Android build v1.0.53

server/game-api.mjs

@@ -27,6 +27,10 @@ const directCraftItemLevels = new Set([1, 10, 20, 25])
 const sessionCookieName = 'chronicle_session'
 const sessionLifetimeSeconds = 60 * 60 * 24 * 30
 const rateLimitBuckets = new Map()
+const pvpQueue = new Map()
+const pvpMatches = new Map()
+const pvpQueueTtlMs = 15 * 1000
+const pvpMatchTtlMs = 60 * 60 * 1000
 
 function sendJson(response, status, body, headers = {}) {
   response.statusCode = status
@@ -349,10 +353,13 @@ function currentSession(database, request) {
       accounts.id AS accountId,
       accounts.username,
       characters.id AS characterId,
-      characters.class_id AS classId
+      characters.class_id AS classId,
+      characters.name AS characterName,
+      classes.name AS className
     FROM sessions
     JOIN accounts ON accounts.id = sessions.account_id
     JOIN characters ON characters.id = sessions.active_character_id
+    JOIN classes ON classes.id = characters.class_id
     WHERE sessions.token_hash = ?
       AND sessions.expires_at > CURRENT_TIMESTAMP
   `).get(tokenHash(token)) ?? null
@@ -2538,6 +2545,212 @@ function saveProfile(database, characterId, accountId, payload) {
   }
 }
 
+function cleanupPvpMemory(now = Date.now()) {
+  for (const [ticketId, ticket] of pvpQueue.entries()) {
+    if (now - ticket.updatedAt > pvpQueueTtlMs) pvpQueue.delete(ticketId)
+  }
+  for (const [matchId, match] of pvpMatches.entries()) {
+    if (now - match.updatedAt > pvpMatchTtlMs) pvpMatches.delete(matchId)
+  }
+}
+
+function validatePvpContentType(value) {
+  if (value !== 'dungeon' && value !== 'raid') {
+    throw new Error('The PvP content type is invalid.')
+  }
+  return value
+}
+
+function validatePvpStartStage(value) {
+  const startStage = Number(value)
+  if (!Number.isInteger(startStage) || startStage < 1 || startStage > 1000) {
+    throw new Error('The PvP start stage is invalid.')
+  }
+  return startStage
+}
+
+function pvpPlayerInfo(session) {
+  return {
+    accountId: session.accountId,
+    characterId: session.characterId,
+    characterName: session.characterName,
+    className: session.className,
+  }
+}
+
+function pvpSnapshot(match) {
+  return {
+    id: match.id,
+    contentType: match.contentType,
+    startStage: match.startStage,
+    createdAt: match.createdAt,
+    players: match.players,
+    states: match.states,
+    statuses: match.statuses,
+    progress: match.progress,
+    upgradeChoices: match.upgradeChoices,
+    updatedAt: match.updatedAt,
+  }
+}
+
+function joinPvpQueue(session, payload) {
+  const now = Date.now()
+  cleanupPvpMemory(now)
+  const contentType = validatePvpContentType(payload.contentType)
+  const startStage = validatePvpStartStage(payload.startStage)
+  const existingTicket = [...pvpQueue.values()].find((ticket) =>
+    ticket.accountId === session.accountId
+      && ticket.characterId === session.characterId
+      && ticket.contentType === contentType
+      && ticket.startStage === startStage
+  )
+  if (existingTicket?.matchId) {
+    const match = pvpMatches.get(existingTicket.matchId)
+    if (match) {
+      const side = match.players.a.accountId === session.accountId ? 'a' : 'b'
+      return { ticketId: existingTicket.id, status: 'matched', side, match: pvpSnapshot(match) }
+    }
+  }
+
+  const opponent = [...pvpQueue.values()]
+    .filter((ticket) =>
+      !ticket.matchId
+        && ticket.contentType === contentType
+        && ticket.startStage === startStage
+        && ticket.accountId !== session.accountId
+    )
+    .sort((left, right) => left.createdAt - right.createdAt)[0]
+  const player = pvpPlayerInfo(session)
+  if (opponent) {
+    const matchId = randomBytes(12).toString('base64url')
+    const match = {
+      id: matchId,
+      contentType,
+      startStage,
+      createdAt: now,
+      players: {
+        a: { side: 'a', ...opponent.player },
+        b: { side: 'b', ...player },
+      },
+      states: {},
+      statuses: {},
+      progress: {},
+      upgradeChoices: {},
+      updatedAt: now,
+    }
+    pvpMatches.set(matchId, match)
+    opponent.matchId = matchId
+    opponent.updatedAt = now
+    const ticketId = randomBytes(12).toString('base64url')
+    pvpQueue.set(ticketId, {
+      id: ticketId,
+      accountId: session.accountId,
+      characterId: session.characterId,
+      contentType,
+      startStage,
+      player,
+      matchId,
+      createdAt: now,
+      updatedAt: now,
+    })
+    return { ticketId, status: 'matched', side: 'b', match: pvpSnapshot(match) }
+  }
+
+  if (existingTicket) {
+    existingTicket.updatedAt = now
+    return { ticketId: existingTicket.id, status: 'waiting' }
+  }
+
+  const ticketId = randomBytes(12).toString('base64url')
+  pvpQueue.set(ticketId, {
+    id: ticketId,
+    accountId: session.accountId,
+    characterId: session.characterId,
+    contentType,
+    startStage,
+    player,
+    createdAt: now,
+    updatedAt: now,
+  })
+  return { ticketId, status: 'waiting' }
+}
+
+function checkPvpQueue(session, ticketId) {
+  cleanupPvpMemory()
+  const ticket = pvpQueue.get(ticketId)
+  if (!ticket || ticket.accountId !== session.accountId) {
+    const error = new Error('PvP queue ticket not found.')
+    error.status = 404
+    throw error
+  }
+  ticket.updatedAt = Date.now()
+  if (!ticket.matchId) return { ticketId, status: 'waiting' }
+  const match = pvpMatches.get(ticket.matchId)
+  if (!match) return { ticketId, status: 'waiting' }
+  const side = match.players.a.accountId === session.accountId ? 'a' : 'b'
+  return { ticketId, status: 'matched', side, match: pvpSnapshot(match) }
+}
+
+function cancelPvpQueue(session, ticketId) {
+  const ticket = pvpQueue.get(ticketId)
+  if (ticket && ticket.accountId === session.accountId && !ticket.matchId) {
+    pvpQueue.delete(ticketId)
+  }
+  return { ok: true }
+}
+
+function requirePvpMatchForSession(session, matchId) {
+  cleanupPvpMemory()
+  const match = pvpMatches.get(matchId)
+  if (!match) {
+    const error = new Error('PvP match not found.')
+    error.status = 404
+    throw error
+  }
+  const side = match.players.a.accountId === session.accountId ? 'a'
+    : match.players.b.accountId === session.accountId ? 'b'
+      : null
+  if (!side) {
+    const error = new Error('That PvP match belongs to another account.')
+    error.status = 403
+    throw error
+  }
+  return { match, side }
+}
+
+function updatePvpMatchState(session, matchId, payload) {
+  const { match, side } = requirePvpMatchForSession(session, matchId)
+  const status = ['playing', 'upgrade-choice', 'won', 'lost'].includes(payload.status)
+    ? payload.status
+    : 'playing'
+  const progress = {
+    stage: validatePvpStartStage(payload.stage),
+    encounterIndex: Math.max(0, Math.floor(Number(payload.encounterIndex) || 0)),
+    encountersCleared: Math.max(0, Math.floor(Number(payload.encountersCleared) || 0)),
+    enemyHealth: Math.max(0, Number(payload.enemyHealth) || 0),
+    alive: Boolean(payload.alive),
+    elapsedTicks: Math.max(0, Math.floor(Number(payload.elapsedTicks) || 0)),
+  }
+  match.states[side] = payload.state ?? null
+  match.statuses[side] = status
+  match.progress[side] = progress
+  match.updatedAt = Date.now()
+  return pvpSnapshot(match)
+}
+
+function submitPvpUpgradeChoice(session, matchId, payload) {
+  const { match, side } = requirePvpMatchForSession(session, matchId)
+  const encounterIndex = Math.max(0, Math.floor(Number(payload.encounterIndex) || 0))
+  if (!match.upgradeChoices[side]) match.upgradeChoices[side] = {}
+  match.upgradeChoices[side][String(encounterIndex)] = {
+    encounterIndex,
+    buffId: String(payload.buffId ?? ''),
+    debuffId: String(payload.debuffId ?? ''),
+  }
+  match.updatedAt = Date.now()
+  return pvpSnapshot(match)
+}
+
 export function gameApiPlugin() {
   return {
     name: 'ashen-halls-game-api',
@@ -2688,7 +2901,7 @@ export async function handleApiRequest(request, response, next) {
 
   try {
     const ip = requestIp(request)
-    consumeRateLimit(`api:${ip}`, 240, 60 * 1000)
+    consumeRateLimit(`api:${ip}`, 900, 60 * 1000)
     database.prepare(`
       DELETE FROM sessions WHERE expires_at <= CURRENT_TIMESTAMP
     `).run()
@@ -2727,6 +2940,43 @@ export async function handleApiRequest(request, response, next) {
       return
     }
 
+    if (request.url === '/api/pvp/queue' && request.method === 'POST') {
+      const payload = await readJson(request)
+      sendJson(response, 200, joinPvpQueue(session, payload))
+      return
+    }
+
+    const pvpQueueTicket = request.url.match(/^\/api\/pvp\/queue\/([A-Za-z0-9_-]+)$/)
+    if (pvpQueueTicket && request.method === 'GET') {
+      sendJson(response, 200, checkPvpQueue(session, pvpQueueTicket[1]))
+      return
+    }
+
+    if (pvpQueueTicket && request.method === 'DELETE') {
+      sendJson(response, 200, cancelPvpQueue(session, pvpQueueTicket[1]))
+      return
+    }
+
+    const pvpMatchState = request.url.match(/^\/api\/pvp\/matches\/([A-Za-z0-9_-]+)\/state$/)
+    if (pvpMatchState && request.method === 'POST') {
+      const payload = await readJson(request, 128 * 1024)
+      sendJson(response, 200, updatePvpMatchState(session, pvpMatchState[1], payload))
+      return
+    }
+
+    const pvpUpgradeChoice = request.url.match(/^\/api\/pvp\/matches\/([A-Za-z0-9_-]+)\/upgrade-choice$/)
+    if (pvpUpgradeChoice && request.method === 'POST') {
+      const payload = await readJson(request)
+      sendJson(response, 200, submitPvpUpgradeChoice(session, pvpUpgradeChoice[1], payload))
+      return
+    }
+
+    const pvpMatch = request.url.match(/^\/api\/pvp\/matches\/([A-Za-z0-9_-]+)$/)
+    if (pvpMatch && request.method === 'GET') {
+      sendJson(response, 200, pvpSnapshot(requirePvpMatchForSession(session, pvpMatch[1]).match))
+      return
+    }
+
     const dungeonCompletion = request.url.match(/^\/api\/dungeons\/(\d+)\/complete$/)
     if (dungeonCompletion && request.method === 'POST') {
       const payload = await readJson(request)