This started out from the prior mmo game blog post and spiraled out of control somewhat. I will probably break it into parts as I expand on sections that are not clear, but for now it is in a single post. www.cmdship.net should usually have a copy of the app running on it, although it may differ slightly at times. My current idea is to develop a multiplayer RPG sim on there using the source below - the details of which I will put into a post once the idea is fully formed.
So I am going to build an browser based multiplayer space game/sim using NodeJS/React/MongoDB and HTML5 canvas, with an ingame cryptocurrency and blog the entire thing as I do so. As I build the part I will bung in the code or alterations, attempt to explain what it does/should do - which if you manage to decipher and understand should end up looking something like the following image. The latest source will be at: https://github.com/dbjsdev/cmdship. At the end of each part you will find a link to the source code for that part.
Warning: This isn’t intended to be a guide on what is the best way to do things - I am making this up as I go, and then later coming back to fix it up - the further it goes the more mad it may get and performance will probably be terrible. It will routinely include code that probably violates all sorts of rules and some of it may not even make any sense due to the nature of how the early parts were written. I do however plan to keep returning and updating the prior sections as I work and improve the code. Some of the comments were written as I wrote the post, some I have added in later for clarity and will attempt to do this further as I get time. At times it may just seem like endless walls of code pasted in - as it progresses further this will hopefully reduce. At the end of each part I will put in a link to the source up until that point. If you spot any issues, or have ideas for how parts can be improved/done better, feel free to leave a comment at the bottom of the post or contact me and I will try implement it.
The basic idea is a browser based sim, with simple polygons and shapes only - no flash graphics, html5 canvas only,whereby a player registers/connects and is then loaded into a 2d game world in space, controlling a spaceship. The user can eject from the spaceship, and fly about as a PTU(a small pod thing kind of like in eve), and board other empty spacecraft.
The game world will be broken into Zones or areas that represent star systems. Users can then move between star systems using a series of stargates.
The player ship will have a hyperdrive which lets them move between locations inside a star system, and also move the ship using thrust and direction keys and also an autopilot. The ship will have modules which can fitted such as a cannon, mining laser, shield etc. The game interface will have an item system which allows cargo to moved between locations such as a storage object and the ships cargo hold. The player can also dock with space stations and store vehicles and cargo there. I am also going to integrate a cryptocurrency into the app for the in-game currency.
This app is going to consist of two parts. A frontend client which renders the game world to a canvas with React/Redux handling parts of the UI and interface. On the server side there will be a NodeJS server which handles the login/registration and runs the game server with data being persisted to a MongoDB database. The communication between client/server will be done with Express and Socket.io.
My initial task is going to be to build the basic framework for the client and server communicate, login in the user. To start this I will first get Express setup, delivering the client React app built using webpack.
I am going to whizz through and only briefly cover this intial express/react setup. You can find more details on what exactly is going on with some of this in my other posts, or by looking around on google which can explain webpack in more detail. I’ve started by creating a new repo and clone it locally and setup the basic folder structure we’ll use. (Incase it isn’t clear, when in the code snippets I use ‘…’, it is it to make it clear ive ommited sections of the file that I havn’t changed)
I then ran “npm init”, setting my main entry to ‘src/server/main.js’
I am creating this off using a template I already had so instead of installing what I need via a terminal I copied in the following into my package.json. (Some of these versions you’ll see in this tutorial are what they are due to compatability issues encountered later. It’s possible the issues are fixed by the time you are reading this)
Update your dependencies in package.json to the following and also be sure to add the scripts section.
I then installed the above with
I created a .gitignore file on the root containing the /node_modules folder.
I created webpack.config.js on the root.
Next I created an index.html in my root folder
I then created app.js in src/client/ containing the following basic react code which will output Hello in an H1.
Next in order to run our express server I created the main.js within /src/server/ which we specified in our package.json.
This code just sets up our express server and serves up our index.html on port 3000 to incoming requests.
Finally in order to run this to make sure it works:
This screenshot of the folder structure in sublime and also the commands run at the terminal should give you an idea of what you should end up with.
Part 2 - Authentication
The next step in our framework is going to be authentication. When a user connects to our game we want them to be able to first login and register.
We are going to use express to setup an API at /user with endpoint for register, login and logout.
These will make calls to a UserManager which uses Mongoose/MongoDB to authenticate, or register the user.
On our client React app we will have an interface with forms for register and login which will make API calls to the server. When the user logs in or registers successfully, on the server we’ll create them a JWT token, which is sent back to the client and stored. This will be used in subsequent communications to authenticate them.
So first, lets setup the server side API. We’ll start by creating some new folders within /src/server
Before going further I am going to create a logger as we are going to want to see logs of events that
happen on the server. We are going to use winston to do this.
Note: Through the subsequent chapers you will notice at times the logging appears incomplete or just wierd - this is due to being added in later on but then moved up here in the walkthrough.
So we’ll create /src/server/logger.js with the following code:
This will create a log file error.log which will contain purely errors in order for us to see them more easily should they occur, and another log file combined.log which contains everything. You’ll see this being used further down.
We also want to create a .env file here also… As you’ll see in our initial dependencies list we installed dotenv. This lets us set environment vars in a .env file on the root, which are then read in to be used by referencing process.env.variableName. We’ll use this for storing a few things such as our mongodb address, port and things like our JWT secret which we’ll come to in a bit. Below are the vars you need, with some example values which will need to adjust accordingly depending on your db.
(This needs to be in the root, the same folder as package.json and README.md)
Next we can create our User model, we need mongoose, and you’ll need mongodb installed. I used a local install of Mongo DB version 4.0.3. We also install bcrypt for our password hashing.
For our User model we will start with the following in /src/server/model/user.js
We’ll add more to this User model later but for now this code gives us a user model with our username, password, status and datecreated with a hook on the save method which will has the password before saving. We then have a compare method on the schema for checking a login attempt against the hashed password.
We’ll now create our UserManager.
This is where we will do all our user related activity, in both our api and also later on in our game server. This will use the UserModel we just created. We’ll create this file in /src/server/managers/userManager.js
You’ll see we have three methods loginUser, logoutUser and registerNewUser all of which return a promise back to wherever called it. This ensures nothing is hanging around waiting whilst our queries occur. We also import our logger, and have some temp error messages in there. Our logging occurs simply through importing the logger and then calling logger.error or logger.info, with our message being written to the appropriate log file. The logoutUser doesn’t really do anything yet but will later on.
The method verifyActiveToken is not implemented yet but will be where our code can add the JWT to a list so that it can be blacklisted after the user logs out.
You will also notice some odd very error handling/throwing going on in the above and the code that follows. This is temporary and is going to be reworked later on.
Next we’ll create our controller for our API which will make the calls to our UserManager. This is going to make use of JWT tokens (you can read about these in my prior React/NodeJS tutorial or google so I’ll skip the explaination here) so I’ll install that first.
Then within /src/server/controllers , create the file authController.js with the following code.
So in there you’ll see the controller had 3 functions, login, logout and register.
The login function takes a username and password as arguments, and a callback and then makes a call to our UserManager’s login function, passing in those args. You’ll see we then do “.then(“, which means the returned Promise that our UserManager login method returns, has completed successfully. It then calls the callback passing in an object that contains a list of variables such as userid and username, and critically the JWT tokenID, which is signed using the userid, username and our JWT secret which we set in our .env environments file. If the UserManager login method fails to login the user in it will return an error which is caught by our “.catch” (I am going to alter this at somepoint to an alternate solution), and the callback is fired with “success: false”.
Logout does not really do anything beyond call the logout method in userManager (which does not do much yet beyond return true) and register is similar to login except it is calling the userManager.registernewuser method, creating a new user and then just like with login we create the JWT tokenID and return it in our callback.
Continuing on we now need our routes file which calls the above controller. Within /src/server/routes , create the file user.js with the following
In the above file we have 3 posts: ‘/logout’, ‘/login’ and ‘/’ (our register). These make calls to the methods in the authController we just made. Upon a successful login or register callback we return a status 200 back to the client and pass back a structure containing the JWT tokenID, username, userid and a status.
One note about the /logout route. You might notice it uses “req.userData.userid” and “req.userData.username”. This does not exist yet. This is a structure which our authentication middleware will pass in which will contain the userid based on their JWT.
In order for this to happen we will next create this middleware. In /src/server/middleware/ create the file authCheck.js with the following code:
This middleware code takes the JWT, decodes it, and then extracts the users userid and username and places it into the request data for our further routes to use. This helps to ensure the user is who they say they are.
You’ll note the use of UserManager.verifyActiveToken - that would be where our yet to be implemented JWT blacklist was checked against. This would help stop anyone reusing someone elses JWT after they log out if they were in some way able to get hold of it.
The final step is now to update our /src/server/main.js file to take into account these changes.
You’ll see we setup our routes on /user and prepare our mongodb connection ready for our game server to be intiialised later on.
We now have a functioning API for registering and logging a user in. The calls can come into our express server, route into our router user.js, which then calls our authController, this in turn calls userManager which checks against/registers to our mongodb. authController takes the result, generates our JWT if needs be, returns the result in an object to the router which then sends the result back to the client.
We now need to build our client which will make the calls to our API.
The next few steps will add quite a few things in. We are going to integrate in react redux. Our store, reducer and actions. Some of the styling here for the UI stuff here is a bit hacked together.
First for our redux structure we’ll create 4 folders, /src/client/actions, /src/client/constants/, /src/client/reducers, /src/client/stores.
We need to install a few things here for react redux
I then installed reactstrap. As a lot of the UI in what follows is a bit of a bodge and if you don’t use the same version numbers I used it is possible you may get issues.
To install what I did was:
( There are some instructions here that might help if you have problems: https://www.npmjs.com/package/reactstrap )
Beginning with our redux setup, within /src/client/constants/ create the file actionTypes.js with the following.
Next within /src/client/reducers/ create the file worldReducer.js. In this app we are going to only have a single reducer for everything.
The above implements our three actions, storing the username, userid, loggedInStatus.
You’ll also notice we default our initial state to include items in local storage. This is where we are going to store our JWT returned from the server and our returned userid. This will assist us if the user refreshes the browser by retaining the token so that it immediatly loads them back into the game without needing to log in again.
Next within /src/client/actions/ create the file actions.js as follows:
The key things in there are our loginUser, logoutUser and registerNewUser.
Each one dispatches “updateAuthenticationResponseMessage”, passing in a message in order to update the UI on an authentication box which we will build shortly.
They then do a fetch request against the API calling the relevant resource, gets the response, updates properties in local storage (or in the case of logout, deletes them), then dispatches a login/logout/register action and finally invokes “updateAuthenticationResponseMessage” to inform the UI with what has happened.
We now need to make our store. In /src/client/stores/ create store.js with the following:
With that in place we can now build the foundations of our UI which will dispatch the actions.
We will alter our ./src/client/app.js to be the following:
In there we have added in redux and our store and also you will notice we have imported the bootstrap css for our UI.
Next up we will create that new cmdshipClient.js in /src/client
For now don’t worry why that is called WindowSystem (It is going to form the basis of some mental draggable window UI later on).
We’ll make a UI folder within /src/client and then create windowSystem.js within /src/client/UI
This for now will just show our Authentication box.. which we will build in /src/client/UI/authentication.js with the following code:
(Warning: The HTML and CSS in here (and onwards) is a bit naff (as is usual with all html/css/front end I do) - In a later section it will get tidied up slightly )