Introduces POST /login and PATCH /password routes for admin authentication and password management. Adds corresponding schema validation for login and password change, enforces stricter password requirements, and updates adminService with JWT-based profile retrieval and improved token handling.
Corrects the table name from 'apiAdministrators_permissions' to 'apiAdministratorsPermissions' in adminRepository.js for consistency with the database schema. Also seeds default permissions into 'apiAdministratorsPermissionsList' during database setup.
Introduced a new handleDBError utility in modules/utils.js to centralize database error logging and throwing. Refactored all repositories to use this utility, replacing repetitive error handling and logger calls with a single function call for improved maintainability and consistency.
Removed the 'unique_active_cape' database trigger and updated the showCape function to manually ensure only one cape is selected per player. This change centralizes the selection logic in application code for better maintainability and error handling.
Introduces Discord OAuth2 integration for account association and login, including new routes for linking, unlinking, and authenticating via Discord. Adds supporting services, repositories, and schema validation for the OAuth2 flow. Refactors database schema and queries for consistency, and updates dependencies to include required OAuth2 libraries.
Refactored the function and route handler from deleteGlobalCape to deleteCape for consistency and clarity in naming. Updated all references accordingly.
Introduces a new addPlayerAction method in adminRepository and logPlayerAction in adminService to record admin actions on player accounts. Updates relevant admin routes to log actions such as bans, unbans, forced name changes, and skin resets. Also improves error messages in adminService for consistency and clarity.
Introduces admin database tables, repository, and service for managing administrators and permissions. Adds new admin routes for banning players, managing cosmetics (capes), changing player passwords and usernames, and handling player textures. Updates user and session services to support admin actions and permission checks. Adds related schema validation for new endpoints.
Renamed 'mojangapi' directories to 'api' for both routes and schemas to standardize API structure. Updated serverService to use the correct public key (profilePropertyKeys) for server metadata. Fixed sessionsService to return full skin and cape data arrays instead of just the first element.
Introduces legacy routes for Minecraft skins and capes to support older endpoints. Enhances error handling in sessionsRepository for missing skins/capes, adds getActiveSkin and getActiveCape to sessionsService, and improves error logging in server.js.
Changed route definitions in index.js from "" to "/" for correct routing. Updated sessionsService.js to add dashes to UUID before querying user data, ensuring proper UUID formatting.
Introduces legacy endpoints for login, joinserver, and checkserver, along with their input validation schemas. Updates sessionsService with joinLegacyServer to support legacy session handling. This enables compatibility with legacy clients requiring these authentication flows.
Moved sessionserver routes to correct directory and removed subdirectory logic from texture file lookup. Updated texture URLs to remove leading slashes and fixed endpoint concatenation. Added default textures for Alex and Steve.
Introduces zod-based validation schemas for Minecraft and Mojang API endpoints. Refactors texture route to support hash-based file serving and removes the old static texture route. Updates database schema for player properties and adds an event to clean expired certificates. Improves ValidationError formatting, adjusts skin/cape URL construction, and adds SSRF protection for skin uploads.
Introduces endpoints and logic for uploading Minecraft skins via file or URL, storing textures, and managing player skins. Adds new repository and service methods for texture registration and retrieval, updates authorization handling, and uses process.cwd() for data paths. Also includes static serving of textures and rate limiting for skin uploads.
Introduces new routes under /minecraftservices and /mojangapi for profile, skin, cape, blocklist, privileges, and certificate management. Adds a comprehensive userService module to handle user-related operations, and extends userRepository with methods for username changes, skin/cape management, blocking, and profile lookups. Refactors username availability logic into authService, updates error handling, and improves logger and utility functions. Also updates route handlers to use consistent return statements and enhances route registration logging.
Introduces a custom AccountsAPIError class for consistent error handling and serialization. Adds a new /productvoucher/giftcode route that returns a 404 error response for unimplemented endpoints.
Relocated the serverKeys variable from module scope to inside the signProfileData function to ensure keys are fetched at the time of signing. This improves encapsulation and may help with key rotation or dynamic key management.
Introduces two new routes: one for serving public keys from the certificates manager at /minecraftservices/publickeys, and another for listing blocked servers from the sessions service at /sessionsserver/blockedservers. These endpoints provide necessary data for authentication and server validation processes.
Introduces a Zod schema for the Minecraft session join endpoint, validating accessToken, selectedProfile, and serverId. Updates ValidationError to support serialization via YggdrasilError and SessionError for improved error formatting.
Replaces custom logger instantiation with a shared logger import across modules and routes. Moves player property and privilege management from authRepository to a new userRepository, expanding userRepository with additional user management functions (ban, unban, preferences, privileges, bans). Updates service and route files to use userRepository where appropriate. Adds new session join route and schema, and utility for UUID formatting.
