Added a new registration HTML page under data/static/register.html and introduced a static file serving route in routes/static.js. Minor adjustments were made to authRepository.js and userRepository.js to update module imports. This enables serving static assets and provides a registration UI.
Introduces POST /login and PATCH /password routes for admin authentication and password management. Adds corresponding schema validation for login and password change, enforces stricter password requirements, and updates adminService with JWT-based profile retrieval and improved token handling.
Introduces Discord OAuth2 integration for account association and login, including new routes for linking, unlinking, and authenticating via Discord. Adds supporting services, repositories, and schema validation for the OAuth2 flow. Refactors database schema and queries for consistency, and updates dependencies to include required OAuth2 libraries.
Refactored the function and route handler from deleteGlobalCape to deleteCape for consistency and clarity in naming. Updated all references accordingly.
Introduces a new addPlayerAction method in adminRepository and logPlayerAction in adminService to record admin actions on player accounts. Updates relevant admin routes to log actions such as bans, unbans, forced name changes, and skin resets. Also improves error messages in adminService for consistency and clarity.
Introduces admin database tables, repository, and service for managing administrators and permissions. Adds new admin routes for banning players, managing cosmetics (capes), changing player passwords and usernames, and handling player textures. Updates user and session services to support admin actions and permission checks. Adds related schema validation for new endpoints.
Renamed 'mojangapi' directories to 'api' for both routes and schemas to standardize API structure. Updated serverService to use the correct public key (profilePropertyKeys) for server metadata. Fixed sessionsService to return full skin and cape data arrays instead of just the first element.
Introduces legacy routes for Minecraft skins and capes to support older endpoints. Enhances error handling in sessionsRepository for missing skins/capes, adds getActiveSkin and getActiveCape to sessionsService, and improves error logging in server.js.
Changed route definitions in index.js from "" to "/" for correct routing. Updated sessionsService.js to add dashes to UUID before querying user data, ensuring proper UUID formatting.
Introduces legacy endpoints for login, joinserver, and checkserver, along with their input validation schemas. Updates sessionsService with joinLegacyServer to support legacy session handling. This enables compatibility with legacy clients requiring these authentication flows.
Moved sessionserver routes to correct directory and removed subdirectory logic from texture file lookup. Updated texture URLs to remove leading slashes and fixed endpoint concatenation. Added default textures for Alex and Steve.
Introduces zod-based validation schemas for Minecraft and Mojang API endpoints. Refactors texture route to support hash-based file serving and removes the old static texture route. Updates database schema for player properties and adds an event to clean expired certificates. Improves ValidationError formatting, adjusts skin/cape URL construction, and adds SSRF protection for skin uploads.
Introduces endpoints and logic for uploading Minecraft skins via file or URL, storing textures, and managing player skins. Adds new repository and service methods for texture registration and retrieval, updates authorization handling, and uses process.cwd() for data paths. Also includes static serving of textures and rate limiting for skin uploads.
Introduces new routes under /minecraftservices and /mojangapi for profile, skin, cape, blocklist, privileges, and certificate management. Adds a comprehensive userService module to handle user-related operations, and extends userRepository with methods for username changes, skin/cape management, blocking, and profile lookups. Refactors username availability logic into authService, updates error handling, and improves logger and utility functions. Also updates route handlers to use consistent return statements and enhances route registration logging.
Introduces a custom AccountsAPIError class for consistent error handling and serialization. Adds a new /productvoucher/giftcode route that returns a 404 error response for unimplemented endpoints.
Introduces two new routes: one for serving public keys from the certificates manager at /minecraftservices/publickeys, and another for listing blocked servers from the sessions service at /sessionsserver/blockedservers. These endpoints provide necessary data for authentication and server validation processes.
Replaces custom logger instantiation with a shared logger import across modules and routes. Moves player property and privilege management from authRepository to a new userRepository, expanding userRepository with additional user management functions (ban, unban, preferences, privileges, bans). Updates service and route files to use userRepository where appropriate. Adds new session join route and schema, and utility for UUID formatting.
Introduces new session server endpoints for hasJoined and profile lookup, adds a SessionError class for improved error handling, and updates error exports. Also renames sessionRepository and sessionService files to sessionsRepository and sessionsService for consistency, and sets max listeners in logger.
Add environment example, update .gitignore, and switch license to AGPL v3. Introduce error handling classes, ESLint config, and main modules for database, logging, certificate management, and utility functions. Add authentication routes, schemas, and service layer for a modular REST API. Update README and set up repository structure for further development.
