From 1a4d0719b3f5395a9d10fa413e75277db424d30c Mon Sep 17 00:00:00 2001 From: tudor <7089284+tudddorrr@users.noreply.github.com> Date: Sun, 31 Aug 2025 08:34:05 +0100 Subject: [PATCH 1/2] remove player auth cache --- src/entities/player-auth.ts | 25 +++---------------- src/middleware/player-auth-middleware.ts | 23 +++++++---------- src/services/api/player-auth-api.service.ts | 10 ++++---- .../player-auth-middleware.test.ts | 12 ++++----- .../services/_api/player-api/identify.test.ts | 2 +- .../_api/player-auth-api/changeEmail.test.ts | 10 ++++---- .../player-auth-api/changePassword.test.ts | 8 +++--- .../_api/player-auth-api/delete.test.ts | 10 ++++---- .../_api/player-auth-api/logout.test.ts | 4 +-- .../toggleVerification.test.ts | 14 +++++------ .../playerListeners/identify.test.ts | 2 +- 11 files changed, 49 insertions(+), 71 deletions(-) diff --git a/src/entities/player-auth.ts b/src/entities/player-auth.ts index 13c5478b..5e244127 100644 --- a/src/entities/player-auth.ts +++ b/src/entities/player-auth.ts @@ -1,9 +1,8 @@ -import { Entity, EntityManager, OneToOne, PrimaryKey, Property } from '@mikro-orm/mysql' +import { Entity, OneToOne, PrimaryKey, Property } from '@mikro-orm/mysql' import Player from './player' import { v4 } from 'uuid' -import PlayerAlias, { PlayerAliasService } from './player-alias' +import PlayerAlias from './player-alias' import { sign } from '../lib/auth/jwt' -import { getAuthMiddlewareAliasKey, getAuthMiddlewarePlayerKey } from '../middleware/player-auth-middleware' const errorCodes = [ 'INVALID_CREDENTIALS', @@ -50,35 +49,19 @@ export default class PlayerAuth { @Property({ onUpdate: () => new Date() }) updatedAt: Date = new Date() - async createSession(em: EntityManager, alias: PlayerAlias): Promise { + async createSession(alias: PlayerAlias): Promise { this.player.lastSeenAt = new Date() this.sessionKey = v4() this.sessionCreatedAt = new Date() - await this.clearAuthMiddlewareKeys(em) const payload = { playerId: this.player.id, aliasId: alias.id } return sign(payload, this.sessionKey) } - async clearSession(em: EntityManager) { + clearSession() { this.sessionKey = null this.sessionCreatedAt = null - await this.clearAuthMiddlewareKeys(em) - } - - private async clearAuthMiddlewareKeys(em: EntityManager) { - const alias = await em.repo(PlayerAlias).findOne({ - service: PlayerAliasService.TALO, - player: this.player - }) - - const keysToClear: string[] = [ - getAuthMiddlewarePlayerKey(this.player.id), - alias ? getAuthMiddlewareAliasKey(alias.id) : null - ].filter((key): key is string => key !== null) - - await Promise.all(keysToClear.map((key) => em.clearCache(key))) } toJSON() { diff --git a/src/middleware/player-auth-middleware.ts b/src/middleware/player-auth-middleware.ts index 0cbe8cd8..6273ae0f 100644 --- a/src/middleware/player-auth-middleware.ts +++ b/src/middleware/player-auth-middleware.ts @@ -3,15 +3,6 @@ import { isAPIRoute } from './route-middleware' import { EntityManager } from '@mikro-orm/mysql' import PlayerAlias, { PlayerAliasService } from '../entities/player-alias' import { verify } from '../lib/auth/jwt' -import { getResultCacheOptions } from '../lib/perf/getResultCacheOptions' - -export function getAuthMiddlewarePlayerKey(playerId: string) { - return `auth-middleware-player-${playerId}` -} - -export function getAuthMiddlewareAliasKey(aliasId: number) { - return `auth-middleware-alias-${aliasId}` -} export default async function playerAuthMiddleware(ctx: Context, next: Next): Promise { if (isAPIRoute(ctx) && (ctx.state.currentPlayerId || ctx.state.currentAliasId)) { @@ -20,18 +11,22 @@ export default async function playerAuthMiddleware(ctx: Context, next: Next): Pr if (ctx.state.currentPlayerId) { alias = await em.getRepository(PlayerAlias).findOne({ - player: ctx.state.currentPlayerId, - service: PlayerAliasService.TALO + service: PlayerAliasService.TALO, + player: { + id: ctx.state.currentPlayerId, + game: ctx.state.game + } }, { - ...getResultCacheOptions(getAuthMiddlewarePlayerKey(ctx.state.currentPlayerId)), populate: ['player.auth'] }) } else { alias = await em.getRepository(PlayerAlias).findOne({ id: ctx.state.currentAliasId, - service: PlayerAliasService.TALO + service: PlayerAliasService.TALO, + player: { + game: ctx.state.game + } }, { - ...getResultCacheOptions(getAuthMiddlewareAliasKey(ctx.state.currentAliasId)), populate: ['player.auth'] }) } diff --git a/src/services/api/player-auth-api.service.ts b/src/services/api/player-auth-api.service.ts index a0fb28b1..b06f443c 100644 --- a/src/services/api/player-auth-api.service.ts +++ b/src/services/api/player-auth-api.service.ts @@ -71,7 +71,7 @@ export default class PlayerAuthAPIService extends APIService { alias.player.auth.verificationEnabled = Boolean(verificationEnabled) em.persist(alias.player.auth) - const sessionToken = await alias.player.auth.createSession(em, alias) + const sessionToken = await alias.player.auth.createSession(alias) const socketToken = await alias.createSocketToken(req.ctx.redis) createPlayerAuthActivity(req, alias.player, { @@ -152,7 +152,7 @@ export default class PlayerAuthAPIService extends APIService { } } } else { - const sessionToken = await alias.player.auth.createSession(em, alias) + const sessionToken = await alias.player.auth.createSession(alias) const socketToken = await alias.createSocketToken(redis) createPlayerAuthActivity(req, alias.player, { @@ -215,7 +215,7 @@ export default class PlayerAuthAPIService extends APIService { await redis.del(this.getRedisAuthKey(key, alias)) - const sessionToken = await alias.player.auth!.createSession(em, alias) + const sessionToken = await alias.player.auth!.createSession(alias) const socketToken = await alias.createSocketToken(redis) createPlayerAuthActivity(req, alias.player, { @@ -250,7 +250,7 @@ export default class PlayerAuthAPIService extends APIService { populate: ['player.auth'] }) - await alias.player.auth!.clearSession(em) + alias.player.auth!.clearSession() createPlayerAuthActivity(req, alias.player, { type: PlayerAuthActivityType.LOGGED_OUT @@ -493,7 +493,7 @@ export default class PlayerAuthAPIService extends APIService { await redis.del(this.getRedisPasswordResetKey(key, code)) alias.player.auth!.password = await bcrypt.hash(password, 10) - await alias.player.auth!.clearSession(em) + alias.player.auth!.clearSession() createPlayerAuthActivity(req, alias.player, { type: PlayerAuthActivityType.PASSWORD_RESET_COMPLETED diff --git a/tests/middlewares/player-auth-middleware.test.ts b/tests/middlewares/player-auth-middleware.test.ts index a599e9a2..056ce518 100644 --- a/tests/middlewares/player-auth-middleware.test.ts +++ b/tests/middlewares/player-auth-middleware.test.ts @@ -16,7 +16,7 @@ describe('Player auth middleware', () => { const player = await new PlayerFactory([apiKey.game]).withTaloAlias().one() await em.persistAndFlush([stat, player]) - const sessionToken = await player.auth!.createSession(em, player.aliases[0]) + const sessionToken = await player.auth!.createSession(player.aliases[0]) await em.flush() await request(app) @@ -91,9 +91,9 @@ describe('Player auth middleware', () => { const player = await new PlayerFactory([apiKey.game]).withTaloAlias().one() await em.persistAndFlush([stat, player]) - const oldSessionToken = await player.auth!.createSession(em, player.aliases[0]) + const oldSessionToken = await player.auth!.createSession(player.aliases[0]) - await player.auth!.createSession(em, player.aliases[0]) + await player.auth!.createSession(player.aliases[0]) await em.flush() const res = await request(app) @@ -119,7 +119,7 @@ describe('Player auth middleware', () => { player.aliases.add(await new PlayerAliasFactory(player).one()) await em.persistAndFlush([stat, player]) - const sessionToken = await player.auth!.createSession(em, player.aliases[0]) + const sessionToken = await player.auth!.createSession(player.aliases[0]) await em.flush() const res = await request(app) @@ -144,8 +144,8 @@ describe('Player auth middleware', () => { const otherPlayer = await new PlayerFactory([apiKey.game]).withTaloAlias().one() await em.persistAndFlush([stat, otherPlayer, player]) - const sessionToken = await player.auth!.createSession(em, player.aliases[0]) - await otherPlayer.auth!.createSession(em, otherPlayer.aliases[0]) + const sessionToken = await player.auth!.createSession(player.aliases[0]) + await otherPlayer.auth!.createSession(otherPlayer.aliases[0]) await em.flush() const res = await request(app) diff --git a/tests/services/_api/player-api/identify.test.ts b/tests/services/_api/player-api/identify.test.ts index 24c77739..f99dd424 100644 --- a/tests/services/_api/player-api/identify.test.ts +++ b/tests/services/_api/player-api/identify.test.ts @@ -214,7 +214,7 @@ describe('Player API service - identify', () => { const player = await new PlayerFactory([apiKey.game]).withTaloAlias().one() await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, player.aliases[0]) + const sessionToken = await player.auth!.createSession(player.aliases[0]) await em.flush() await request(app) diff --git a/tests/services/_api/player-auth-api/changeEmail.test.ts b/tests/services/_api/player-auth-api/changeEmail.test.ts index aa09cc56..a8aa19bf 100644 --- a/tests/services/_api/player-auth-api/changeEmail.test.ts +++ b/tests/services/_api/player-auth-api/changeEmail.test.ts @@ -21,7 +21,7 @@ describe('Player auth API service - change email', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -59,7 +59,7 @@ describe('Player auth API service - change email', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -85,7 +85,7 @@ describe('Player auth API service - change email', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) @@ -125,7 +125,7 @@ describe('Player auth API service - change email', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) @@ -165,7 +165,7 @@ describe('Player auth API service - change email', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) diff --git a/tests/services/_api/player-auth-api/changePassword.test.ts b/tests/services/_api/player-auth-api/changePassword.test.ts index ac158ec4..10e6734d 100644 --- a/tests/services/_api/player-auth-api/changePassword.test.ts +++ b/tests/services/_api/player-auth-api/changePassword.test.ts @@ -20,7 +20,7 @@ describe('Player auth API service - change password', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -55,7 +55,7 @@ describe('Player auth API service - change password', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -81,7 +81,7 @@ describe('Player auth API service - change password', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) @@ -121,7 +121,7 @@ describe('Player auth API service - change password', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) diff --git a/tests/services/_api/player-auth-api/delete.test.ts b/tests/services/_api/player-auth-api/delete.test.ts index d15a3089..ddb70c30 100644 --- a/tests/services/_api/player-auth-api/delete.test.ts +++ b/tests/services/_api/player-auth-api/delete.test.ts @@ -23,7 +23,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => { const activities = await new PlayerAuthActivityFactory(player.game).state(() => ({ player })).many(10) await em.persistAndFlush([player, ...activities]) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const prevIdentifier = alias.identifier @@ -70,7 +70,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const events = await new EventFactory([player]).many(3) @@ -125,7 +125,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) @@ -163,7 +163,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -194,7 +194,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => { player.presence = presence await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) diff --git a/tests/services/_api/player-auth-api/logout.test.ts b/tests/services/_api/player-auth-api/logout.test.ts index 9579d713..83ba896a 100644 --- a/tests/services/_api/player-auth-api/logout.test.ts +++ b/tests/services/_api/player-auth-api/logout.test.ts @@ -12,7 +12,7 @@ describe('Player auth API service - logout', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -41,7 +41,7 @@ describe('Player auth API service - logout', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) diff --git a/tests/services/_api/player-auth-api/toggleVerification.test.ts b/tests/services/_api/player-auth-api/toggleVerification.test.ts index 43a2b95c..c3b81dfe 100644 --- a/tests/services/_api/player-auth-api/toggleVerification.test.ts +++ b/tests/services/_api/player-auth-api/toggleVerification.test.ts @@ -20,7 +20,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -58,7 +58,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -96,7 +96,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) @@ -137,7 +137,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -176,7 +176,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) @@ -217,7 +217,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() await request(app) @@ -243,7 +243,7 @@ describe('Player auth API service - toggle verification', () => { const alias = player.aliases[0] await em.persistAndFlush(player) - const sessionToken = await player.auth!.createSession(em, alias) + const sessionToken = await player.auth!.createSession(alias) await em.flush() const res = await request(app) diff --git a/tests/socket/listeners/playerListeners/identify.test.ts b/tests/socket/listeners/playerListeners/identify.test.ts index 431bcc06..5cbe0964 100644 --- a/tests/socket/listeners/playerListeners/identify.test.ts +++ b/tests/socket/listeners/playerListeners/identify.test.ts @@ -48,7 +48,7 @@ describe('Player listeners - identify', () => { const ticket = await createSocketTicket(redis, apiKey, false) const socketToken = await player.aliases[0].createSocketToken(redis) - const sessionToken = await player.auth!.createSession(em, player.aliases[0]) + const sessionToken = await player.auth!.createSession(player.aliases[0]) await em.flush() await createTestSocket(`/?ticket=${ticket}`, async (client) => { From 4fe29afe3f2a6ef034d4bafe75d39b3e693a7834 Mon Sep 17 00:00:00 2001 From: tudor <7089284+tudddorrr@users.noreply.github.com> Date: Sun, 31 Aug 2025 08:39:16 +0100 Subject: [PATCH 2/2] fix VERIFICATION_TOGGLED typo --- src/entities/player-auth-activity.ts | 4 ++-- src/services/api/player-auth-api.service.ts | 2 +- .../_api/player-auth-api/toggleVerification.test.ts | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/entities/player-auth-activity.ts b/src/entities/player-auth-activity.ts index dc10c4c2..45d25d6e 100644 --- a/src/entities/player-auth-activity.ts +++ b/src/entities/player-auth-activity.ts @@ -12,7 +12,7 @@ export enum PlayerAuthActivityType { CHANGED_EMAIL, PASSWORD_RESET_REQUESTED, PASSWORD_RESET_COMPLETED, - VERFICIATION_TOGGLED, + VERIFICATION_TOGGLED, CHANGE_PASSWORD_FAILED, CHANGE_EMAIL_FAILED, TOGGLE_VERIFICATION_FAILED, @@ -78,7 +78,7 @@ export default class PlayerAuthActivity { return `A password reset request was made for ${authAlias.identifier}'s account` case PlayerAuthActivityType.PASSWORD_RESET_COMPLETED: return `A password reset was completed for ${authAlias.identifier}'s account` - case PlayerAuthActivityType.VERFICIATION_TOGGLED: + case PlayerAuthActivityType.VERIFICATION_TOGGLED: return `${authAlias.identifier} toggled verification` case PlayerAuthActivityType.CHANGE_PASSWORD_FAILED: return `${authAlias.identifier} failed to change their password` diff --git a/src/services/api/player-auth-api.service.ts b/src/services/api/player-auth-api.service.ts index b06f443c..d0eccb6e 100644 --- a/src/services/api/player-auth-api.service.ts +++ b/src/services/api/player-auth-api.service.ts @@ -580,7 +580,7 @@ export default class PlayerAuthAPIService extends APIService { } createPlayerAuthActivity(req, alias.player, { - type: PlayerAuthActivityType.VERFICIATION_TOGGLED, + type: PlayerAuthActivityType.VERIFICATION_TOGGLED, extra: { verificationEnabled: alias.player.auth!.verificationEnabled } diff --git a/tests/services/_api/player-auth-api/toggleVerification.test.ts b/tests/services/_api/player-auth-api/toggleVerification.test.ts index c3b81dfe..a1517fbc 100644 --- a/tests/services/_api/player-auth-api/toggleVerification.test.ts +++ b/tests/services/_api/player-auth-api/toggleVerification.test.ts @@ -36,7 +36,7 @@ describe('Player auth API service - toggle verification', () => { expect(player.auth!.verificationEnabled).toBe(true) const activity = await em.getRepository(PlayerAuthActivity).findOne({ - type: PlayerAuthActivityType.VERFICIATION_TOGGLED, + type: PlayerAuthActivityType.VERIFICATION_TOGGLED, player: player.id, extra: { verificationEnabled: true @@ -74,7 +74,7 @@ describe('Player auth API service - toggle verification', () => { expect(player.auth!.verificationEnabled).toBe(false) const activity = await em.getRepository(PlayerAuthActivity).findOne({ - type: PlayerAuthActivityType.VERFICIATION_TOGGLED, + type: PlayerAuthActivityType.VERIFICATION_TOGGLED, player: player.id, extra: { verificationEnabled: false @@ -154,7 +154,7 @@ describe('Player auth API service - toggle verification', () => { expect(player.auth!.email).toBe('bozzz@mail.com') const activity = await em.getRepository(PlayerAuthActivity).findOne({ - type: PlayerAuthActivityType.VERFICIATION_TOGGLED, + type: PlayerAuthActivityType.VERIFICATION_TOGGLED, player: player.id, extra: { verificationEnabled: true