mirror of
https://github.com/openfrontio/OpenFrontIO.git
synced 2026-06-30 21:53:28 +00:00
Evan
275fd0dccc
## Description: This is a refactor to simplify config handling. Replaces the per-environment DevConfig/PreprodConfig/ProdConfig class hierarchy with two static classes: ClientEnv (browser main thread, reads from window.BOOTSTRAP_CONFIG) and ServerEnv (Node server, reads from process.env). The four config classes are deleted, the abstract DefaultServerConfig is gone, and DefaultConfig is renamed to Config. The values that flow server → client (gameEnv, numWorkers, turnstileSiteKey, jwtAudience, instanceId) used to be baked into the hardcoded per-env classes. They're now real env vars on the server, embedded into a single window.BOOTSTRAP_CONFIG object in index.html at request time (alongside the existing gitCommit/assetManifest/cdnBase globals, which moved into the same object), and read back by ClientEnv on the client. The dev defaults previously hidden inside DevServerConfig are now explicit in start:server-dev (NUM_WORKERS=2, TURNSTILE_SITE_KEY=1x..., JWT_AUDIENCE=localhost, etc.) and in vite.config.ts's html plugin inject.data. Production deploys plumb NUM_WORKERS and TURNSTILE_SITE_KEY through deploy.yml (GitHub vars) into the remote env file; JWT_AUDIENCE is derived from DOMAIN in deploy.sh. The dynamic /api/instance endpoint is gone — INSTANCE_ID rides along in BOOTSTRAP_CONFIG now. ServerEnv is the only thing server code touches; ClientEnv is browser-only. The two classes have intentional overlap (env, numWorkers, jwtIssuer, gameCreationRate, workerIndex, etc.) since they derive identical logic from different sources — there's a TODO in each to consolidate via a shared helper later. The game-logic Config no longer stores a ServerConfig/ClientEnv reference and its serverConfig() getter is gone; the one caller (MultiTabModal) now reads ClientEnv.env() directly. Worker init no longer carries server-config values since nothing in the worker actually reads them. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan
67 lines
1.8 KiB
TypeScript
67 lines
1.8 KiB
TypeScript
import { z } from "zod";
|
|
import { ServerEnv } from "./ServerEnv";
|
|
|
|
const TurnstileVerdictSchema = z.discriminatedUnion("status", [
|
|
z.object({ status: z.literal("approved") }),
|
|
z.object({ status: z.literal("rejected"), reason: z.string() }),
|
|
]);
|
|
|
|
type TurnstileVerdict = z.infer<typeof TurnstileVerdictSchema>;
|
|
|
|
export type TurnstileResponse =
|
|
| TurnstileVerdict
|
|
| { status: "error"; reason: string };
|
|
|
|
export async function verifyTurnstileToken(
|
|
ip: string,
|
|
turnstileToken: string | null,
|
|
): Promise<TurnstileResponse> {
|
|
if (!turnstileToken) {
|
|
return { status: "rejected", reason: "No turnstile token provided" };
|
|
}
|
|
|
|
try {
|
|
const controller = new AbortController();
|
|
const timeoutId = setTimeout(() => controller.abort(), 3000);
|
|
|
|
const response = await fetch(`${ServerEnv.jwtIssuer()}/turnstile`, {
|
|
method: "POST",
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
"x-api-key": ServerEnv.apiKey(),
|
|
},
|
|
body: JSON.stringify({ ip, token: turnstileToken }),
|
|
signal: controller.signal,
|
|
});
|
|
|
|
clearTimeout(timeoutId);
|
|
|
|
if (!response.ok) {
|
|
return {
|
|
status: "error",
|
|
reason: `api-worker returned ${response.status}`,
|
|
};
|
|
}
|
|
|
|
const parsed = TurnstileVerdictSchema.safeParse(await response.json());
|
|
if (!parsed.success) {
|
|
return {
|
|
status: "error",
|
|
reason: `api-worker returned malformed response: ${parsed.error.message}`,
|
|
};
|
|
}
|
|
return parsed.data;
|
|
} catch (e) {
|
|
if (e instanceof Error && e.name === "AbortError") {
|
|
return {
|
|
status: "error",
|
|
reason: "Turnstile token validation timed out after 5 seconds",
|
|
};
|
|
}
|
|
return {
|
|
status: "error",
|
|
reason: `Turnstile token validation failed, ${e}`,
|
|
};
|
|
}
|
|
}
|