Skip to content

skip token signature in dev mode #2793

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
ryanbarlow97 wants to merge 8 commits into from
Closed

skip token signature in dev mode #2793

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e4c6b5b
skip in dev mode
ryanbarlow97 Jan 4, 2026
122881d
Update src/server/Worker.ts
ryanbarlow97 Jan 4, 2026
ee9a350
consistency with the rest of the codebase
ryanbarlow97 Jan 4, 2026
6653652
TokenPayload | null
ryanbarlow97 Jan 4, 2026
1c27682
Added export type { TokenPayload };
ryanbarlow97 Jan 4, 2026
eac969d
Merge branch 'main' into ignoredev
ryanbarlow97 Jan 4, 2026
f7ccee6
Refactor token verification for development mode
ryanbarlow97 Jan 5, 2026
a573487
(lesson) dont update code on your phone
ryanbarlow97 Jan 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 25 additions & 15 deletions src/server/Worker.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import { CreateGameInputSchema } from "../core/WorkerSchemas";
import { archive, finalizeGameRecord } from "./Archive";
import { Client } from "./Client";
import { GameManager } from "./GameManager";
import { getUserMe, verifyClientToken } from "./jwt";
import { getUserMe, TokenPayload, verifyClientToken } from "./jwt";
import { logger } from "./Logger";

import { GameEnv } from "../core/configuration/Config";
Expand Down Expand Up @@ -282,19 +282,29 @@ export async function startWorker() {
return;
}

// Verify token signature
const result = await verifyClientToken(clientMsg.token, config);
if (result.type === "error") {
log.warn(`Invalid token: ${result.message}`, {
clientID: clientMsg.clientID,
});
ws.close(
1002,
`Unauthorized: invalid token for client ${clientMsg.clientID}`,
);
return;
// Verify token signature (skip in dev mode)
let persistentId: string;
let claims: TokenPayload | null;

if (config.env() !== GameEnv.Dev) {
const result = await verifyClientToken(clientMsg.token, config);
if (result.type === "error") {
log.warn(`Invalid token: ${result.message}`, {
clientID: clientMsg.clientID,
});
ws.close(
1002,
`Unauthorized: invalid token for client ${clientMsg.clientID}`,
);
return;
}
persistentId = result.persistentId;
claims = result.claims;
} else {
// In dev mode, use clientID as persistentId
persistentId = clientMsg.clientID;
claims = null;
}
Comment thread
coderabbitai[bot] marked this conversation as resolved.
const { persistentId, claims } = result;

if (clientMsg.type === "rejoin") {
log.info("rejoining game", {
Expand Down Expand Up @@ -323,8 +333,8 @@ export async function startWorker() {
ws.close(1002, "Unauthorized");
return;
}
} else {
// Verify token and get player permissions
} else if (config.env() !== GameEnv.Dev) {
Comment thread
ryanbarlow97 marked this conversation as resolved.
// Verify token and get player permissions (skip in dev mode)
const result = await getUserMe(clientMsg.token, config);
if (result.type === "error") {
log.warn(`Unauthorized: ${result.message}`, {
Expand Down
2 changes: 2 additions & 0 deletions src/server/jwt.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ import {
import { GameEnv, ServerConfig } from "../core/configuration/Config";
import { PersistentIdSchema } from "../core/Schemas";

export type { TokenPayload };

type TokenVerificationResult =
| {
type: "success";
Expand Down
Loading