- Split categories 5-15 into separate files for better organization - Added User, MAG, Enigma, Streams, Channel, Station, Movie, Series, Episode, Server, and Settings APIs - Each category now has its own dedicated documentation file - Total: 111 endpoints fully documented across 15 categories
12 KiB
12 KiB
User API - Account Management
Complete documentation for user account management in the XUI.ONE Admin API.
📋 Overview
The User API provides complete control over admin, reseller, and user accounts. Manage permissions, credits, and account status programmatically.
Available Operations
| Action | Method | Description |
|---|---|---|
create_user |
POST | Create new user account |
edit_user |
POST | Modify user settings |
delete_user |
POST | Remove user account |
enable_user |
POST | Activate user account |
disable_user |
POST | Suspend user account |
add_credits |
POST | Add credits to reseller |
👤 Create User
Action: create_user
Create a new admin, reseller, or user account.
Required Parameters:
username- Username for the accountpassword- Account password
Optional Parameters:
email- Email addressmember_group_id- User role (1=Admin, 2=Reseller, 3=User)
Request:
curl -X POST "http://your-server.com/cSbuFLhp/?api_key=8D3135D30437F86EAE2FA4A2A8345000&action=create_user" \
-d "username=newreseller" \
-d "password=secure123" \
-d "email=reseller@example.com" \
-d "member_group_id=2"
Response:
{
"status": "STATUS_SUCCESS",
"data": {
"user_id": "10",
"username": "newreseller"
}
}
✏️ Edit User
Action: edit_user
Modify existing user account settings.
Required Parameters:
id- User ID to edit
Optional Parameters:
username- New usernamepassword- New passwordemail- New emailmember_group_id- Change role
Request:
curl -X POST "http://your-server.com/cSbuFLhp/?api_key=8D3135D30437F86EAE2FA4A2A8345000&action=edit_user" \
-d "id=10" \
-d "password=newpassword456" \
-d "email=newemail@example.com"
🗑️ Delete User
Action: delete_user
Permanently remove user account.
⚠️ Warning: This action cannot be undone!
Required Parameters:
id- User ID to delete
Request:
curl -X POST "http://your-server.com/cSbuFLhp/?api_key=8D3135D30437F86EAE2FA4A2A8345000&action=delete_user" \
-d "id=10"
✅ Enable User
Action: enable_user
Activate a disabled user account.
Required Parameters:
id- User ID to enable
Request:
curl -X POST "http://your-server.com/cSbuFLhp/?api_key=8D3135D30437F86EAE2FA4A2A8345000&action=enable_user" \
-d "id=10"
⛔ Disable User
Action: disable_user
Temporarily suspend user account without deletion.
Required Parameters:
id- User ID to disable
Request:
curl -X POST "http://your-server.com/cSbuFLhp/?api_key=8D3135D30437F86EAE2FA4A2A8345000&action=disable_user" \
-d "id=10"
💰 Add Credits
Action: add_credits
Add credits to reseller account balance.
Parameters:
user_id- Reseller user IDamount- Credit amount to add
Request:
curl -X POST "http://your-server.com/cSbuFLhp/?api_key=8D3135D30437F86EAE2FA4A2A8345000&action=add_credits" \
-d "user_id=10" \
-d "amount=100.00"
Response:
{
"status": "STATUS_SUCCESS",
"data": {
"user_id": "10",
"credits_added": "100.00",
"new_balance": "500.00"
}
}
💻 Code Examples
Python
import requests
class XUIUserManager:
def __init__(self, base_url, api_key):
self.base_url = base_url
self.api_key = api_key
def _request(self, action, data):
response = requests.post(
self.base_url,
params={'api_key': self.api_key, 'action': action},
data=data
)
return response.json()
def create_user(self, username, password, email=None, role=2):
"""Create new user account"""
data = {
'username': username,
'password': password,
'member_group_id': role
}
if email:
data['email'] = email
return self._request('create_user', data)
def edit_user(self, user_id, **updates):
"""Edit user account"""
data = {'id': user_id, **updates}
return self._request('edit_user', data)
def delete_user(self, user_id):
"""Delete user account"""
return self._request('delete_user', {'id': user_id})
def enable_user(self, user_id):
"""Enable user account"""
return self._request('enable_user', {'id': user_id})
def disable_user(self, user_id):
"""Disable user account"""
return self._request('disable_user', {'id': user_id})
def add_credits(self, user_id, amount):
"""Add credits to reseller"""
return self._request('add_credits', {
'user_id': user_id,
'amount': amount
})
# Usage
manager = XUIUserManager(
'http://your-server.com/cSbuFLhp/',
'8D3135D30437F86EAE2FA4A2A8345000'
)
# Create reseller
result = manager.create_user(
username='newreseller',
password='secure123',
email='reseller@example.com',
role=2 # Reseller
)
print(f"Created user ID: {result['data']['user_id']}")
# Add credits
manager.add_credits(user_id=10, amount=100.00)
print("Credits added successfully")
PHP
<?php
class XUIUserManager {
private $baseUrl;
private $apiKey;
public function __construct($baseUrl, $apiKey) {
$this->baseUrl = $baseUrl;
$this->apiKey = $apiKey;
}
private function request($action, $data) {
$url = $this->baseUrl . "?api_key=" . $this->apiKey . "&action=" . $action;
$options = [
'http' => [
'method' => 'POST',
'header' => 'Content-type: application/x-www-form-urlencoded',
'content' => http_build_query($data)
]
];
$context = stream_context_create($options);
$response = file_get_contents($url, false, $context);
return json_decode($response, true);
}
public function createUser($username, $password, $email = null, $role = 2) {
$data = [
'username' => $username,
'password' => $password,
'member_group_id' => $role
];
if ($email) {
$data['email'] = $email;
}
return $this->request('create_user', $data);
}
public function addCredits($userId, $amount) {
return $this->request('add_credits', [
'user_id' => $userId,
'amount' => $amount
]);
}
}
// Usage
$manager = new XUIUserManager(
"http://your-server.com/cSbuFLhp/",
"8D3135D30437F86EAE2FA4A2A8345000"
);
$result = $manager->createUser(
"newreseller",
"secure123",
"reseller@example.com",
2
);
echo "Created user ID: " . $result['data']['user_id'];
?>
🎯 Common Use Cases
1. Bulk Create Resellers
def bulk_create_resellers(manager, count=10, initial_credits=100):
"""Create multiple reseller accounts"""
resellers = []
for i in range(count):
username = f"reseller{i+1:03d}"
password = generate_secure_password()
email = f"{username}@example.com"
try:
# Create reseller
result = manager.create_user(
username=username,
password=password,
email=email,
role=2
)
user_id = result['data']['user_id']
# Add initial credits
manager.add_credits(user_id, initial_credits)
resellers.append({
'id': user_id,
'username': username,
'password': password,
'email': email,
'credits': initial_credits
})
print(f"✓ Created: {username}")
except Exception as e:
print(f"✗ Failed to create {username}: {e}")
return resellers
2. Credit Management System
def manage_reseller_credits(manager):
"""Monitor and manage reseller credits"""
# Get all users (assuming you have get_users)
users = manager._request('get_users', {})
for user in users['data']:
if user['member_group_id'] == '2': # Resellers only
credits = float(user.get('credits', 0))
# Auto-add credits if balance is low
if credits < 10:
manager.add_credits(user['id'], 50)
print(f"Added 50 credits to {user['username']}")
3. User Audit Report
def generate_user_report(manager):
"""Generate user account report"""
users = manager._request('get_users', {})
report = {
'total': len(users['data']),
'admins': 0,
'resellers': 0,
'users': 0,
'active': 0,
'disabled': 0
}
for user in users['data']:
role = int(user['member_group_id'])
if role == 1:
report['admins'] += 1
elif role == 2:
report['resellers'] += 1
else:
report['users'] += 1
if user['status'] == '1':
report['active'] += 1
else:
report['disabled'] += 1
print("User Account Report")
print("=" * 50)
for key, value in report.items():
print(f"{key.capitalize()}: {value}")
💡 Best Practices
1. Password Security
import secrets
import string
def generate_secure_password(length=16):
"""Generate cryptographically secure password"""
alphabet = string.ascii_letters + string.digits + "!@#$%^&*"
return ''.join(secrets.choice(alphabet) for _ in range(length))
2. Role-Based Access Control
# User roles
ROLE_ADMIN = 1
ROLE_RESELLER = 2
ROLE_USER = 3
def create_user_with_role(manager, username, password, role_name):
"""Create user with role name instead of ID"""
roles = {
'admin': ROLE_ADMIN,
'reseller': ROLE_RESELLER,
'user': ROLE_USER
}
role_id = roles.get(role_name.lower(), ROLE_USER)
return manager.create_user(
username=username,
password=password,
role=role_id
)
3. Email Validation
import re
def validate_email(email):
"""Validate email format"""
pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
return re.match(pattern, email) is not None
def create_user_safe(manager, username, password, email):
"""Create user with validation"""
if not validate_email(email):
raise ValueError("Invalid email format")
if len(password) < 8:
raise ValueError("Password must be at least 8 characters")
return manager.create_user(username, password, email)
⚠️ Important Notes
Username Requirements
- 3-50 characters
- Alphanumeric characters only
- Must be unique
Password Requirements
- Minimum 6 characters (8+ recommended)
- Mix of letters, numbers, symbols recommended
User Roles
- 1 = Admin - Full panel access
- 2 = Reseller - Can create/manage lines
- 3 = User - Limited access
Credit System
- Credits are decimal values (e.g., 100.00)
- Used by resellers to create subscriptions
- Can be added but not deducted via API
📚 Related Documentation
🆘 Need Help?
- GitHub Issues: Report problems
- Community: World of IPTV Forums
- Documentation: Getting Started Guide