Updated the skin upload schema to accept both JSON and multipart/form-data content types, and to allow requests without a URL. Simplified the texture storage path in userService.js by removing subdirectory partitioning based on hash.
Introduces getSkins and getCapes functions in both userRepository and userService to retrieve player skins and capes from the database. These methods return structured data for use in higher-level application logic.
Introduces POST /login and PATCH /password routes for admin authentication and password management. Adds corresponding schema validation for login and password change, enforces stricter password requirements, and updates adminService with JWT-based profile retrieval and improved token handling.
Introduces Discord OAuth2 integration for account association and login, including new routes for linking, unlinking, and authenticating via Discord. Adds supporting services, repositories, and schema validation for the OAuth2 flow. Refactors database schema and queries for consistency, and updates dependencies to include required OAuth2 libraries.
Refactored the function and route handler from deleteGlobalCape to deleteCape for consistency and clarity in naming. Updated all references accordingly.
Introduces a new addPlayerAction method in adminRepository and logPlayerAction in adminService to record admin actions on player accounts. Updates relevant admin routes to log actions such as bans, unbans, forced name changes, and skin resets. Also improves error messages in adminService for consistency and clarity.
Introduces admin database tables, repository, and service for managing administrators and permissions. Adds new admin routes for banning players, managing cosmetics (capes), changing player passwords and usernames, and handling player textures. Updates user and session services to support admin actions and permission checks. Adds related schema validation for new endpoints.
Renamed 'mojangapi' directories to 'api' for both routes and schemas to standardize API structure. Updated serverService to use the correct public key (profilePropertyKeys) for server metadata. Fixed sessionsService to return full skin and cape data arrays instead of just the first element.
Introduces legacy routes for Minecraft skins and capes to support older endpoints. Enhances error handling in sessionsRepository for missing skins/capes, adds getActiveSkin and getActiveCape to sessionsService, and improves error logging in server.js.
Changed route definitions in index.js from "" to "/" for correct routing. Updated sessionsService.js to add dashes to UUID before querying user data, ensuring proper UUID formatting.
Introduces legacy endpoints for login, joinserver, and checkserver, along with their input validation schemas. Updates sessionsService with joinLegacyServer to support legacy session handling. This enables compatibility with legacy clients requiring these authentication flows.
Moved sessionserver routes to correct directory and removed subdirectory logic from texture file lookup. Updated texture URLs to remove leading slashes and fixed endpoint concatenation. Added default textures for Alex and Steve.
Introduces zod-based validation schemas for Minecraft and Mojang API endpoints. Refactors texture route to support hash-based file serving and removes the old static texture route. Updates database schema for player properties and adds an event to clean expired certificates. Improves ValidationError formatting, adjusts skin/cape URL construction, and adds SSRF protection for skin uploads.
Introduces endpoints and logic for uploading Minecraft skins via file or URL, storing textures, and managing player skins. Adds new repository and service methods for texture registration and retrieval, updates authorization handling, and uses process.cwd() for data paths. Also includes static serving of textures and rate limiting for skin uploads.
Introduces new routes under /minecraftservices and /mojangapi for profile, skin, cape, blocklist, privileges, and certificate management. Adds a comprehensive userService module to handle user-related operations, and extends userRepository with methods for username changes, skin/cape management, blocking, and profile lookups. Refactors username availability logic into authService, updates error handling, and improves logger and utility functions. Also updates route handlers to use consistent return statements and enhances route registration logging.
Replaces custom logger instantiation with a shared logger import across modules and routes. Moves player property and privilege management from authRepository to a new userRepository, expanding userRepository with additional user management functions (ban, unban, preferences, privileges, bans). Updates service and route files to use userRepository where appropriate. Adds new session join route and schema, and utility for UUID formatting.
Introduces new session server endpoints for hasJoined and profile lookup, adds a SessionError class for improved error handling, and updates error exports. Also renames sessionRepository and sessionService files to sessionsRepository and sessionsService for consistency, and sets max listeners in logger.
Introduces sessionService.js providing functions for legacy session registration and validation, profile retrieval with skin/cape data, server join handling, and blocked server listing. Integrates with auth and session repositories and includes error handling for various session operations.
Add environment example, update .gitignore, and switch license to AGPL v3. Introduce error handling classes, ESLint config, and main modules for database, logging, certificate management, and utility functions. Add authentication routes, schemas, and service layer for a modular REST API. Update README and set up repository structure for further development.
