Initial project structure and core files

Add base project files including environment example, license, README, .gitignore, error classes, ESLint config, database modules, texture assets, repositories, routes, schemas, services, and server entry point. This establishes the foundational structure for a Yggdrasil-compatible REST API with modular error handling, database setup, and route organization.

routes/authserver/authenticate.js

@@ -0,0 +1,41 @@
+const express = require("express")
+const router = express.Router()
+const { YggdrasilError } = require("../../errors/errors")
+const rateLimit = require("express-rate-limit")
+const authService = require("../../services/authService")
+const logger = require("../../modules/logger")
+
+const limiter = rateLimit({
+    windowMs: 15 * 60 * 1000,
+    max: 20,
+    standardHeaders: true,
+    legacyHeaders: false,
+    handler: (req, res) => {
+        return res.status(429).json({
+            error: "TooManyRequestsException",
+            errorMessage: "Too many login attempts, please try again later."
+        })
+    }
+})
+
+router.post("/", limiter, async (req, res) => {
+    const { username, password, clientToken, requestUser } = req.body
+    try {
+        const result = await authService.authenticate({ 
+            identifier: username, 
+            password, 
+            clientToken, 
+            requireUser: requestUser || false 
+        })
+
+        logger.log(`User authenticated: ${username}`, ["AUTH", "green"])
+        return res.status(200).json(result.response)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError( err.code, err.error || "ForbiddenOperationException", err.message, "Invalid credentials")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/invalidate.js

@@ -0,0 +1,20 @@
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const YggdrasilError = require("../../errors/YggdrasilError")
+const { DefaultError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { accessToken, clientToken } = req.body
+    try {
+        await authService.invalidate({ accessToken, clientToken })
+        return res.sendStatus(204)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code, err.error || "ForbiddenOperationException", err.message, "Invalid token.")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/refresh.js

@@ -0,0 +1,28 @@
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const logger = require("../../modules/logger")
+const { DefaultError, YggdrasilError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { accessToken, clientToken, requestUser } = req.body
+
+    try {
+        const result = await authService.refreshToken({ 
+            clientToken, 
+            previousAccessToken: accessToken, 
+            requireUser: requestUser || false 
+        })
+
+        const profileName = result.response.selectedProfile ? result.response.selectedProfile.name : "Unknown"
+        logger.log(`Session refreshed for: ${profileName}`, ["AUTH", "green"])
+        return res.status(200).json(result.response)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code, err.error || "ForbiddenOperationException", err.message, "Invalid token.")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/signout.js

@@ -0,0 +1,29 @@
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const logger = require("../../modules/logger")
+const { DefaultError, YggdrasilError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { username, password } = req.body
+    try {
+        const authResult = await authService.authenticate({ 
+            identifier: username, 
+            password, 
+            requireUser: false 
+        })
+
+        const userUuid = authResult.response.selectedProfile.id
+        await authService.signout({ uuid: userUuid })
+
+        logger.log(`User signed out globally: ${username}`, ["AUTH", "green"])
+        return res.sendStatus(204)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code === 403 ? 403 : 500, err.error || "ForbiddenOperationException", err.message || "Invalid credentials.", "Invalid credentials.")
+        }
+        throw err
+    }
+})
+
+module.exports = router

routes/authserver/validate.js

@@ -0,0 +1,20 @@
+const express = require("express")
+const router = express.Router()
+const authService = require("../../services/authService")
+const YggdrasilError = require("../../errors/YggdrasilError")
+const { DefaultError } = require("../../errors/errors")
+
+router.post("/", async (req, res) => {
+    const { accessToken, clientToken } = req.body
+    try {
+        await authService.validate({ accessToken, clientToken })
+        return res.sendStatus(204)
+    } catch (err) {
+        if (err instanceof DefaultError) {
+            throw new YggdrasilError(err.code, err.error || "ForbiddenOperationException", err.message, "Invalid token.")
+        }
+        throw err
+    }
+})
+
+module.exports = router