This project is a REST API backend built with Hono (a fast, lightweight web framework for JavaScript/TypeScript), demonstrating core features such as authentication, billing, encryption, and game launcher logic. The project uses modular routing, strong validation, and a custom encryption algorithm (SEED in CFB mode) for enhanced security.
- Modular & scalable REST API using Hono
- Authentication and launcher endpoint for game clients
- User cash management (purchase, gifting)
- Secure, custom encryption (SEED Cipher, CFB mode)
- Strong payload validation using Zod
- Middleware for logging, security headers, and JSON formatting
- Framework: Hono (TypeScript)
- Modular Routing: Separate files for billing and launcher routes
- Validation: Zod schemas via
@hono/zod-validator - Encryption: SEED Block Cipher (CFB mode, custom IV per region)
- Database Layer: Example calls to a (mocked)
LosaGameDB(for user/server data)
Prefix: /billing
Get user cash information.
-
Request (form data):
makeCodeNo(string/number): Validation codeuserId(string): User IDuserNo(string/number): User number
-
Response:
result: "success"userNo: User account numberrealCash: Current cashbonusCash: Currently always 0
Purchase item(s) using user cash.
-
Request (form data):
makeCodeNo(string/number)userId(string)userNo(string/number)charId(string, optional)itemId(string/number)itemCnt(number)itemUnitPrice(number)
-
Response:
result: "success"userNo,realCash,bonusCash,chargedCashAmtitemInfos: Array of item info (id, count, price, chargeNo)
Gift item(s) from one user to another (deducts sender's cash).
-
Request (form data):
- All fields from
/payment receiveUserId(string): Recipient IDreceiveUserNo(string/number): Recipient numberreceiveCharId(string, optional)
- All fields from
-
Response:
- Same as
/payment
- Same as
Prefix: /launcher
Authenticate user and initialize the game launcher.
-
Request (JSON):
username(string)password(string, hashed with bcrypt)publicIP(string)
-
Response:
message: "success"AppName: e.g.,lostsaga.exeresult: Encrypted string (using SEED, for launcher client)
This project uses the SEED block cipher (128-bit, CFB mode) for encrypting sensitive data sent to the launcher client.
- Algorithm: SEED (Korean standard)
- Mode: Cipher Feedback (CFB)
- Key: Max 16 bytes (combination of user/server keys)
- Initialization Vector (IV): Custom per region (default: Korea)
- Output: Hex string
Example:
const encrypted = Encode15("username", "userKey123", NationType.NT_KOREA);See /lib/ioencrypt/ioEcnrypt.ts for implementation details.
Each endpoint validates its payload using Zod. Invalid requests return HTTP 400 with error details.
- Billing endpoints use form data validation.
- Launcher endpoint uses JSON schema validation.
- Not found: Returns
{ error: "Not Found" }with HTTP 404 - Validation error: HTTP 400 with error message
- Other errors: HTTP 500 with
{ error: "Internal Server Error" } - Uses structured exception handling with
HTTPExceptionfrom Hono.
with-hono/
├── src/
│ ├── core/
│ │ └── hono.ts # Main Hono app & route mounting
│ ├── routes/
│ │ ├── billing.route.ts # Billing endpoints
│ │ └── launcher.route.ts # Launcher endpoint
│ ├── lib/
│ │ └── ioencrypt/ # SEED cipher implementation
│ └── schemas/ # Zod schemas for validation
└── README.md
-
Clone the repository:
git clone https://github.com/LSFDC/ls-rest-api.git cd ls-rest-api/with-hono -
Install dependencies:
npm install
-
Configure environment:
- Adjust database/config in
/src/db/if needed
- Adjust database/config in
-
Run the development server:
npm run dev
Or build and start:
npm run build npm start
Contributions, bug reports, and feature requests are welcome. Please open an issue or submit a pull request.
This project is licensed under the MIT License.