Commit 6c3c2394 authored by Zak Stephens's avatar Zak Stephens

Update dependencies, authenticate/authorize messages.

parent dd996c84
......@@ -12,7 +12,8 @@
"tileSize": 16,
"databaseFilePath": "db.sqlite3",
"sqliteDatabaseFilePath": "db.sqlite3",
"port": 8000,
"tls": {
"certFilePath": "keys/local.crt",
......
......@@ -6,9 +6,10 @@ const express = require('express');
const fs = require('fs');
const https = require('https');
const loadMap = require('./load-map');
const sqlite3 = require('sqlite3');
const util = require('util');
const sqlite3 = require('sqlite3');
(async () => {
function update() {
......@@ -30,7 +31,9 @@ const util = require('util');
}
const db = new sqlite3.Database(config.get('databaseFilePath'));
// SQLite database support.
// TODO: Swap for Mongo (mostly for the fun practice of it).
const db = new sqlite3.Database(config.get('sqliteDatabaseFilePath'));
await util.promisify(db.run.bind(db))('PRAGMA foreign_keys = ON;');
const [playerRepository] = await Promise.all([require('./repositories/player/sqlite')(db)]);
......@@ -49,7 +52,7 @@ const util = require('util');
const app = express();
app.use(cors({ credentials: true, origin: true })); // Free love.
app.use('/api/v1/microtransactions', require('./routes/microtransactions'));
app.use('/api/v1/messages', require('./routes/messages')(gameState));
app.use('/api/v1/messages', require('./routes/messages')(gameState, playerRepository));
app.use('/api/v1/players', require('./routes/players')(gameState, playerRepository));
app.use('/api/v1/snapshot', require('./routes/snapshot')(gameState, playerRepository));
......@@ -61,6 +64,8 @@ const util = require('util');
setInterval(update, 1000 / config.get('tickrate'));
console.log('Server started.');
})();
// TODO: Catch close event, close all resources gracefully.
This diff is collapsed.
......@@ -21,7 +21,7 @@
"config": "^3.1.0",
"cors": "^2.8.5",
"express": "^4.16.4",
"sqlite3": "^4.0.6",
"sqlite3": "^4.1.0",
"uuid": "^3.3.2"
},
"private": true
......
'use strict';
const argon2 = require('argon2');
const assert = require('assert').strict;
const config = require('config');
module.exports = async db => {
const repository = {
createPlayer: async (username, password) => {
// NOTE: id is just going to be the automatically assigned _id.
const passwordHash = await argon2.hash(password);
const location = {
x: config.get('playerDefaults.location.x'),
y: config.get('playerDefaults.location.y'),
map: config.get('playerDefaults.location.map')
};
},
authPlayer: async (username, password) => {
assert(username != null);
assert(username.length > 0);
assert(password != null);
const passwordHash = 'meme'; // FIXME: get from DB
return argon2.verify(passwordHash, password);
},
playerWithUsernameExists: async username => false, // FIXME: Check in DB
getPlayerIdFromUsername: async username => '', // FIXME: Get from DB
getPlayerUsernameFromId: async id => '', // FIXME: Get from DB
getPlayerLocation: async id => ({ x: 0, y: 0, map: './maps/basement.json' }), // FIXME: Get from DB
};
// FIXME
/* "Schema creation" -- not sure what this looks like in Mongo.
* Setting up collections? */
return repository;
};
'use strict';
const express = require('express');
const playerUtil = require('../player-util');
module.exports = gameState => {
const router = express.Router();
module.exports = (gameState, playerRepository) => {
router.get('/', (req, res) => {
res.json(gameState.messages);
});
const validatePostJsonSchema = (req, res, next) => {
const { sender, content } = req.body;
if (sender == null || sender.id == null || sender.username == null) {
return res.sendStatus(400);
}
router.post('/', express.json(), (req, res) => {
if (req.body.body == null) {
if (content == null) {
return res.sendStatus(400);
}
gameState.messages.push(req.body);
gameState.messages = gameState.messages.slice(-32);
next();
};
const validatePostSender = async (req, res, next) => {
const username = req.body.sender.username;
if (!(await playerRepository.playerWithUsernameExists(username))) {
return res.sendStatus(409);
}
res.sendStatus(204);
if (req.body.sender.id !== await playerRepository.getPlayerIdFromUsername(username)) {
return res.sendStatus(409);
}
next();
};
const router = express.Router();
router.get('/', (req, res) => {
res.json(gameState.messages);
});
router.post('/',
express.json(),
validatePostJsonSchema,
validatePostSender,
async (req, res, next) => (await playerUtil.basicAuthExpectPlayer(req.body.sender.username, playerRepository))(req, res, next),
(req, res) => {
gameState.messages.push({
sender: {
id: req.body.sender.id,
username: req.body.sender.username
},
content: req.body.content
});
return res.sendStatus(204);
});
return router;
};
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment