Model scan
Admins place GGUF files in the configured model directory and rescan from the Admin drawer. The scan finds .gguf files and updates the registry.
Administration
Administration covers users, model access, account flows, chat administration tools, and security boundaries for the local LLM Controller instance.
Admin actions affect the local LLM Controller instance. Destructive chat and user actions should be used carefully.
User Management
Create users
Admins can create standard user accounts from the Admin Users page. The app generates a temporary password, shows it to the admin, and prompts the new user to change it after login.
Delete users
Admins can delete non-admin users and choose whether to retain or purge that user's chats. Admins cannot delete their own account from that page.
Password policy
The Admin Users page exposes Basic, Moderate, Strong, and Custom password policy choices. Custom settings can require uppercase letters, lowercase letters, digits, special characters, and a minimum length.
Model Access
Split GGUF files
Split files using a pattern such as -00001-of-00002.gguf are grouped as one model when the expected shards are present. The first shard path is used for launch.
Registry controls
Admins can enable, disable, favorite, and benchmark-enable models. Disabled or missing models do not appear in the load selector.
Launch control
Admins can start/stop the main model, start/stop the title model, save launch defaults, and use CPU-only loading by setting GPU layers to 0.
Auth Email & Account Flows
| Flow | Behavior |
|---|---|
| Forgot password | The public response stays generic. A reset link is sent only when SMTP settings and the auth public base URL are configured. |
| Email confirmation | Confirmation links use the configured auth public base URL. Tokens are stored hashed, and consumed or expired tokens are rejected. |
| Resend confirmation | The public resend response stays generic and uses the same configured email-link requirements. |
| Email change | Signed-in users request email changes from account settings using their current password. The current email remains active until the new address is confirmed through the emailed link. |
| Request throttling | Forgot-password, resend-confirmation, and email-change requests use lightweight throttling by IP and normalized email where applicable. |
Admin Chat Tools
User activity list
Admin tools can list users with recorded chat activity and show usage summaries such as token totals.
Export chats
Admins can export a selected user's chats or all chats as JSON, CSV, or Markdown.
Delete chats
Admins can delete a selected user's chats or delete all chat history. These are destructive actions.
Security Boundaries
Admin accessAdmin pages and admin actions check for an admin session.
Session validationLogged-in requests validate account state and session version against the database.
Email linksAuth email links are built from the configured public base URL.
Destructive postsCSRF protection applies to the Flask app, including destructive chat deletion posts.