megaproxy/Shatteredvoid
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: implement complete Phase 2 frontend foundation with React 18

Browse source 
Major milestone: Frontend implementation complete for Shattered Void MMO

FRONTEND IMPLEMENTATION:
- React 18 + TypeScript + Vite development environment
- Tailwind CSS with custom dark theme for sci-fi aesthetic
- Zustand state management with authentication persistence
- Socket.io WebSocket client with auto-reconnection
- Protected routing with authentication guards
- Responsive design with mobile-first approach

AUTHENTICATION SYSTEM:
- Login/register forms with comprehensive validation
- JWT token management with localStorage persistence
- Password strength validation and user feedback
- Protected routes and authentication guards

CORE GAME INTERFACE:
- Colony management dashboard with real-time updates
- Resource display with live production tracking
- WebSocket integration for real-time game events
- Navigation with connection status indicator
- Toast notifications for user feedback

BACKEND ENHANCEMENTS:
- Complete Research System with technology tree (23 technologies)
- Fleet Management System with ship designs and movement
- Enhanced Authentication with email verification and password reset
- Complete game tick integration for all systems
- Advanced WebSocket events for real-time updates

ARCHITECTURE FEATURES:
- Type-safe TypeScript throughout
- Component-based architecture with reusable UI elements
- API client with request/response interceptors
- Error handling and loading states
- Performance optimized builds with code splitting

Phase 2 Status: Frontend foundation complete (Week 1-2 objectives met)
Ready for: Colony management, fleet operations, research interface
Next: Enhanced gameplay features and admin interface

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
MegaProxy 2025-08-02 18:36:06 +00:00
parent 8d9ef427be
commit d41d1e8125
130 changed files with 33588 additions and 14817 deletions
Download patch file Download diff file Expand all files Collapse all files

558
src/middleware/admin.middleware.js
View file

@ -13,84 +13,84 @@ const logger = require('../utils/logger');
* @param {Function} next - Express next function
*/
async function authenticateAdmin(req, res, next) {
try {
const correlationId = req.correlationId;
// Extract token from Authorization header
const authHeader = req.get('Authorization');
const token = extractTokenFromHeader(authHeader);
try {
const correlationId = req.correlationId;
if (!token) {
logger.warn('Admin authentication failed - no token provided', {
correlationId,
ip: req.ip,
userAgent: req.get('User-Agent'),
path: req.path
});
// Extract token from Authorization header
const authHeader = req.get('Authorization');
const token = extractTokenFromHeader(authHeader);
return res.status(401).json({
error: 'Authentication required',
message: 'No authentication token provided',
correlationId
});
}
if (!token) {
logger.warn('Admin authentication failed - no token provided', {
correlationId,
ip: req.ip,
userAgent: req.get('User-Agent'),
path: req.path,
});
// Verify the token
const decoded = verifyAdminToken(token);
// Add admin information to request object
req.user = {
adminId: decoded.adminId,
email: decoded.email,
username: decoded.username,
permissions: decoded.permissions || [],
type: 'admin',
iat: decoded.iat,
exp: decoded.exp
};
// Log admin access
logger.audit('Admin authenticated', {
correlationId,
adminId: decoded.adminId,
username: decoded.username,
permissions: decoded.permissions,
path: req.path,
method: req.method,
ip: req.ip,
userAgent: req.get('User-Agent')
});
next();
} catch (error) {
const correlationId = req.correlationId;
logger.warn('Admin authentication failed', {
correlationId,
error: error.message,
ip: req.ip,
userAgent: req.get('User-Agent'),
path: req.path
});
let statusCode = 401;
let message = 'Invalid authentication token';
if (error.message === 'Token expired') {
statusCode = 401;
message = 'Authentication token has expired';
} else if (error.message === 'Invalid token') {
statusCode = 401;
message = 'Invalid authentication token';
}
return res.status(statusCode).json({
error: 'Authentication failed',
message,
correlationId
});
return res.status(401).json({
error: 'Authentication required',
message: 'No authentication token provided',
correlationId,
});
}
// Verify the token
const decoded = verifyAdminToken(token);
// Add admin information to request object
req.user = {
adminId: decoded.adminId,
email: decoded.email,
username: decoded.username,
permissions: decoded.permissions || [],
type: 'admin',
iat: decoded.iat,
exp: decoded.exp,
};
// Log admin access
logger.audit('Admin authenticated', {
correlationId,
adminId: decoded.adminId,
username: decoded.username,
permissions: decoded.permissions,
path: req.path,
method: req.method,
ip: req.ip,
userAgent: req.get('User-Agent'),
});
next();
} catch (error) {
const correlationId = req.correlationId;
logger.warn('Admin authentication failed', {
correlationId,
error: error.message,
ip: req.ip,
userAgent: req.get('User-Agent'),
path: req.path,
});
let statusCode = 401;
let message = 'Invalid authentication token';
if (error.message === 'Token expired') {
statusCode = 401;
message = 'Authentication token has expired';
} else if (error.message === 'Invalid token') {
statusCode = 401;
message = 'Invalid authentication token';
}
return res.status(statusCode).json({
error: 'Authentication failed',
message,
correlationId,
});
}
}
/**
@ -99,99 +99,99 @@ async function authenticateAdmin(req, res, next) {
* @returns {Function} Express middleware function
*/
function requirePermissions(requiredPermissions) {
// Normalize to array
const permissions = Array.isArray(requiredPermissions)
? requiredPermissions
: [requiredPermissions];
// Normalize to array
const permissions = Array.isArray(requiredPermissions)
? requiredPermissions
: [requiredPermissions];
return (req, res, next) => {
try {
const correlationId = req.correlationId;
const adminPermissions = req.user?.permissions || [];
const adminId = req.user?.adminId;
const username = req.user?.username;
return (req, res, next) => {
try {
const correlationId = req.correlationId;
const adminPermissions = req.user?.permissions || [];
const adminId = req.user?.adminId;
const username = req.user?.username;
if (!adminId) {
logger.warn('Permission check failed - no authenticated admin', {
correlationId,
requiredPermissions: permissions,
path: req.path
});
if (!adminId) {
logger.warn('Permission check failed - no authenticated admin', {
correlationId,
requiredPermissions: permissions,
path: req.path,
});
return res.status(401).json({
error: 'Authentication required',
message: 'Admin authentication required',
correlationId
});
}
return res.status(401).json({
error: 'Authentication required',
message: 'Admin authentication required',
correlationId,
});
}
// Check if admin has super admin permission (bypasses all checks)
if (adminPermissions.includes('super_admin')) {
logger.info('Permission check passed - super admin', {
correlationId,
adminId,
username,
requiredPermissions: permissions,
path: req.path
});
// Check if admin has super admin permission (bypasses all checks)
if (adminPermissions.includes('super_admin')) {
logger.info('Permission check passed - super admin', {
correlationId,
adminId,
username,
requiredPermissions: permissions,
path: req.path,
});
return next();
}
return next();
}
// Check if admin has all required permissions
const hasPermissions = permissions.every(permission =>
adminPermissions.includes(permission)
);
// Check if admin has all required permissions
const hasPermissions = permissions.every(permission =>
adminPermissions.includes(permission),
);
if (!hasPermissions) {
const missingPermissions = permissions.filter(permission =>
!adminPermissions.includes(permission)
);
if (!hasPermissions) {
const missingPermissions = permissions.filter(permission =>
!adminPermissions.includes(permission),
);
logger.warn('Permission check failed - insufficient permissions', {
correlationId,
adminId,
username,
adminPermissions,
requiredPermissions: permissions,
missingPermissions,
path: req.path,
method: req.method
});
logger.warn('Permission check failed - insufficient permissions', {
correlationId,
adminId,
username,
adminPermissions,
requiredPermissions: permissions,
missingPermissions,
path: req.path,
method: req.method,
});
return res.status(403).json({
error: 'Insufficient permissions',
message: 'You do not have the required permissions to access this resource',
requiredPermissions: permissions,
correlationId
});
}
return res.status(403).json({
error: 'Insufficient permissions',
message: 'You do not have the required permissions to access this resource',
requiredPermissions: permissions,
correlationId,
});
}
logger.info('Permission check passed', {
correlationId,
adminId,
username,
requiredPermissions: permissions,
path: req.path
});
logger.info('Permission check passed', {
correlationId,
adminId,
username,
requiredPermissions: permissions,
path: req.path,
});
next();
next();
} catch (error) {
logger.error('Permission check error', {
correlationId: req.correlationId,
error: error.message,
stack: error.stack,
requiredPermissions: permissions
});
} catch (error) {
logger.error('Permission check error', {
correlationId: req.correlationId,
error: error.message,
stack: error.stack,
requiredPermissions: permissions,
});
return res.status(500).json({
error: 'Internal server error',
message: 'Failed to verify permissions',
correlationId: req.correlationId
});
}
};
return res.status(500).json({
error: 'Internal server error',
message: 'Failed to verify permissions',
correlationId: req.correlationId,
});
}
};
}
/**
@ -201,80 +201,80 @@ function requirePermissions(requiredPermissions) {
* @returns {Function} Express middleware function
*/
function requirePlayerAccess(paramName = 'playerId') {
return (req, res, next) => {
try {
const correlationId = req.correlationId;
const adminPermissions = req.user?.permissions || [];
const adminId = req.user?.adminId;
const username = req.user?.username;
const targetPlayerId = req.params[paramName];
return (req, res, next) => {
try {
const correlationId = req.correlationId;
const adminPermissions = req.user?.permissions || [];
const adminId = req.user?.adminId;
const username = req.user?.username;
const targetPlayerId = req.params[paramName];
if (!adminId) {
return res.status(401).json({
error: 'Authentication required',
correlationId
});
}
if (!adminId) {
return res.status(401).json({
error: 'Authentication required',
correlationId,
});
}
// Super admin can access everything
if (adminPermissions.includes('super_admin')) {
return next();
}
// Super admin can access everything
if (adminPermissions.includes('super_admin')) {
return next();
}
// Check for player management permission
if (adminPermissions.includes('player_management')) {
logger.info('Player access granted - player management permission', {
correlationId,
adminId,
username,
targetPlayerId,
path: req.path
});
return next();
}
// Check for player management permission
if (adminPermissions.includes('player_management')) {
logger.info('Player access granted - player management permission', {
correlationId,
adminId,
username,
targetPlayerId,
path: req.path,
});
return next();
}
// Check for read-only player data permission for GET requests
if (req.method === 'GET' && adminPermissions.includes('player_data_read')) {
logger.info('Player access granted - read-only permission', {
correlationId,
adminId,
username,
targetPlayerId,
path: req.path
});
return next();
}
// Check for read-only player data permission for GET requests
if (req.method === 'GET' && adminPermissions.includes('player_data_read')) {
logger.info('Player access granted - read-only permission', {
correlationId,
adminId,
username,
targetPlayerId,
path: req.path,
});
return next();
}
logger.warn('Player access denied - insufficient permissions', {
correlationId,
adminId,
username,
adminPermissions,
targetPlayerId,
path: req.path,
method: req.method
});
logger.warn('Player access denied - insufficient permissions', {
correlationId,
adminId,
username,
adminPermissions,
targetPlayerId,
path: req.path,
method: req.method,
});
return res.status(403).json({
error: 'Insufficient permissions',
message: 'You do not have permission to access player data',
correlationId
});
return res.status(403).json({
error: 'Insufficient permissions',
message: 'You do not have permission to access player data',
correlationId,
});
} catch (error) {
logger.error('Player access check error', {
correlationId: req.correlationId,
error: error.message,
stack: error.stack
});
} catch (error) {
logger.error('Player access check error', {
correlationId: req.correlationId,
error: error.message,
stack: error.stack,
});
return res.status(500).json({
error: 'Internal server error',
message: 'Failed to verify player access permissions',
correlationId: req.correlationId
});
}
};
return res.status(500).json({
error: 'Internal server error',
message: 'Failed to verify player access permissions',
correlationId: req.correlationId,
});
}
};
}
/**
@ -283,77 +283,77 @@ function requirePlayerAccess(paramName = 'playerId') {
* @returns {Function} Express middleware function
*/
function auditAdminAction(action) {
return (req, res, next) => {
try {
const correlationId = req.correlationId;
const adminId = req.user?.adminId;
const username = req.user?.username;
return (req, res, next) => {
try {
const correlationId = req.correlationId;
const adminId = req.user?.adminId;
const username = req.user?.username;
// Log the action
logger.audit('Admin action initiated', {
correlationId,
adminId,
username,
action,
path: req.path,
method: req.method,
params: req.params,
query: req.query,
ip: req.ip,
userAgent: req.get('User-Agent')
});
// Log the action
logger.audit('Admin action initiated', {
correlationId,
adminId,
username,
action,
path: req.path,
method: req.method,
params: req.params,
query: req.query,
ip: req.ip,
userAgent: req.get('User-Agent'),
});
// Override res.json to log the response
const originalJson = res.json;
res.json = function(data) {
logger.audit('Admin action completed', {
correlationId,
adminId,
username,
action,
path: req.path,
method: req.method,
statusCode: res.statusCode,
success: res.statusCode < 400
});
// Override res.json to log the response
const originalJson = res.json;
res.json = function (data) {
logger.audit('Admin action completed', {
correlationId,
adminId,
username,
action,
path: req.path,
method: req.method,
statusCode: res.statusCode,
success: res.statusCode < 400,
});
return originalJson.call(this, data);
};
return originalJson.call(this, data);
};
next();
next();
} catch (error) {
logger.error('Admin audit logging error', {
correlationId: req.correlationId,
error: error.message,
stack: error.stack,
action
});
} catch (error) {
logger.error('Admin audit logging error', {
correlationId: req.correlationId,
error: error.message,
stack: error.stack,
action,
});
// Continue even if audit logging fails
next();
}
};
// Continue even if audit logging fails
next();
}
};
}
/**
* Common admin permission constants
*/
const ADMIN_PERMISSIONS = {
SUPER_ADMIN: 'super_admin',
PLAYER_MANAGEMENT: 'player_management',
PLAYER_DATA_READ: 'player_data_read',
SYSTEM_MANAGEMENT: 'system_management',
GAME_MANAGEMENT: 'game_management',
EVENT_MANAGEMENT: 'event_management',
ANALYTICS_READ: 'analytics_read',
CONTENT_MANAGEMENT: 'content_management'
SUPER_ADMIN: 'super_admin',
PLAYER_MANAGEMENT: 'player_management',
PLAYER_DATA_READ: 'player_data_read',
SYSTEM_MANAGEMENT: 'system_management',
GAME_MANAGEMENT: 'game_management',
EVENT_MANAGEMENT: 'event_management',
ANALYTICS_READ: 'analytics_read',
CONTENT_MANAGEMENT: 'content_management',
};
module.exports = {
authenticateAdmin,
requirePermissions,
requirePlayerAccess,
auditAdminAction,
ADMIN_PERMISSIONS
};
authenticateAdmin,
requirePermissions,
requirePlayerAccess,
auditAdminAction,
ADMIN_PERMISSIONS,
};