Require login to connect to staging (#1360)

## Description:

Complete:
- Add support for cookie-based auth (ref
https://github.com/openfrontio/infra/pull/83)
- Restrict game server API access to users with a specific flare
- Restrict join game to users with a valid token and an allowed flare
- Unauthorized landing page
- Token cache
- Destroy token cookie on logout

## Please complete the following:

- [x] I have added screenshots for all UI updates
- [x] I process any text displayed to the user through translateText()
and I've added it to the en.json file
- [x] I have added relevant tests to the test directory
- [x] I confirm I have thoroughly tested these changes and take full
responsibility for any bugs introduced
- [x] I understand that submitting code with bugs that could have been
caught through manual testing blocks releases and new features for all
contributors
This commit is contained in:
Scott Anderson
2025-07-09 03:57:08 -04:00
committed by GitHub
parent 78deecdb6c
commit d8d5220948
8 changed files with 181 additions and 41 deletions
+1
View File
@@ -61,6 +61,7 @@ export interface ServerConfig {
cloudflareConfigPath(): string;
cloudflareCredsPath(): string;
stripePublishableKey(): string;
allowedFlares(): string[] | undefined;
}
export interface NukeMagnitude {
+3
View File
@@ -70,6 +70,9 @@ const numPlayersConfig = {
} as const satisfies Record<GameMapType, [number, number, number]>;
export abstract class DefaultServerConfig implements ServerConfig {
allowedFlares(): string[] | undefined {
return;
}
stripePublishableKey(): string {
return process.env.STRIPE_PUBLISHABLE_KEY ?? "";
}
+5
View File
@@ -42,6 +42,11 @@ export class DevServerConfig extends DefaultServerConfig {
subdomain(): string {
return "";
}
allowedFlares(): string[] | undefined {
return [
// Require login but do not rqeuire any flares
];
}
}
export class DevConfig extends DefaultConfig {
+5
View File
@@ -11,4 +11,9 @@ export const preprodConfig = new (class extends DefaultServerConfig {
jwtAudience(): string {
return "openfront.dev";
}
allowedFlares(): string[] | undefined {
return [
// "access:openfront.dev"
];
}
})();