Users & Roles
Roles
OmniBus has two roles:
- admin — full control: add/edit/remove ports, change MQTT and system settings, manage users.
- viewer — read-only: can see the dashboard, ports, logs, and system info, but cannot change anything.
In the API, read endpoints require any authenticated user; mutating endpoints (POST/PUT/DELETE/PATCH) require an admin.
Managing users
The first admin is created by the first-run wizard.
After that, an admin can create, edit, and delete users from the account/users
area of the UI. Each user is { id, username, passwordHash, role, createdAt }.
- Passwords are stored only as bcrypt hashes.
- Changing a user's role or deleting a user immediately invalidates that user's active tokens.
Tokens
- Obtained from
POST /api/login(see REST API). - 12-hour sliding TTL — activity extends the window.
- Held in memory only, so every token is cleared on a service restart.
- A token carries the user's id and role; a role change or deletion revokes it at once.
Audit log
Mutating actions are written to an append-only audit log
(data/audit.log, JSON Lines) with the acting user and the real client IP
(OmniBus trusts X-Forwarded-For when behind a configured reverse proxy). View
it from the System page.
Recovering access
If you lose the admin password:
- Offline reset tool — OmniBus ships
lib/resetAdmin.js, run on the host to reset the admin credentials. - Factory reset — the USB-stick (or Argon-button) gesture returns the unit to first-run state. See System Management → Factory reset.