feat: initial prototype — core game systems (#30)

## Summary This PR represents the full v1 prototype, implementing the core game systems for Elysium. - Full idle/clicker RPG loop: resource collection, crafting, boss fights, exploration, and quests - Adventurer hiring with batch size selector and progressive tier cost scaling - Prestige, transcendence, and apotheosis systems with auto-prestige support - Character sheet, titles, leaderboards, companion system, and daily login bonuses - Auto-quest and auto-boss toggles - Discord webhook notifications on prestige/transcendence/apotheosis - Discord role awarded on apotheosis - Responsive design and overarching story/lore system - In-game sound effects and browser notifications for key events - Support link button in the resource bar - Full test coverage (100% on `apps/api` and `packages/types`) - CI pipeline: lint → build → test ## Closes Closes #1 Closes #2 Closes #3 Closes #4 Closes #5 Closes #6 Closes #7 Closes #8 Closes #9 Closes #10 Closes #11 Closes #12 Closes #13 Closes #14 Closes #16 Closes #19 Closes #20 Closes #21 Closes #22 Closes #23 Closes #24 Closes #25 Closes #26 Closes #27 Closes #29 ✨ This issue was created with help from Hikari~ 🌸 Co-authored-by: Naomi Carrigan <commits@nhcarrigan.com> Reviewed-on: #30 Co-authored-by: Hikari <hikari@nhcarrigan.com> Co-committed-by: Hikari <hikari@nhcarrigan.com>
2026-03-08 15:53:39 -07:00
parent c69e155de3
commit 29c817230d
172 changed files with 50706 additions and 0 deletions
@@ -0,0 +1,42 @@
+/**
+ * @file Authentication middleware for validating JWT tokens.
+ * @copyright nhcarrigan
+ * @license Naomi's Public License
+ * @author Naomi Carrigan
+ */
+
+import { verifyToken } from "../services/jwt.js";
+import type { HonoEnvironment } from "../types/hono.js";
+import type { MiddlewareHandler } from "hono";
+
+/**
+ * Validates the Authorization Bearer token on each request and attaches the discordId to context.
+ * @param context - The Hono context object.
+ * @param next - The next middleware handler.
+ * @returns A JSON error response if authentication fails, otherwise calls next.
+ */
+export const authMiddleware: MiddlewareHandler<HonoEnvironment> = async(
+  context,
+  next,
+) => {
+  const authorization = context.req.header("Authorization");
+
+  if (authorization?.startsWith("Bearer ") !== true) {
+    return context.json(
+      { error: "Missing or invalid Authorization header" },
+      401,
+    );
+  }
+
+  const token = authorization.slice(7);
+
+  try {
+    const payload = verifyToken(token);
+    context.set("discordId", payload.discordId);
+  } catch {
+    return context.json({ error: "Invalid or expired token" }, 401);
+  }
+
+  // eslint-disable-next-line @typescript-eslint/no-confusing-void-expression -- Need the consistent return!
+  return await next();
+};