xevion/Pac-Man
1
0
Fork 0
mirror of https://github.com/Xevion/Pac-Man.git synced 2025-12-06 01:15:42 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
67c9460c8421f2f677eb6e617fc61f142ea45d53
Pac-Man/pacman-server
History
Ryan Walters 67c9460c84 refactor(auth): implement session-based PKCE and eliminate provider duplication 
- Replace in-memory PKCE storage with encrypted session cookies
- Add PKCE verifier and CSRF state fields to JWT Claims struct
- Move common PKCE validation logic to OAuthProvider trait
- Extract provider-specific methods for token exchange and user fetching
- Remove PkceManager and DashMap-based storage system
- Update GitHub and Discord providers to use new session-based approach
2025-09-19 10:23:33 -05:00
..
migrations
feat: normalize provider details into oauth_accounts table, auth linking intent, provider array in profile response
2025-09-17 11:17:31 -05:00
src
refactor(auth): implement session-based PKCE and eliminate provider duplication
2025-09-19 10:23:33 -05:00
tests
refactor: clean test setup code, cleanup tests, separate into different files
2025-09-19 09:50:22 -05:00
Cargo.toml
refactor: clean test setup code, cleanup tests, separate into different files
2025-09-19 09:50:22 -05:00
Dockerfile
feat: initial server config & Dockerfile
2025-09-16 22:13:35 -05:00
README.md
chore: setup lib for testing, image handling notes in README
2025-09-18 13:18:53 -05:00

README.md

pacman-server

Despite the naming of this crate, it's not a server for the Pac-Man game allowing multiplayer or anything super interesting.

This crate is a webserver that hosts an OAuth login and leaderboard API for the main pacman crate to hook into.

Features

  • Axum Webserver
    • Health Check
    • Inbound Rate Limiting
    • Outbound Rate Limiting
    • Provider Circuit Breaker
  • Database
  • OAuth
    • Discord
    • GitHub
    • Google
  • Leaderboard
    • Score Submission
    • Score Listings
      • Pagination
      • Global / Daily
  • Name Restrictions & Flagging
  • Avatars
    • 8-bit Conversion
    • Storage?
  • Common Server/Client Crate
  • CI/CD & Tests

Todo

  1. Refresh Token Handling (Encryption, Expiration & Refresh Timings)
  2. Refresh Token Background Job
  3. S3 Storage for Avatars
  4. Common Server/Client Crate, Basics
  5. Crate-level Log Level Configuration
  6. Span Tracing
  7. Avatar Pixelization
  8. Leaderboard API
  9. React-based Frontend
  10. Name Restrictions & Flagging
  11. Simple CI/CD Checks & Tests
  12. API Rate Limiting (outbound provider requests)
  13. API Rate Limiting (inbound requests, by IP, by User)
  14. Provider Circuit Breaker
  15. Merge migration files

Notes

Image Handling

Avatar images are stored in S3 as follows:

  • avatars/{user_public_id}/{avatar_hash}.original.png

  • avatars/{user_public_id}/{avatar_hash}.mini.png

  • The original image is converted to PNG and resized to a maximum of 512x512 pixels.

    • Ideally, non-square images are fitted to a square.

  • The mini image is converted to PNG and resized to a maximum of 16x16, 24x24, or 32x32 pixels. TBD.

  • All images receive a Content-Type header of image/png.

Image processing is handled immediately asynchronously, allowing a valid presigned URL to be generated immediately.

Reference in New Issue View Git Blame Copy Permalink