TaloDev · tudddorrr · Aug 31, 2025 · Aug 31, 2025 · Aug 31, 2025
diff --git a/src/entities/player-auth-activity.ts b/src/entities/player-auth-activity.ts
@@ -12,7 +12,7 @@ export enum PlayerAuthActivityType {
   CHANGED_EMAIL,
   PASSWORD_RESET_REQUESTED,
   PASSWORD_RESET_COMPLETED,
-  VERFICIATION_TOGGLED,
+  VERIFICATION_TOGGLED,
   CHANGE_PASSWORD_FAILED,
   CHANGE_EMAIL_FAILED,
   TOGGLE_VERIFICATION_FAILED,
@@ -78,7 +78,7 @@ export default class PlayerAuthActivity {
         return `A password reset request was made for ${authAlias.identifier}'s account`
       case PlayerAuthActivityType.PASSWORD_RESET_COMPLETED:
         return `A password reset was completed for ${authAlias.identifier}'s account`
-      case PlayerAuthActivityType.VERFICIATION_TOGGLED:
+      case PlayerAuthActivityType.VERIFICATION_TOGGLED:
         return `${authAlias.identifier} toggled verification`
       case PlayerAuthActivityType.CHANGE_PASSWORD_FAILED:
         return `${authAlias.identifier} failed to change their password`

diff --git a/src/entities/player-auth.ts b/src/entities/player-auth.ts
@@ -1,9 +1,8 @@
-import { Entity, EntityManager, OneToOne, PrimaryKey, Property } from '@mikro-orm/mysql'
+import { Entity, OneToOne, PrimaryKey, Property } from '@mikro-orm/mysql'
 import Player from './player'
 import { v4 } from 'uuid'
-import PlayerAlias, { PlayerAliasService } from './player-alias'
+import PlayerAlias from './player-alias'
 import { sign } from '../lib/auth/jwt'
-import { getAuthMiddlewareAliasKey, getAuthMiddlewarePlayerKey } from '../middleware/player-auth-middleware'
 
 const errorCodes = [
   'INVALID_CREDENTIALS',
@@ -50,35 +49,19 @@ export default class PlayerAuth {
   @Property({ onUpdate: () => new Date() })
   updatedAt: Date = new Date()
 
-  async createSession(em: EntityManager, alias: PlayerAlias): Promise<string> {
+  async createSession(alias: PlayerAlias): Promise<string> {
     this.player.lastSeenAt = new Date()
 
     this.sessionKey = v4()
     this.sessionCreatedAt = new Date()
-    await this.clearAuthMiddlewareKeys(em)
 
     const payload = { playerId: this.player.id, aliasId: alias.id }
     return sign(payload, this.sessionKey)
   }
 
-  async clearSession(em: EntityManager) {
+  clearSession() {
     this.sessionKey = null
     this.sessionCreatedAt = null
-    await this.clearAuthMiddlewareKeys(em)
-  }
-
-  private async clearAuthMiddlewareKeys(em: EntityManager) {
-    const alias = await em.repo(PlayerAlias).findOne({
-      service: PlayerAliasService.TALO,
-      player: this.player
-    })
-
-    const keysToClear: string[] = [
-      getAuthMiddlewarePlayerKey(this.player.id),
-      alias ? getAuthMiddlewareAliasKey(alias.id) : null
-    ].filter((key): key is string => key !== null)
-
-    await Promise.all(keysToClear.map((key) => em.clearCache(key)))
   }
 
   toJSON() {

diff --git a/src/middleware/player-auth-middleware.ts b/src/middleware/player-auth-middleware.ts
@@ -3,15 +3,6 @@ import { isAPIRoute } from './route-middleware'
 import { EntityManager } from '@mikro-orm/mysql'
 import PlayerAlias, { PlayerAliasService } from '../entities/player-alias'
 import { verify } from '../lib/auth/jwt'
-import { getResultCacheOptions } from '../lib/perf/getResultCacheOptions'
-
-export function getAuthMiddlewarePlayerKey(playerId: string) {
-  return `auth-middleware-player-${playerId}`
-}
-
-export function getAuthMiddlewareAliasKey(aliasId: number) {
-  return `auth-middleware-alias-${aliasId}`
-}
 
 export default async function playerAuthMiddleware(ctx: Context, next: Next): Promise<void> {
   if (isAPIRoute(ctx) && (ctx.state.currentPlayerId || ctx.state.currentAliasId)) {
@@ -20,18 +11,22 @@ export default async function playerAuthMiddleware(ctx: Context, next: Next): Pr
 
     if (ctx.state.currentPlayerId) {
       alias = await em.getRepository(PlayerAlias).findOne({
-        player: ctx.state.currentPlayerId,
-        service: PlayerAliasService.TALO
+        service: PlayerAliasService.TALO,
+        player: {
+          id: ctx.state.currentPlayerId,
+          game: ctx.state.game
+        }
       }, {
-        ...getResultCacheOptions(getAuthMiddlewarePlayerKey(ctx.state.currentPlayerId)),
         populate: ['player.auth']
       })
     } else {
       alias = await em.getRepository(PlayerAlias).findOne({
         id: ctx.state.currentAliasId,
-        service: PlayerAliasService.TALO
+        service: PlayerAliasService.TALO,
+        player: {
+          game: ctx.state.game
+        }
       }, {
-        ...getResultCacheOptions(getAuthMiddlewareAliasKey(ctx.state.currentAliasId)),
         populate: ['player.auth']
       })
     }

diff --git a/src/services/api/player-auth-api.service.ts b/src/services/api/player-auth-api.service.ts
@@ -71,7 +71,7 @@ export default class PlayerAuthAPIService extends APIService {
     alias.player.auth.verificationEnabled = Boolean(verificationEnabled)
     em.persist(alias.player.auth)
 
-    const sessionToken = await alias.player.auth.createSession(em, alias)
+    const sessionToken = await alias.player.auth.createSession(alias)
     const socketToken = await alias.createSocketToken(req.ctx.redis)
 
     createPlayerAuthActivity(req, alias.player, {
@@ -152,7 +152,7 @@ export default class PlayerAuthAPIService extends APIService {
         }
       }
     } else {
-      const sessionToken = await alias.player.auth.createSession(em, alias)
+      const sessionToken = await alias.player.auth.createSession(alias)
       const socketToken = await alias.createSocketToken(redis)
 
       createPlayerAuthActivity(req, alias.player, {
@@ -215,7 +215,7 @@ export default class PlayerAuthAPIService extends APIService {
 
     await redis.del(this.getRedisAuthKey(key, alias))
 
-    const sessionToken = await alias.player.auth!.createSession(em, alias)
+    const sessionToken = await alias.player.auth!.createSession(alias)
     const socketToken = await alias.createSocketToken(redis)
 
     createPlayerAuthActivity(req, alias.player, {
@@ -250,7 +250,7 @@ export default class PlayerAuthAPIService extends APIService {
       populate: ['player.auth']
     })
 
-    await alias.player.auth!.clearSession(em)
+    alias.player.auth!.clearSession()
 
     createPlayerAuthActivity(req, alias.player, {
       type: PlayerAuthActivityType.LOGGED_OUT
@@ -493,7 +493,7 @@ export default class PlayerAuthAPIService extends APIService {
     await redis.del(this.getRedisPasswordResetKey(key, code))
 
     alias.player.auth!.password = await bcrypt.hash(password, 10)
-    await alias.player.auth!.clearSession(em)
+    alias.player.auth!.clearSession()
 
     createPlayerAuthActivity(req, alias.player, {
       type: PlayerAuthActivityType.PASSWORD_RESET_COMPLETED
@@ -580,7 +580,7 @@ export default class PlayerAuthAPIService extends APIService {
     }
 
     createPlayerAuthActivity(req, alias.player, {
-      type: PlayerAuthActivityType.VERFICIATION_TOGGLED,
+      type: PlayerAuthActivityType.VERIFICATION_TOGGLED,
       extra: {
         verificationEnabled: alias.player.auth!.verificationEnabled
       }

diff --git a/tests/middlewares/player-auth-middleware.test.ts b/tests/middlewares/player-auth-middleware.test.ts
@@ -16,7 +16,7 @@ describe('Player auth middleware', () => {
     const player = await new PlayerFactory([apiKey.game]).withTaloAlias().one()
 
     await em.persistAndFlush([stat, player])
-    const sessionToken = await player.auth!.createSession(em, player.aliases[0])
+    const sessionToken = await player.auth!.createSession(player.aliases[0])
     await em.flush()
 
     await request(app)
@@ -91,9 +91,9 @@ describe('Player auth middleware', () => {
     const player = await new PlayerFactory([apiKey.game]).withTaloAlias().one()
 
     await em.persistAndFlush([stat, player])
-    const oldSessionToken = await player.auth!.createSession(em, player.aliases[0])
+    const oldSessionToken = await player.auth!.createSession(player.aliases[0])
 
-    await player.auth!.createSession(em, player.aliases[0])
+    await player.auth!.createSession(player.aliases[0])
     await em.flush()
 
     const res = await request(app)
@@ -119,7 +119,7 @@ describe('Player auth middleware', () => {
     player.aliases.add(await new PlayerAliasFactory(player).one())
 
     await em.persistAndFlush([stat, player])
-    const sessionToken = await player.auth!.createSession(em, player.aliases[0])
+    const sessionToken = await player.auth!.createSession(player.aliases[0])
     await em.flush()
 
     const res = await request(app)
@@ -144,8 +144,8 @@ describe('Player auth middleware', () => {
     const otherPlayer = await new PlayerFactory([apiKey.game]).withTaloAlias().one()
 
     await em.persistAndFlush([stat, otherPlayer, player])
-    const sessionToken = await player.auth!.createSession(em, player.aliases[0])
-    await otherPlayer.auth!.createSession(em, otherPlayer.aliases[0])
+    const sessionToken = await player.auth!.createSession(player.aliases[0])
+    await otherPlayer.auth!.createSession(otherPlayer.aliases[0])
     await em.flush()
 
     const res = await request(app)

diff --git a/tests/services/_api/player-api/identify.test.ts b/tests/services/_api/player-api/identify.test.ts
@@ -214,7 +214,7 @@ describe('Player API service - identify', () => {
     const player = await new PlayerFactory([apiKey.game]).withTaloAlias().one()
 
     await em.persistAndFlush(player)
-    const sessionToken = await player.auth!.createSession(em, player.aliases[0])
+    const sessionToken = await player.auth!.createSession(player.aliases[0])
     await em.flush()
 
     await request(app)

diff --git a/tests/services/_api/player-auth-api/changeEmail.test.ts b/tests/services/_api/player-auth-api/changeEmail.test.ts
@@ -21,7 +21,7 @@ describe('Player auth API service - change email', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)
@@ -59,7 +59,7 @@ describe('Player auth API service - change email', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)
@@ -85,7 +85,7 @@ describe('Player auth API service - change email', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const res = await request(app)
@@ -125,7 +125,7 @@ describe('Player auth API service - change email', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const res = await request(app)
@@ -165,7 +165,7 @@ describe('Player auth API service - change email', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const res = await request(app)

diff --git a/tests/services/_api/player-auth-api/changePassword.test.ts b/tests/services/_api/player-auth-api/changePassword.test.ts
@@ -20,7 +20,7 @@ describe('Player auth API service - change password', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)
@@ -55,7 +55,7 @@ describe('Player auth API service - change password', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)
@@ -81,7 +81,7 @@ describe('Player auth API service - change password', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const res = await request(app)
@@ -121,7 +121,7 @@ describe('Player auth API service - change password', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const res = await request(app)

diff --git a/tests/services/_api/player-auth-api/delete.test.ts b/tests/services/_api/player-auth-api/delete.test.ts
@@ -23,7 +23,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => {
     const activities = await new PlayerAuthActivityFactory(player.game).state(() => ({ player })).many(10)
     await em.persistAndFlush([player, ...activities])
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const prevIdentifier = alias.identifier
@@ -70,7 +70,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const events = await new EventFactory([player]).many(3)
@@ -125,7 +125,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     const res = await request(app)
@@ -163,7 +163,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)
@@ -194,7 +194,7 @@ describe('Player auth API service - delete', { timeout: 30_000 }, () => {
     player.presence = presence
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)

diff --git a/tests/services/_api/player-auth-api/logout.test.ts b/tests/services/_api/player-auth-api/logout.test.ts
@@ -12,7 +12,7 @@ describe('Player auth API service - logout', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)
@@ -41,7 +41,7 @@ describe('Player auth API service - logout', () => {
     const alias = player.aliases[0]
     await em.persistAndFlush(player)
 
-    const sessionToken = await player.auth!.createSession(em, alias)
+    const sessionToken = await player.auth!.createSession(alias)
     await em.flush()
 
     await request(app)