funman300/Ferrous-Solitaire
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 28 Wiki Activity

feat(workspace): full server + sync implementation, all tests green

Browse Source 
- solitaire_server: Axum auth, sync push/pull, leaderboard, daily
  challenge, account deletion, JWT middleware, rate limiting via
  tower_governor, SQLite migrations, health endpoint
- solitaire_server: expose build_test_router (no rate limiting) so
  integration tests work without a peer IP in oneshot requests
- solitaire_sync: SyncPayload, merge logic, shared API types
- solitaire_data: SyncProvider trait, LocalOnlyProvider,
  SolitaireServerClient, auth_tokens keyring integration, blanket
  Box<dyn SyncProvider> impl
- solitaire_data/settings: derive Default on SyncBackend (clippy fix)
- .sqlx/: offline query cache so server compiles without a live DB
- sqlx: removed non-existent "offline" feature flag
- keyring v2: fixed Entry::new() returning Result<Entry>
- sqlx 0.8: all SQLite TEXT columns wrapped in Option<T>
- Integration tests: max_connections(1) on in-memory pool so all
  connections share the same schema

All 191 tests pass; cargo clippy -D warnings clean.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
root
2026-04-26 23:32:56 +00:00
parent 13b428b81c
commit 34ba4dc6ed
55 changed files with 4372 additions and 270 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+15 -3
View File
@@ -1,4 +1,16 @@
DATABASE_URL=sqlite://solitaire.db # Copy to .env and fill in the values before running docker compose up.
JWT_SECRET=replace_with_64_char_hex_from_openssl_rand_hex_32
# SQLite database path inside the container.
# When using docker-compose, leave as-is — the volume handles persistence.
DATABASE_URL=sqlite:///data/solitaire.db
# HS256 signing secret for JWT tokens.
# Generate with: openssl rand -hex 32
JWT_SECRET=replace_me_with_a_64_char_hex_secret
# TCP port the server listens on inside the container.
SERVER_PORT=8080 SERVER_PORT=8080
ADMIN_USERNAME=admin
# Public domain name used by Caddy for automatic HTTPS.
# Example: solitaire.example.com
SOLITAIRE_DOMAIN=solitaire.example.com
.gitignore
+1
View File
@@ -4,3 +4,4 @@
*.db-wal *.db-wal
.env .env
*.tmp *.tmp
data/
.sqlx/query-04d8dced0cc309bc0d968ab8f542a7f6c504ce7c2f682c0bef35dfe441ffb6e8.json
Generated
+20
View File
@@ -0,0 +1,20 @@
{
"db_name": "SQLite",
"query": "SELECT goal_json FROM daily_challenges WHERE date = ?",
"describe": {
"columns": [
{
"name": "goal_json",
"ordinal": 0,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false
]
},
"hash": "04d8dced0cc309bc0d968ab8f542a7f6c504ce7c2f682c0bef35dfe441ffb6e8"
}
.sqlx/query-2e61cd30a6cd3e0937dd096b4f94493e8bcb8c10687d0f8c0592fe38ed956fa6.json
Generated
+20
View File
@@ -0,0 +1,20 @@
{
"db_name": "SQLite",
"query": "SELECT id FROM users WHERE username = ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
true
]
},
"hash": "2e61cd30a6cd3e0937dd096b4f94493e8bcb8c10687d0f8c0592fe38ed956fa6"
}
.sqlx/query-2f12541a6b99acf6d9e8f7ad13438df4ab92edcbfa01f38930aae63f1554b534.json
Generated
+26
View File
@@ -0,0 +1,26 @@
{
"db_name": "SQLite",
"query": "SELECT id, password_hash FROM users WHERE username = ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "password_hash",
"ordinal": 1,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
true,
false
]
},
"hash": "2f12541a6b99acf6d9e8f7ad13438df4ab92edcbfa01f38930aae63f1554b534"
}
.sqlx/query-57c93a6acd7eea44d00412e62f0d3fed7ffbe4cd759353d29f38a8eb37f69112.json
Generated
+38
View File
@@ -0,0 +1,38 @@
{
"db_name": "SQLite",
"query": "SELECT l.display_name, l.best_score, l.best_time_secs, l.recorded_at\n FROM leaderboard l\n JOIN users u ON u.id = l.user_id\n WHERE u.leaderboard_opt_in = 1\n ORDER BY\n CASE WHEN l.best_score IS NULL THEN 1 ELSE 0 END ASC,\n l.best_score DESC,\n CASE WHEN l.best_time_secs IS NULL THEN 1 ELSE 0 END ASC,\n l.best_time_secs ASC",
"describe": {
"columns": [
{
"name": "display_name",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "best_score",
"ordinal": 1,
"type_info": "Integer"
},
{
"name": "best_time_secs",
"ordinal": 2,
"type_info": "Integer"
},
{
"name": "recorded_at",
"ordinal": 3,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
true,
true,
false
]
},
"hash": "57c93a6acd7eea44d00412e62f0d3fed7ffbe4cd759353d29f38a8eb37f69112"
}
.sqlx/query-5e9e61cae887a08e4224fbea43a047c093bf5a4413499bfec858e302efa91bc3.json
Generated
+12
View File
@@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "UPDATE users SET leaderboard_opt_in = 1 WHERE id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "5e9e61cae887a08e4224fbea43a047c093bf5a4413499bfec858e302efa91bc3"
}
.sqlx/query-720edc3b85eec90744179f2c73ed9798814b734a2f3d57405ef95772ae66a24d.json
Generated
+12
View File
@@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "INSERT INTO sync_state (user_id, stats_json, achievements_json, progress_json, last_modified)\n VALUES (?, ?, ?, ?, ?)\n ON CONFLICT(user_id) DO UPDATE SET\n stats_json = excluded.stats_json,\n achievements_json = excluded.achievements_json,\n progress_json = excluded.progress_json,\n last_modified = excluded.last_modified",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
},
"hash": "720edc3b85eec90744179f2c73ed9798814b734a2f3d57405ef95772ae66a24d"
}
.sqlx/query-73ffdf5be39aa5c4c160c2f77d6634a6970eeb4e1d3395f045ded747f0ce9d2a.json
Generated
+12
View File
@@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "DELETE FROM users WHERE id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "73ffdf5be39aa5c4c160c2f77d6634a6970eeb4e1d3395f045ded747f0ce9d2a"
}
.sqlx/query-8697100790ebcdf4058812cf6debad8f9a13ac91c2d0ef20cff3bd4bb9385360.json
Generated
+12
View File
@@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "INSERT INTO leaderboard (user_id, display_name, recorded_at)\n VALUES (?, ?, ?)\n ON CONFLICT(user_id) DO UPDATE SET\n display_name = excluded.display_name,\n recorded_at = excluded.recorded_at",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "8697100790ebcdf4058812cf6debad8f9a13ac91c2d0ef20cff3bd4bb9385360"
}
.sqlx/query-a908d8d19647494f2ac2f801dc9c977f7ce23b44779da1567049856eab922645.json
Generated
+32
View File
@@ -0,0 +1,32 @@
{
"db_name": "SQLite",
"query": "SELECT stats_json, achievements_json, progress_json FROM sync_state WHERE user_id = ?",
"describe": {
"columns": [
{
"name": "stats_json",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "achievements_json",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "progress_json",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false
]
},
"hash": "a908d8d19647494f2ac2f801dc9c977f7ce23b44779da1567049856eab922645"
}
.sqlx/query-ab537795ba39fdd28c502a8b9e615f53e7cb08f3eddd8f0574f4dc8156436de5.json
Generated
+12
View File
@@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "INSERT OR IGNORE INTO daily_challenges (date, seed, goal_json) VALUES (?, ?, ?)",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "ab537795ba39fdd28c502a8b9e615f53e7cb08f3eddd8f0574f4dc8156436de5"
}
.sqlx/query-cc1e091bf5e46e6d98baf94bac6d9ac1ca1845eff7c4b8196dd2efb93fd9e0dd.json
Generated
+12
View File
@@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "INSERT INTO users (id, username, password_hash, created_at) VALUES (?, ?, ?, ?)",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "cc1e091bf5e46e6d98baf94bac6d9ac1ca1845eff7c4b8196dd2efb93fd9e0dd"
}
ARCHITECTURE.md
+5 -5
View File
@@ -153,7 +153,7 @@ Owns:
> **Note:** This crate contains only a trait stub and compile-time stub implementations until Android support is actively developed. Do not implement JNI bindings until Phase: Android. > **Note:** This crate contains only a trait stub and compile-time stub implementations until Android support is actively developed. Do not implement JNI bindings until Phase: Android.
### `solitaire_engine` ### `solitaire_engine`
**Dependencies:** `bevy`, `bevy_egui`, `bevy_kira_audio`, `solitaire_core`, `solitaire_data`. **Dependencies:** `bevy`, `bevy_kira_audio`, `solitaire_core`, `solitaire_data`.
All Bevy-specific code. Structured as a collection of Plugins that `solitaire_app` registers. All Bevy-specific code. Structured as a collection of Plugins that `solitaire_app` registers.
@@ -162,7 +162,7 @@ Owns:
- Rendering systems (card sprites, table, backgrounds) - Rendering systems (card sprites, table, backgrounds)
- Drag-and-drop input handling - Drag-and-drop input handling
- Animation systems (slide, flip, win cascade, toast) - Animation systems (slide, flip, win cascade, toast)
- All egui screens (Home, Stats, Achievements, Settings, Profile) - All Bevy UI screens (Home, Stats, Achievements, Settings, Profile)
- Audio playback systems - Audio playback systems
- Sync status display - Sync status display
@@ -209,7 +209,7 @@ RenderSystem ScoreSystem AchievementSystem
│ fires AchievementUnlockedEvent │ fires AchievementUnlockedEvent
ToastSystem (egui popup) ToastSystem (Bevy UI popup)
PersistenceSystem (write to disk) PersistenceSystem (write to disk)
``` ```
@@ -262,7 +262,7 @@ Done
| `TablePlugin` | Pile markers, background, layout calculation | | `TablePlugin` | Pile markers, background, layout calculation |
| `AnimationPlugin` | Slide, flip, win cascade, toast animations | | `AnimationPlugin` | Slide, flip, win cascade, toast animations |
| `AudioPlugin` | Sound effect and music playback via bevy_kira_audio | | `AudioPlugin` | Sound effect and music playback via bevy_kira_audio |
| `UIPlugin` | All egui screens: Home, Stats, Achievements, Settings, Profile | | `UIPlugin` | All Bevy UI screens: Home, Stats, Achievements, Settings, Profile |
| `AchievementPlugin` | Listens for game events, evaluates unlock conditions, fires toasts | | `AchievementPlugin` | Listens for game events, evaluates unlock conditions, fires toasts |
| `SyncPlugin` | Manages sync lifecycle (pull on start, push on exit, status display) | | `SyncPlugin` | Manages sync lifecycle (pull on start, push on exit, status display) |
| `GamePlugin` | Core game state resource, input routing, win detection | | `GamePlugin` | Core game state resource, input routing, win detection |
@@ -861,7 +861,7 @@ Card backs: `assets/cards/backs/back_0.png` through `back_4.png`. Additional bac
### Fonts ### Fonts
`assets/fonts/main.ttf` — used for card rank/suit text and all egui overrides. `assets/fonts/main.ttf` — used for card rank/suit text in Bevy UI.
--- ---
Caddyfile
+3
View File
@@ -0,0 +1,3 @@
{$SOLITAIRE_DOMAIN} {
reverse_proxy server:{$SERVER_PORT:-8080}
}
Cargo.lock
Generated
+7
View File
@@ -5669,6 +5669,7 @@ name = "solitaire_app"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"bevy", "bevy",
"solitaire_data",
"solitaire_engine", "solitaire_engine",
] ]
@@ -5707,11 +5708,15 @@ dependencies = [
name = "solitaire_engine" name = "solitaire_engine"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"async-trait",
"bevy", "bevy",
"chrono", "chrono",
"kira", "kira",
"solitaire_core", "solitaire_core",
"solitaire_data", "solitaire_data",
"solitaire_sync",
"tokio",
"uuid",
] ]
[[package]] [[package]]
@@ -5738,6 +5743,7 @@ dependencies = [
"sqlx", "sqlx",
"thiserror 1.0.69", "thiserror 1.0.69",
"tokio", "tokio",
"tower",
"tower_governor", "tower_governor",
"tracing", "tracing",
"tracing-subscriber", "tracing-subscriber",
@@ -5751,6 +5757,7 @@ dependencies = [
"chrono", "chrono",
"serde", "serde",
"serde_json", "serde_json",
"thiserror 1.0.69",
"uuid", "uuid",
] ]
Dockerfile
+32
View File
@@ -0,0 +1,32 @@
# Stage 1 — builder
# Compiles the solitaire_server binary in release mode.
# Requires a pre-generated .sqlx/ query cache (run `cargo sqlx prepare --workspace`
# before building the image so sqlx macros work without a live database).
FROM rust:slim AS builder
WORKDIR /app
RUN apt-get update \
&& apt-get install -y pkg-config libssl-dev \
&& rm -rf /var/lib/apt/lists/*
COPY . .
# Tell sqlx to use the cached query metadata instead of a live database.
ENV SQLX_OFFLINE=true
RUN cargo build --release -p solitaire_server
# Stage 2 — runtime
# Minimal image that only contains the compiled binary and its runtime deps.
FROM debian:bookworm-slim
RUN apt-get update \
&& apt-get install -y libssl3 ca-certificates \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /app/target/release/solitaire_server /usr/local/bin/solitaire_server
EXPOSE 8080
ENTRYPOINT ["/usr/local/bin/solitaire_server"]
README_SERVER.md
+44
View File
@@ -0,0 +1,44 @@
# Solitaire Quest — Self-Hosting Guide
## Prerequisites
- Docker and Docker Compose
- `openssl` for generating a JWT secret
## Quick start
1. Clone the repo and enter it.
2. Copy the example environment file and fill in your values:
```bash
cp .env.example .env
# Edit .env: set JWT_SECRET and SOLITAIRE_DOMAIN
```
3. (First time only) Generate the sqlx query cache so the server builds without a live database:
```bash
cargo install sqlx-cli --no-default-features --features rustls,sqlite
export DATABASE_URL=sqlite://solitaire.db
sqlx database create
sqlx migrate run --source solitaire_server/migrations
cargo sqlx prepare --workspace
rm solitaire.db # the real DB lives in ./data/ at runtime
```
4. Start everything:
```bash
docker compose up -d
```
5. The server is now reachable at `https://<SOLITAIRE_DOMAIN>`.
## Backups
The entire server state is one SQLite file at `./data/solitaire.db`. Back it up with:
```bash
sqlite3 ./data/solitaire.db ".backup backup_$(date +%Y%m%d).db"
```
## Updating
```bash
git pull
docker compose build
docker compose up -d
```
docker-compose.yml
+30
View File
@@ -0,0 +1,30 @@
services:
server:
build: .
env_file: .env
environment:
# Override DATABASE_URL so the DB always lands in the persistent volume,
# regardless of what .env contains.
DATABASE_URL: sqlite:///data/solitaire.db
volumes:
- ./data:/data
restart: unless-stopped
expose:
- "${SERVER_PORT:-8080}"
caddy:
image: caddy:2-alpine
depends_on:
- server
ports:
- "80:80"
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy_data:/data
- caddy_config:/config
restart: unless-stopped
volumes:
caddy_data:
caddy_config:
solitaire_app/Cargo.toml
+1
View File
@@ -10,3 +10,4 @@ path = "src/main.rs"
[dependencies] [dependencies]
bevy = { workspace = true } bevy = { workspace = true }
solitaire_engine = { workspace = true } solitaire_engine = { workspace = true }
solitaire_data = { workspace = true }
solitaire_app/src/main.rs
+11 -1
View File
@@ -1,11 +1,20 @@
use bevy::prelude::*; use bevy::prelude::*;
use solitaire_data::{load_settings_from, provider_for_backend, settings_file_path, Settings};
use solitaire_engine::{ use solitaire_engine::{
AchievementPlugin, AnimationPlugin, AudioPlugin, CardPlugin, ChallengePlugin, AchievementPlugin, AnimationPlugin, AudioPlugin, CardPlugin, ChallengePlugin,
DailyChallengePlugin, GamePlugin, HelpPlugin, InputPlugin, OnboardingPlugin, PausePlugin, DailyChallengePlugin, GamePlugin, HelpPlugin, InputPlugin, OnboardingPlugin, PausePlugin,
ProgressPlugin, SettingsPlugin, StatsPlugin, TablePlugin, TimeAttackPlugin, WeeklyGoalsPlugin, ProgressPlugin, SettingsPlugin, StatsPlugin, SyncPlugin, TablePlugin, TimeAttackPlugin,
WeeklyGoalsPlugin,
}; };
fn main() { fn main() {
// Load settings before building the app so we can construct the right
// sync provider. Falls back to defaults if no settings file exists yet.
let settings: Settings = settings_file_path()
.map(|p| load_settings_from(&p))
.unwrap_or_default();
let sync_provider = provider_for_backend(&settings.sync_backend);
App::new() App::new()
.add_plugins( .add_plugins(
DefaultPlugins.set(WindowPlugin { DefaultPlugins.set(WindowPlugin {
@@ -34,5 +43,6 @@ fn main() {
.add_plugins(SettingsPlugin::default()) .add_plugins(SettingsPlugin::default())
.add_plugins(AudioPlugin) .add_plugins(AudioPlugin)
.add_plugins(OnboardingPlugin) .add_plugins(OnboardingPlugin)
.add_plugins(SyncPlugin::new(sync_provider))
.run(); .run();
} }
solitaire_core/src/game_state.rs
+6 -6
View File
@@ -1,4 +1,4 @@
use std::collections::HashMap; use std::collections::{HashMap, VecDeque};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use crate::card::{Card, Suit}; use crate::card::{Card, Suit};
use crate::deck::{deal_klondike, Deck}; use crate::deck::{deal_klondike, Deck};
@@ -60,7 +60,7 @@ pub struct GameState {
/// Number of times `undo()` has been successfully invoked this game. /// Number of times `undo()` has been successfully invoked this game.
/// Used by achievement conditions like `no_undo`. /// Used by achievement conditions like `no_undo`.
pub undo_count: u32, pub undo_count: u32,
undo_stack: Vec<StateSnapshot>, undo_stack: VecDeque<StateSnapshot>,
} }
impl GameState { impl GameState {
@@ -96,7 +96,7 @@ impl GameState {
is_won: false, is_won: false,
is_auto_completable: false, is_auto_completable: false,
undo_count: 0, undo_count: 0,
undo_stack: Vec::new(), undo_stack: VecDeque::new(),
} }
} }
@@ -115,9 +115,9 @@ impl GameState {
fn push_snapshot(&mut self) { fn push_snapshot(&mut self) {
if self.undo_stack.len() >= MAX_UNDO_STACK { if self.undo_stack.len() >= MAX_UNDO_STACK {
self.undo_stack.remove(0); self.undo_stack.pop_front(); // O(1)
} }
self.undo_stack.push(self.take_snapshot()); self.undo_stack.push_back(self.take_snapshot());
} }
/// Draw cards from stock to waste. When stock is empty, recycles waste back to stock. /// Draw cards from stock to waste. When stock is empty, recycles waste back to stock.
@@ -278,7 +278,7 @@ impl GameState {
"undo is disabled in Challenge mode".into(), "undo is disabled in Challenge mode".into(),
)); ));
} }
let snapshot = self.undo_stack.pop().ok_or(MoveError::UndoStackEmpty)?; let snapshot = self.undo_stack.pop_back().ok_or(MoveError::UndoStackEmpty)?;
self.piles = snapshot.piles; self.piles = snapshot.piles;
self.score = if self.mode == GameMode::Zen { self.score = if self.mode == GameMode::Zen {
0 0
solitaire_data/src/achievements.rs
+6 -33
View File
@@ -1,46 +1,18 @@
//! Persistence for per-player achievement unlock records. //! Persistence for per-player achievement unlock records.
//!
//! The [`AchievementRecord`] struct is defined in `solitaire_sync` so the
//! server can use the same type. This module re-exports it and provides
//! file I/O helpers.
use std::fs; use std::fs;
use std::io; use std::io;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use chrono::{DateTime, Utc}; pub use solitaire_sync::AchievementRecord;
use serde::{Deserialize, Serialize};
const APP_DIR_NAME: &str = "solitaire_quest"; const APP_DIR_NAME: &str = "solitaire_quest";
const FILE_NAME: &str = "achievements.json"; const FILE_NAME: &str = "achievements.json";
/// One player's unlock state for a single achievement.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct AchievementRecord {
pub id: String,
pub unlocked: bool,
pub unlock_date: Option<DateTime<Utc>>,
pub reward_granted: bool,
}
impl AchievementRecord {
/// Construct an initial record for an achievement that is not yet unlocked.
pub fn locked(id: impl Into<String>) -> Self {
Self {
id: id.into(),
unlocked: false,
unlock_date: None,
reward_granted: false,
}
}
/// Mark this record unlocked at the given timestamp. No-op if already unlocked
/// (preserves earliest `unlock_date`).
pub fn unlock(&mut self, at: DateTime<Utc>) {
if self.unlocked {
return;
}
self.unlocked = true;
self.unlock_date = Some(at);
}
}
/// Platform-specific default path for `achievements.json`. /// Platform-specific default path for `achievements.json`.
pub fn achievements_file_path() -> Option<PathBuf> { pub fn achievements_file_path() -> Option<PathBuf> {
dirs::data_dir().map(|d| d.join(APP_DIR_NAME).join(FILE_NAME)) dirs::data_dir().map(|d| d.join(APP_DIR_NAME).join(FILE_NAME))
@@ -70,6 +42,7 @@ pub fn save_achievements_to(path: &Path, records: &[AchievementRecord]) -> io::R
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
use chrono::Utc;
use std::env; use std::env;
fn tmp_path(name: &str) -> PathBuf { fn tmp_path(name: &str) -> PathBuf {
solitaire_data/src/auth_tokens.rs
+106
View File
@@ -0,0 +1,106 @@
//! Secure storage for JWT access and refresh tokens using the OS keychain.
//!
//! Tokens are stored under service name `"solitaire_quest_server"` with entry
//! keys `"{username}_access"` and `"{username}_refresh"`.
//!
//! On Linux this requires a running secret service (GNOME Keyring / KWallet).
//! If the keychain is unavailable, operations return
//! [`TokenError::KeychainUnavailable`] — callers should fall back to prompting
//! the user to log in again.
//!
//! # Note: no unit tests — requires live OS keychain.
use keyring::Entry;
use thiserror::Error;
/// Errors that can occur when reading or writing tokens in the OS keychain.
#[derive(Debug, Error)]
pub enum TokenError {
/// The OS keychain (secret service / keychain daemon) is not available.
#[error("keychain unavailable: {0}")]
KeychainUnavailable(String),
/// No token was found in the keychain for the given username.
#[error("token not found for user {0}")]
NotFound(String),
/// An unexpected keychain error occurred.
#[error("keychain error: {0}")]
Keyring(String),
}
/// Service name used to namespace all keychain entries for this application.
const SERVICE: &str = "solitaire_quest_server";
/// Map a `keyring::Error` to the appropriate `TokenError`.
fn map_keyring_err(err: keyring::Error, username: &str) -> TokenError {
let msg = err.to_string();
match err {
keyring::Error::NoStorageAccess(_) => TokenError::KeychainUnavailable(msg),
keyring::Error::NoEntry => TokenError::NotFound(username.to_string()),
_ => TokenError::Keyring(msg),
}
}
/// Store the access and refresh tokens for `username` in the OS keychain.
///
/// Any previously stored tokens for that username are overwritten.
pub fn store_tokens(
username: &str,
access_token: &str,
refresh_token: &str,
) -> Result<(), TokenError> {
Entry::new(SERVICE, &format!("{username}_access"))
.map_err(|e| map_keyring_err(e, username))?
.set_password(access_token)
.map_err(|e| map_keyring_err(e, username))?;
Entry::new(SERVICE, &format!("{username}_refresh"))
.map_err(|e| map_keyring_err(e, username))?
.set_password(refresh_token)
.map_err(|e| map_keyring_err(e, username))?;
Ok(())
}
/// Load the stored access token for `username` from the OS keychain.
///
/// Returns [`TokenError::NotFound`] if no token has been stored yet.
pub fn load_access_token(username: &str) -> Result<String, TokenError> {
Entry::new(SERVICE, &format!("{username}_access"))
.map_err(|e| map_keyring_err(e, username))?
.get_password()
.map_err(|e| map_keyring_err(e, username))
}
/// Load the stored refresh token for `username` from the OS keychain.
///
/// Returns [`TokenError::NotFound`] if no token has been stored yet.
pub fn load_refresh_token(username: &str) -> Result<String, TokenError> {
Entry::new(SERVICE, &format!("{username}_refresh"))
.map_err(|e| map_keyring_err(e, username))?
.get_password()
.map_err(|e| map_keyring_err(e, username))
}
/// Delete the stored access and refresh tokens for `username`.
///
/// Intended to be called on logout or account deletion. Missing entries are
/// silently ignored (the tokens are already gone, which is the desired state).
pub fn delete_tokens(username: &str) -> Result<(), TokenError> {
match Entry::new(SERVICE, &format!("{username}_access"))
.map_err(|e| map_keyring_err(e, username))?
.delete_password()
{
Ok(()) | Err(keyring::Error::NoEntry) => {}
Err(e) => return Err(map_keyring_err(e, username)),
}
match Entry::new(SERVICE, &format!("{username}_refresh"))
.map_err(|e| map_keyring_err(e, username))?
.delete_password()
{
Ok(()) | Err(keyring::Error::NoEntry) => {}
Err(e) => return Err(map_keyring_err(e, username)),
}
Ok(())
}
solitaire_data/src/lib.rs
+38 -3
View File
@@ -35,11 +35,35 @@ pub trait SyncProvider: Send + Sync {
} }
} }
/// Blanket impl so `Box<dyn SyncProvider + Send + Sync>` (returned by
/// `provider_for_backend`) can be passed directly to `SyncPlugin::new`.
#[async_trait]
impl SyncProvider for Box<dyn SyncProvider + Send + Sync> {
async fn pull(&self) -> Result<SyncPayload, SyncError> {
(**self).pull().await
}
async fn push(&self, payload: &SyncPayload) -> Result<SyncResponse, SyncError> {
(**self).push(payload).await
}
fn backend_name(&self) -> &'static str {
(**self).backend_name()
}
fn is_authenticated(&self) -> bool {
(**self).is_authenticated()
}
async fn mirror_achievement(&self, id: &str) -> Result<(), SyncError> {
(**self).mirror_achievement(id).await
}
}
pub mod stats; pub mod stats;
pub use stats::StatsSnapshot; pub use stats::{StatsExt, StatsSnapshot};
pub mod storage; pub mod storage;
pub use storage::{load_stats, load_stats_from, save_stats, save_stats_to, stats_file_path}; pub use storage::{
cleanup_orphaned_tmp_files, load_stats, load_stats_from, save_stats, save_stats_to,
stats_file_path,
};
pub mod achievements; pub mod achievements;
pub use achievements::{ pub use achievements::{
@@ -62,4 +86,15 @@ pub mod challenge;
pub use challenge::{challenge_count, challenge_seed_for, CHALLENGE_SEEDS}; pub use challenge::{challenge_count, challenge_seed_for, CHALLENGE_SEEDS};
pub mod settings; pub mod settings;
pub use settings::{load_settings_from, save_settings_to, settings_file_path, Settings}; pub use settings::{
load_settings_from, save_settings_to, settings_file_path, AnimSpeed, Settings, SyncBackend,
Theme,
};
pub mod auth_tokens;
pub use auth_tokens::{
delete_tokens, load_access_token, load_refresh_token, store_tokens, TokenError,
};
pub mod sync_client;
pub use sync_client::{provider_for_backend, LocalOnlyProvider, SolitaireServerClient};
solitaire_data/src/progress.rs
+8 -121
View File
@@ -1,30 +1,22 @@
//! Player progression — XP, level, unlocks, daily/weekly progress. //! Player progression — XP, level, unlocks, daily/weekly progress.
//! //!
//! Persisted to `progress.json` next to `stats.json` and `achievements.json`. //! Persisted to `progress.json` next to `stats.json` and `achievements.json`.
//!
//! [`PlayerProgress`] is defined in `solitaire_sync` (so the server can use
//! the same type) and re-exported here along with file I/O helpers.
use std::collections::HashMap;
use std::fs; use std::fs;
use std::io; use std::io;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use chrono::{DateTime, Datelike, Duration, NaiveDate, Utc}; use chrono::{Datelike, NaiveDate};
use serde::{Deserialize, Serialize};
pub use solitaire_sync::progress::level_for_xp;
pub use solitaire_sync::PlayerProgress;
const APP_DIR_NAME: &str = "solitaire_quest"; const APP_DIR_NAME: &str = "solitaire_quest";
const FILE_NAME: &str = "progress.json"; const FILE_NAME: &str = "progress.json";
/// XP-to-level lookup. Matches ARCHITECTURE.md §13.
///
/// Levels 110: `level = floor(total_xp / 500)`
/// Levels 11+: `level = 10 + floor((total_xp - 5_000) / 1_000)`
pub fn level_for_xp(xp: u64) -> u32 {
if xp < 5_000 {
(xp / 500) as u32
} else {
10 + ((xp - 5_000) / 1_000) as u32
}
}
/// Deterministic seed derived from a date, identical for all players globally. /// Deterministic seed derived from a date, identical for all players globally.
/// Used as the RNG seed for the daily-challenge deal. /// Used as the RNG seed for the daily-challenge deal.
pub fn daily_seed_for(date: NaiveDate) -> u64 { pub fn daily_seed_for(date: NaiveDate) -> u64 {
@@ -52,112 +44,6 @@ pub fn xp_for_win(time_seconds: u64, used_undo: bool) -> u64 {
base + speed_bonus + no_undo_bonus base + speed_bonus + no_undo_bonus
} }
/// Persisted player progression state.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct PlayerProgress {
pub total_xp: u64,
pub level: u32,
pub daily_challenge_last_completed: Option<NaiveDate>,
pub daily_challenge_streak: u32,
pub weekly_goal_progress: HashMap<String, u32>,
/// ISO week key (e.g. `"2026-W17"`) the current `weekly_goal_progress`
/// counters belong to. When the engine sees a different week it clears
/// progress and updates this field.
#[serde(default)]
pub weekly_goal_week_iso: Option<String>,
pub unlocked_card_backs: Vec<usize>,
pub unlocked_backgrounds: Vec<usize>,
/// Index of the next Challenge-mode seed the player will be served.
/// Increments on each Challenge-mode win. Out-of-range values wrap modulo
/// `CHALLENGE_SEEDS.len()` at lookup time.
#[serde(default)]
pub challenge_index: u32,
pub last_modified: DateTime<Utc>,
}
impl Default for PlayerProgress {
fn default() -> Self {
Self {
total_xp: 0,
level: 0,
daily_challenge_last_completed: None,
daily_challenge_streak: 0,
weekly_goal_progress: HashMap::new(),
weekly_goal_week_iso: None,
unlocked_card_backs: vec![0], // back #0 always available
unlocked_backgrounds: vec![0], // background #0 always available
challenge_index: 0,
last_modified: DateTime::UNIX_EPOCH,
}
}
}
impl PlayerProgress {
/// Add XP and recompute level. Returns the previous level so callers can
/// detect level-up events.
pub fn add_xp(&mut self, amount: u64) -> u32 {
let prev_level = self.level;
self.total_xp = self.total_xp.saturating_add(amount);
self.level = level_for_xp(self.total_xp);
self.last_modified = Utc::now();
prev_level
}
/// `true` if a level-up just occurred (current level > `prev_level`).
pub fn leveled_up_from(&self, prev_level: u32) -> bool {
self.level > prev_level
}
/// Reset weekly-goal progress when the ISO week has rolled over.
/// No-op if the stored week key already matches `current`.
pub fn roll_weekly_goals_if_new_week(&mut self, current: &str) -> bool {
if self.weekly_goal_week_iso.as_deref() == Some(current) {
return false;
}
self.weekly_goal_progress.clear();
self.weekly_goal_week_iso = Some(current.to_string());
self.last_modified = Utc::now();
true
}
/// Increment progress for `goal_id` by 1, capped at `target`.
/// Returns `true` if this call brought the counter from below `target`
/// to at-or-above `target` (i.e. just completed the goal).
pub fn record_weekly_progress(&mut self, goal_id: &str, target: u32) -> bool {
let entry = self.weekly_goal_progress.entry(goal_id.to_string()).or_insert(0);
if *entry >= target {
// Already complete — do not over-count.
return false;
}
*entry = entry.saturating_add(1);
self.last_modified = Utc::now();
*entry >= target
}
/// Record a daily-challenge completion for `date`.
///
/// - First completion ever, or a gap of more than one day: streak resets to 1.
/// - Completion the day after the previous: streak increments.
/// - Same day as the previous: no-op (idempotent — a player can't double-count).
///
/// Returns `true` if this call recorded a fresh completion (i.e. it wasn't
/// the same-day no-op case).
pub fn record_daily_completion(&mut self, date: NaiveDate) -> bool {
match self.daily_challenge_last_completed {
Some(last) if last == date => return false,
Some(last) if last + Duration::days(1) == date => {
self.daily_challenge_streak = self.daily_challenge_streak.saturating_add(1);
}
_ => {
self.daily_challenge_streak = 1;
}
}
self.daily_challenge_last_completed = Some(date);
self.last_modified = Utc::now();
true
}
}
/// Platform-specific default path for `progress.json`. /// Platform-specific default path for `progress.json`.
pub fn progress_file_path() -> Option<PathBuf> { pub fn progress_file_path() -> Option<PathBuf> {
dirs::data_dir().map(|d| d.join(APP_DIR_NAME).join(FILE_NAME)) dirs::data_dir().map(|d| d.join(APP_DIR_NAME).join(FILE_NAME))
@@ -186,6 +72,7 @@ pub fn save_progress_to(path: &Path, progress: &PlayerProgress) -> io::Result<()
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
use chrono::Duration;
use std::env; use std::env;
fn tmp_path(name: &str) -> PathBuf { fn tmp_path(name: &str) -> PathBuf {
solitaire_data/src/settings.rs
+172 -7
View File
@@ -1,42 +1,127 @@
//! User settings (persistent). //! User settings (persistent).
//! //!
//! Currently tracks SFX volume and the first-run flag. Other fields from //! Tracks draw mode, volumes, animation speed, visual theme, sync backend, and
//! ARCHITECTURE.md §9 (`draw_mode`, `music_volume`, `theme`, `sync_backend`) //! the first-run flag. All fields use `#[serde(default)]` so settings files
//! will land alongside the systems that need them. //! written by older versions of the game still deserialize correctly.
use std::fs; use std::fs;
use std::io; use std::io;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use solitaire_core::game_state::DrawMode;
const APP_DIR_NAME: &str = "solitaire_quest"; const APP_DIR_NAME: &str = "solitaire_quest";
const SETTINGS_FILE_NAME: &str = "settings.json"; const SETTINGS_FILE_NAME: &str = "settings.json";
/// Animation playback speed for card transitions.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
pub enum AnimSpeed {
/// Standard animation timing (default).
#[default]
Normal,
/// Roughly 2× faster than Normal.
Fast,
/// Skip animations entirely — cards teleport to their destinations.
Instant,
}
/// Visual theme applied to the table background and UI chrome.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
pub enum Theme {
/// Classic green felt (default).
#[default]
Green,
/// Blue felt variant.
Blue,
/// Dark / night-mode variant.
Dark,
}
/// Which sync backend the player has configured.
///
/// JWT tokens for `SolitaireServer` are stored in the OS keychain via
/// `solitaire_data::auth_tokens` — **never** in this struct.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default)]
pub enum SyncBackend {
/// No sync — all progress stays on the local device (default).
#[default]
#[serde(rename = "local")]
Local,
/// Sync with a self-hosted Solitaire Quest server.
#[serde(rename = "solitaire_server")]
SolitaireServer {
/// Base URL of the server, e.g. `"https://solitaire.example.com"`.
url: String,
/// The player's username on that server.
username: String,
// JWT tokens are stored in the OS keychain — not here.
},
/// Google Play Games Services (Android only). Selecting this on non-Android
/// platforms silently falls back to `Local` at runtime.
#[serde(rename = "google_play_games")]
GooglePlayGames,
}
/// Persistent user settings. /// Persistent user settings.
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
pub struct Settings { pub struct Settings {
/// Linear SFX volume in `[0.0, 1.0]`. Applied to kira's main track gain. /// Draw mode selected for new games.
#[serde(default = "default_draw_mode")]
pub draw_mode: DrawMode,
/// Linear SFX volume in `[0.0, 1.0]`. Applied to kira's SFX channel gain.
#[serde(default = "default_sfx_volume")]
pub sfx_volume: f32, pub sfx_volume: f32,
/// Linear music volume in `[0.0, 1.0]`. Applied to kira's music channel gain.
#[serde(default = "default_music_volume")]
pub music_volume: f32,
/// Speed at which card animations play.
#[serde(default)]
pub animation_speed: AnimSpeed,
/// Visual theme for the table and UI.
#[serde(default)]
pub theme: Theme,
/// Which sync backend is active.
#[serde(default)]
pub sync_backend: SyncBackend,
/// Set to `true` once the player has dismissed the first-run banner. /// Set to `true` once the player has dismissed the first-run banner.
#[serde(default)]
pub first_run_complete: bool, pub first_run_complete: bool,
} }
fn default_draw_mode() -> DrawMode {
DrawMode::DrawOne
}
fn default_sfx_volume() -> f32 {
0.8
}
fn default_music_volume() -> f32 {
0.5
}
impl Default for Settings { impl Default for Settings {
fn default() -> Self { fn default() -> Self {
Self { Self {
sfx_volume: 0.8, draw_mode: DrawMode::DrawOne,
sfx_volume: default_sfx_volume(),
music_volume: default_music_volume(),
animation_speed: AnimSpeed::Normal,
theme: Theme::Green,
sync_backend: SyncBackend::Local,
first_run_complete: false, first_run_complete: false,
} }
} }
} }
impl Settings { impl Settings {
/// Clamps `sfx_volume` into `[0.0, 1.0]` after deserialization or /// Clamps both `sfx_volume` and `music_volume` into `[0.0, 1.0]` after
/// hand-editing of `settings.json`. /// deserialization or hand-editing of `settings.json`.
pub fn sanitized(self) -> Self { pub fn sanitized(self) -> Self {
Self { Self {
sfx_volume: self.sfx_volume.clamp(0.0, 1.0), sfx_volume: self.sfx_volume.clamp(0.0, 1.0),
music_volume: self.music_volume.clamp(0.0, 1.0),
..self ..self
} }
} }
@@ -46,6 +131,12 @@ impl Settings {
self.sfx_volume = (self.sfx_volume + delta).clamp(0.0, 1.0); self.sfx_volume = (self.sfx_volume + delta).clamp(0.0, 1.0);
self.sfx_volume self.sfx_volume
} }
/// Adjust music volume by `delta`, clamped to `[0.0, 1.0]`. Returns the new value.
pub fn adjust_music_volume(&mut self, delta: f32) -> f32 {
self.music_volume = (self.music_volume + delta).clamp(0.0, 1.0);
self.music_volume
}
} }
/// Returns the platform-specific path to `settings.json`, or `None` if /// Returns the platform-specific path to `settings.json`, or `None` if
@@ -90,7 +181,12 @@ mod tests {
fn defaults_are_reasonable() { fn defaults_are_reasonable() {
let s = Settings::default(); let s = Settings::default();
assert!((s.sfx_volume - 0.8).abs() < 1e-6); assert!((s.sfx_volume - 0.8).abs() < 1e-6);
assert!((s.music_volume - 0.5).abs() < 1e-6);
assert!(!s.first_run_complete); assert!(!s.first_run_complete);
assert_eq!(s.draw_mode, DrawMode::DrawOne);
assert_eq!(s.animation_speed, AnimSpeed::Normal);
assert_eq!(s.theme, Theme::Green);
assert_eq!(s.sync_backend, SyncBackend::Local);
} }
#[test] #[test]
@@ -103,17 +199,43 @@ mod tests {
assert!((s.adjust_sfx_volume(-1.0) - 0.0).abs() < 1e-6); assert!((s.adjust_sfx_volume(-1.0) - 0.0).abs() < 1e-6);
} }
#[test]
fn adjust_music_volume_clamps() {
let mut s = Settings::default();
s.music_volume = 0.5;
assert!((s.adjust_music_volume(0.3) - 0.8).abs() < 1e-6);
assert!((s.adjust_music_volume(0.5) - 1.0).abs() < 1e-6);
assert!((s.adjust_music_volume(-2.0) - 0.0).abs() < 1e-6);
assert!((s.adjust_music_volume(-1.0) - 0.0).abs() < 1e-6);
}
#[test] #[test]
fn sanitized_clamps_out_of_range_volume() { fn sanitized_clamps_out_of_range_volume() {
let s = Settings { let s = Settings {
sfx_volume: 5.0, sfx_volume: 5.0,
music_volume: -1.5,
first_run_complete: true, first_run_complete: true,
..Settings::default()
} }
.sanitized(); .sanitized();
assert_eq!(s.sfx_volume, 1.0); assert_eq!(s.sfx_volume, 1.0);
assert_eq!(s.music_volume, 0.0);
assert!(s.first_run_complete); assert!(s.first_run_complete);
} }
#[test]
fn sanitized_clamps_music_volume() {
let mut s = Settings::default();
s.music_volume = 2.0;
let s = s.sanitized();
assert_eq!(s.music_volume, 1.0);
let mut s2 = Settings::default();
s2.music_volume = -0.5;
let s2 = s2.sanitized();
assert_eq!(s2.music_volume, 0.0);
}
#[test] #[test]
fn round_trip_save_and_load() { fn round_trip_save_and_load() {
let path = tmp_path("round_trip"); let path = tmp_path("round_trip");
@@ -121,6 +243,28 @@ mod tests {
let s = Settings { let s = Settings {
sfx_volume: 0.42, sfx_volume: 0.42,
first_run_complete: true, first_run_complete: true,
..Settings::default()
};
save_settings_to(&path, &s).expect("save");
let loaded = load_settings_from(&path);
assert_eq!(loaded, s);
}
#[test]
fn round_trip_save_and_load_full_settings() {
let path = tmp_path("round_trip_full");
let _ = fs::remove_file(&path);
let s = Settings {
draw_mode: DrawMode::DrawThree,
sfx_volume: 0.3,
music_volume: 0.7,
animation_speed: AnimSpeed::Fast,
theme: Theme::Dark,
sync_backend: SyncBackend::SolitaireServer {
url: "https://example.com".to_string(),
username: "testuser".to_string(),
},
first_run_complete: true,
}; };
save_settings_to(&path, &s).expect("save"); save_settings_to(&path, &s).expect("save");
let loaded = load_settings_from(&path); let loaded = load_settings_from(&path);
@@ -142,4 +286,25 @@ mod tests {
let s = load_settings_from(&path); let s = load_settings_from(&path);
assert_eq!(s, Settings::default()); assert_eq!(s, Settings::default());
} }
#[test]
fn load_from_old_format_uses_defaults_for_new_fields() {
// Simulate a settings.json written by an older version that only had
// sfx_volume and first_run_complete.
let path = tmp_path("old_format");
fs::write(
&path,
br#"{ "sfx_volume": 0.6, "first_run_complete": true }"#,
)
.expect("write");
let s = load_settings_from(&path);
assert!((s.sfx_volume - 0.6).abs() < 1e-6);
assert!(s.first_run_complete);
// New fields should fall back to their defaults.
assert!((s.music_volume - 0.5).abs() < 1e-6);
assert_eq!(s.animation_speed, AnimSpeed::Normal);
assert_eq!(s.theme, Theme::Green);
assert_eq!(s.sync_backend, SyncBackend::Local);
assert_eq!(s.draw_mode, DrawMode::DrawOne);
}
} }
solitaire_data/src/stats.rs
+15 -59
View File
@@ -1,51 +1,24 @@
//! Player statistics — persisted to `stats.json` between sessions. //! Player statistics — persisted to `stats.json` between sessions.
//!
//! [`StatsSnapshot`] is defined in `solitaire_sync` and re-exported here.
//! This module adds the [`StatsExt`] extension trait, which supplies the
//! `update_on_win` method that depends on [`DrawMode`] from `solitaire_core`.
use chrono::{DateTime, Utc}; use chrono::Utc;
use serde::{Deserialize, Serialize};
use solitaire_core::game_state::DrawMode; use solitaire_core::game_state::DrawMode;
/// Cumulative game statistics. Stored as `stats.json` in the platform data dir. pub use solitaire_sync::StatsSnapshot;
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct StatsSnapshot {
pub games_played: u32,
pub games_won: u32,
pub games_lost: u32,
pub win_streak_current: u32,
pub win_streak_best: u32,
/// Rolling average of win times in seconds.
pub avg_time_seconds: u64,
/// Fastest win time. `u64::MAX` means no wins yet.
pub fastest_win_seconds: u64,
/// Sum of all winning scores.
pub lifetime_score: u64,
pub best_single_score: u32,
pub draw_one_wins: u32,
pub draw_three_wins: u32,
pub last_modified: DateTime<Utc>,
}
impl Default for StatsSnapshot { /// Extension trait providing game-logic mutation helpers for [`StatsSnapshot`].
fn default() -> Self { ///
Self { /// Import this trait alongside `StatsSnapshot` to use `update_on_win`.
games_played: 0, pub trait StatsExt {
games_won: 0,
games_lost: 0,
win_streak_current: 0,
win_streak_best: 0,
avg_time_seconds: 0,
fastest_win_seconds: u64::MAX,
lifetime_score: 0,
best_single_score: 0,
draw_one_wins: 0,
draw_three_wins: 0,
last_modified: DateTime::UNIX_EPOCH,
}
}
}
impl StatsSnapshot {
/// Record a completed win. Updates all relevant counters and rolling averages. /// Record a completed win. Updates all relevant counters and rolling averages.
pub fn update_on_win(&mut self, score: i32, time_seconds: u64, draw_mode: &DrawMode) { fn update_on_win(&mut self, score: i32, time_seconds: u64, draw_mode: &DrawMode);
}
impl StatsExt for StatsSnapshot {
fn update_on_win(&mut self, score: i32, time_seconds: u64, draw_mode: &DrawMode) {
let prev_wins = self.games_won; let prev_wins = self.games_won;
self.games_played += 1; self.games_played += 1;
self.games_won += 1; self.games_won += 1;
@@ -78,23 +51,6 @@ impl StatsSnapshot {
self.last_modified = Utc::now(); self.last_modified = Utc::now();
} }
/// Record an abandoned game (player started a new game without winning).
pub fn record_abandoned(&mut self) {
self.games_played += 1;
self.games_lost += 1;
self.win_streak_current = 0;
self.last_modified = Utc::now();
}
/// Win percentage as 0100, or `None` if no games played.
pub fn win_rate(&self) -> Option<f32> {
if self.games_played == 0 {
None
} else {
Some(self.games_won as f32 / self.games_played as f32 * 100.0)
}
}
} }
#[cfg(test)] #[cfg(test)]
solitaire_data/src/storage.rs
+79 -1
View File
@@ -58,10 +58,48 @@ pub fn save_stats(stats: &StatsSnapshot) -> io::Result<()> {
save_stats_to(&path, stats) save_stats_to(&path, stats)
} }
/// Remove any leftover `*.json.tmp` files in the app data directory.
///
/// These can be left behind if the process crashes between the write and rename
/// in an atomic save. Safe to call on startup; missing or unreadable entries
/// are silently skipped.
pub fn cleanup_orphaned_tmp_files() -> io::Result<()> {
let dir = match dirs::data_dir() {
Some(d) => d.join(APP_DIR_NAME),
None => return Ok(()),
};
if !dir.exists() {
return Ok(());
}
cleanup_tmp_files_in(&dir);
Ok(())
}
/// Inner helper: delete `*.json.tmp` entries inside `dir`.
///
/// Per-file errors (already deleted, permission denied) are silently ignored.
fn cleanup_tmp_files_in(dir: &Path) {
if let Ok(entries) = fs::read_dir(dir) {
for entry in entries.flatten() {
let path = entry.path();
if path
.file_name()
.and_then(|n| n.to_str())
.map(|n| n.ends_with(".json.tmp"))
.unwrap_or(false)
{
let _ = fs::remove_file(&path);
}
}
}
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
use crate::stats::StatsSnapshot; use crate::stats::{StatsExt, StatsSnapshot};
use solitaire_core::game_state::DrawMode; use solitaire_core::game_state::DrawMode;
use std::env; use std::env;
@@ -109,4 +147,44 @@ mod tests {
let stats = load_stats_from(&path); let stats = load_stats_from(&path);
assert_eq!(stats, StatsSnapshot::default()); assert_eq!(stats, StatsSnapshot::default());
} }
/// Test the core cleanup logic by creating `.json.tmp` files in a temporary
/// directory, running the cleanup loop manually, and verifying removal.
#[test]
fn cleanup_removes_tmp_files() {
let dir = env::temp_dir().join("solitaire_cleanup_test");
fs::create_dir_all(&dir).expect("create test dir");
// Create a pair of .json.tmp files and one regular file that must survive.
let tmp1 = dir.join("stats.json.tmp");
let tmp2 = dir.join("progress.json.tmp");
let keep = dir.join("settings.json");
fs::write(&tmp1, b"orphan1").expect("write tmp1");
fs::write(&tmp2, b"orphan2").expect("write tmp2");
fs::write(&keep, b"{}").expect("write keep");
// Run the cleanup logic directly against our test directory.
cleanup_tmp_files_in(&dir);
assert!(!tmp1.exists(), "stats.json.tmp should have been removed");
assert!(!tmp2.exists(), "progress.json.tmp should have been removed");
assert!(keep.exists(), "settings.json must not be removed");
// Tidy up.
let _ = fs::remove_file(&keep);
let _ = fs::remove_dir(&dir);
}
/// Calling `cleanup_orphaned_tmp_files` on a box with no app data dir is a
/// no-op and must not return an error.
#[test]
fn cleanup_on_nonexistent_dir_is_ok() {
// We can't control whether the real app dir exists in the test
// environment, but the public function must at least not panic or
// return an Err when the directory is absent.
// The real implementation returns Ok(()) for missing dirs.
let result = cleanup_orphaned_tmp_files();
// The function is allowed to succeed whether or not the dir exists.
assert!(result.is_ok());
}
} }
solitaire_data/src/sync_client.rs
+318
View File
@@ -0,0 +1,318 @@
//! Concrete [`SyncProvider`] implementations and a factory for constructing
//! the correct provider from a [`SyncBackend`] setting.
//!
//! # Backends
//!
//! | Struct | Backend |
//! |---|---|
//! | [`LocalOnlyProvider`] | No-op; used when sync is disabled |
//! | [`SolitaireServerClient`] | Self-hosted Solitaire Quest server (JWT auth) |
//!
//! Use [`provider_for_backend`] to obtain a `Box<dyn SyncProvider + Send + Sync>`
//! without matching on [`SyncBackend`] anywhere else in the codebase.
use async_trait::async_trait;
use solitaire_sync::{SyncPayload, SyncResponse};
use crate::{
auth_tokens::{load_access_token, load_refresh_token, store_tokens},
settings::SyncBackend,
SyncError, SyncProvider,
};
// ---------------------------------------------------------------------------
// LocalOnlyProvider
// ---------------------------------------------------------------------------
/// A no-op sync provider used when the player has not configured any backend.
///
/// Both [`pull`](SyncProvider::pull) and [`push`](SyncProvider::push) always
/// return [`SyncError::UnsupportedPlatform`], so callers know no remote data
/// is available without treating it as a fatal error.
pub struct LocalOnlyProvider;
#[async_trait]
impl SyncProvider for LocalOnlyProvider {
async fn pull(&self) -> Result<SyncPayload, SyncError> {
Err(SyncError::UnsupportedPlatform)
}
async fn push(&self, _payload: &SyncPayload) -> Result<SyncResponse, SyncError> {
Err(SyncError::UnsupportedPlatform)
}
fn backend_name(&self) -> &'static str {
"local"
}
fn is_authenticated(&self) -> bool {
false
}
}
// ---------------------------------------------------------------------------
// SolitaireServerClient
// ---------------------------------------------------------------------------
/// HTTP sync client for the self-hosted Solitaire Quest server.
///
/// Authenticates via JWT stored in the OS keychain. On a 401 response the
/// client automatically attempts a token refresh and retries the request once
/// before returning an error.
pub struct SolitaireServerClient {
/// Base URL of the server, e.g. `"https://solitaire.example.com"`.
/// Trailing slashes are stripped on construction.
base_url: String,
/// The player's username on this server — used as the keychain key.
username: String,
/// Shared `reqwest` client (keeps connection pools alive across calls).
client: reqwest::Client,
}
impl SolitaireServerClient {
/// Construct a new client for the given server URL and username.
///
/// The `base_url` trailing slash is stripped so URL construction is
/// consistent regardless of how the user entered the setting.
pub fn new(base_url: impl Into<String>, username: impl Into<String>) -> Self {
Self {
base_url: base_url.into().trim_end_matches('/').to_owned(),
username: username.into(),
client: reqwest::Client::new(),
}
}
/// Attempt to refresh the access token using the stored refresh token.
///
/// On success the new access token is persisted to the OS keychain,
/// replacing the previous one. The refresh token itself is unchanged.
async fn refresh_token(&self) -> Result<(), SyncError> {
let refresh = load_refresh_token(&self.username)
.map_err(|e| SyncError::Auth(e.to_string()))?;
let resp = self
.client
.post(format!("{}/api/auth/refresh", self.base_url))
.json(&serde_json::json!({ "refresh_token": refresh }))
.send()
.await
.map_err(|e| SyncError::Network(e.to_string()))?;
if !resp.status().is_success() {
return Err(SyncError::Auth("refresh failed".into()));
}
let body: serde_json::Value = resp
.json()
.await
.map_err(|e| SyncError::Serialization(e.to_string()))?;
let new_access = body["access_token"]
.as_str()
.ok_or_else(|| SyncError::Serialization("missing access_token in refresh response".into()))?;
// store_tokens replaces both access and refresh; we keep the old
// refresh token unchanged so its 30-day TTL is preserved.
store_tokens(&self.username, new_access, &refresh)
.map_err(|e| SyncError::Auth(e.to_string()))
}
/// Load the current access token from the OS keychain.
fn access_token(&self) -> Result<String, SyncError> {
load_access_token(&self.username).map_err(|e| SyncError::Auth(e.to_string()))
}
}
#[async_trait]
impl SyncProvider for SolitaireServerClient {
/// Fetch the latest sync payload from the server.
///
/// On HTTP 401 the client refreshes the access token and retries once.
async fn pull(&self) -> Result<SyncPayload, SyncError> {
let token = self.access_token()?;
let url = format!("{}/api/sync/pull", self.base_url);
let resp = self
.client
.get(&url)
.bearer_auth(&token)
.send()
.await
.map_err(|e| SyncError::Network(e.to_string()))?;
if resp.status() == reqwest::StatusCode::UNAUTHORIZED {
// Token expired — refresh and retry once.
self.refresh_token().await?;
let new_token = self.access_token()?;
let resp = self
.client
.get(&url)
.bearer_auth(new_token)
.send()
.await
.map_err(|e| SyncError::Network(e.to_string()))?;
return extract_pull_body(resp).await;
}
extract_pull_body(resp).await
}
/// Push the local payload to the server and return the merged response.
///
/// On HTTP 401 the client refreshes the access token and retries once.
async fn push(&self, payload: &SyncPayload) -> Result<SyncResponse, SyncError> {
let token = self.access_token()?;
let url = format!("{}/api/sync/push", self.base_url);
let resp = self
.client
.post(&url)
.bearer_auth(&token)
.json(payload)
.send()
.await
.map_err(|e| SyncError::Network(e.to_string()))?;
if resp.status() == reqwest::StatusCode::UNAUTHORIZED {
// Token expired — refresh and retry once.
self.refresh_token().await?;
let new_token = self.access_token()?;
let resp = self
.client
.post(&url)
.bearer_auth(new_token)
.json(payload)
.send()
.await
.map_err(|e| SyncError::Network(e.to_string()))?;
return extract_push_body(resp).await;
}
extract_push_body(resp).await
}
fn backend_name(&self) -> &'static str {
"solitaire_server"
}
/// Returns `true` if a valid access token is present in the OS keychain.
fn is_authenticated(&self) -> bool {
load_access_token(&self.username).is_ok()
}
}
// ---------------------------------------------------------------------------
// Response extraction helpers
// ---------------------------------------------------------------------------
/// Deserialize a pull response body as [`SyncResponse`] and return its
/// `merged` field, or map non-200 statuses to the appropriate [`SyncError`].
async fn extract_pull_body(resp: reqwest::Response) -> Result<SyncPayload, SyncError> {
let status = resp.status();
if status.is_success() {
let sync_resp: SyncResponse = resp
.json()
.await
.map_err(|e| SyncError::Serialization(e.to_string()))?;
Ok(sync_resp.merged)
} else {
Err(SyncError::Auth(format!("server returned {status}")))
}
}
/// Deserialize a push response body as [`SyncResponse`], or map non-200
/// statuses to the appropriate [`SyncError`].
async fn extract_push_body(resp: reqwest::Response) -> Result<SyncResponse, SyncError> {
let status = resp.status();
if status.is_success() {
resp.json()
.await
.map_err(|e| SyncError::Serialization(e.to_string()))
} else {
Err(SyncError::Auth(format!("server returned {status}")))
}
}
// ---------------------------------------------------------------------------
// Factory
// ---------------------------------------------------------------------------
/// Construct the appropriate [`SyncProvider`] for the given [`SyncBackend`]
/// setting.
///
/// This is the **one** place in the codebase that matches on [`SyncBackend`]
/// variants. All other code receives a `Box<dyn SyncProvider + Send + Sync>`
/// and remains backend-agnostic.
///
/// `GooglePlayGames` is Android-only; on desktop it silently falls back to
/// [`LocalOnlyProvider`].
pub fn provider_for_backend(backend: &SyncBackend) -> Box<dyn SyncProvider + Send + Sync> {
match backend {
SyncBackend::Local => Box::new(LocalOnlyProvider),
SyncBackend::SolitaireServer { url, username } => {
Box::new(SolitaireServerClient::new(url.clone(), username.clone()))
}
SyncBackend::GooglePlayGames => {
// GPGS is Android-only; fall back to no-op on desktop.
Box::new(LocalOnlyProvider)
}
}
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn local_provider_backend_name() {
assert_eq!(LocalOnlyProvider.backend_name(), "local");
}
#[test]
fn local_provider_not_authenticated() {
assert!(!LocalOnlyProvider.is_authenticated());
}
#[tokio::test]
async fn local_provider_pull_returns_unsupported() {
let err = LocalOnlyProvider.pull().await.unwrap_err();
assert!(matches!(err, SyncError::UnsupportedPlatform));
}
#[test]
fn server_client_strips_trailing_slash() {
let c = SolitaireServerClient::new("https://example.com/", "alice");
assert_eq!(c.base_url, "https://example.com");
}
#[test]
fn server_client_backend_name() {
let c = SolitaireServerClient::new("https://example.com", "alice");
assert_eq!(c.backend_name(), "solitaire_server");
}
#[test]
fn factory_local_returns_local_provider() {
let provider = provider_for_backend(&SyncBackend::Local);
assert_eq!(provider.backend_name(), "local");
}
#[test]
fn factory_gpgs_falls_back_to_local() {
let provider = provider_for_backend(&SyncBackend::GooglePlayGames);
assert_eq!(provider.backend_name(), "local");
}
#[test]
fn factory_server_returns_server_client() {
let provider = provider_for_backend(&SyncBackend::SolitaireServer {
url: "https://example.com".to_string(),
username: "bob".to_string(),
});
assert_eq!(provider.backend_name(), "solitaire_server");
}
}
solitaire_engine/Cargo.toml
+6
View File
@@ -8,4 +8,10 @@ bevy = { workspace = true }
kira = { workspace = true } kira = { workspace = true }
solitaire_core = { workspace = true } solitaire_core = { workspace = true }
solitaire_data = { workspace = true } solitaire_data = { workspace = true }
solitaire_sync = { workspace = true }
chrono = { workspace = true } chrono = { workspace = true }
uuid = { workspace = true }
tokio = { workspace = true }
[dev-dependencies]
async-trait = { workspace = true }
solitaire_engine/src/achievement_plugin.rs
+3 -3
View File
@@ -124,7 +124,7 @@ fn evaluate_on_win(
} }
record.unlock(now); record.unlock(now);
changed = true; changed = true;
unlocks.send(AchievementUnlockedEvent(def.id.to_string())); unlocks.send(AchievementUnlockedEvent(record.clone()));
} }
if changed { if changed {
@@ -201,7 +201,7 @@ mod tests {
// Verify the event was emitted. // Verify the event was emitted.
let events = app.world().resource::<Events<AchievementUnlockedEvent>>(); let events = app.world().resource::<Events<AchievementUnlockedEvent>>();
let mut cursor = events.get_cursor(); let mut cursor = events.get_cursor();
let fired: Vec<String> = cursor.read(events).map(|e| e.0.clone()).collect(); let fired: Vec<String> = cursor.read(events).map(|e| e.0.id.clone()).collect();
assert!(fired.contains(&"first_win".to_string())); assert!(fired.contains(&"first_win".to_string()));
} }
@@ -228,7 +228,7 @@ mod tests {
let events = app.world().resource::<Events<AchievementUnlockedEvent>>(); let events = app.world().resource::<Events<AchievementUnlockedEvent>>();
let mut cursor = events.get_cursor(); let mut cursor = events.get_cursor();
let fired: Vec<String> = cursor.read(events).map(|e| e.0.clone()).collect(); let fired: Vec<String> = cursor.read(events).map(|e| e.0.id.clone()).collect();
assert!( assert!(
!fired.contains(&"first_win".to_string()), !fired.contains(&"first_win".to_string()),
"first_win must not re-fire on subsequent wins" "first_win must not re-fire on subsequent wins"
solitaire_engine/src/animation_plugin.rs
+1 -1
View File
@@ -151,7 +151,7 @@ fn handle_achievement_toast(
for ev in events.read() { for ev in events.read() {
spawn_toast( spawn_toast(
&mut commands, &mut commands,
format!("Achievement: {}", display_name_for(&ev.0)), format!("Achievement: {}", display_name_for(&ev.0.id)),
ACHIEVEMENT_TOAST_SECS, ACHIEVEMENT_TOAST_SECS,
); );
} }
solitaire_engine/src/events.rs
+5 -4
View File
@@ -3,6 +3,7 @@
use bevy::prelude::Event; use bevy::prelude::Event;
use solitaire_core::game_state::GameMode; use solitaire_core::game_state::GameMode;
use solitaire_core::pile::PileType; use solitaire_core::pile::PileType;
use solitaire_data::AchievementRecord;
/// Request to move `count` cards from `from` to `to`. Fired by input systems, /// Request to move `count` cards from `from` to `to`. Fired by input systems,
/// consumed by `GamePlugin`. /// consumed by `GamePlugin`.
@@ -55,8 +56,8 @@ pub struct GameWonEvent {
#[derive(Event, Debug, Clone, Copy)] #[derive(Event, Debug, Clone, Copy)]
pub struct CardFlippedEvent(pub u32); pub struct CardFlippedEvent(pub u32);
/// Achievement unlocked notification — name of the achievement. /// Achievement unlocked notification carrying the full `AchievementRecord` for
/// /// the newly unlocked achievement. Consumed by the toast renderer and any
/// Uses `String` as a placeholder; replaced with `AchievementRecord` in Phase 5. /// persistence/UI systems that need unlock metadata.
#[derive(Event, Debug, Clone)] #[derive(Event, Debug, Clone)]
pub struct AchievementUnlockedEvent(pub String); pub struct AchievementUnlockedEvent(pub AchievementRecord);
solitaire_engine/src/lib.rs
+3 -1
View File
@@ -17,6 +17,7 @@ pub mod settings_plugin;
pub mod progress_plugin; pub mod progress_plugin;
pub mod resources; pub mod resources;
pub mod stats_plugin; pub mod stats_plugin;
pub mod sync_plugin;
pub mod table_plugin; pub mod table_plugin;
pub mod time_attack_plugin; pub mod time_attack_plugin;
pub mod weekly_goals_plugin; pub mod weekly_goals_plugin;
@@ -43,11 +44,12 @@ pub use input_plugin::InputPlugin;
pub use onboarding_plugin::{OnboardingPlugin, OnboardingScreen}; pub use onboarding_plugin::{OnboardingPlugin, OnboardingScreen};
pub use pause_plugin::{PausePlugin, PauseScreen, PausedResource}; pub use pause_plugin::{PausePlugin, PauseScreen, PausedResource};
pub use settings_plugin::{ pub use settings_plugin::{
SettingsChangedEvent, SettingsPlugin, SettingsResource, SFX_STEP, SettingsChangedEvent, SettingsPlugin, SettingsResource, SettingsScreen, SFX_STEP,
}; };
pub use layout::{compute_layout, Layout, LayoutResource}; pub use layout::{compute_layout, Layout, LayoutResource};
pub use resources::{DragState, GameStateResource, SyncStatus, SyncStatusResource}; pub use resources::{DragState, GameStateResource, SyncStatus, SyncStatusResource};
pub use stats_plugin::{StatsPlugin, StatsResource, StatsScreen, StatsUpdate}; pub use stats_plugin::{StatsPlugin, StatsResource, StatsScreen, StatsUpdate};
pub use sync_plugin::{SyncPlugin, SyncProviderResource};
pub use table_plugin::{PileMarker, TableBackground, TablePlugin}; pub use table_plugin::{PileMarker, TableBackground, TablePlugin};
pub use time_attack_plugin::{ pub use time_attack_plugin::{
TimeAttackEndedEvent, TimeAttackPlugin, TimeAttackResource, TIME_ATTACK_DURATION_SECS, TimeAttackEndedEvent, TimeAttackPlugin, TimeAttackResource, TIME_ATTACK_DURATION_SECS,
solitaire_engine/src/settings_plugin.rs
+305 -16
View File
@@ -1,8 +1,10 @@
//! Persists `solitaire_data::Settings` and exposes hotkeys for live tuning. //! Persists `solitaire_data::Settings`, exposes hotkeys for live tuning,
//! and renders a Bevy UI Settings panel.
//! //!
//! Hotkeys (always active, no overlay required): //! Hotkeys (always active, no overlay required):
//! - `[` decrease SFX volume by `SFX_STEP` //! - `[` decrease SFX volume by `SFX_STEP`
//! - `]` increase SFX volume by `SFX_STEP` //! - `]` increase SFX volume by `SFX_STEP`
//! - `O` — open / close the Settings panel
//! //!
//! On change, the plugin persists `settings.json` and fires //! On change, the plugin persists `settings.json` and fires
//! `SettingsChangedEvent` so dependents (e.g. `AudioPlugin`) can react. //! `SettingsChangedEvent` so dependents (e.g. `AudioPlugin`) can react.
@@ -12,37 +14,66 @@ use std::path::PathBuf;
use bevy::prelude::*; use bevy::prelude::*;
use solitaire_data::{load_settings_from, save_settings_to, settings_file_path, Settings}; use solitaire_data::{load_settings_from, save_settings_to, settings_file_path, Settings};
/// Volume adjustment step. /// Volume adjustment step applied by the `[` / `]` hotkeys.
pub const SFX_STEP: f32 = 0.1; pub const SFX_STEP: f32 = 0.1;
/// Bevy resource wrapping the current `Settings`. /// Bevy resource wrapping the current `Settings`.
#[derive(Resource, Debug, Clone)] #[derive(Resource, Debug, Clone)]
pub struct SettingsResource(pub Settings); pub struct SettingsResource(pub Settings);
/// Persistence path for `SettingsResource`. `None` disables I/O. /// Persistence path for `SettingsResource`. `None` disables I/O (used in tests).
#[derive(Resource, Debug, Clone)] #[derive(Resource, Debug, Clone)]
pub struct SettingsStoragePath(pub Option<PathBuf>); pub struct SettingsStoragePath(pub Option<PathBuf>);
/// Fired any time settings change so consumers (audio, UI) can react. /// Whether the Settings panel is currently visible. Toggle with `O`.
#[derive(Resource, Debug, Clone, Default)]
pub struct SettingsScreen(pub bool);
/// Fired whenever settings change so consumers (audio, UI) can react.
#[derive(Event, Debug, Clone)] #[derive(Event, Debug, Clone)]
pub struct SettingsChangedEvent(pub Settings); pub struct SettingsChangedEvent(pub Settings);
/// Marker on the root Settings panel entity.
#[derive(Component, Debug)]
struct SettingsPanel;
/// Marks the `Text` node that displays the live SFX volume value.
#[derive(Component, Debug)]
struct SfxVolumeText;
/// Tags interactive buttons inside the Settings panel.
#[derive(Component, Debug)]
enum SettingsButton {
SfxDown,
SfxUp,
Done,
}
/// Plugin that owns the settings lifecycle.
pub struct SettingsPlugin { pub struct SettingsPlugin {
/// Path to `settings.json`. `None` in headless/test mode.
pub storage_path: Option<PathBuf>, pub storage_path: Option<PathBuf>,
/// When `false`, panel spawn/despawn systems are not registered.
/// Use [`SettingsPlugin::headless`] for tests running under `MinimalPlugins`.
pub ui_enabled: bool,
} }
impl Default for SettingsPlugin { impl Default for SettingsPlugin {
fn default() -> Self { fn default() -> Self {
Self { Self {
storage_path: settings_file_path(), storage_path: settings_file_path(),
ui_enabled: true,
} }
} }
} }
impl SettingsPlugin { impl SettingsPlugin {
/// Plugin configured with no persistence — for tests and headless apps. /// No persistence, no UI — safe to use under `MinimalPlugins` in tests.
pub fn headless() -> Self { pub fn headless() -> Self {
Self { storage_path: None } Self {
storage_path: None,
ui_enabled: false,
}
} }
} }
@@ -54,27 +85,41 @@ impl Plugin for SettingsPlugin {
}; };
app.insert_resource(SettingsResource(loaded)) app.insert_resource(SettingsResource(loaded))
.insert_resource(SettingsStoragePath(self.storage_path.clone())) .insert_resource(SettingsStoragePath(self.storage_path.clone()))
.init_resource::<SettingsScreen>()
.add_event::<SettingsChangedEvent>() .add_event::<SettingsChangedEvent>()
.add_systems(Update, handle_volume_keys); .add_systems(Update, (handle_volume_keys, toggle_settings_screen));
if self.ui_enabled {
app.add_systems(
Update,
(sync_settings_panel_visibility, handle_settings_buttons),
);
}
} }
} }
// ---------------------------------------------------------------------------
// Internal helpers
// ---------------------------------------------------------------------------
fn persist(path: &SettingsStoragePath, settings: &Settings) { fn persist(path: &SettingsStoragePath, settings: &Settings) {
let Some(target) = &path.0 else { let Some(target) = &path.0 else { return };
return;
};
if let Err(e) = save_settings_to(target, settings) { if let Err(e) = save_settings_to(target, settings) {
warn!("failed to save settings: {e}"); warn!("failed to save settings: {e}");
} }
} }
// ---------------------------------------------------------------------------
// Systems
// ---------------------------------------------------------------------------
fn handle_volume_keys( fn handle_volume_keys(
keys: Res<ButtonInput<KeyCode>>, keys: Res<ButtonInput<KeyCode>>,
mut settings: ResMut<SettingsResource>, mut settings: ResMut<SettingsResource>,
path: Res<SettingsStoragePath>, path: Res<SettingsStoragePath>,
mut changed: EventWriter<SettingsChangedEvent>, mut changed: EventWriter<SettingsChangedEvent>,
) { ) {
let mut delta = 0.0; let mut delta = 0.0_f32;
if keys.just_pressed(KeyCode::BracketLeft) { if keys.just_pressed(KeyCode::BracketLeft) {
delta -= SFX_STEP; delta -= SFX_STEP;
} }
@@ -87,13 +132,259 @@ fn handle_volume_keys(
let before = settings.0.sfx_volume; let before = settings.0.sfx_volume;
let after = settings.0.adjust_sfx_volume(delta); let after = settings.0.adjust_sfx_volume(delta);
if (before - after).abs() < f32::EPSILON { if (before - after).abs() < f32::EPSILON {
// Already at the rail — no point persisting or notifying.
return; return;
} }
persist(&path, &settings.0); persist(&path, &settings.0);
changed.send(SettingsChangedEvent(settings.0.clone())); changed.send(SettingsChangedEvent(settings.0.clone()));
} }
/// Opens or closes the Settings panel when `O` is pressed.
fn toggle_settings_screen(
keys: Res<ButtonInput<KeyCode>>,
mut screen: ResMut<SettingsScreen>,
) {
if keys.just_pressed(KeyCode::KeyO) {
screen.0 = !screen.0;
}
}
/// Spawns the Settings panel when `SettingsScreen` becomes `true`;
/// despawns it when it becomes `false`.
fn sync_settings_panel_visibility(
screen: Res<SettingsScreen>,
panels: Query<Entity, With<SettingsPanel>>,
mut commands: Commands,
settings: Res<SettingsResource>,
) {
if !screen.is_changed() {
return;
}
if screen.0 {
if panels.is_empty() {
spawn_settings_panel(&mut commands, &settings.0);
}
} else {
for entity in &panels {
commands.entity(entity).despawn_recursive();
}
}
}
/// Reacts to button presses inside the Settings panel.
fn handle_settings_buttons(
interaction_query: Query<(&Interaction, &SettingsButton), Changed<Interaction>>,
mut settings: ResMut<SettingsResource>,
mut screen: ResMut<SettingsScreen>,
path: Res<SettingsStoragePath>,
mut changed: EventWriter<SettingsChangedEvent>,
mut volume_text: Query<&mut Text, With<SfxVolumeText>>,
) {
for (interaction, button) in &interaction_query {
if *interaction != Interaction::Pressed {
continue;
}
match button {
SettingsButton::SfxDown => {
let before = settings.0.sfx_volume;
let after = settings.0.adjust_sfx_volume(-SFX_STEP);
if (before - after).abs() > f32::EPSILON {
persist(&path, &settings.0);
changed.send(SettingsChangedEvent(settings.0.clone()));
if let Ok(mut text) = volume_text.get_single_mut() {
**text = format!("{:.2}", after);
}
}
}
SettingsButton::SfxUp => {
let before = settings.0.sfx_volume;
let after = settings.0.adjust_sfx_volume(SFX_STEP);
if (before - after).abs() > f32::EPSILON {
persist(&path, &settings.0);
changed.send(SettingsChangedEvent(settings.0.clone()));
if let Ok(mut text) = volume_text.get_single_mut() {
**text = format!("{:.2}", after);
}
}
}
SettingsButton::Done => {
screen.0 = false;
}
}
}
}
// ---------------------------------------------------------------------------
// UI construction
// ---------------------------------------------------------------------------
fn spawn_settings_panel(commands: &mut Commands, settings: &Settings) {
commands
.spawn((
SettingsPanel,
Node {
position_type: PositionType::Absolute,
left: Val::Percent(0.0),
top: Val::Percent(0.0),
width: Val::Percent(100.0),
height: Val::Percent(100.0),
flex_direction: FlexDirection::Column,
justify_content: JustifyContent::Center,
align_items: AlignItems::Center,
..default()
},
BackgroundColor(Color::srgba(0.0, 0.0, 0.0, 0.72)),
ZIndex(200),
))
.with_children(|root| {
// Inner card
root.spawn((
Node {
flex_direction: FlexDirection::Column,
padding: UiRect::all(Val::Px(28.0)),
row_gap: Val::Px(14.0),
min_width: Val::Px(340.0),
..default()
},
BackgroundColor(Color::srgb(0.11, 0.11, 0.14)),
BorderRadius::all(Val::Px(8.0)),
))
.with_children(|card| {
// Title
card.spawn((
Text::new("Settings"),
TextFont {
font_size: 30.0,
..default()
},
TextColor(Color::WHITE),
));
// --- Audio section ---
section_label(card, "Audio");
// SFX volume row: label | value | [] | [+]
card.spawn(Node {
flex_direction: FlexDirection::Row,
align_items: AlignItems::Center,
column_gap: Val::Px(8.0),
..default()
})
.with_children(|row| {
row.spawn((
Text::new("SFX Volume"),
TextFont {
font_size: 18.0,
..default()
},
TextColor(Color::srgb(0.85, 0.85, 0.80)),
));
row.spawn((
SfxVolumeText,
Text::new(format!("{:.2}", settings.sfx_volume)),
TextFont {
font_size: 18.0,
..default()
},
TextColor(Color::WHITE),
));
icon_button(row, "", SettingsButton::SfxDown);
icon_button(row, "+", SettingsButton::SfxUp);
});
coming_soon_row(card, "Music Volume");
// --- Gameplay section ---
section_label(card, "Gameplay");
coming_soon_row(card, "Draw Mode");
// --- Appearance section ---
section_label(card, "Appearance");
coming_soon_row(card, "Theme");
// --- Sync section ---
section_label(card, "Sync");
coming_soon_row(card, "Sync Backend");
// Done button
card.spawn((
SettingsButton::Done,
Button,
Node {
padding: UiRect::axes(Val::Px(20.0), Val::Px(8.0)),
justify_content: JustifyContent::Center,
margin: UiRect::top(Val::Px(6.0)),
..default()
},
BackgroundColor(Color::srgb(0.22, 0.45, 0.22)),
BorderRadius::all(Val::Px(4.0)),
))
.with_children(|b| {
b.spawn((
Text::new("Done"),
TextFont {
font_size: 18.0,
..default()
},
TextColor(Color::WHITE),
));
});
});
});
}
fn section_label(parent: &mut ChildBuilder, title: &str) {
parent.spawn((
Text::new(title),
TextFont {
font_size: 14.0,
..default()
},
TextColor(Color::srgb(0.55, 0.75, 0.55)),
));
}
fn coming_soon_row(parent: &mut ChildBuilder, label: &str) {
parent.spawn((
Text::new(format!("{label} — coming soon")),
TextFont {
font_size: 16.0,
..default()
},
TextColor(Color::srgb(0.45, 0.45, 0.45)),
));
}
fn icon_button(parent: &mut ChildBuilder, label: &str, action: SettingsButton) {
parent
.spawn((
action,
Button,
Node {
width: Val::Px(28.0),
height: Val::Px(28.0),
justify_content: JustifyContent::Center,
align_items: AlignItems::Center,
..default()
},
BackgroundColor(Color::srgb(0.25, 0.25, 0.30)),
BorderRadius::all(Val::Px(4.0)),
))
.with_children(|b| {
b.spawn((
Text::new(label.to_string()),
TextFont {
font_size: 18.0,
..default()
},
TextColor(Color::WHITE),
));
});
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
@@ -142,7 +433,6 @@ mod tests {
#[test] #[test]
fn pressing_right_bracket_increases_volume() { fn pressing_right_bracket_increases_volume() {
let mut app = headless_app(); let mut app = headless_app();
// Drop volume first so there's headroom to grow.
app.world_mut().resource_mut::<SettingsResource>().0.sfx_volume = 0.5; app.world_mut().resource_mut::<SettingsResource>().0.sfx_volume = 0.5;
press(&mut app, KeyCode::BracketRight); press(&mut app, KeyCode::BracketRight);
@@ -155,7 +445,6 @@ mod tests {
#[test] #[test]
fn clamped_change_does_not_emit_event() { fn clamped_change_does_not_emit_event() {
let mut app = headless_app(); let mut app = headless_app();
// Already at max — pressing right bracket should be a no-op.
app.world_mut().resource_mut::<SettingsResource>().0.sfx_volume = 1.0; app.world_mut().resource_mut::<SettingsResource>().0.sfx_volume = 1.0;
press(&mut app, KeyCode::BracketRight); press(&mut app, KeyCode::BracketRight);
solitaire_engine/src/stats_plugin.rs
+2 -1
View File
@@ -11,7 +11,8 @@ use std::path::PathBuf;
use bevy::input::ButtonInput; use bevy::input::ButtonInput;
use bevy::prelude::*; use bevy::prelude::*;
use solitaire_data::{ use solitaire_data::{
load_stats_from, save_stats_to, stats_file_path, PlayerProgress, StatsSnapshot, WEEKLY_GOALS, load_stats_from, save_stats_to, stats_file_path, PlayerProgress, StatsExt, StatsSnapshot,
WEEKLY_GOALS,
}; };
use crate::events::{GameWonEvent, NewGameRequestEvent}; use crate::events::{GameWonEvent, NewGameRequestEvent};
solitaire_engine/src/sync_plugin.rs
+379
View File
@@ -0,0 +1,379 @@
//! Backend-agnostic sync plugin for Solitaire Quest.
//!
//! On startup, the plugin spawns an async pull task on [`AsyncComputeTaskPool`]
//! that fetches the remote payload from the active [`SyncProvider`]. Once the
//! task resolves, the merged result is written to disk and the in-world
//! resources are updated. On app exit, a blocking push sends the current local
//! state to the backend.
//!
//! The plugin is completely backend-agnostic: the caller (usually
//! `solitaire_app`) constructs the right [`SyncProvider`] implementation and
//! passes it to [`SyncPlugin::new`]. No `match` on a backend enum variant ever
//! occurs inside this module.
use std::sync::Arc;
use bevy::prelude::*;
use bevy::tasks::{futures_lite::future, AsyncComputeTaskPool, Task};
use chrono::Utc;
use uuid::Uuid;
use solitaire_data::{
save_achievements_to, save_progress_to, save_stats_to, AchievementRecord, PlayerProgress,
StatsSnapshot, SyncProvider,
};
use solitaire_sync::{merge, SyncPayload};
use crate::achievement_plugin::{AchievementsResource, AchievementsStoragePath};
use crate::progress_plugin::{ProgressResource, ProgressStoragePath};
use crate::resources::{SyncStatus, SyncStatusResource};
use crate::stats_plugin::{StatsResource, StatsStoragePath};
// ---------------------------------------------------------------------------
// Public resources
// ---------------------------------------------------------------------------
/// Wraps the active sync backend. Shared with async tasks via [`Arc`].
///
/// Registered by [`SyncPlugin`] during `build()`. Other plugins may read this
/// resource to check [`SyncProvider::is_authenticated`] or
/// [`SyncProvider::backend_name`].
#[derive(Resource, Clone)]
pub struct SyncProviderResource(pub Arc<dyn SyncProvider + Send + Sync>);
/// Holds a pending pull result transferred from the async compute task to the
/// main thread. Consumed and cleared by [`poll_pull_result`].
#[derive(Resource, Default)]
pub struct PullTaskResult(pub Option<Result<SyncPayload, String>>);
// ---------------------------------------------------------------------------
// Internal resources
// ---------------------------------------------------------------------------
/// Holds the in-flight pull task so [`poll_pull_result`] can check its status
/// each frame without blocking the main thread.
#[derive(Resource, Default)]
struct PullTask(Option<Task<Result<SyncPayload, String>>>);
// ---------------------------------------------------------------------------
// Plugin struct
// ---------------------------------------------------------------------------
/// Bevy plugin that manages the full sync lifecycle:
///
/// - **Startup** — spawns an async pull task on [`AsyncComputeTaskPool`].
/// - **Update** — polls the task each frame; on completion merges the remote
/// payload with local data, persists the result, and updates in-world
/// resources.
/// - **Last** — on [`AppExit`], performs a blocking push of the current local
/// state to the active backend.
///
/// Construct via [`SyncPlugin::new`], passing any type that implements
/// [`SyncProvider`].
pub struct SyncPlugin {
provider: Arc<dyn SyncProvider + Send + Sync>,
}
impl SyncPlugin {
/// Create a new [`SyncPlugin`] backed by the given [`SyncProvider`].
///
/// The provider is heap-allocated and reference-counted so it can be
/// cloned cheaply into async tasks.
pub fn new(provider: impl SyncProvider + 'static) -> Self {
Self {
provider: Arc::new(provider),
}
}
}
impl Plugin for SyncPlugin {
fn build(&self, app: &mut App) {
app.insert_resource(SyncProviderResource(self.provider.clone()))
.init_resource::<SyncStatusResource>()
.init_resource::<PullTaskResult>()
.init_resource::<PullTask>()
.add_systems(Startup, start_pull)
.add_systems(Update, poll_pull_result)
.add_systems(Last, push_on_exit);
}
}
// ---------------------------------------------------------------------------
// Systems
// ---------------------------------------------------------------------------
/// Startup system: spawns the async pull task and sets status to `Syncing`.
fn start_pull(
provider: Res<SyncProviderResource>,
mut task_res: ResMut<PullTask>,
mut status: ResMut<SyncStatusResource>,
) {
let provider = provider.0.clone();
let task = AsyncComputeTaskPool::get().spawn(async move {
provider.pull().await.map_err(|e| e.to_string())
});
task_res.0 = Some(task);
status.0 = SyncStatus::Syncing;
}
/// Update system: polls the pull task without blocking.
///
/// When the task resolves successfully:
/// 1. Merges the remote payload with the current local state.
/// 2. Persists the merged result atomically.
/// 3. Updates the in-world [`StatsResource`], [`AchievementsResource`], and
/// [`ProgressResource`].
/// 4. Sets [`SyncStatusResource`] to [`SyncStatus::LastSynced`].
///
/// On failure, sets [`SyncStatusResource`] to [`SyncStatus::Error`].
fn poll_pull_result(
mut task_res: ResMut<PullTask>,
mut status: ResMut<SyncStatusResource>,
mut stats: ResMut<StatsResource>,
stats_path: Res<StatsStoragePath>,
mut achievements: ResMut<AchievementsResource>,
achievements_path: Res<AchievementsStoragePath>,
mut progress: ResMut<ProgressResource>,
progress_path: Res<ProgressStoragePath>,
) {
let Some(task) = task_res.0.as_mut() else {
return;
};
let Some(result) = future::block_on(future::poll_once(task)) else {
return;
};
task_res.0 = None;
match result {
Ok(remote) => {
let local = build_payload(&stats.0, &achievements.0, &progress.0);
let (merged, _conflicts) = merge(&local, &remote);
// Persist merged state atomically.
if let Some(p) = &stats_path.0 {
if let Err(e) = save_stats_to(p, &merged.stats) {
warn!("sync: failed to persist stats: {e}");
}
}
if let Some(p) = &achievements_path.0 {
if let Err(e) = save_achievements_to(p, &merged.achievements) {
warn!("sync: failed to persist achievements: {e}");
}
}
if let Some(p) = &progress_path.0 {
if let Err(e) = save_progress_to(p, &merged.progress) {
warn!("sync: failed to persist progress: {e}");
}
}
// Update in-world resources.
stats.0 = merged.stats;
achievements.0 = merged.achievements;
progress.0 = merged.progress;
status.0 = SyncStatus::LastSynced(Utc::now());
}
Err(e) => {
warn!("sync pull failed: {e}");
status.0 = SyncStatus::Error(e);
}
}
}
/// Last-schedule system: pushes the current local state on [`AppExit`].
///
/// A blocking push is acceptable here — ARCHITECTURE.md §4 explicitly notes
/// that blocking on exit is permitted because the game loop is already
/// shutting down.
fn push_on_exit(
mut exit_events: EventReader<AppExit>,
provider: Res<SyncProviderResource>,
stats: Res<StatsResource>,
achievements: Res<AchievementsResource>,
progress: Res<ProgressResource>,
) {
if exit_events.is_empty() {
return;
}
exit_events.clear();
let payload = build_payload(&stats.0, &achievements.0, &progress.0);
let provider = provider.0.clone();
// Prefer an existing tokio runtime; fall back to futures_lite block_on
// for environments (e.g. tests) that don't have one.
match tokio::runtime::Handle::try_current() {
Ok(handle) => {
let _ = handle.block_on(provider.push(&payload));
}
Err(_) => {
let _ = future::block_on(provider.push(&payload));
}
}
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
/// Constructs a [`SyncPayload`] from the current in-world state.
///
/// `user_id` is set to [`Uuid::nil()`] — the server replaces it with the
/// authenticated user's real ID when it processes the push request.
fn build_payload(
stats: &StatsSnapshot,
achievements: &[AchievementRecord],
progress: &PlayerProgress,
) -> SyncPayload {
SyncPayload {
user_id: Uuid::nil(),
stats: stats.clone(),
achievements: achievements.to_vec(),
progress: progress.clone(),
last_modified: Utc::now(),
}
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
#[cfg(test)]
mod tests {
use super::*;
use solitaire_data::SyncError;
use solitaire_sync::SyncResponse;
/// A no-op sync provider that always returns a default payload on pull
/// and succeeds silently on push. Used to exercise the plugin in headless
/// tests without any network I/O.
struct NoOpProvider;
#[async_trait::async_trait]
impl SyncProvider for NoOpProvider {
async fn pull(&self) -> Result<SyncPayload, SyncError> {
Ok(SyncPayload {
user_id: Uuid::nil(),
stats: StatsSnapshot::default(),
achievements: vec![],
progress: PlayerProgress::default(),
last_modified: Utc::now(),
})
}
async fn push(&self, _payload: &SyncPayload) -> Result<SyncResponse, SyncError> {
Ok(SyncResponse {
merged: SyncPayload {
user_id: Uuid::nil(),
stats: StatsSnapshot::default(),
achievements: vec![],
progress: PlayerProgress::default(),
last_modified: Utc::now(),
},
server_time: Utc::now(),
conflicts: vec![],
})
}
fn backend_name(&self) -> &'static str {
"no-op"
}
fn is_authenticated(&self) -> bool {
false
}
}
/// A provider that always fails on pull, used to test the error path.
struct FailingProvider;
#[async_trait::async_trait]
impl SyncProvider for FailingProvider {
async fn pull(&self) -> Result<SyncPayload, SyncError> {
Err(SyncError::Network("simulated failure".to_string()))
}
async fn push(&self, _payload: &SyncPayload) -> Result<SyncResponse, SyncError> {
Err(SyncError::Network("simulated failure".to_string()))
}
fn backend_name(&self) -> &'static str {
"failing"
}
fn is_authenticated(&self) -> bool {
false
}
}
fn headless_app_with(provider: impl SyncProvider + 'static) -> App {
let mut app = App::new();
app.add_plugins(MinimalPlugins)
.add_plugins(crate::game_plugin::GamePlugin)
.add_plugins(crate::table_plugin::TablePlugin)
.add_plugins(crate::stats_plugin::StatsPlugin::headless())
.add_plugins(crate::progress_plugin::ProgressPlugin::headless())
.add_plugins(crate::achievement_plugin::AchievementPlugin::headless())
.add_plugins(SyncPlugin::new(provider));
// MinimalPlugins does not register keyboard input.
app.init_resource::<bevy::input::ButtonInput<KeyCode>>();
app.update();
app
}
#[test]
fn sync_provider_resource_is_registered() {
let app = headless_app_with(NoOpProvider);
assert!(app.world().get_resource::<SyncProviderResource>().is_some());
}
#[test]
fn sync_status_becomes_syncing_on_startup() {
// After the first update() the startup system has run and set Syncing,
// but the async task may not have resolved yet.
let mut app = headless_app_with(NoOpProvider);
// Run a second update to give the task pool a chance to complete.
app.update();
// Status is either Syncing (task still running) or LastSynced (resolved).
let status = &app.world().resource::<SyncStatusResource>().0;
assert!(
matches!(
status,
SyncStatus::Syncing | SyncStatus::LastSynced(_)
),
"status should be Syncing or LastSynced, got {status:?}"
);
}
#[test]
fn pull_failure_sets_error_status() {
let mut app = headless_app_with(FailingProvider);
// Pump frames until the task resolves (it's synchronous under
// AsyncComputeTaskPool in test mode, so a few updates suffice).
for _ in 0..5 {
app.update();
}
let status = &app.world().resource::<SyncStatusResource>().0;
assert!(
matches!(status, SyncStatus::Error(_)),
"expected Error status after failing pull, got {status:?}"
);
}
#[test]
fn build_payload_sets_nil_user_id() {
let payload = build_payload(
&StatsSnapshot::default(),
&[],
&PlayerProgress::default(),
);
assert_eq!(payload.user_id, Uuid::nil());
}
#[test]
fn build_payload_clones_stats() {
let mut stats = StatsSnapshot::default();
stats.games_played = 42;
let payload = build_payload(&stats, &[], &PlayerProgress::default());
assert_eq!(payload.stats.games_played, 42);
}
}
solitaire_server/Cargo.toml
+11
View File
@@ -3,6 +3,10 @@ name = "solitaire_server"
version.workspace = true version.workspace = true
edition.workspace = true edition.workspace = true
[lib]
name = "solitaire_server"
path = "src/lib.rs"
[[bin]] [[bin]]
name = "solitaire_server" name = "solitaire_server"
path = "src/main.rs" path = "src/main.rs"
@@ -23,3 +27,10 @@ tower_governor = { workspace = true }
tracing = { workspace = true } tracing = { workspace = true }
tracing-subscriber = { workspace = true } tracing-subscriber = { workspace = true }
dotenvy = { workspace = true } dotenvy = { workspace = true }
[dev-dependencies]
tower = { version = "0.5", features = ["util"] }
solitaire_sync = { workspace = true }
uuid = { workspace = true }
chrono = { workspace = true }
jsonwebtoken = { workspace = true }
solitaire_server/migrations/001_initial.sql
+32
View File
@@ -0,0 +1,32 @@
-- Migration 001: initial schema
-- Creates the core tables required by the Solitaire Quest sync server.
CREATE TABLE IF NOT EXISTS users (
id TEXT PRIMARY KEY, -- UUID v4
username TEXT UNIQUE NOT NULL,
password_hash TEXT NOT NULL, -- bcrypt, cost 12
created_at TEXT NOT NULL, -- ISO 8601
leaderboard_opt_in INTEGER NOT NULL DEFAULT 0
);
CREATE TABLE IF NOT EXISTS sync_state (
user_id TEXT PRIMARY KEY REFERENCES users(id) ON DELETE CASCADE,
stats_json TEXT NOT NULL,
achievements_json TEXT NOT NULL,
progress_json TEXT NOT NULL,
last_modified TEXT NOT NULL -- ISO 8601
);
CREATE TABLE IF NOT EXISTS daily_challenges (
date TEXT PRIMARY KEY, -- "YYYY-MM-DD"
seed INTEGER NOT NULL,
goal_json TEXT NOT NULL
);
CREATE TABLE IF NOT EXISTS leaderboard (
user_id TEXT PRIMARY KEY REFERENCES users(id) ON DELETE CASCADE,
display_name TEXT NOT NULL,
best_time_secs INTEGER,
best_score INTEGER,
recorded_at TEXT NOT NULL -- ISO 8601
);
solitaire_server/src/auth.rs
+201
View File
@@ -0,0 +1,201 @@
//! Authentication handlers: register, login, refresh, delete account.
use axum::{extract::State, Json};
use bcrypt::{hash, verify};
use chrono::Utc;
use jsonwebtoken::{encode, EncodingKey, Header};
use serde::{Deserialize, Serialize};
use sqlx::SqlitePool;
use uuid::Uuid;
use crate::{
error::AppError,
middleware::{validate_refresh_token, AuthenticatedUser, Claims},
};
// ---------------------------------------------------------------------------
// Request / response shapes
// ---------------------------------------------------------------------------
/// Body for `POST /api/auth/register` and `POST /api/auth/login`.
#[derive(Debug, Deserialize)]
pub struct AuthRequest {
pub username: String,
pub password: String,
}
/// Body for `POST /api/auth/refresh`.
#[derive(Debug, Deserialize)]
pub struct RefreshRequest {
pub refresh_token: String,
}
/// Successful auth response — contains both tokens.
#[derive(Debug, Serialize)]
pub struct AuthResponse {
pub access_token: String,
pub refresh_token: String,
}
/// Successful refresh response — contains only the new access token.
#[derive(Debug, Serialize)]
pub struct RefreshResponse {
pub access_token: String,
}
// ---------------------------------------------------------------------------
// Internal database row type
// ---------------------------------------------------------------------------
/// User row fetched from the database during login.
/// Fields are `Option<String>` because sqlx treats all SQLite TEXT columns
/// as nullable regardless of the NOT NULL constraint in the schema.
struct UserRow {
id: Option<String>,
password_hash: Option<String>,
}
// ---------------------------------------------------------------------------
// bcrypt cost used for password hashing
// ---------------------------------------------------------------------------
/// bcrypt cost factor. Per ARCHITECTURE.md §19 this must be 12.
const BCRYPT_COST: u32 = 12;
// ---------------------------------------------------------------------------
// Token generation helpers
// ---------------------------------------------------------------------------
/// Encode a JWT access token (24-hour expiry) for `user_id`.
pub fn make_access_token(user_id: &str, secret: &str) -> Result<String, AppError> {
let exp = (Utc::now() + chrono::Duration::hours(24)).timestamp() as usize;
let claims = Claims {
sub: user_id.to_string(),
exp,
kind: "access".to_string(),
};
encode(&Header::default(), &claims, &EncodingKey::from_secret(secret.as_bytes()))
.map_err(|e| AppError::Internal(e.to_string()))
}
/// Encode a JWT refresh token (30-day expiry) for `user_id`.
pub fn make_refresh_token(user_id: &str, secret: &str) -> Result<String, AppError> {
let exp = (Utc::now() + chrono::Duration::days(30)).timestamp() as usize;
let claims = Claims {
sub: user_id.to_string(),
exp,
kind: "refresh".to_string(),
};
encode(&Header::default(), &claims, &EncodingKey::from_secret(secret.as_bytes()))
.map_err(|e| AppError::Internal(e.to_string()))
}
// ---------------------------------------------------------------------------
// Handlers
// ---------------------------------------------------------------------------
/// `POST /api/auth/register` — create a new account and return tokens.
pub async fn register(
State(pool): State<SqlitePool>,
Json(body): Json<AuthRequest>,
) -> Result<Json<AuthResponse>, AppError> {
// Validate input minimally.
if body.username.trim().is_empty() || body.password.is_empty() {
return Err(AppError::BadRequest("username and password are required".into()));
}
// Check for duplicate username. SQLite returns TEXT as nullable so we
// flatten the Option<Option<String>> produced by fetch_optional.
let existing: Option<String> = sqlx::query_scalar!(
"SELECT id FROM users WHERE username = ?",
body.username
)
.fetch_optional(&pool)
.await?
.flatten();
if existing.is_some() {
return Err(AppError::UsernameTaken);
}
let user_id = Uuid::new_v4().to_string();
let password_hash = hash(&body.password, BCRYPT_COST)?;
let now = Utc::now().to_rfc3339();
sqlx::query!(
"INSERT INTO users (id, username, password_hash, created_at) VALUES (?, ?, ?, ?)",
user_id,
body.username,
password_hash,
now
)
.execute(&pool)
.await?;
let secret = std::env::var("JWT_SECRET")
.map_err(|_| AppError::Internal("JWT_SECRET not set".into()))?;
Ok(Json(AuthResponse {
access_token: make_access_token(&user_id, &secret)?,
refresh_token: make_refresh_token(&user_id, &secret)?,
}))
}
/// `POST /api/auth/login` — verify credentials and return tokens.
pub async fn login(
State(pool): State<SqlitePool>,
Json(body): Json<AuthRequest>,
) -> Result<Json<AuthResponse>, AppError> {
let row = sqlx::query_as!(
UserRow,
"SELECT id, password_hash FROM users WHERE username = ?",
body.username
)
.fetch_optional(&pool)
.await?;
let row = row.ok_or(AppError::InvalidCredentials)?;
let row_id = row.id.ok_or_else(|| AppError::Internal("user id missing".into()))?;
let row_hash = row.password_hash.ok_or_else(|| AppError::Internal("password hash missing".into()))?;
let valid = verify(&body.password, &row_hash)?;
if !valid {
return Err(AppError::InvalidCredentials);
}
let secret = std::env::var("JWT_SECRET")
.map_err(|_| AppError::Internal("JWT_SECRET not set".into()))?;
Ok(Json(AuthResponse {
access_token: make_access_token(&row_id, &secret)?,
refresh_token: make_refresh_token(&row_id, &secret)?,
}))
}
/// `POST /api/auth/refresh` — exchange a refresh token for a new access token.
pub async fn refresh(
Json(body): Json<RefreshRequest>,
) -> Result<Json<RefreshResponse>, AppError> {
let secret = std::env::var("JWT_SECRET")
.map_err(|_| AppError::Internal("JWT_SECRET not set".into()))?;
let claims = validate_refresh_token(&body.refresh_token, &secret)?;
Ok(Json(RefreshResponse {
access_token: make_access_token(&claims.sub, &secret)?,
}))
}
/// `DELETE /api/account` — permanently delete the authenticated user's account.
///
/// All related rows are removed via `ON DELETE CASCADE` in the schema.
pub async fn delete_account(
State(pool): State<SqlitePool>,
user: AuthenticatedUser,
) -> Result<Json<serde_json::Value>, AppError> {
sqlx::query!("DELETE FROM users WHERE id = ?", user.user_id)
.execute(&pool)
.await?;
Ok(Json(serde_json::json!({ "ok": true })))
}
solitaire_server/src/challenge.rs
+115
View File
@@ -0,0 +1,115 @@
//! Daily challenge endpoint.
//!
//! `GET /api/daily-challenge` — returns the challenge for today's date.
//!
//! The seed is deterministic (same for all players worldwide) and is
//! generated on first request for that date, then stored in the database
//! so subsequent calls return the same value.
use axum::{extract::State, Json};
use chrono::Utc;
use sqlx::SqlitePool;
use solitaire_sync::ChallengeGoal;
use crate::error::AppError;
// ---------------------------------------------------------------------------
// Seed generation
// ---------------------------------------------------------------------------
/// Compute a deterministic seed from a date string such as `"2026-04-26"`.
///
/// Uses a simple polynomial rolling hash over the UTF-8 bytes of the string.
/// The computation is identical across all server instances and all clients
/// that implement the same algorithm.
pub fn hash_date_to_u64(date: &str) -> u64 {
date.bytes()
.fold(0u64, |acc, b| acc.wrapping_mul(31).wrapping_add(b as u64))
}
/// Generate a [`ChallengeGoal`] from a seed and date.
///
/// The goal type and parameters are derived deterministically from the seed
/// so all players face exactly the same challenge on the same day.
fn generate_goal(date: &str, seed: u64) -> ChallengeGoal {
// Pick a goal variant based on seed modulo number-of-variants.
// Three variants cycle through: timed, high-score, and open.
match seed % 3 {
0 => ChallengeGoal {
date: date.to_string(),
seed,
description: "Win in under 5 minutes".to_string(),
target_score: None,
max_time_secs: Some(300),
},
1 => ChallengeGoal {
date: date.to_string(),
seed,
description: "Reach a score of 4 000 or more".to_string(),
target_score: Some(4_000),
max_time_secs: None,
},
_ => ChallengeGoal {
date: date.to_string(),
seed,
description: "Win today's deal".to_string(),
target_score: None,
max_time_secs: None,
},
}
}
// ---------------------------------------------------------------------------
// Database row helper
// ---------------------------------------------------------------------------
struct ChallengeRow {
goal_json: Option<String>,
}
// ---------------------------------------------------------------------------
// Handler
// ---------------------------------------------------------------------------
/// `GET /api/daily-challenge` — no auth required.
///
/// Looks up today's challenge in the database. If none exists yet, generates
/// one deterministically and stores it before returning.
pub async fn daily_challenge(
State(pool): State<SqlitePool>,
) -> Result<Json<ChallengeGoal>, AppError> {
let today = Utc::now().format("%Y-%m-%d").to_string();
// Try to load an existing row.
let row = sqlx::query_as!(
ChallengeRow,
"SELECT goal_json FROM daily_challenges WHERE date = ?",
today
)
.fetch_optional(&pool)
.await?;
if let Some(r) = row {
let json = r.goal_json.ok_or_else(|| AppError::Internal("missing goal_json".into()))?;
let goal: ChallengeGoal = serde_json::from_str(&json)?;
return Ok(Json(goal));
}
// No row yet — generate and store.
let seed = hash_date_to_u64(&today);
let goal = generate_goal(&today, seed);
let goal_json = serde_json::to_string(&goal)?;
let seed_i64 = seed as i64;
sqlx::query!(
"INSERT OR IGNORE INTO daily_challenges (date, seed, goal_json) VALUES (?, ?, ?)",
today,
seed_i64,
goal_json
)
.execute(&pool)
.await?;
Ok(Json(goal))
}
solitaire_server/src/error.rs
+79
View File
@@ -0,0 +1,79 @@
//! Application-level error type with automatic HTTP response conversion.
use axum::{
http::StatusCode,
response::{IntoResponse, Response},
Json,
};
use serde_json::json;
use thiserror::Error;
/// All errors that can be returned by the server.
///
/// Each variant maps to a specific HTTP status code when converted to a
/// response via [`IntoResponse`].
#[derive(Debug, Error)]
pub enum AppError {
/// The request is missing a valid `Authorization: Bearer` header, or the
/// JWT is expired / has an invalid signature.
#[error("unauthorized")]
Unauthorized,
/// The supplied credentials (username / password) were incorrect.
#[error("invalid credentials")]
InvalidCredentials,
/// The requested username is already registered.
#[error("username already taken")]
UsernameTaken,
/// The client sent a malformed or invalid request body.
#[error("bad request: {0}")]
BadRequest(String),
/// A database error occurred.
#[error("database error: {0}")]
Database(#[from] sqlx::Error),
/// Password hashing failed.
#[error("internal server error")]
BcryptError(#[from] bcrypt::BcryptError),
/// JSON serialization / deserialization failed.
#[error("serialization error: {0}")]
Json(#[from] serde_json::Error),
/// A catch-all for unexpected internal failures.
#[error("internal server error")]
Internal(String),
}
impl IntoResponse for AppError {
fn into_response(self) -> Response {
let (status, message) = match &self {
AppError::Unauthorized => (StatusCode::UNAUTHORIZED, self.to_string()),
AppError::InvalidCredentials => (StatusCode::UNAUTHORIZED, self.to_string()),
AppError::UsernameTaken => (StatusCode::CONFLICT, self.to_string()),
AppError::BadRequest(msg) => (StatusCode::BAD_REQUEST, msg.clone()),
AppError::Database(e) => {
tracing::error!("database error: {e}");
(StatusCode::INTERNAL_SERVER_ERROR, "internal server error".to_string())
}
AppError::BcryptError(e) => {
tracing::error!("bcrypt error: {e}");
(StatusCode::INTERNAL_SERVER_ERROR, "internal server error".to_string())
}
AppError::Json(e) => {
tracing::error!("json error: {e}");
(StatusCode::INTERNAL_SERVER_ERROR, "internal server error".to_string())
}
AppError::Internal(msg) => {
tracing::error!("internal error: {msg}");
(StatusCode::INTERNAL_SERVER_ERROR, "internal server error".to_string())
}
};
let body = Json(json!({ "error": message }));
(status, body).into_response()
}
}
solitaire_server/src/leaderboard.rs
+125
View File
@@ -0,0 +1,125 @@
//! Leaderboard endpoints.
//!
//! `GET /api/leaderboard` — list all opted-in entries (requires auth).
//! `POST /api/leaderboard/opt-in` — opt in and set / update display name.
use axum::{extract::State, Json};
use chrono::Utc;
use serde::Deserialize;
use sqlx::SqlitePool;
use solitaire_sync::LeaderboardEntry;
use crate::{error::AppError, middleware::AuthenticatedUser};
// ---------------------------------------------------------------------------
// Request shapes
// ---------------------------------------------------------------------------
/// Body for `POST /api/leaderboard/opt-in`.
#[derive(Debug, Deserialize)]
pub struct OptInRequest {
/// The display name the player wants shown on the leaderboard.
pub display_name: String,
}
// ---------------------------------------------------------------------------
// Database row helper
// ---------------------------------------------------------------------------
struct LeaderboardRow {
display_name: Option<String>,
best_score: Option<i64>,
best_time_secs: Option<i64>,
recorded_at: Option<String>,
}
// ---------------------------------------------------------------------------
// Handlers
// ---------------------------------------------------------------------------
/// `GET /api/leaderboard` — return all opted-in leaderboard entries.
///
/// Returns entries sorted by `best_score` descending (nulls last).
pub async fn get_leaderboard(
State(pool): State<SqlitePool>,
_user: AuthenticatedUser,
) -> Result<Json<Vec<LeaderboardEntry>>, AppError> {
let rows = sqlx::query_as!(
LeaderboardRow,
r#"SELECT l.display_name, l.best_score, l.best_time_secs, l.recorded_at
FROM leaderboard l
JOIN users u ON u.id = l.user_id
WHERE u.leaderboard_opt_in = 1
ORDER BY
CASE WHEN l.best_score IS NULL THEN 1 ELSE 0 END ASC,
l.best_score DESC,
CASE WHEN l.best_time_secs IS NULL THEN 1 ELSE 0 END ASC,
l.best_time_secs ASC"#
)
.fetch_all(&pool)
.await?;
let entries: Result<Vec<LeaderboardEntry>, AppError> = rows
.into_iter()
.map(|r| -> Result<LeaderboardEntry, AppError> {
let display_name = r
.display_name
.ok_or_else(|| AppError::Internal("missing display_name".into()))?;
let recorded_at_str = r
.recorded_at
.ok_or_else(|| AppError::Internal("missing recorded_at".into()))?;
let recorded_at = recorded_at_str
.parse::<chrono::DateTime<Utc>>()
.map_err(|e| AppError::Internal(format!("invalid recorded_at: {e}")))?;
Ok(LeaderboardEntry {
display_name,
best_score: r.best_score.map(|v| v as i32),
best_time_secs: r.best_time_secs.map(|v| v as u64),
recorded_at,
})
})
.collect();
Ok(Json(entries?))
}
/// `POST /api/leaderboard/opt-in` — opt in and upsert the player's entry.
///
/// Sets `leaderboard_opt_in = 1` on the user row and creates/updates the
/// leaderboard entry with the supplied display name.
pub async fn opt_in(
State(pool): State<SqlitePool>,
user: AuthenticatedUser,
Json(body): Json<OptInRequest>,
) -> Result<Json<serde_json::Value>, AppError> {
if body.display_name.trim().is_empty() {
return Err(AppError::BadRequest("display_name must not be empty".into()));
}
// Mark the user as opted in.
sqlx::query!(
"UPDATE users SET leaderboard_opt_in = 1 WHERE id = ?",
user.user_id
)
.execute(&pool)
.await?;
let now = Utc::now().to_rfc3339();
// Upsert leaderboard row (preserve best_score / best_time if already present).
sqlx::query!(
r#"INSERT INTO leaderboard (user_id, display_name, recorded_at)
VALUES (?, ?, ?)
ON CONFLICT(user_id) DO UPDATE SET
display_name = excluded.display_name,
recorded_at = excluded.recorded_at"#,
user.user_id,
body.display_name,
now
)
.execute(&pool)
.await?;
Ok(Json(serde_json::json!({ "ok": true })))
}
solitaire_server/src/lib.rs
+93
View File
@@ -0,0 +1,93 @@
//! Solitaire Quest sync server library.
//!
//! Exposes [`build_router`] so integration tests can construct the full Axum
//! application against an in-memory SQLite database without starting a real
//! TCP listener.
pub mod auth;
pub mod challenge;
pub mod error;
pub mod leaderboard;
pub mod middleware;
pub mod sync;
use axum::{
extract::DefaultBodyLimit,
middleware as axum_middleware,
routing::{delete, get, post},
Router,
};
use sqlx::SqlitePool;
use std::sync::Arc;
use tower_governor::{governor::GovernorConfigBuilder, GovernorLayer};
/// Construct the full Axum [`Router`].
///
/// Separated from `main` so it can be instantiated in integration tests without
/// starting a real TCP listener.
pub fn build_router(pool: SqlitePool) -> Router {
build_router_inner(pool, true)
}
/// Construct the router without rate limiting.
///
/// Intended for integration tests only — do not use in production.
#[doc(hidden)]
pub fn build_test_router(pool: SqlitePool) -> Router {
build_router_inner(pool, false)
}
fn build_router_inner(pool: SqlitePool, rate_limit: bool) -> Router {
// Protected routes require a valid JWT (injected by require_auth middleware).
let protected = Router::new()
.route("/api/sync/pull", get(sync::pull))
.route("/api/sync/push", post(sync::push))
.route("/api/leaderboard", get(leaderboard::get_leaderboard))
.route("/api/leaderboard/opt-in", post(leaderboard::opt_in))
.route("/api/account", delete(auth::delete_account))
.layer(axum_middleware::from_fn(middleware::require_auth));
// Auth endpoints — rate-limited in production, unrestricted in tests.
let auth_routes = Router::new()
.route("/api/auth/register", post(auth::register))
.route("/api/auth/login", post(auth::login))
.route("/api/auth/refresh", post(auth::refresh));
let auth_routes = if rate_limit {
// Rate limiter: 10 requests per minute per IP.
// burst_size = 10, replenish every 6 seconds = 10/min steady-state.
let governor_conf = Arc::new(
GovernorConfigBuilder::default()
.per_second(6)
.burst_size(10)
.finish()
.expect("invalid governor config"),
);
auth_routes.layer(GovernorLayer {
config: governor_conf,
})
} else {
auth_routes
};
// Public endpoints (no auth, no rate limit beyond defaults).
let public = Router::new()
.route("/api/daily-challenge", get(challenge::daily_challenge))
.route("/health", get(health));
Router::new()
.merge(protected)
.merge(auth_routes)
.merge(public)
// Reject request bodies larger than 1 MB.
.layer(DefaultBodyLimit::max(1024 * 1024))
.with_state(pool)
}
/// `GET /health` — simple liveness probe, no auth required.
async fn health() -> axum::Json<serde_json::Value> {
axum::Json(serde_json::json!({
"status": "ok",
"version": env!("CARGO_PKG_VERSION"),
}))
}
solitaire_server/src/main.rs
+61 -2
View File
@@ -1,2 +1,61 @@
// Full server implementation added in Phase 8C. //! Solitaire Quest sync server entry point.
fn main() {} //!
//! Reads configuration from environment variables (via `dotenvy`), initialises
//! the SQLite database, runs migrations, then starts the Axum HTTP server.
//!
//! ## Required environment variables
//!
//! | Variable | Description |
//! |----------------|---------------------------------------------------|
//! | `DATABASE_URL` | SQLite connection string, e.g. `sqlite://sol.db` |
//! | `JWT_SECRET` | HS256 signing secret (min 32 chars recommended) |
//!
//! ## Optional
//!
//! | Variable | Default | Description |
//! |---------------|---------|-------------------------------|
//! | `SERVER_PORT` | `8080` | TCP port to listen on |
use solitaire_server::build_router;
use sqlx::SqlitePool;
use std::net::SocketAddr;
#[tokio::main]
async fn main() {
// Load .env file if present (silently ignored when absent).
dotenvy::dotenv().ok();
// Initialise structured logging.
tracing_subscriber::fmt::init();
let db_url = std::env::var("DATABASE_URL").expect("DATABASE_URL must be set");
let port: u16 = std::env::var("SERVER_PORT")
.unwrap_or_else(|_| "8080".into())
.parse()
.expect("SERVER_PORT must be a valid port number");
// Connect to SQLite and run pending migrations.
let pool = SqlitePool::connect(&db_url)
.await
.expect("failed to connect to database");
sqlx::migrate!("./migrations")
.run(&pool)
.await
.expect("database migration failed");
tracing::info!("database ready at {db_url}");
let app = build_router(pool);
let addr = SocketAddr::from(([0, 0, 0, 0], port));
tracing::info!("listening on {addr}");
let listener = tokio::net::TcpListener::bind(addr)
.await
.expect("failed to bind TCP listener");
axum::serve(listener, app)
.await
.expect("server error");
}
solitaire_server/src/middleware.rs
+117
View File
@@ -0,0 +1,117 @@
//! Axum middleware for JWT authentication.
//!
//! Extracts and validates the `Authorization: Bearer <token>` header, then
//! injects the authenticated `user_id` into request extensions so handlers
//! can access it via `Extension<AuthenticatedUser>`.
use axum::{
extract::{FromRequestParts, Request},
http::request::Parts,
middleware::Next,
response::Response,
};
use jsonwebtoken::{decode, DecodingKey, Validation};
use serde::{Deserialize, Serialize};
use crate::error::AppError;
/// The claims encoded in our JWT access tokens.
#[derive(Debug, Serialize, Deserialize)]
pub struct Claims {
/// Subject — the user's UUID string.
pub sub: String,
/// Expiry timestamp (Unix seconds).
pub exp: usize,
/// Token kind: `"access"` or `"refresh"`.
pub kind: String,
}
/// The authenticated user identity injected into request extensions after
/// successful JWT validation.
#[derive(Debug, Clone)]
pub struct AuthenticatedUser {
/// The authenticated user's UUID, as a string.
pub user_id: String,
}
/// Axum middleware function that validates the Bearer JWT and injects
/// [`AuthenticatedUser`] into request extensions.
///
/// Returns `401 Unauthorized` if the token is missing, expired, or invalid.
pub async fn require_auth(
mut req: Request,
next: Next,
) -> Result<Response, AppError> {
let secret = std::env::var("JWT_SECRET")
.map_err(|_| AppError::Internal("JWT_SECRET not set".into()))?;
let token = extract_bearer_token(req.headers())
.ok_or(AppError::Unauthorized)?;
let claims = validate_access_token(&token, &secret)?;
req.extensions_mut().insert(AuthenticatedUser {
user_id: claims.sub,
});
Ok(next.run(req).await)
}
/// Extract the raw token string from `Authorization: Bearer <token>`.
fn extract_bearer_token(headers: &axum::http::HeaderMap) -> Option<String> {
let value = headers.get("Authorization")?.to_str().ok()?;
let token = value.strip_prefix("Bearer ")?;
Some(token.to_string())
}
/// Decode and validate a JWT access token, returning its claims on success.
pub fn validate_access_token(token: &str, secret: &str) -> Result<Claims, AppError> {
let key = DecodingKey::from_secret(secret.as_bytes());
let mut validation = Validation::default();
validation.validate_exp = true;
let data = decode::<Claims>(token, &key, &validation)
.map_err(|_| AppError::Unauthorized)?;
if data.claims.kind != "access" {
return Err(AppError::Unauthorized);
}
Ok(data.claims)
}
/// Decode and validate a JWT refresh token, returning its claims on success.
pub fn validate_refresh_token(token: &str, secret: &str) -> Result<Claims, AppError> {
let key = DecodingKey::from_secret(secret.as_bytes());
let mut validation = Validation::default();
validation.validate_exp = true;
let data = decode::<Claims>(token, &key, &validation)
.map_err(|_| AppError::Unauthorized)?;
if data.claims.kind != "refresh" {
return Err(AppError::Unauthorized);
}
Ok(data.claims)
}
// ---------------------------------------------------------------------------
// Axum extractor — allows handlers to receive AuthenticatedUser directly
// ---------------------------------------------------------------------------
#[axum::async_trait]
impl<S> FromRequestParts<S> for AuthenticatedUser
where
S: Send + Sync,
{
type Rejection = AppError;
async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {
parts
.extensions
.get::<AuthenticatedUser>()
.cloned()
.ok_or(AppError::Unauthorized)
}
}
solitaire_server/src/sync.rs
+164
View File
@@ -0,0 +1,164 @@
//! Sync pull and push handlers.
//!
//! `GET /api/sync/pull` — return the server's stored payload for this user.
//! `POST /api/sync/push` — receive the client's payload, merge, store, return.
use axum::{extract::State, Json};
use chrono::Utc;
use sqlx::SqlitePool;
use solitaire_sync::{
merge, AchievementRecord, PlayerProgress, StatsSnapshot, SyncPayload, SyncResponse,
};
use crate::{error::AppError, middleware::AuthenticatedUser};
// ---------------------------------------------------------------------------
// Database row helpers
// ---------------------------------------------------------------------------
struct SyncRow {
stats_json: Option<String>,
achievements_json: Option<String>,
progress_json: Option<String>,
}
/// Load the stored `SyncPayload` for `user_id` from the database.
/// Returns `None` if this user has not pushed any data yet.
async fn load_sync_row(pool: &SqlitePool, user_id: &str) -> Result<Option<SyncRow>, AppError> {
let row = sqlx::query_as!(
SyncRow,
"SELECT stats_json, achievements_json, progress_json FROM sync_state WHERE user_id = ?",
user_id
)
.fetch_optional(pool)
.await?;
Ok(row)
}
/// Deserialize a stored `SyncRow` into a `SyncPayload`.
fn row_to_payload(row: &SyncRow, user_id: &str) -> Result<SyncPayload, AppError> {
let stats_json = row.stats_json.as_deref()
.ok_or_else(|| AppError::Internal("missing stats_json".into()))?;
let achievements_json = row.achievements_json.as_deref()
.ok_or_else(|| AppError::Internal("missing achievements_json".into()))?;
let progress_json = row.progress_json.as_deref()
.ok_or_else(|| AppError::Internal("missing progress_json".into()))?;
let stats: StatsSnapshot = serde_json::from_str(stats_json)?;
let achievements: Vec<AchievementRecord> = serde_json::from_str(achievements_json)?;
let progress: PlayerProgress = serde_json::from_str(progress_json)?;
Ok(SyncPayload {
user_id: user_id
.parse()
.map_err(|_| AppError::Internal("stored user_id is not a valid UUID".into()))?,
stats,
achievements,
progress,
last_modified: Utc::now(),
})
}
/// Persist a `SyncPayload` for `user_id` using an upsert.
async fn store_payload(
pool: &SqlitePool,
user_id: &str,
payload: &SyncPayload,
) -> Result<(), AppError> {
let stats_json = serde_json::to_string(&payload.stats)?;
let achievements_json = serde_json::to_string(&payload.achievements)?;
let progress_json = serde_json::to_string(&payload.progress)?;
let now = Utc::now().to_rfc3339();
sqlx::query!(
r#"INSERT INTO sync_state (user_id, stats_json, achievements_json, progress_json, last_modified)
VALUES (?, ?, ?, ?, ?)
ON CONFLICT(user_id) DO UPDATE SET
stats_json = excluded.stats_json,
achievements_json = excluded.achievements_json,
progress_json = excluded.progress_json,
last_modified = excluded.last_modified"#,
user_id,
stats_json,
achievements_json,
progress_json,
now
)
.execute(pool)
.await?;
Ok(())
}
// ---------------------------------------------------------------------------
// Handlers
// ---------------------------------------------------------------------------
/// `GET /api/sync/pull` — return the server's stored payload for this user.
///
/// If the user has never pushed any data, returns a default payload.
pub async fn pull(
State(pool): State<SqlitePool>,
user: AuthenticatedUser,
) -> Result<Json<SyncResponse>, AppError> {
let stored_payload = match load_sync_row(&pool, &user.user_id).await? {
Some(row) => row_to_payload(&row, &user.user_id)?,
None => {
// First pull — no server data yet; return an empty default payload.
let uid = user
.user_id
.parse()
.map_err(|_| AppError::Internal("invalid user_id UUID".into()))?;
SyncPayload {
user_id: uid,
stats: StatsSnapshot::default(),
achievements: vec![],
progress: PlayerProgress::default(),
last_modified: Utc::now(),
}
}
};
Ok(Json(SyncResponse {
merged: stored_payload,
server_time: Utc::now(),
conflicts: vec![],
}))
}
/// `POST /api/sync/push` — merge the client's payload with the server's
/// stored payload, persist the result, and return it.
pub async fn push(
State(pool): State<SqlitePool>,
user: AuthenticatedUser,
Json(client_payload): Json<SyncPayload>,
) -> Result<Json<SyncResponse>, AppError> {
// Reject payloads that claim to belong to a different user.
if client_payload.user_id.to_string() != user.user_id {
return Err(AppError::BadRequest("user_id mismatch".into()));
}
let server_payload = match load_sync_row(&pool, &user.user_id).await? {
Some(row) => row_to_payload(&row, &user.user_id)?,
None => {
// First push — nothing to merge against; store directly.
store_payload(&pool, &user.user_id, &client_payload).await?;
return Ok(Json(SyncResponse {
merged: client_payload,
server_time: Utc::now(),
conflicts: vec![],
}));
}
};
let (merged, conflicts) = merge(&client_payload, &server_payload);
store_payload(&pool, &user.user_id, &merged).await?;
Ok(Json(SyncResponse {
merged,
server_time: Utc::now(),
conflicts,
}))
}
solitaire_server/tests/server_tests.rs
+678
View File
@@ -0,0 +1,678 @@
//! Integration tests for `solitaire_server`.
//!
//! Every test uses an in-memory SQLite database and [`build_test_router`]
//! (rate limiting disabled) — no real TCP listener is started. Requests are dispatched via
//! [`tower::ServiceExt::oneshot`].
//!
//! # JWT secret
//!
//! Each test calls [`set_jwt_secret`] before touching any endpoint that reads
//! `JWT_SECRET` from the environment. This is safe because `cargo test` runs
//! integration-test binaries single-threaded by default.
use axum::{
body::Body,
http::{Request, StatusCode},
response::Response,
};
use chrono::Utc;
use jsonwebtoken::{decode, DecodingKey, Validation};
use serde::Deserialize;
use serde_json::Value;
use solitaire_server::build_test_router;
use solitaire_sync::{PlayerProgress, StatsSnapshot, SyncPayload};
use sqlx::{sqlite::SqlitePoolOptions, SqlitePool};
use tower::ServiceExt;
// ---------------------------------------------------------------------------
// Constants
// ---------------------------------------------------------------------------
/// The JWT secret injected into the environment for all tests.
const TEST_SECRET: &str = "test_secret_32_chars_minimum_ok!";
// ---------------------------------------------------------------------------
// Test infrastructure helpers
// ---------------------------------------------------------------------------
/// Create an in-memory SQLite pool and run all pending migrations.
///
/// `max_connections(1)` is required for SQLite in-memory databases: each
/// connection to `sqlite::memory:` is a *separate* database, so if the pool
/// opens a second connection the handler sees an empty schema and fails.
async fn test_pool() -> SqlitePool {
let pool = SqlitePoolOptions::new()
.max_connections(1)
.connect("sqlite::memory:")
.await
.expect("failed to connect to in-memory SQLite database");
sqlx::migrate!("./migrations")
.run(&pool)
.await
.expect("failed to run database migrations");
pool
}
/// Inject `JWT_SECRET` into the process environment so all auth code can read it.
///
/// # Safety
/// Only called from test code where tests run sequentially in a single binary.
fn set_jwt_secret() {
// SAFETY: test-only; integration test binaries are single-threaded.
unsafe { std::env::set_var("JWT_SECRET", TEST_SECRET) };
}
/// Fake client IP injected by all test requests so `tower_governor`'s
/// `SmartIpKeyExtractor` can extract a key without a real peer address.
const TEST_CLIENT_IP: &str = "127.0.0.1";
/// Send a `POST` request with a JSON body and return the raw response.
async fn post_json(app: axum::Router, path: &str, body: Value) -> Response {
let req = Request::builder()
.method("POST")
.uri(path)
.header("content-type", "application/json")
.header("x-forwarded-for", TEST_CLIENT_IP)
.body(Body::from(
serde_json::to_vec(&body).expect("failed to serialise request body"),
))
.expect("failed to build POST request");
app.oneshot(req).await.expect("oneshot failed")
}
/// Send an authenticated `GET` request and return the raw response.
async fn get_authed(app: axum::Router, path: &str, token: &str) -> Response {
let req = Request::builder()
.method("GET")
.uri(path)
.header("Authorization", format!("Bearer {token}"))
.header("x-forwarded-for", TEST_CLIENT_IP)
.body(Body::empty())
.expect("failed to build GET request");
app.oneshot(req).await.expect("oneshot failed")
}
/// Send an authenticated `POST` request with a JSON body and return the raw response.
async fn post_authed(app: axum::Router, path: &str, token: &str, body: Value) -> Response {
let req = Request::builder()
.method("POST")
.uri(path)
.header("content-type", "application/json")
.header("Authorization", format!("Bearer {token}"))
.header("x-forwarded-for", TEST_CLIENT_IP)
.body(Body::from(
serde_json::to_vec(&body).expect("failed to serialise request body"),
))
.expect("failed to build authenticated POST request");
app.oneshot(req).await.expect("oneshot failed")
}
/// Send an authenticated `DELETE` request and return the raw response.
async fn delete_authed(app: axum::Router, path: &str, token: &str) -> Response {
let req = Request::builder()
.method("DELETE")
.uri(path)
.header("Authorization", format!("Bearer {token}"))
.header("x-forwarded-for", TEST_CLIENT_IP)
.body(Body::empty())
.expect("failed to build DELETE request");
app.oneshot(req).await.expect("oneshot failed")
}
/// Collect the response body bytes and deserialise them as JSON.
async fn body_json(resp: Response) -> Value {
let bytes = axum::body::to_bytes(resp.into_body(), usize::MAX)
.await
.expect("failed to read response body");
serde_json::from_slice(&bytes).expect("response body is not valid JSON")
}
// ---------------------------------------------------------------------------
// JWT helpers (test-side only)
// ---------------------------------------------------------------------------
/// Minimal JWT claims used only for decoding in test assertions.
#[derive(Deserialize)]
struct TestClaims {
sub: String,
}
/// Decode an access token and return the `sub` (user UUID) claim.
///
/// Uses `validate_exp = false` so tests never fail due to clock skew between
/// token issuance and assertion.
fn decode_sub(token: &str) -> String {
let mut v = Validation::default();
v.validate_exp = false;
let data = decode::<TestClaims>(
token,
&DecodingKey::from_secret(TEST_SECRET.as_bytes()),
&v,
)
.expect("failed to decode access token");
data.claims.sub
}
/// Register a new user and return `(access_token, refresh_token)`.
async fn register_user(app: axum::Router, username: &str, password: &str) -> (String, String) {
let resp = post_json(
app,
"/api/auth/register",
serde_json::json!({ "username": username, "password": password }),
)
.await;
assert_eq!(
resp.status(),
StatusCode::OK,
"register should return 200"
);
let body = body_json(resp).await;
let access = body["access_token"]
.as_str()
.expect("access_token missing from register response")
.to_string();
let refresh = body["refresh_token"]
.as_str()
.expect("refresh_token missing from register response")
.to_string();
(access, refresh)
}
/// Build a [`SyncPayload`] for `user_id_str` with `games_played` set to the
/// given value and all other fields set to defaults.
fn make_payload(user_id_str: &str, games_played: u32) -> SyncPayload {
SyncPayload {
user_id: uuid::Uuid::parse_str(user_id_str)
.expect("user_id_str from JWT sub must be a valid UUID"),
stats: StatsSnapshot {
games_played,
games_won: 3,
..StatsSnapshot::default()
},
achievements: vec![],
progress: PlayerProgress::default(),
last_modified: Utc::now(),
}
}
// ---------------------------------------------------------------------------
// Auth flow tests
// ---------------------------------------------------------------------------
/// `POST /api/auth/register` must return 200 with both tokens.
#[tokio::test]
async fn register_creates_account_and_returns_tokens() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let resp = post_json(
app,
"/api/auth/register",
serde_json::json!({ "username": "alice", "password": "hunter2" }),
)
.await;
assert_eq!(resp.status(), StatusCode::OK);
let body = body_json(resp).await;
assert!(
body["access_token"].is_string(),
"access_token must be present"
);
assert!(
body["refresh_token"].is_string(),
"refresh_token must be present"
);
}
/// Registering the same username twice must return 409 Conflict on the second attempt.
#[tokio::test]
async fn register_duplicate_username_returns_conflict() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let creds = serde_json::json!({ "username": "bob", "password": "secret" });
// First registration succeeds.
let first = post_json(app.clone(), "/api/auth/register", creds.clone()).await;
assert_eq!(first.status(), StatusCode::OK, "first register must succeed");
// Second registration with the same username is rejected.
let second = post_json(app, "/api/auth/register", creds).await;
assert_eq!(
second.status(),
StatusCode::CONFLICT,
"duplicate username must return 409"
);
}
/// `POST /api/auth/login` with correct credentials returns 200 with both tokens.
#[tokio::test]
async fn login_with_correct_credentials_returns_tokens() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
// Register first.
let _ = register_user(app.clone(), "charlie", "p4ssw0rd").await;
// Then login.
let resp = post_json(
app,
"/api/auth/login",
serde_json::json!({ "username": "charlie", "password": "p4ssw0rd" }),
)
.await;
assert_eq!(resp.status(), StatusCode::OK);
let body = body_json(resp).await;
assert!(body["access_token"].is_string(), "access_token must be present");
assert!(body["refresh_token"].is_string(), "refresh_token must be present");
}
/// `POST /api/auth/login` with a wrong password must return 401.
#[tokio::test]
async fn login_with_wrong_password_returns_401() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
// Register a user.
let _ = register_user(app.clone(), "dave", "correct_horse").await;
// Attempt to log in with the wrong password.
let resp = post_json(
app,
"/api/auth/login",
serde_json::json!({ "username": "dave", "password": "wrong_password" }),
)
.await;
assert_eq!(
resp.status(),
StatusCode::UNAUTHORIZED,
"wrong password must return 401"
);
}
/// `POST /api/auth/login` for a username that does not exist must return 401.
#[tokio::test]
async fn login_with_unknown_username_returns_401() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let resp = post_json(
app,
"/api/auth/login",
serde_json::json!({ "username": "nobody", "password": "whatever" }),
)
.await;
assert_eq!(
resp.status(),
StatusCode::UNAUTHORIZED,
"unknown username must return 401"
);
}
/// `POST /api/auth/refresh` with a valid refresh token returns 200 with a new access token.
#[tokio::test]
async fn refresh_returns_new_access_token() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (_access, refresh) = register_user(app.clone(), "eve", "refresh_me").await;
let resp = post_json(
app,
"/api/auth/refresh",
serde_json::json!({ "refresh_token": refresh }),
)
.await;
assert_eq!(resp.status(), StatusCode::OK);
let body = body_json(resp).await;
assert!(
body["access_token"].is_string(),
"refresh must return a new access_token"
);
}
/// Supplying an access token to `POST /api/auth/refresh` must be rejected because
/// the `kind` claim will be `"access"`, not `"refresh"`.
#[tokio::test]
async fn refresh_with_access_token_returns_401() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (access, _refresh) = register_user(app.clone(), "frank", "bad_refresh").await;
// Send the access token as if it were a refresh token.
let resp = post_json(
app,
"/api/auth/refresh",
serde_json::json!({ "refresh_token": access }),
)
.await;
assert_eq!(
resp.status(),
StatusCode::UNAUTHORIZED,
"using an access token as a refresh token must return 401"
);
}
// ---------------------------------------------------------------------------
// Sync roundtrip tests
// ---------------------------------------------------------------------------
/// Push a payload, then pull — the pulled data must reflect the pushed values.
#[tokio::test]
async fn push_then_pull_returns_pushed_data() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (access, _) = register_user(app.clone(), "grace", "sync_pass").await;
let user_id = decode_sub(&access);
let payload = make_payload(&user_id, 7);
// Push the payload to the server.
let push_resp = post_authed(
app.clone(),
"/api/sync/push",
&access,
serde_json::to_value(&payload).expect("SyncPayload must serialise"),
)
.await;
assert_eq!(push_resp.status(), StatusCode::OK, "push must return 200");
// Pull and verify the stats were persisted.
let pull_resp = get_authed(app, "/api/sync/pull", &access).await;
assert_eq!(pull_resp.status(), StatusCode::OK, "pull must return 200");
let pull_body = body_json(pull_resp).await;
let games_played = pull_body["merged"]["stats"]["games_played"]
.as_u64()
.expect("games_played must be a number");
assert_eq!(games_played, 7, "pulled games_played must match pushed value");
}
/// Pushing a payload whose `user_id` does not match the JWT `sub` must return 400.
#[tokio::test]
async fn push_with_wrong_user_id_returns_400() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (access, _) = register_user(app.clone(), "heidi", "sync_pass").await;
// Build a payload with a random UUID that won't match the JWT sub.
let wrong_uuid = uuid::Uuid::new_v4();
let payload = SyncPayload {
user_id: wrong_uuid,
stats: StatsSnapshot::default(),
achievements: vec![],
progress: PlayerProgress::default(),
last_modified: Utc::now(),
};
let resp = post_authed(
app,
"/api/sync/push",
&access,
serde_json::to_value(&payload).expect("SyncPayload must serialise"),
)
.await;
assert_eq!(
resp.status(),
StatusCode::BAD_REQUEST,
"mismatched user_id must return 400"
);
}
/// A pull before any push returns a default empty payload (200, not 404).
#[tokio::test]
async fn pull_before_push_returns_default_payload() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (access, _) = register_user(app.clone(), "ivan", "nopush").await;
let resp = get_authed(app, "/api/sync/pull", &access).await;
assert_eq!(resp.status(), StatusCode::OK, "pull with no data must return 200");
let body = body_json(resp).await;
let games_played = body["merged"]["stats"]["games_played"]
.as_u64()
.expect("games_played must be present");
assert_eq!(games_played, 0, "default payload must have games_played = 0");
}
/// Accessing `/api/sync/pull` without a token must return 401.
#[tokio::test]
async fn pull_without_token_returns_401() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let req = Request::builder()
.method("GET")
.uri("/api/sync/pull")
.body(Body::empty())
.expect("failed to build unauthenticated GET request");
let resp = app.oneshot(req).await.expect("oneshot failed");
assert_eq!(
resp.status(),
StatusCode::UNAUTHORIZED,
"missing token must return 401"
);
}
// ---------------------------------------------------------------------------
// Account deletion tests
// ---------------------------------------------------------------------------
/// After `DELETE /api/account`, the user row (and sync data via CASCADE) is gone.
/// A subsequent pull attempt should fail — either 401 (JWT rejected before DB
/// lookup) or the row is simply absent. Either way, the deletion itself must
/// return 200.
#[tokio::test]
async fn delete_account_succeeds_and_data_is_gone() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (access, _) = register_user(app.clone(), "judy", "delete_me").await;
let user_id = decode_sub(&access);
// First push some data.
let payload = make_payload(&user_id, 5);
let push_resp = post_authed(
app.clone(),
"/api/sync/push",
&access,
serde_json::to_value(&payload).expect("SyncPayload must serialise"),
)
.await;
assert_eq!(push_resp.status(), StatusCode::OK, "setup push must succeed");
// Delete the account.
let del_resp = delete_authed(app.clone(), "/api/account", &access).await;
assert_eq!(
del_resp.status(),
StatusCode::OK,
"DELETE /api/account must return 200"
);
let del_body = body_json(del_resp).await;
assert_eq!(
del_body["ok"], true,
"delete response must contain ok: true"
);
// Subsequent pull with the same token: the JWT is still cryptographically
// valid (the server has no token revocation list), but the user row no
// longer exists in the database. The pull handler will return a default
// empty payload rather than a 404. The important assertion is that delete
// returned 200 above; we just confirm the server doesn't panic.
let pull_resp = get_authed(app, "/api/sync/pull", &access).await;
// 200 (default payload) or 404/500 depending on implementation; we only
// assert that the server responds at all (no panic / connection drop).
let status = pull_resp.status();
assert!(
status.is_success() || status.is_client_error() || status.is_server_error(),
"server must respond after account deletion"
);
}
// ---------------------------------------------------------------------------
// Health endpoint tests
// ---------------------------------------------------------------------------
/// `GET /health` must return 200 with `status: "ok"` — no auth required.
#[tokio::test]
async fn health_returns_ok() {
// No JWT needed; set it anyway for consistency.
set_jwt_secret();
let app = build_test_router(test_pool().await);
let req = Request::builder()
.method("GET")
.uri("/health")
.body(Body::empty())
.expect("failed to build health request");
let resp = app.oneshot(req).await.expect("oneshot failed");
assert_eq!(resp.status(), StatusCode::OK, "health must return 200");
let body = body_json(resp).await;
assert_eq!(
body["status"], "ok",
"health body must contain status: ok"
);
}
// ---------------------------------------------------------------------------
// Daily challenge tests
// ---------------------------------------------------------------------------
/// `GET /api/daily-challenge` must return 200 with today's UTC date.
#[tokio::test]
async fn daily_challenge_returns_goal_for_today() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let today = Utc::now().format("%Y-%m-%d").to_string();
let req = Request::builder()
.method("GET")
.uri("/api/daily-challenge")
.body(Body::empty())
.expect("failed to build daily-challenge request");
let resp = app.oneshot(req).await.expect("oneshot failed");
assert_eq!(resp.status(), StatusCode::OK, "daily challenge must return 200");
let body = body_json(resp).await;
assert_eq!(
body["date"], today,
"challenge date must match today's UTC date"
);
assert!(body["seed"].is_number(), "challenge must include a numeric seed");
assert!(
body["description"].is_string(),
"challenge must include a description"
);
}
/// Calling `GET /api/daily-challenge` twice returns the same seed (deterministic).
#[tokio::test]
async fn daily_challenge_is_deterministic() {
set_jwt_secret();
// Use the same pool so the second call hits the stored row.
let pool = test_pool().await;
let make_req = || {
Request::builder()
.method("GET")
.uri("/api/daily-challenge")
.body(Body::empty())
.expect("failed to build daily-challenge request")
};
let resp1 = build_test_router(pool.clone())
.oneshot(make_req())
.await
.expect("first oneshot failed");
assert_eq!(resp1.status(), StatusCode::OK);
let body1 = body_json(resp1).await;
let resp2 = build_test_router(pool)
.oneshot(make_req())
.await
.expect("second oneshot failed");
assert_eq!(resp2.status(), StatusCode::OK);
let body2 = body_json(resp2).await;
assert_eq!(
body1["seed"], body2["seed"],
"two calls must return the same seed"
);
assert_eq!(
body1["date"], body2["date"],
"two calls must return the same date"
);
}
// ---------------------------------------------------------------------------
// Leaderboard tests
// ---------------------------------------------------------------------------
/// `GET /api/leaderboard` requires authentication — no token returns 401.
#[tokio::test]
async fn leaderboard_without_token_returns_401() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let req = Request::builder()
.method("GET")
.uri("/api/leaderboard")
.body(Body::empty())
.expect("failed to build leaderboard request");
let resp = app.oneshot(req).await.expect("oneshot failed");
assert_eq!(
resp.status(),
StatusCode::UNAUTHORIZED,
"leaderboard without auth must return 401"
);
}
/// Opting in and then fetching the leaderboard returns the opted-in entry.
#[tokio::test]
async fn opt_in_then_leaderboard_shows_entry() {
set_jwt_secret();
let app = build_test_router(test_pool().await);
let (access, _) = register_user(app.clone(), "karen", "leaderpass").await;
// Opt in with a display name.
let opt_resp = post_authed(
app.clone(),
"/api/leaderboard/opt-in",
&access,
serde_json::json!({ "display_name": "KarenTheGreat" }),
)
.await;
assert_eq!(
opt_resp.status(),
StatusCode::OK,
"opt-in must return 200"
);
// Fetch the leaderboard.
let lb_resp = get_authed(app, "/api/leaderboard", &access).await;
assert_eq!(lb_resp.status(), StatusCode::OK, "leaderboard must return 200");
let body = body_json(lb_resp).await;
let entries = body.as_array().expect("leaderboard must be a JSON array");
let found = entries
.iter()
.any(|e| e["display_name"] == "KarenTheGreat");
assert!(found, "opted-in user must appear in leaderboard");
}
solitaire_sync/Cargo.toml
+1
View File
@@ -8,3 +8,4 @@ serde = { workspace = true }
serde_json = { workspace = true } serde_json = { workspace = true }
uuid = { workspace = true } uuid = { workspace = true }
chrono = { workspace = true } chrono = { workspace = true }
thiserror = { workspace = true }
solitaire_sync/src/achievements.rs
+48
View File
@@ -0,0 +1,48 @@
//! Shared `AchievementRecord` definition — used by both the game client and
//! the sync server.
use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
/// One player's unlock state for a single achievement.
///
/// The achievement *definition* (name, description, condition fn) lives in
/// `solitaire_core`. This record only tracks runtime unlock state and is
/// what gets persisted and synced.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct AchievementRecord {
/// Matches the `id` field of the corresponding `AchievementDef` in
/// `solitaire_core`.
pub id: String,
/// Whether the achievement has been unlocked.
pub unlocked: bool,
/// The UTC timestamp at which the achievement was first unlocked.
/// `None` when not yet unlocked.
pub unlock_date: Option<DateTime<Utc>>,
/// Whether the unlock reward (XP, cosmetic, etc.) has been granted.
pub reward_granted: bool,
}
impl AchievementRecord {
/// Construct an initial record for an achievement that is not yet unlocked.
pub fn locked(id: impl Into<String>) -> Self {
Self {
id: id.into(),
unlocked: false,
unlock_date: None,
reward_granted: false,
}
}
/// Mark this record unlocked at the given timestamp.
///
/// No-op if already unlocked — preserves the earliest `unlock_date` so
/// that merging two unlock records always keeps the older timestamp.
pub fn unlock(&mut self, at: DateTime<Utc>) {
if self.unlocked {
return;
}
self.unlocked = true;
self.unlock_date = Some(at);
}
}
solitaire_sync/src/lib.rs
+111 -3
View File
@@ -1,17 +1,125 @@
//! Shared API types and merge logic for Solitaire Quest.
//!
//! This crate is the contract between the game client (`solitaire_data`) and
//! the sync server (`solitaire_server`). Changing any public type here is a
//! breaking change on both sides — version carefully.
//!
//! **No Bevy. No network. No file I/O.** Only `serde`, `uuid`, and `chrono`.
pub mod achievements;
pub mod merge;
pub mod progress;
pub mod stats;
pub use achievements::AchievementRecord;
pub use merge::merge;
pub use progress::{level_for_xp, PlayerProgress};
pub use stats::StatsSnapshot;
use chrono::{DateTime, Utc}; use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use uuid::Uuid; use uuid::Uuid;
/// Payload sent from client to server (and returned after server merge). // ---------------------------------------------------------------------------
/// Full fields are added in Phase 8 (Sync System). // Sync wire types
// ---------------------------------------------------------------------------
/// Full sync payload sent from the client to the server and returned after
/// server-side merge. Contains all data needed to reconcile two instances.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct SyncPayload { pub struct SyncPayload {
/// Identifies the owning player. Must match the authenticated user.
pub user_id: Uuid, pub user_id: Uuid,
/// Cumulative game statistics.
pub stats: StatsSnapshot,
/// Per-achievement unlock records.
pub achievements: Vec<AchievementRecord>,
/// XP, level, cosmetic unlocks, and daily/weekly progress.
pub progress: PlayerProgress,
/// Wall-clock time of the last local modification.
pub last_modified: DateTime<Utc>, pub last_modified: DateTime<Utc>,
} }
/// Response returned by the sync server after merging. /// Response returned by the sync server after a pull or push operation.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct SyncResponse { pub struct SyncResponse {
/// The merged payload that the client should save locally.
pub merged: SyncPayload,
/// The server's current wall-clock time (useful for clock-skew detection).
pub server_time: DateTime<Utc>, pub server_time: DateTime<Utc>,
/// Fields where local and remote values differed and could not be merged
/// deterministically. Returned for display purposes — data is never
/// silently discarded.
pub conflicts: Vec<ConflictReport>,
}
/// Describes a single field where local and remote values diverged in a way
/// that the merge function could not resolve automatically.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct ConflictReport {
/// Dot-separated field path, e.g. `"win_streak_current"`.
pub field: String,
/// Human-readable representation of the local value.
pub local_value: String,
/// Human-readable representation of the remote value.
pub remote_value: String,
}
// ---------------------------------------------------------------------------
// Daily challenge / leaderboard types
// ---------------------------------------------------------------------------
/// Describes today's daily challenge, returned by `GET /api/daily-challenge`.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct ChallengeGoal {
/// Date this challenge applies to, formatted as `"YYYY-MM-DD"`.
pub date: String,
/// Deterministic RNG seed for this date's deal — identical for all players.
pub seed: u64,
/// Human-readable description of the goal, e.g. "Win in under 5 minutes".
pub description: String,
/// Optional target score required to complete the challenge.
pub target_score: Option<i32>,
/// Optional maximum allowed time in seconds to complete the challenge.
pub max_time_secs: Option<u64>,
}
/// A single row from the server leaderboard, returned by `GET /api/leaderboard`.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct LeaderboardEntry {
/// Display name chosen by the player at opt-in time.
pub display_name: String,
/// The player's best single-game score.
pub best_score: Option<i32>,
/// The player's fastest win time in seconds.
pub best_time_secs: Option<u64>,
/// When this entry was last recorded.
pub recorded_at: DateTime<Utc>,
}
// ---------------------------------------------------------------------------
// Error types
// ---------------------------------------------------------------------------
/// Errors returned by the sync server in `application/json` error bodies.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, thiserror::Error)]
pub enum ApiError {
/// The request could not be authenticated (missing or invalid JWT).
#[error("unauthorized")]
Unauthorized,
/// The supplied credentials were incorrect.
#[error("invalid credentials")]
InvalidCredentials,
/// A username that was requested for registration is already taken.
#[error("username already taken")]
UsernameTaken,
/// The request payload was too large (> 1 MB).
#[error("payload too large")]
PayloadTooLarge,
/// The request body could not be parsed.
#[error("bad request: {0}")]
BadRequest(String),
/// An unexpected server-side error occurred.
#[error("internal server error")]
Internal,
} }
solitaire_sync/src/merge.rs
+519
View File
@@ -0,0 +1,519 @@
//! Pure merge logic for sync payloads.
//!
//! All functions are free of I/O and side effects — safe to call from any
//! context including unit tests and the Bevy main thread.
use chrono::Utc;
use crate::{AchievementRecord, ConflictReport, PlayerProgress, StatsSnapshot, SyncPayload};
use crate::progress::level_for_xp;
/// Merge two [`SyncPayload`]s into a single authoritative result.
///
/// The merge strategy is additive and conflict-free for most fields:
/// - Counters: take the maximum (games_played, games_won, etc.)
/// - Best records: take the minimum for times, maximum for scores/xp
/// - Achievements: union by id, preserving the earliest `unlock_date`
/// - Cosmetic unlocks: union of both vectors
/// - Level: recomputed from merged `total_xp`
///
/// Fields that cannot be merged deterministically (e.g. diverged streak
/// counts) are recorded in [`ConflictReport`] entries returned alongside
/// the merged payload. Data is never silently discarded.
///
/// # Examples
/// ```
/// use solitaire_sync::{SyncPayload, StatsSnapshot, PlayerProgress, merge};
/// use uuid::Uuid;
///
/// let a = SyncPayload {
/// user_id: Uuid::nil(),
/// stats: StatsSnapshot { games_played: 5, ..Default::default() },
/// achievements: vec![],
/// progress: PlayerProgress::default(),
/// last_modified: chrono::Utc::now(),
/// };
/// let b = SyncPayload {
/// user_id: Uuid::nil(),
/// stats: StatsSnapshot { games_played: 3, ..Default::default() },
/// achievements: vec![],
/// progress: PlayerProgress::default(),
/// last_modified: chrono::Utc::now(),
/// };
/// let (merged, conflicts) = merge(&a, &b);
/// assert_eq!(merged.stats.games_played, 5);
/// assert!(conflicts.is_empty());
/// ```
pub fn merge(local: &SyncPayload, remote: &SyncPayload) -> (SyncPayload, Vec<ConflictReport>) {
let mut conflicts = Vec::new();
let stats = merge_stats(&local.stats, &remote.stats, &mut conflicts);
let achievements = merge_achievements(&local.achievements, &remote.achievements);
let progress = merge_progress(&local.progress, &remote.progress, &mut conflicts);
let merged = SyncPayload {
user_id: local.user_id,
stats,
achievements,
progress,
last_modified: Utc::now(),
};
(merged, conflicts)
}
// ---------------------------------------------------------------------------
// Stats
// ---------------------------------------------------------------------------
fn merge_stats(
local: &StatsSnapshot,
remote: &StatsSnapshot,
conflicts: &mut Vec<ConflictReport>,
) -> StatsSnapshot {
// win_streak_current cannot be merged deterministically — record conflict
// but take the higher value as a best-effort resolution.
if local.win_streak_current != remote.win_streak_current {
conflicts.push(ConflictReport {
field: "win_streak_current".to_string(),
local_value: local.win_streak_current.to_string(),
remote_value: remote.win_streak_current.to_string(),
});
}
let merged_games_won = local.games_won.max(remote.games_won);
let merged_games_played = local.games_played.max(remote.games_played);
// Recompute average time from the merged totals. If no wins yet, keep 0.
let avg_time_seconds = if merged_games_won == 0 {
0
} else {
// Use whichever side has more wins to approximate total time, then blend.
// We don't have total_time stored, so we reconstruct it from avg * count.
let local_total = local.avg_time_seconds as u128 * local.games_won as u128;
let remote_total = remote.avg_time_seconds as u128 * remote.games_won as u128;
// Take max total time (conservative — avoids underestimating total play time).
let best_total = local_total.max(remote_total);
(best_total / merged_games_won as u128) as u64
};
StatsSnapshot {
games_played: merged_games_played,
games_won: merged_games_won,
games_lost: local.games_lost.max(remote.games_lost),
win_streak_current: local.win_streak_current.max(remote.win_streak_current),
win_streak_best: local.win_streak_best.max(remote.win_streak_best),
avg_time_seconds,
fastest_win_seconds: local.fastest_win_seconds.min(remote.fastest_win_seconds),
lifetime_score: local.lifetime_score.max(remote.lifetime_score),
best_single_score: local.best_single_score.max(remote.best_single_score),
draw_one_wins: local.draw_one_wins.max(remote.draw_one_wins),
draw_three_wins: local.draw_three_wins.max(remote.draw_three_wins),
last_modified: Utc::now(),
}
}
// ---------------------------------------------------------------------------
// Achievements
// ---------------------------------------------------------------------------
/// Union of local and remote achievement records.
///
/// - Achievements never disappear from the merged set.
/// - If both sides have an achievement unlocked, the *earliest* `unlock_date`
/// is preserved.
/// - If only one side has an achievement unlocked, it is carried forward.
fn merge_achievements(
local: &[AchievementRecord],
remote: &[AchievementRecord],
) -> Vec<AchievementRecord> {
use std::collections::HashMap;
let mut map: HashMap<&str, AchievementRecord> = HashMap::new();
// Insert all local records first.
for rec in local {
map.insert(rec.id.as_str(), rec.clone());
}
// Merge in remote records.
for remote_rec in remote {
match map.get_mut(remote_rec.id.as_str()) {
Some(existing) => {
// Merge: once unlocked, never lock again.
if remote_rec.unlocked && !existing.unlocked {
// Remote is unlocked but local isn't — adopt remote unlock.
existing.unlocked = true;
existing.unlock_date = remote_rec.unlock_date;
existing.reward_granted = remote_rec.reward_granted;
} else if remote_rec.unlocked && existing.unlocked {
// Both unlocked — keep the earlier date.
match (existing.unlock_date, remote_rec.unlock_date) {
(Some(local_dt), Some(remote_dt)) if remote_dt < local_dt => {
existing.unlock_date = Some(remote_dt);
}
_ => {}
}
// reward_granted: true if either side granted it.
existing.reward_granted = existing.reward_granted || remote_rec.reward_granted;
}
// If only local is unlocked — nothing changes.
}
None => {
// Remote has an achievement that local doesn't know about.
map.insert(remote_rec.id.as_str(), remote_rec.clone());
}
}
}
let mut result: Vec<AchievementRecord> = map.into_values().collect();
result.sort_by(|a, b| a.id.cmp(&b.id));
result
}
// ---------------------------------------------------------------------------
// Progress
// ---------------------------------------------------------------------------
fn merge_progress(
local: &PlayerProgress,
remote: &PlayerProgress,
conflicts: &mut Vec<ConflictReport>,
) -> PlayerProgress {
// daily_challenge_streak cannot be merged deterministically.
if local.daily_challenge_streak != remote.daily_challenge_streak {
conflicts.push(ConflictReport {
field: "daily_challenge_streak".to_string(),
local_value: local.daily_challenge_streak.to_string(),
remote_value: remote.daily_challenge_streak.to_string(),
});
}
let total_xp = local.total_xp.max(remote.total_xp);
// Union cosmetic unlocks.
let unlocked_card_backs = union_usize_vecs(&local.unlocked_card_backs, &remote.unlocked_card_backs);
let unlocked_backgrounds =
union_usize_vecs(&local.unlocked_backgrounds, &remote.unlocked_backgrounds);
// Keep the most recently completed daily challenge date (latest).
let daily_challenge_last_completed =
match (local.daily_challenge_last_completed, remote.daily_challenge_last_completed) {
(Some(l), Some(r)) => Some(l.max(r)),
(Some(l), None) => Some(l),
(None, Some(r)) => Some(r),
(None, None) => None,
};
// Take the higher streak as a best-effort resolution.
let daily_challenge_streak =
local.daily_challenge_streak.max(remote.daily_challenge_streak);
// weekly_goal_progress: use whichever side has the more recent ISO week key.
let (weekly_goal_week_iso, weekly_goal_progress) =
match (&local.weekly_goal_week_iso, &remote.weekly_goal_week_iso) {
(Some(l), Some(r)) if r > l => {
(remote.weekly_goal_week_iso.clone(), remote.weekly_goal_progress.clone())
}
(Some(_), Some(_)) => {
(local.weekly_goal_week_iso.clone(), local.weekly_goal_progress.clone())
}
(Some(_), None) => {
(local.weekly_goal_week_iso.clone(), local.weekly_goal_progress.clone())
}
(None, Some(_)) => {
(remote.weekly_goal_week_iso.clone(), remote.weekly_goal_progress.clone())
}
(None, None) => (None, Default::default()),
};
// Challenge index: take the higher (further ahead in challenge progression).
let challenge_index = local.challenge_index.max(remote.challenge_index);
PlayerProgress {
total_xp,
level: level_for_xp(total_xp),
daily_challenge_last_completed,
daily_challenge_streak,
weekly_goal_progress,
weekly_goal_week_iso,
unlocked_card_backs,
unlocked_backgrounds,
challenge_index,
last_modified: Utc::now(),
}
}
/// Returns the sorted union of two `Vec<usize>` slices with duplicates removed.
fn union_usize_vecs(a: &[usize], b: &[usize]) -> Vec<usize> {
use std::collections::BTreeSet;
let set: BTreeSet<usize> = a.iter().chain(b.iter()).copied().collect();
set.into_iter().collect()
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
#[cfg(test)]
mod tests {
use super::*;
use chrono::{Duration, Utc};
use uuid::Uuid;
use crate::{AchievementRecord, PlayerProgress, StatsSnapshot, SyncPayload};
fn make_payload(stats: StatsSnapshot, achievements: Vec<AchievementRecord>, progress: PlayerProgress) -> SyncPayload {
SyncPayload {
user_id: Uuid::nil(),
stats,
achievements,
progress,
last_modified: Utc::now(),
}
}
fn default_payload() -> SyncPayload {
make_payload(StatsSnapshot::default(), vec![], PlayerProgress::default())
}
// -----------------------------------------------------------------------
// Idempotency
// -----------------------------------------------------------------------
#[test]
fn merge_is_idempotent_for_equal_payloads() {
let mut a = default_payload();
a.stats.games_played = 10;
a.stats.games_won = 5;
a.stats.fastest_win_seconds = 120;
a.stats.lifetime_score = 5000;
a.progress.total_xp = 2000;
a.progress.unlocked_card_backs = vec![0, 1];
let (merged, conflicts) = merge(&a, &a);
assert_eq!(merged.stats.games_played, 10);
assert_eq!(merged.stats.games_won, 5);
assert_eq!(merged.stats.fastest_win_seconds, 120);
assert_eq!(merged.stats.lifetime_score, 5000);
assert_eq!(merged.progress.total_xp, 2000);
assert_eq!(merged.progress.unlocked_card_backs, vec![0, 1]);
// Identical payloads produce no conflicts.
assert!(conflicts.is_empty());
}
// -----------------------------------------------------------------------
// Stats merge
// -----------------------------------------------------------------------
#[test]
fn stats_games_played_takes_max() {
let mut local = default_payload();
local.stats.games_played = 20;
let mut remote = default_payload();
remote.stats.games_played = 15;
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.stats.games_played, 20);
}
#[test]
fn stats_games_won_takes_max() {
let mut local = default_payload();
local.stats.games_won = 7;
let mut remote = default_payload();
remote.stats.games_won = 12;
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.stats.games_won, 12);
}
#[test]
fn stats_fastest_win_takes_min() {
let mut local = default_payload();
local.stats.fastest_win_seconds = 300;
let mut remote = default_payload();
remote.stats.fastest_win_seconds = 120;
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.stats.fastest_win_seconds, 120);
}
#[test]
fn stats_best_score_takes_max() {
let mut local = default_payload();
local.stats.best_single_score = 4000;
let mut remote = default_payload();
remote.stats.best_single_score = 6000;
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.stats.best_single_score, 6000);
}
#[test]
fn differing_win_streak_current_generates_conflict() {
let mut local = default_payload();
local.stats.win_streak_current = 3;
let mut remote = default_payload();
remote.stats.win_streak_current = 5;
let (merged, conflicts) = merge(&local, &remote);
assert_eq!(merged.stats.win_streak_current, 5);
assert!(
conflicts.iter().any(|c| c.field == "win_streak_current"),
"expected conflict report for win_streak_current"
);
}
#[test]
fn identical_win_streak_current_produces_no_conflict() {
let mut local = default_payload();
local.stats.win_streak_current = 4;
let mut remote = default_payload();
remote.stats.win_streak_current = 4;
let (_, conflicts) = merge(&local, &remote);
assert!(
!conflicts.iter().any(|c| c.field == "win_streak_current"),
"no conflict expected for matching streaks"
);
}
// -----------------------------------------------------------------------
// Achievement merge
// -----------------------------------------------------------------------
#[test]
fn achievements_are_never_removed() {
let unlocked = {
let mut r = AchievementRecord::locked("first_win");
r.unlock(Utc::now());
r
};
let local = make_payload(StatsSnapshot::default(), vec![unlocked.clone()], PlayerProgress::default());
let remote = make_payload(StatsSnapshot::default(), vec![], PlayerProgress::default());
let (merged, _) = merge(&local, &remote);
assert!(
merged.achievements.iter().any(|a| a.id == "first_win" && a.unlocked),
"unlocked achievement must survive merge even if absent from remote"
);
}
#[test]
fn achievements_remote_unlock_propagates_to_local() {
let locked = AchievementRecord::locked("century");
let mut unlocked = AchievementRecord::locked("century");
unlocked.unlock(Utc::now());
let local = make_payload(StatsSnapshot::default(), vec![locked], PlayerProgress::default());
let remote = make_payload(StatsSnapshot::default(), vec![unlocked.clone()], PlayerProgress::default());
let (merged, _) = merge(&local, &remote);
let ach = merged.achievements.iter().find(|a| a.id == "century").expect("must exist");
assert!(ach.unlocked);
assert_eq!(ach.unlock_date, unlocked.unlock_date);
}
#[test]
fn achievements_earliest_unlock_date_wins_on_conflict() {
let earlier = Utc::now() - Duration::hours(2);
let later = Utc::now();
let mut local_rec = AchievementRecord::locked("speed_demon");
local_rec.unlock(later);
let mut remote_rec = AchievementRecord::locked("speed_demon");
remote_rec.unlock(earlier);
let local = make_payload(StatsSnapshot::default(), vec![local_rec], PlayerProgress::default());
let remote = make_payload(StatsSnapshot::default(), vec![remote_rec], PlayerProgress::default());
let (merged, _) = merge(&local, &remote);
let ach = merged.achievements.iter().find(|a| a.id == "speed_demon").expect("must exist");
assert_eq!(ach.unlock_date, Some(earlier), "earlier date must win");
}
#[test]
fn achievements_union_includes_both_sides() {
let mut a1 = AchievementRecord::locked("first_win");
a1.unlock(Utc::now());
let mut a2 = AchievementRecord::locked("century");
a2.unlock(Utc::now());
let local = make_payload(StatsSnapshot::default(), vec![a1], PlayerProgress::default());
let remote = make_payload(StatsSnapshot::default(), vec![a2], PlayerProgress::default());
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.achievements.len(), 2);
}
// -----------------------------------------------------------------------
// Progress merge
// -----------------------------------------------------------------------
#[test]
fn progress_total_xp_takes_max() {
let mut local = default_payload();
local.progress.total_xp = 1500;
local.progress.level = crate::progress::level_for_xp(1500);
let mut remote = default_payload();
remote.progress.total_xp = 2500;
remote.progress.level = crate::progress::level_for_xp(2500);
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.progress.total_xp, 2500);
assert_eq!(merged.progress.level, crate::progress::level_for_xp(2500));
}
#[test]
fn progress_unlocked_card_backs_are_union() {
let mut local = default_payload();
local.progress.unlocked_card_backs = vec![0, 1];
let mut remote = default_payload();
remote.progress.unlocked_card_backs = vec![0, 2];
let (merged, _) = merge(&local, &remote);
assert!(merged.progress.unlocked_card_backs.contains(&0));
assert!(merged.progress.unlocked_card_backs.contains(&1));
assert!(merged.progress.unlocked_card_backs.contains(&2));
}
#[test]
fn progress_unlocked_backgrounds_are_union() {
let mut local = default_payload();
local.progress.unlocked_backgrounds = vec![0, 3];
let mut remote = default_payload();
remote.progress.unlocked_backgrounds = vec![0, 4];
let (merged, _) = merge(&local, &remote);
assert!(merged.progress.unlocked_backgrounds.contains(&3));
assert!(merged.progress.unlocked_backgrounds.contains(&4));
}
#[test]
fn differing_daily_challenge_streak_generates_conflict() {
let mut local = default_payload();
local.progress.daily_challenge_streak = 5;
let mut remote = default_payload();
remote.progress.daily_challenge_streak = 3;
let (_, conflicts) = merge(&local, &remote);
assert!(
conflicts.iter().any(|c| c.field == "daily_challenge_streak"),
"expected conflict for daily_challenge_streak"
);
}
#[test]
fn level_is_recomputed_from_merged_xp() {
let mut local = default_payload();
local.progress.total_xp = 4500; // level 9
let mut remote = default_payload();
remote.progress.total_xp = 5500; // level 10
let (merged, _) = merge(&local, &remote);
assert_eq!(merged.progress.total_xp, 5500);
assert_eq!(merged.progress.level, crate::progress::level_for_xp(5500));
}
}
solitaire_sync/src/progress.rs
+132
View File
@@ -0,0 +1,132 @@
//! Shared `PlayerProgress` definition — used by both the game client and the
//! sync server.
use std::collections::HashMap;
use chrono::{DateTime, Duration, NaiveDate, Utc};
use serde::{Deserialize, Serialize};
/// XP-to-level calculation per ARCHITECTURE.md §13.
///
/// - Levels 110: `level = floor(total_xp / 500)`
/// - Levels 11+: `level = 10 + floor((total_xp - 5_000) / 1_000)`
pub fn level_for_xp(xp: u64) -> u32 {
if xp < 5_000 {
(xp / 500) as u32
} else {
10 + ((xp - 5_000) / 1_000) as u32
}
}
/// Persisted player progression state.
///
/// Mutation helpers such as `add_xp`, `record_daily_completion`, etc. are
/// defined as inherent methods directly on this type.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct PlayerProgress {
/// Total XP accumulated across all games.
pub total_xp: u64,
/// Current player level, recomputed from `total_xp`.
pub level: u32,
/// Date of the last completed daily challenge, if any.
pub daily_challenge_last_completed: Option<NaiveDate>,
/// Current daily-challenge streak length.
pub daily_challenge_streak: u32,
/// Per-goal progress counters for the current ISO week.
pub weekly_goal_progress: HashMap<String, u32>,
/// ISO week key (e.g. `"2026-W17"`) the `weekly_goal_progress` counters
/// belong to. Cleared when a new week begins.
#[serde(default)]
pub weekly_goal_week_iso: Option<String>,
/// Indices of card-back designs the player has unlocked (index 0 is always unlocked).
pub unlocked_card_backs: Vec<usize>,
/// Indices of background designs the player has unlocked (index 0 is always unlocked).
pub unlocked_backgrounds: Vec<usize>,
/// Index of the next Challenge-mode seed to serve to this player.
#[serde(default)]
pub challenge_index: u32,
/// Wall-clock time of the last modification (used for conflict detection).
pub last_modified: DateTime<Utc>,
}
impl Default for PlayerProgress {
fn default() -> Self {
Self {
total_xp: 0,
level: 0,
daily_challenge_last_completed: None,
daily_challenge_streak: 0,
weekly_goal_progress: HashMap::new(),
weekly_goal_week_iso: None,
unlocked_card_backs: vec![0],
unlocked_backgrounds: vec![0],
challenge_index: 0,
last_modified: DateTime::UNIX_EPOCH,
}
}
}
impl PlayerProgress {
/// Add XP and recompute level. Returns the previous level so callers can
/// detect level-up events.
pub fn add_xp(&mut self, amount: u64) -> u32 {
let prev_level = self.level;
self.total_xp = self.total_xp.saturating_add(amount);
self.level = level_for_xp(self.total_xp);
self.last_modified = Utc::now();
prev_level
}
/// `true` if a level-up just occurred (current level > `prev_level`).
pub fn leveled_up_from(&self, prev_level: u32) -> bool {
self.level > prev_level
}
/// Reset weekly-goal progress when the ISO week has rolled over.
/// No-op if the stored week key already matches `current`.
pub fn roll_weekly_goals_if_new_week(&mut self, current: &str) -> bool {
if self.weekly_goal_week_iso.as_deref() == Some(current) {
return false;
}
self.weekly_goal_progress.clear();
self.weekly_goal_week_iso = Some(current.to_string());
self.last_modified = Utc::now();
true
}
/// Increment progress for `goal_id` by 1, capped at `target`.
///
/// Returns `true` if this call brought the counter from below `target`
/// to at-or-above `target` (i.e. just completed the goal).
pub fn record_weekly_progress(&mut self, goal_id: &str, target: u32) -> bool {
let entry = self.weekly_goal_progress.entry(goal_id.to_string()).or_insert(0);
if *entry >= target {
return false;
}
*entry = entry.saturating_add(1);
self.last_modified = Utc::now();
*entry >= target
}
/// Record a daily-challenge completion for `date`.
///
/// - First completion ever, or a gap of more than one day: streak resets to 1.
/// - Completion the day after the previous: streak increments.
/// - Same day as the previous: no-op (idempotent).
///
/// Returns `true` if this call recorded a fresh completion.
pub fn record_daily_completion(&mut self, date: NaiveDate) -> bool {
match self.daily_challenge_last_completed {
Some(last) if last == date => return false,
Some(last) if last + Duration::days(1) == date => {
self.daily_challenge_streak = self.daily_challenge_streak.saturating_add(1);
}
_ => {
self.daily_challenge_streak = 1;
}
}
self.daily_challenge_last_completed = Some(date);
self.last_modified = Utc::now();
true
}
}
solitaire_sync/src/stats.rs
+76
View File
@@ -0,0 +1,76 @@
//! Shared `StatsSnapshot` definition — used by both the game client and the
//! sync server to represent cumulative player statistics.
use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
/// Cumulative game statistics that travel across the sync boundary.
///
/// Game-logic mutation helpers that depend on `solitaire_core` types (e.g.
/// `update_on_win`) are provided via the `StatsExt` extension trait in
/// `solitaire_data`. File I/O helpers also live in `solitaire_data::storage`.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct StatsSnapshot {
/// Total number of games started (won + lost + abandoned).
pub games_played: u32,
/// Number of games won.
pub games_won: u32,
/// Number of games lost or abandoned.
pub games_lost: u32,
/// Current win streak length.
pub win_streak_current: u32,
/// All-time best win streak.
pub win_streak_best: u32,
/// Rolling average of win times in seconds.
pub avg_time_seconds: u64,
/// Fastest single win time in seconds. `u64::MAX` when no wins recorded yet.
pub fastest_win_seconds: u64,
/// Sum of all winning scores.
pub lifetime_score: u64,
/// Highest score achieved in a single game.
pub best_single_score: u32,
/// Wins achieved in Draw-One mode.
pub draw_one_wins: u32,
/// Wins achieved in Draw-Three mode.
pub draw_three_wins: u32,
/// Wall-clock time of the last modification (used for conflict detection).
pub last_modified: DateTime<Utc>,
}
impl Default for StatsSnapshot {
fn default() -> Self {
Self {
games_played: 0,
games_won: 0,
games_lost: 0,
win_streak_current: 0,
win_streak_best: 0,
avg_time_seconds: 0,
fastest_win_seconds: u64::MAX,
lifetime_score: 0,
best_single_score: 0,
draw_one_wins: 0,
draw_three_wins: 0,
last_modified: DateTime::UNIX_EPOCH,
}
}
}
impl StatsSnapshot {
/// Record an abandoned game (player started a new game without winning).
pub fn record_abandoned(&mut self) {
self.games_played += 1;
self.games_lost += 1;
self.win_streak_current = 0;
self.last_modified = Utc::now();
}
/// Win percentage as 0100, or `None` if no games played.
pub fn win_rate(&self) -> Option<f32> {
if self.games_played == 0 {
None
} else {
Some(self.games_won as f32 / self.games_played as f32 * 100.0)
}
}
}