Add validation schemas and improve texture handling

Introduces zod-based validation schemas for Minecraft and Mojang API endpoints. Refactors texture route to support hash-based file serving and removes the old static texture route. Updates database schema for player properties and adds an event to clean expired certificates. Improves ValidationError formatting, adjusts skin/cape URL construction, and adds SSRF protection for skin uploads.
2025-12-28 09:02:10 +01:00
parent 1fe46a03fd
commit 5cfadfd7ac
29 changed files with 490 additions and 24 deletions
--- a/modules/databaseGlobals.js
+++ b/modules/databaseGlobals.js
@@ -45,7 +45,8 @@ async function setupDatabase() {
                name VARCHAR(256) NOT NULL,
                value VARCHAR(512) NOT NULL,
                uuid VARCHAR(36) NOT NULL,
-                FOREIGN KEY (uuid) REFERENCES players(uuid)
+                UNIQUE KEY unique_property (uuid, name),
+                FOREIGN KEY (uuid) REFERENCES players(uuid) ON DELETE CASCADE
            )
        `)
        logger.log(`${"playersProperties".bold} table ready`, ["MariaDB", "yellow"])
@@ -333,6 +334,17 @@ async function setupDatabase() {
            )
        `)
        logger.log(`${"serverSessions".bold} table ready`, ["MariaDB", "yellow"])
+        
+        await conn.query(`SET GLOBAL event_scheduler = ON;`)
+        logger.log("MariaDB Event Scheduler enabled.", ["MariaDB", "yellow"])
+        
+        await conn.query(`
+            CREATE EVENT IF NOT EXISTS clean_expired_certificates
+            ON SCHEDULE EVERY 1 HOUR
+            DO 
+            DELETE FROM playerCertificates WHERE expiresAt < NOW();
+        `)
+        logger.log(`${"clean_expired_certificates".bold} event ready`, ["MariaDB", "yellow"])

        logger.log("MariaDB database successfully initialised!", ["MariaDB", "yellow"])