Initial project structure and core modules

Add environment example, update .gitignore, and switch license to AGPL v3. Introduce error handling classes, ESLint config, and main modules for database, logging, certificate management, and utility functions. Add authentication routes, schemas, and service layer for a modular REST API. Update README and set up repository structure for further development.

routes/authserver/authenticate.js

@@ -0,0 +1,43 @@
+const path = require("path")
+const express = require("express")
+const router = express.Router()
+const { YggdrasilError } = require("../../errors/errors")
+const rateLimit = require("express-rate-limit")
+const authService = require("../../services/authService")
+const Logger = require("../../modules/logger")
+const logger = Logger.createLogger(path.join(__dirname, "..", ".."))
+
+const limiter = rateLimit({
+    windowMs: 15 * 60 * 1000,
+    max: 20,
+    standardHeaders: true,
+    legacyHeaders: false,
+    handler: (req, res) => {
+        res.status(429).json({
+            error: "TooManyRequestsException",
+            errorMessage: "Too many login attempts, please try again later."
+        })
+    }
+})
+
+router.post("/", limiter, async (req, res) => {
+    const { username, password, clientToken, requestUser } = req.body
+    try {
+        const result = await authService.authenticate({ 
+            identifier: username, 
+            password, 
+            clientToken, 
+            requireUser: requestUser || false 
+        })
+
+        logger.log(`User authenticated: ${username}`, ["AUTH", "green"])
+        res.status(200).json(result.response)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError( err.code, err.error || "ForbiddenOperationException", err.message, "Invalid credentials")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/invalidate.js

@@ -0,0 +1,20 @@
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const YggdrasilError = require("../../errors/YggdrasilError")
+const { DefaultError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { accessToken, clientToken } = req.body
+    try {
+        await authService.invalidate({ accessToken, clientToken })
+        res.sendStatus(204)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code, err.error || "ForbiddenOperationException", err.message, "Invalid token.")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/refresh.js

@@ -0,0 +1,32 @@
+const path = require("node:path")
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const Logger = require("../../modules/logger")
+const logger = Logger.createLogger(path.join(__dirname, "..", ".."))
+const { DefaultError, YggdrasilError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { accessToken, clientToken, requestUser } = req.body
+
+    try {
+        const result = await authService.refreshToken({ 
+            clientToken, 
+            previousAccessToken: accessToken, 
+            requireUser: requestUser || false 
+        })
+
+        const profileName = result.response.selectedProfile ? result.response.selectedProfile.name : "Unknown"
+        logger.log(`Session refreshed for: ${profileName}`, ["AUTH", "green"])
+
+        res.status(200).json(result.response)
+
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code, err.error || "ForbiddenOperationException", err.message, "Invalid token.")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/signout.js

@@ -0,0 +1,32 @@
+const path = require("node:path")
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const Logger = require("../../modules/logger")
+const logger = Logger.createLogger(path.join(__dirname, "..", ".."))
+const { DefaultError, YggdrasilError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { username, password } = req.body
+    try {
+        const authResult = await authService.authenticate({ 
+            identifier: username, 
+            password, 
+            requireUser: false 
+        })
+
+        const userUuid = authResult.response.selectedProfile.id
+        await authService.signout({ uuid: userUuid })
+
+        logger.log(`User signed out globally: ${username}`, ["AUTH", "green"])
+        res.sendStatus(204)
+
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code === 403 ? 403 : 500, err.error || "ForbiddenOperationException", err.message || "Invalid credentials.", "Invalid credentials.")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/validate.js

@@ -0,0 +1,20 @@
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const YggdrasilError = require("../../errors/YggdrasilError")
+const { DefaultError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { accessToken, clientToken } = req.body
+    try {
+        await authService.validate({ accessToken, clientToken })
+        res.sendStatus(204)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code, err.error || "ForbiddenOperationException", err.message, "Invalid token.")
+        }
+        throw err
+    }
+})
+
+module.exports = router