAction<string>(async (state
 // Fetch Network Stats Action
 export const fetchNetworkStatsAction = networkStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
-  
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     // Fetch active connections using the existing endpoint
@@ -522,6 +525,7 @@ export const fetchNetworkStatsAction = networkStatePart.createAction(async (stat
 export const fetchAllEmailsAction = emailOpsStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -554,6 +558,7 @@ export const fetchAllEmailsAction = emailOpsStatePart.createAction(async (stateP
 export const fetchCertificateOverviewAction = certificateStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -581,7 +586,7 @@ export const fetchCertificateOverviewAction = certificateStatePart.createAction(
 });
 
 export const reprovisionCertificateAction = certificateStatePart.createAction<string>(
-  async (statePartArg, domain) => {
+  async (statePartArg, domain, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -596,8 +601,7 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
       });
 
       // Re-fetch overview after reprovisioning
-      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
+      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -608,7 +612,7 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
 );
 
 export const deleteCertificateAction = certificateStatePart.createAction<string>(
-  async (statePartArg, domain) => {
+  async (statePartArg, domain, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -623,8 +627,7 @@ export const deleteCertificateAction = certificateStatePart.createAction<string>
       });
 
       // Re-fetch overview after deletion
-      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
+      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -643,7 +646,7 @@ export const importCertificateAction = certificateStatePart.createAction<{
   publicKey: string;
   csr: string;
 }>(
-  async (statePartArg, cert) => {
+  async (statePartArg, cert, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -658,8 +661,7 @@ export const importCertificateAction = certificateStatePart.createAction<{
       });
 
       // Re-fetch overview after import
-      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
+      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -700,6 +702,7 @@ export async function fetchConnectionToken(edgeId: string) {
 export const fetchRemoteIngressAction = remoteIngressStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     const edgesRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -737,7 +740,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
   listenPorts?: number[];
   autoDerivePorts?: boolean;
   tags?: string[];
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -756,7 +759,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
 
     if (response.success) {
       // Refresh the list
-      await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+      await actionContext.dispatch(fetchRemoteIngressAction, null);
 
       return {
         ...statePartArg.getState(),
@@ -774,7 +777,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
 });
 
 export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<string>(
-  async (statePartArg, edgeId) => {
+  async (statePartArg, edgeId, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -788,8 +791,7 @@ export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<str
         id: edgeId,
       });
 
-      await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+      return await actionContext.dispatch(fetchRemoteIngressAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -805,7 +807,7 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
   listenPorts?: number[];
   autoDerivePorts?: boolean;
   tags?: string[];
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -823,8 +825,7 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
       tags: dataArg.tags,
     });
 
-    await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+    return await actionContext.dispatch(fetchRemoteIngressAction, null);
-    return statePartArg.getState();
   } catch (error) {
     return {
       ...currentState,
@@ -877,7 +878,7 @@ export const clearNewEdgeIdAction = remoteIngressStatePart.createAction(
 export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -892,8 +893,7 @@ export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+    return await actionContext.dispatch(fetchRemoteIngressAction, null);
-    return statePartArg.getState();
   } catch (error) {
     return {
       ...currentState,
@@ -909,6 +909,7 @@ export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
 export const fetchMergedRoutesAction = routeManagementStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -939,7 +940,7 @@ export const fetchMergedRoutesAction = routeManagementStatePart.createAction(asy
 export const createRouteAction = routeManagementStatePart.createAction<{
   route: any;
   enabled?: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -954,8 +955,7 @@ export const createRouteAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
+    return await actionContext.dispatch(fetchMergedRoutesAction, null);
-    return statePartArg.getState();
   } catch (error) {
     return {
       ...currentState,
@@ -965,7 +965,7 @@ export const createRouteAction = routeManagementStatePart.createAction<{
 });
 
 export const deleteRouteAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, routeId) => {
+  async (statePartArg, routeId, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -979,8 +979,7 @@ export const deleteRouteAction = routeManagementStatePart.createAction<string>(
         id: routeId,
       });
 
-      await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
+      return await actionContext.dispatch(fetchMergedRoutesAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -993,7 +992,7 @@ export const deleteRouteAction = routeManagementStatePart.createAction<string>(
 export const toggleRouteAction = routeManagementStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -1008,8 +1007,7 @@ export const toggleRouteAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
+    return await actionContext.dispatch(fetchMergedRoutesAction, null);
-    return statePartArg.getState();
   } catch (error) {
     return {
       ...currentState,
@@ -1021,7 +1019,7 @@ export const toggleRouteAction = routeManagementStatePart.createAction<{
 export const setRouteOverrideAction = routeManagementStatePart.createAction<{
   routeName: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -1036,8 +1034,7 @@ export const setRouteOverrideAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
+    return await actionContext.dispatch(fetchMergedRoutesAction, null);
-    return statePartArg.getState();
   } catch (error) {
     return {
       ...currentState,
@@ -1047,7 +1044,7 @@ export const setRouteOverrideAction = routeManagementStatePart.createAction<{
 });
 
 export const removeRouteOverrideAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, routeName) => {
+  async (statePartArg, routeName, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -1061,8 +1058,7 @@ export const removeRouteOverrideAction = routeManagementStatePart.createAction<s
         routeName,
       });
 
-      await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
+      return await actionContext.dispatch(fetchMergedRoutesAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -1079,6 +1075,7 @@ export const removeRouteOverrideAction = routeManagementStatePart.createAction<s
 export const fetchApiTokensAction = routeManagementStatePart.createAction(async (statePartArg) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
+  if (!context.identity) return currentState;
 
   try {
     const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1115,8 +1112,20 @@ export async function createApiToken(name: string, scopes: interfaces.data.TApiT
   });
 }
 
+export async function rollApiToken(id: string) {
+  const context = getActionContext();
+  const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
+    interfaces.requests.IReq_RollApiToken
+  >('/typedrequest', 'rollApiToken');
+
+  return request.fire({
+    identity: context.identity,
+    id,
+  });
+}
+
 export const revokeApiTokenAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, tokenId) => {
+  async (statePartArg, tokenId, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -1130,8 +1139,7 @@ export const revokeApiTokenAction = routeManagementStatePart.createAction<string
         id: tokenId,
       });
 
-      await routeManagementStatePart.dispatchAction(fetchApiTokensAction, null);
+      return await actionContext.dispatch(fetchApiTokensAction, null);
-      return statePartArg.getState();
     } catch (error) {
       return {
         ...currentState,
@@ -1144,7 +1152,7 @@ export const revokeApiTokenAction = routeManagementStatePart.createAction<string
 export const toggleApiTokenAction = routeManagementStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -1159,8 +1167,7 @@ export const toggleApiTokenAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchApiTokensAction, null);
+    return await actionContext.dispatch(fetchApiTokensAction, null);
-    return statePartArg.getState();
   } catch (error) {
     return {
       ...currentState,
@@ -1221,8 +1228,9 @@ async function disconnectSocket() {
 // Combined refresh action for efficient polling
 async function dispatchCombinedRefreshAction() {
   const context = getActionContext();
+  if (!context.identity) return;
   const currentView = uiStatePart.getState().activeView;
-  
+
   try {
     // Always fetch basic stats for dashboard widgets
     const combinedRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
@@ -1321,8 +1329,23 @@ async function dispatchCombinedRefreshAction() {
         console.error('Certificate refresh failed:', error);
       }
     }
+
+    // Refresh remote ingress data if on remoteingress view
+    if (currentView === 'remoteingress') {
+      try {
+        await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+      } catch (error) {
+        console.error('Remote ingress refresh failed:', error);
+      }
+    }
   } catch (error) {
     console.error('Combined refresh failed:', error);
+    // If the error looks like an auth failure (invalid JWT), force re-login
+    const errMsg = String(error);
+    if (errMsg.includes('invalid') || errMsg.includes('unauthorized') || errMsg.includes('401')) {
+      await loginStatePart.dispatchAction(logoutAction, null);
+      window.location.reload();
+    }
   }
 }
 

ts_web/elements/ops-dashboard.ts

@@ -1,5 +1,6 @@
 import * as plugins from '../plugins.js';
 import * as appstate from '../appstate.js';
+import * as interfaces from '../../dist_ts_interfaces/index.js';
 import { appRouter } from '../router.js';
 
 import {
@@ -218,13 +219,27 @@ export class OpsDashboard extends DeesElement {
     // Handle initial state - check if we have a stored session that's still valid
     const loginState = appstate.loginStatePart.getState();
     if (loginState.identity?.jwt) {
-      // Verify JWT hasn't expired
       if (loginState.identity.expiresAt > Date.now()) {
-        // JWT still valid, restore logged-in state
+        // Client-side expiry looks valid — verify with server (keypair may have changed)
-        this.loginState = loginState;
+        try {
-        await simpleLogin.switchToSlottedContent();
+          const verifyRequest = new plugins.domtools.plugins.typedrequest.TypedRequest<
-        await appstate.statsStatePart.dispatchAction(appstate.fetchAllStatsAction, null);
+            interfaces.requests.IReq_VerifyIdentity
-        await appstate.configStatePart.dispatchAction(appstate.fetchConfigurationAction, null);
+          >('/typedrequest', 'verifyIdentity');
+          const response = await verifyRequest.fire({ identity: loginState.identity });
+          if (response.valid) {
+            // JWT confirmed valid by server
+            this.loginState = loginState;
+            await simpleLogin.switchToSlottedContent();
+            await appstate.statsStatePart.dispatchAction(appstate.fetchAllStatsAction, null);
+            await appstate.configStatePart.dispatchAction(appstate.fetchConfigurationAction, null);
+          } else {
+            // Server rejected the JWT — clear state, show login
+            await appstate.loginStatePart.dispatchAction(appstate.logoutAction, null);
+          }
+        } catch {
+          // Server unreachable or error — clear state, show login
+          await appstate.loginStatePart.dispatchAction(appstate.logoutAction, null);
+        }
       } else {
         // JWT expired, clear the stored state
         await appstate.loginStatePart.dispatchAction(appstate.logoutAction, null);

ts_web/elements/ops-view-apitokens.ts

@@ -152,6 +152,15 @@ export class OpsViewApiTokens extends DeesElement {
                 );
               },
             },
+            {
+              name: 'Roll',
+              iconName: 'lucide:rotateCw',
+              type: ['inRow', 'contextmenu'] as any,
+              actionFunc: async (actionData: any) => {
+                const token = actionData.item as interfaces.data.IApiTokenInfo;
+                await this.showRollTokenDialog(token);
+              },
+            },
             {
               name: 'Revoke',
               iconName: 'lucide:trash2',
@@ -279,6 +288,60 @@ export class OpsViewApiTokens extends DeesElement {
     });
   }
 
+  private async showRollTokenDialog(token: interfaces.data.IApiTokenInfo) {
+    const { DeesModal } = await import('@design.estate/dees-catalog');
+
+    await DeesModal.createAndShow({
+      heading: 'Roll Token Secret',
+      content: html`
+        <div style="color: #ccc; padding: 8px 0;">
+          <p>This will regenerate the secret for <strong>${token.name}</strong>. The old token value will stop working immediately.</p>
+        </div>
+      `,
+      menuOptions: [
+        {
+          name: 'Cancel',
+          iconName: 'lucide:x',
+          action: async (modalArg: any) => await modalArg.destroy(),
+        },
+        {
+          name: 'Roll Token',
+          iconName: 'lucide:rotateCw',
+          action: async (modalArg: any) => {
+            await modalArg.destroy();
+            try {
+              const response = await appstate.rollApiToken(token.id);
+              if (response.success && response.tokenValue) {
+                await appstate.routeManagementStatePart.dispatchAction(appstate.fetchApiTokensAction, null);
+
+                await DeesModal.createAndShow({
+                  heading: 'Token Rolled',
+                  content: html`
+                    <div style="color: #ccc; padding: 8px 0;">
+                      <p>Copy this token now. It will not be shown again.</p>
+                      <div style="background: #111; padding: 12px; border-radius: 6px; margin-top: 8px;">
+                        <code style="color: #0f8; word-break: break-all; font-size: 13px;">${response.tokenValue}</code>
+                      </div>
+                    </div>
+                  `,
+                  menuOptions: [
+                    {
+                      name: 'Done',
+                      iconName: 'lucide:check',
+                      action: async (m: any) => await m.destroy(),
+                    },
+                  ],
+                });
+              }
+            } catch (error) {
+              console.error('Failed to roll token:', error);
+            }
+          },
+        },
+      ],
+    });
+  }
+
   async firstUpdated() {
     await appstate.routeManagementStatePart.dispatchAction(appstate.fetchApiTokensAction, null);
   }

ts_web/elements/ops-view-config.ts

@@ -103,11 +103,20 @@ export class OpsViewConfig extends DeesElement {
   }
 
   private renderSystemSection(sys: appstate.IConfigState['config']['system']): TemplateResult {
+    // Annotate proxy IPs with source hint when Remote Ingress is active
+    const ri = this.configState.config?.remoteIngress;
+    let proxyIpValues: string[] | null = sys.proxyIps.length > 0 ? [...sys.proxyIps] : null;
+    if (proxyIpValues && ri?.enabled && proxyIpValues.includes('127.0.0.1')) {
+      proxyIpValues = proxyIpValues.map(ip =>
+        ip === '127.0.0.1' ? '127.0.0.1 (Remote Ingress)' : ip
+      );
+    }
+
     const fields: IConfigField[] = [
       { key: 'Base Directory', value: sys.baseDir },
       { key: 'Data Directory', value: sys.dataDir },
       { key: 'Public IP', value: sys.publicIp },
-      { key: 'Proxy IPs', value: sys.proxyIps.length > 0 ? sys.proxyIps : null, type: 'pills' },
+      { key: 'Proxy IPs', value: proxyIpValues, type: 'pills' },
       { key: 'Uptime', value: this.formatUptime(sys.uptime) },
       { key: 'Storage Backend', value: sys.storageBackend, type: 'badge' },
       { key: 'Storage Path', value: sys.storagePath },
@@ -291,7 +300,8 @@ export class OpsViewConfig extends DeesElement {
     const fields: IConfigField[] = [
       { key: 'Tunnel Port', value: ri.tunnelPort },
       { key: 'Hub Domain', value: ri.hubDomain },
-      { key: 'TLS Configured', value: ri.tlsConfigured, type: 'boolean' },
+      { key: 'TLS Mode', value: ri.tlsMode, type: 'badge' },
+      { key: 'Connected Edge IPs', value: ri.connectedEdgeIps?.length > 0 ? ri.connectedEdgeIps : null, type: 'pills' },
     ];
 
     const actions: IConfigSectionAction[] = [

ts_web/elements/ops-view-logs.ts

@@ -76,8 +76,15 @@ export class OpsViewLogs extends DeesElement {
     // Wait for xterm terminal to finish initializing (CDN load)
     if (!chartLog.terminalReady) {
       await new Promise<void>((resolve) => {
+        let attempts = 0;
+        const maxAttempts = 200; // 200 * 50ms = 10 seconds
         const check = () => {
           if (chartLog.terminalReady) { resolve(); return; }
+          if (++attempts >= maxAttempts) {
+            console.warn('ops-view-logs: terminal ready timeout after 10s');
+            resolve(); // resolve gracefully to avoid blocking
+            return;
+          }
           setTimeout(check, 50);
         };
         check();