feat(dashboard): add built-in monitoring dashboard with live metrics and logs

- New dashboard/ module: stats.py (in-memory metrics singleton), auth.py (key + cookie auth), server.py (aiohttp HTTP server), templates/dashboard.html (dark-theme SPA with KPI cards and live log viewer)
- bot.py: intercept builtins.print() to feed all output into dashboard rolling log buffer (deque 1000); start dashboard HTTP server in post_init() with graceful degradation (try/except)
- clients/x402gate/openrouter.py: record_llm_request() on success, record_llm_error() on ALL error types (TopupError, NonRetriableRequestError, ValueError, empty response, retries exhausted)
- clients/x402gate/__init__.py: update_balance() on prepaid balance header update
- handlers/pyrogram_handlers.py: record_draft() in 4 draft-setting paths, record_auto_reply(), record_voice_transcription(), record_command() for /disconnect and /status
- handlers/bot_handlers.py: record_command() for /start
- handlers/settings_handler.py: record_command() for /settings
- handlers/styles_handler.py: record_command() for /chats
- handlers/poke_handler.py: record_command() for /poke
- handlers/connect_handler.py: record_command() for /connect
- database/users.py: add get_dashboard_user_stats() for Supabase user counts (total, connected, active 24h)
- requirements.txt: add aiohttp>=3.9.0, jinja2>=3.1.0
- .env.example: add DASHBOARD_KEY variable
- README.md: add Dashboard section, update Architecture and Tech Stack
- tests/test_dashboard.py: 23 tests for stats and auth modules

Author: oponfil

.env.example

@@ -26,6 +26,9 @@ EVM_PRIVATE_KEY=              # Приватный ключ кошелька Bas
 DEBUG_PRINT=False             # True для подробного логирования
 LOG_TO_FILE=False             # True для записи summary логов OpenRouter в logs/
 
+# ====== DASHBOARD ======
+DASHBOARD_KEY=                # Секретный ключ доступа к дашборду (/dashboard?key=...)
+
 # ====== RAILWAY (логи продакшена) ======
 RAILWAY_TOKEN=                # API Token: https://railway.app/account/tokens
 RAILWAY_PROJECT_ID=           # ID проекта (из railway list --json)

README.md

@@ -51,6 +51,7 @@ python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().d
 Optional for debugging:
 - `DEBUG_PRINT=true` — verbose console logs (default `false`)
 - `LOG_TO_FILE=true` — save full AI requests/responses to `logs/` for local debugging (default `false`)
+- `DASHBOARD_KEY` — secret key for dashboard access (see [Dashboard](#dashboard) section)
 
 Important: keep `LOG_TO_FILE` disabled in production — it logs full prompts, chat history, and model responses.
 
@@ -127,6 +128,29 @@ All voice messages in the chat history — from both sides (yours and the contac
 
 Stickers are processed by emoji — the bot sees the sticker's emoji in the conversation context and generates an appropriate reply.
 
+## Dashboard
+
+DraftGuru includes a built-in monitoring dashboard — a single-page web UI with live metrics and logs.
+
+**Features:**
+- KPI cards: users (total / connected / active 24h), prepaid balance, balance spent
+- LLM stats: requests, tokens, latency, models, errors
+- Draft / auto-reply / voice counters
+- Live log viewer with filtering (All / Errors / Warnings) and Copy All
+- Auto-refresh every 5 seconds
+
+**Access:**
+
+Set `DASHBOARD_KEY` in `.env`, then open:
+
+```
+https://<your-domain>/dashboard?key=YOUR_KEY
+```
+
+After the first visit, a cookie is set for 30 days — no need to pass the key again.
+
+The dashboard runs on the same port as the bot (`$PORT`, default `8080`). If `DASHBOARD_KEY` is not set, the dashboard is disabled.
+
 ## Deploy on Railway
 
 1. Create a project on [Railway](https://railway.app)
@@ -150,13 +174,14 @@ Tests run automatically on GitHub on push to `main`/`dev` and on PRs (GitHub Act
 
 ## Architecture
 
-- **bot.py** — Entry point: handler registration and bot startup
+- **bot.py** — Entry point: handler registration, bot startup, dashboard server
 - **handlers/** — Bot commands and Pyrogram events
 - **config.py** — Constants and environment variables
 - **prompts.py** — AI prompts
 - **system_messages.py** — System messages with auto-translation
 - **clients/** — API clients (x402gate, Pyrogram)
 - **logic/** — Reply generation business logic
+- **dashboard/** — Monitoring dashboard (aiohttp server, in-memory stats, HTML SPA)
 - **database/** — Supabase queries
 - **utils/** — Utilities
 - **scripts/** — CLI scripts (Railway logs, session generation)
@@ -168,6 +193,7 @@ Tests run automatically on GitHub on push to `main`/`dev` and on PRs (GitHub Act
 - **python-telegram-bot** — Telegram Bot API
 - **Pyrogram** — Telegram Client API (reading messages, drafts)
 - **x402gate.io** → OpenRouter → any model (configured in `config.py`, paid with USDC on Base)
+- **aiohttp** — Dashboard HTTP server
 - **Supabase** — PostgreSQL (DB)
 - **Railway** — hosting
 

bot.py

@@ -1,6 +1,7 @@
 # bot.py — Telegram-бот DraftGuru (запуск и конфигурация)
 
 import asyncio
+import builtins
 import os
 import traceback
 
@@ -47,6 +48,29 @@
 PRIVATE_ONLY_FILTER = filters.ChatType.PRIVATE
 
 
+# ====== DASHBOARD: print() interceptor ======
+# Captures all print() output into the dashboard's rolling log buffer
+
+from dashboard import stats as dash_stats  # noqa: E402
+from dashboard.server import start_dashboard_server  # noqa: E402
+
+_original_print = builtins.print
+
+
+def _dashboard_print(*args, **kwargs):
+    """Wrapper around print() that also feeds output to dashboard stats."""
+    _original_print(*args, **kwargs)
+    try:
+        message = " ".join(str(a) for a in args)
+        if message.strip():
+            dash_stats.capture_log(message)
+    except Exception:
+        pass  # Never break the bot due to dashboard
+
+
+builtins.print = _dashboard_print
+
+
 # ====== ОБРАБОТЧИК ОШИБОК ======
 
 async def on_error(update: object, context: ContextTypes.DEFAULT_TYPE) -> None:
@@ -122,8 +146,18 @@ async def post_init(app: Application) -> None:
     global _poll_task
     _poll_task = asyncio.create_task(_poll_missed_loop())
 
+    # Запускаем dashboard HTTP-сервер (необязательная подсистема)
+    global _dashboard_runner
+    try:
+        _dashboard_runner = await start_dashboard_server()
+    except Exception as e:
+        print(f"{get_timestamp()} [DASHBOARD] ERROR: failed to start dashboard server: {e}")
+        print(f"{get_timestamp()} [DASHBOARD] Bot will continue without dashboard.")
+        _dashboard_runner = None
+
 
 _poll_task: asyncio.Task | None = None
+_dashboard_runner = None
 
 
 async def _poll_missed_loop() -> None:

clients/x402gate/__init__.py

@@ -22,6 +22,7 @@
     X402GATE_TIMEOUT,
     X402GATE_URL,
 )
+from dashboard import stats as dash_stats
 from utils.utils import get_timestamp
 
 
@@ -359,6 +360,7 @@ async def request(self, path: str, body: dict, timeout: float | None = None) ->
             if prepaid_balance_header is not None:
                 try:
                     self._prepaid_balance = float(prepaid_balance_header)
+                    dash_stats.update_balance(self._prepaid_balance)
                 except (ValueError, TypeError):
                     pass
 

clients/x402gate/openrouter.py

@@ -18,6 +18,7 @@
     RETRY_DELAY,
     RETRY_EXPONENTIAL_BASE,
 )
+from dashboard import stats as dash_stats
 from prompts import BOT_PROMPT
 from utils.utils import get_timestamp
 
@@ -138,12 +139,21 @@ async def generate_response(
                 f"{duration:.2f}s | {token_info}"
             )
 
+            dash_stats.record_llm_request(
+                model=model,
+                latency_s=duration,
+                tokens_in=input_tokens,
+                tokens_out=output_tokens,
+                reasoning_tokens=reasoning_tokens,
+            )
+
             _log_to_file(payload, text.strip(), model, duration, usage, reasoning_text)
 
             return text.strip()
 
         except Exception as e:
             last_error = e
+            dash_stats.record_llm_error()
 
             # TopupError — ретрай бесполезен
             if isinstance(e, (TopupError, NonRetriableRequestError, ValueError)):

dashboard/__init__.py

@@ -0,0 +1 @@
+# dashboard/__init__.py — Модуль мониторинга и метрик DraftGuru

dashboard/auth.py

@@ -0,0 +1,36 @@
+# dashboard/auth.py — Аутентификация дашборда по ключу
+#
+# Доступ: /dashboard?key=SECRET → cookie, дальше ключ не нужен.
+
+import os
+
+from aiohttp import web
+
+DASHBOARD_KEY = os.getenv("DASHBOARD_KEY", "")
+COOKIE_NAME = "dashboard_key"
+COOKIE_MAX_AGE = 86400 * 30  # 30 дней
+
+
+def check_auth(request: web.Request) -> bool:
+    """Проверяет аутентификацию через параметр ?key= или cookie."""
+    if not DASHBOARD_KEY:
+        return False
+
+    key_param = request.query.get("key", "")
+    if key_param == DASHBOARD_KEY:
+        return True
+
+    cookie_val = request.cookies.get(COOKIE_NAME, "")
+    return cookie_val == DASHBOARD_KEY
+
+
+def set_auth_cookie(response: web.Response) -> None:
+    """Устанавливает cookie после успешной аутентификации."""
+    if DASHBOARD_KEY:
+        response.set_cookie(
+            COOKIE_NAME,
+            DASHBOARD_KEY,
+            max_age=COOKIE_MAX_AGE,
+            httponly=True,
+            samesite="Lax",
+        )

dashboard/server.py

@@ -0,0 +1,109 @@
+# dashboard/server.py — HTTP-сервер дашборда на aiohttp
+#
+# Запускается параллельно с Telegram-ботом, использует порт Railway ($PORT).
+# Маршруты: /dashboard (HTML), /api/stats, /api/logs, /api/users
+
+from __future__ import annotations
+
+import os
+import pathlib
+
+import jinja2
+from aiohttp import web
+
+from dashboard import stats
+from dashboard.auth import DASHBOARD_KEY, check_auth, set_auth_cookie
+from database.users import get_dashboard_user_stats
+
+TEMPLATE_DIR = pathlib.Path(__file__).parent / "templates"
+
+
+def _require_auth(handler):  # type: ignore[type-arg]
+    """Декоратор: возвращает 401 если запрос не аутентифицирован."""
+
+    async def wrapper(request: web.Request) -> web.StreamResponse:
+        if not check_auth(request):
+            return web.json_response({"error": "Unauthorized"}, status=401)
+        return await handler(request)
+
+    return wrapper
+
+
+# ---------------------------------------------------------------------------
+# Обработчики
+# ---------------------------------------------------------------------------
+
+
+async def handle_dashboard(request: web.Request) -> web.Response:
+    """Отдаёт HTML-страницу дашборда."""
+    if not check_auth(request):
+        return web.Response(
+            text="401 Unauthorized — append ?key=YOUR_KEY to URL",
+            status=401,
+            content_type="text/plain",
+        )
+
+    env = jinja2.Environment(
+        loader=jinja2.FileSystemLoader(str(TEMPLATE_DIR)),
+        autoescape=False,
+    )
+    template = env.get_template("dashboard.html")
+    html = template.render()
+
+    response = web.Response(text=html, content_type="text/html")
+    set_auth_cookie(response)
+    return response
+
+
+@_require_auth
+async def handle_stats(request: web.Request) -> web.Response:
+    """Возвращает текущие метрики в JSON."""
+    return web.json_response(stats.get_stats())
+
+
+@_require_auth
+async def handle_logs(request: web.Request) -> web.Response:
+    """Возвращает последние записи логов в JSON."""
+    limit = int(request.query.get("limit", stats.MAX_LOG_ENTRIES))
+    return web.json_response(stats.get_logs(limit=limit))
+
+
+@_require_auth
+async def handle_users(request: web.Request) -> web.Response:
+    """Возвращает статистику пользователей из Supabase."""
+    user_stats = await get_dashboard_user_stats()
+    return web.json_response(user_stats)
+
+
+# ---------------------------------------------------------------------------
+# Фабрика приложения
+# ---------------------------------------------------------------------------
+
+
+def create_app() -> web.Application:
+    """Создаёт aiohttp-приложение со всеми маршрутами."""
+    app = web.Application()
+    app.router.add_get("/dashboard", handle_dashboard)
+    app.router.add_get("/api/stats", handle_stats)
+    app.router.add_get("/api/logs", handle_logs)
+    app.router.add_get("/api/users", handle_users)
+    return app
+
+
+async def start_dashboard_server() -> web.AppRunner | None:
+    """Запускает HTTP-сервер дашборда на $PORT.
+
+    Возвращает runner (для cleanup) или None если DASHBOARD_KEY не задан.
+    """
+    if not DASHBOARD_KEY:
+        print("⚠️  DASHBOARD_KEY not set — dashboard disabled.")
+        return None
+
+    port = int(os.getenv("PORT", "8080"))
+    app = create_app()
+    runner = web.AppRunner(app)
+    await runner.setup()
+    site = web.TCPSite(runner, "0.0.0.0", port)
+    await site.start()
+    print(f"📊 Dashboard running on port {port} (/dashboard?key=...)")
+    return runner