diff --git a/database/berrydashdatabase.sql b/database/berrydashdatabase.sql index 68fbf72..66d9963 100644 --- a/database/berrydashdatabase.sql +++ b/database/berrydashdatabase.sql @@ -3,7 +3,7 @@ -- https://www.phpmyadmin.net/ -- -- Host: localhost --- Generation Time: Jan 24, 2026 at 08:31 PM +-- Generation Time: Jan 30, 2026 at 02:12 AM -- Server version: 12.1.2-MariaDB -- PHP Version: 8.5.2 diff --git a/database/lncvrtgames.sql b/database/lncvrtgames.sql index bc17dec..db32936 100644 --- a/database/lncvrtgames.sql +++ b/database/lncvrtgames.sql @@ -3,7 +3,7 @@ -- https://www.phpmyadmin.net/ -- -- Host: localhost --- Generation Time: Jan 27, 2026 at 05:18 PM +-- Generation Time: Jan 30, 2026 at 02:19 AM -- Server version: 12.1.2-MariaDB -- PHP Version: 8.5.2 @@ -113,9 +113,10 @@ CREATE TABLE `resetcodes` ( CREATE TABLE `users` ( `id` bigint(20) NOT NULL, `username` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL, - `password` varchar(60) NOT NULL, - `email` varchar(255) NOT NULL, - `latest_ip` varchar(255) DEFAULT NULL, + `password` varchar(60) CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL, + `email` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_bin NOT NULL, + `token` varchar(512) CHARACTER SET utf8mb3 COLLATE utf8mb3_bin NOT NULL, + `latest_ip` varchar(255) CHARACTER SET utf8mb3 COLLATE utf8mb3_bin DEFAULT NULL, `register_time` bigint(20) NOT NULL, `leaderboards_banned` tinyint(1) NOT NULL DEFAULT 0 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci ROW_FORMAT=COMPRESSED; diff --git a/src/index.ts b/src/index.ts index 6c8bcaf..aff9e71 100644 --- a/src/index.ts +++ b/src/index.ts @@ -6,7 +6,7 @@ import dotenv from 'dotenv' import swagger from '@elysiajs/swagger' import { berryDashChats, berryDashUserData, users } from './lib/tables' import { and, desc, eq } from 'drizzle-orm' -import { checkAuthorization } from './lib/bd/auth' +import { checkAuthorization } from './lib/auth' import { handler as getVerifyCodeHandler } from './routes/get-verify-code' @@ -124,7 +124,6 @@ app.ws('/ws', { const ip = ws.remoteAddress const authResult = await checkAuthorization( message.data.auth as string, - db1, db0, ip ) @@ -181,7 +180,6 @@ app.ws('/ws', { const ip = ws.remoteAddress const authResult = await checkAuthorization( message.data.auth as string, - db1, db0, ip ) @@ -311,7 +309,6 @@ app.ws('/ws', { const ip = ws.remoteAddress const authResult = await checkAuthorization( message.data.auth as string, - db1, db0, ip ) diff --git a/src/lib/bd/auth.ts b/src/lib/auth.ts similarity index 65% rename from src/lib/bd/auth.ts rename to src/lib/auth.ts index 111d131..4b8d1be 100644 --- a/src/lib/bd/auth.ts +++ b/src/lib/auth.ts @@ -1,19 +1,18 @@ import { MySql2Database } from 'drizzle-orm/mysql2' -import { berryDashUserData, users } from '../tables' +import { users } from './tables' import { eq } from 'drizzle-orm' export async function checkAuthorization ( authorizationToken: string, - db1: MySql2Database, - db0?: MySql2Database, - updateIp?: string | null + db0: MySql2Database, + updateIp: string | null ) { if (!authorizationToken) return { valid: false, id: 0 } - const userData = await db1 - .select({ id: berryDashUserData.id }) - .from(berryDashUserData) - .where(eq(berryDashUserData.token, authorizationToken)) + const userData = await db0 + .select({ id: users.id }) + .from(users) + .where(eq(users.token, authorizationToken)) .execute() if (!userData[0]) return { valid: false, id: 0 } diff --git a/src/lib/tables.ts b/src/lib/tables.ts index e6334e8..b2eaf44 100644 --- a/src/lib/tables.ts +++ b/src/lib/tables.ts @@ -16,6 +16,7 @@ export const users = mysqlTable('users', { username: varchar('username', { length: 255 }).notNull(), password: varchar('password', { length: 60 }).notNull(), email: varchar('email', { length: 255 }).notNull(), + token: varchar('token', { length: 512 }).notNull(), latestIp: varchar('latest_ip', { length: 255 }), registerTime: bigint('register_time', { mode: 'number' }).notNull(), leaderboardsBanned: boolean('leaderboards_banned').default(false).notNull() @@ -94,7 +95,6 @@ export const resetCodes = mysqlTable('resetcodes', { export const berryDashUserData = mysqlTable('userdata', { id: bigint('id', { mode: 'number' }).primaryKey().autoincrement().notNull(), - token: varchar('token', { length: 512 }).notNull(), saveData: longtext('save_data').default('{}').notNull(), legacyHighScore: bigint('legacy_high_score', { mode: 'number' }) .default(0) diff --git a/src/routes/berrydash/account/change-password/post.ts b/src/routes/berrydash/account/change-password/post.ts index 9adbce4..fb8895c 100644 --- a/src/routes/berrydash/account/change-password/post.ts +++ b/src/routes/berrydash/account/change-password/post.ts @@ -4,7 +4,7 @@ import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' import { users } from '../../../../lib/tables' import { eq } from 'drizzle-orm' import bcrypt from 'bcryptjs' @@ -29,7 +29,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/account/change-username/post.ts b/src/routes/berrydash/account/change-username/post.ts index 88c141e..8428777 100644 --- a/src/routes/berrydash/account/change-username/post.ts +++ b/src/routes/berrydash/account/change-username/post.ts @@ -4,7 +4,7 @@ import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' import { users } from '../../../../lib/tables' import { eq } from 'drizzle-orm' @@ -28,7 +28,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/account/login/post.ts b/src/routes/berrydash/account/login/post.ts index dd489a5..d325f14 100644 --- a/src/routes/berrydash/account/login/post.ts +++ b/src/routes/berrydash/account/login/post.ts @@ -39,7 +39,8 @@ export async function handler (context: Context) { .select({ id: users.id, username: users.username, - password: users.password + password: users.password, + token: users.token }) .from(users) .where(eq(users.username, body.username)) @@ -70,30 +71,11 @@ export async function handler (context: Context) { ) } - const user2 = await db1 - .select({ token: berryDashUserData.token }) - .from(berryDashUserData) - .where(eq(berryDashUserData.id, user[0].id)) - .limit(1) - .execute() - if (!user2[0]) { - connection0.end() - connection1.end() - return jsonResponse( - { - success: false, - message: 'Invalid username or password', - data: null - }, - 401 - ) - } - return jsonResponse({ success: true, message: null, data: { - session: user2[0].token, + session: user[0].token, username: user[0].username, id: user[0].id } diff --git a/src/routes/berrydash/account/register/post.ts b/src/routes/berrydash/account/register/post.ts index fae6a97..fd71576 100644 --- a/src/routes/berrydash/account/register/post.ts +++ b/src/routes/berrydash/account/register/post.ts @@ -156,6 +156,7 @@ export async function handler (context: Context) { username: body.username, password: hashedPassword, email: body.email, + token, registerTime: time, latestIp: ip }) @@ -164,8 +165,7 @@ export async function handler (context: Context) { await db1 .insert(berryDashUserData) .values({ - id: result[0].insertId, - token + id: result[0].insertId }) .execute() diff --git a/src/routes/berrydash/account/save/get.ts b/src/routes/berrydash/account/save/get.ts index 3e91961..ef33474 100644 --- a/src/routes/berrydash/account/save/get.ts +++ b/src/routes/berrydash/account/save/get.ts @@ -4,7 +4,7 @@ import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' import { berryDashUserData, users } from '../../../../lib/tables' import { eq } from 'drizzle-orm' @@ -24,7 +24,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) @@ -40,8 +39,7 @@ export async function handler (context: Context) { const result = await db1 .select({ - saveData: berryDashUserData.saveData, - token: berryDashUserData.token + saveData: berryDashUserData.saveData }) .from(berryDashUserData) .where(eq(berryDashUserData.id, userId)) @@ -65,6 +63,6 @@ export async function handler (context: Context) { if (!savedata.account) savedata.account = {} savedata.account.id = userId savedata.account.name = result2[0].username - savedata.account.session = result[0].token + savedata.account.session = authorizationToken return jsonResponse({ success: true, message: null, data: savedata }, 200) } diff --git a/src/routes/berrydash/account/save/post.ts b/src/routes/berrydash/account/save/post.ts index 2fc8433..49c9c23 100644 --- a/src/routes/berrydash/account/save/post.ts +++ b/src/routes/berrydash/account/save/post.ts @@ -4,7 +4,7 @@ import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' import { berryDashUserData } from '../../../../lib/tables' import { eq } from 'drizzle-orm' @@ -28,7 +28,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/chatroom/report/post.ts b/src/routes/berrydash/chatroom/report/post.ts index e122da2..20505b7 100644 --- a/src/routes/berrydash/chatroom/report/post.ts +++ b/src/routes/berrydash/chatroom/report/post.ts @@ -5,7 +5,7 @@ import { jsonResponse } from '../../../../lib/util' import { berryDashChatroomReports } from '../../../../lib/tables' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' import { and, eq } from 'drizzle-orm' type Body = { @@ -29,7 +29,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/icon-marketplace/post.ts b/src/routes/berrydash/icon-marketplace/post.ts index bcd09fe..fb5b4e0 100644 --- a/src/routes/berrydash/icon-marketplace/post.ts +++ b/src/routes/berrydash/icon-marketplace/post.ts @@ -6,7 +6,7 @@ import { } from '../../../lib/util' import { berryDashMarketplaceIcons, users } from '../../../lib/tables' import { and, eq, inArray, or, sql, not, desc, asc } from 'drizzle-orm' -import { checkAuthorization } from '../../../lib/bd/auth' +import { checkAuthorization } from '../../../lib/auth' type Body = { sortBy: number @@ -49,7 +49,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/icon-marketplace/upload/post.ts b/src/routes/berrydash/icon-marketplace/upload/post.ts index 445c2f9..93e8ffd 100644 --- a/src/routes/berrydash/icon-marketplace/upload/post.ts +++ b/src/routes/berrydash/icon-marketplace/upload/post.ts @@ -5,7 +5,7 @@ import { hash, jsonResponse } from '../../../../lib/util' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' import { berryDashMarketplaceIcons, verifyCodes } from '../../../../lib/tables' import { and, desc, eq, sql } from 'drizzle-orm' import { Buffer } from 'buffer' @@ -61,7 +61,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/profile/posts/delete.ts b/src/routes/berrydash/profile/posts/delete.ts index 95b699c..65d9adb 100644 --- a/src/routes/berrydash/profile/posts/delete.ts +++ b/src/routes/berrydash/profile/posts/delete.ts @@ -6,7 +6,7 @@ import { } from '../../../../lib/util' import { berryDashUserPosts } from '../../../../lib/tables' import { and, eq } from 'drizzle-orm' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' export async function handler (context: Context) { const dbInfo0 = getDatabaseConnection(0) @@ -24,7 +24,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/profile/posts/post.ts b/src/routes/berrydash/profile/posts/post.ts index d11d10e..ba8263c 100644 --- a/src/routes/berrydash/profile/posts/post.ts +++ b/src/routes/berrydash/profile/posts/post.ts @@ -5,7 +5,7 @@ import { jsonResponse } from '../../../../lib/util' import { berryDashUserPosts } from '../../../../lib/tables' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' type Body = { content: string @@ -27,7 +27,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip ) diff --git a/src/routes/berrydash/profile/posts/put.ts b/src/routes/berrydash/profile/posts/put.ts index 69da8fa..632856d 100644 --- a/src/routes/berrydash/profile/posts/put.ts +++ b/src/routes/berrydash/profile/posts/put.ts @@ -6,7 +6,7 @@ import { } from '../../../../lib/util' import { berryDashUserPosts } from '../../../../lib/tables' import { and, eq } from 'drizzle-orm' -import { checkAuthorization } from '../../../../lib/bd/auth' +import { checkAuthorization } from '../../../../lib/auth' export async function handler (context: Context) { const dbInfo0 = getDatabaseConnection(0) @@ -24,7 +24,6 @@ export async function handler (context: Context) { const authorizationToken = context.headers.authorization const authResult = await checkAuthorization( authorizationToken as string, - db1, db0, ip )