Veyra is a lightweight verification management API designed specifically for SS13 servers.
gh repo clone Monkestation/Veyra
cd Veyranpm installnpm startnpm run devThe system will be available at:
http://localhost:3000
HOLY FUCK Important: Change these before deploying to production.
- Username:
admin - Password:
admin123
POST /api/auth/login
Content-Type: application/json
{
"username": "admin",
"password": "admin123"
}Get single verification
GET /api/v1/verify/:discord_id
Authorization: Bearer <token>List verifications (with pagination & search)
GET /api/v1/verify?page=1&limit=50&search=searchterm
Authorization: Bearer <token>Create/Update verification
POST /api/v1/verify
Authorization: Bearer <token>
Content-Type: application/json
{
"discord_id": "123456789",
"ckey": "username",
"verified_flags": {"verified": true, "role": "player"},
"verification_method": "discord"
}Update verification
PUT /api/v1/verify/:discord_id
Authorization: Bearer <token>
Content-Type: application/json
{
"ckey": "new_username",
"verified_flags": {"verified": true, "role": "admin"}
}Delete verification (admin only)
DELETE /api/v1/verify/:discord_id
Authorization: Bearer <token>Create a .env file or set environment variables:
PORT=3000
JWT_SECRET=your-super-secret-jwt-key-here
ADMIN_USERNAME=admin
ADMIN_PASSWORD=your-secure-passwordThe system automatically creates the following tables:
id– Auto-increment primary keyusername– Unique usernamepassword_hash– Bcrypt hashed passwordrole– User role (adminoruser)created_at– Creation timestamp
id– Auto-increment primary keydiscord_id– Discord user ID (unique)ckey– Character key/usernameverified_flags– JSON object with verification dataverification_method– How verification was performedverified_by– Admin who verified the usercreated_at– Creation timestampupdated_at– Last update timestamp
- JWT-based authentication
- Password hashing with bcrypt
- Rate limiting (100 requests per 15 minutes)
- Role-based access control
- Input validation
- SQL injection protection
- Statistics overview
- Search and filter verifications
- Add new verifications
- Edit existing records
- Delete records (admin only)
- Pagination for large datasets
async function checkVerification(discordId) {
const response = await fetch(`/api/v1/verify/${discordId}`, {
headers: { 'Authorization': `Bearer ${token}` }
});
if (response.ok) {
const data = await response.json();
return data.verified_flags;
}
return null;
}async function importVerifications(verifications) {
const results = [];
for (const verification of verifications) {
const response = await fetch('/api/v1/verify', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify(verification)
});
results.push({
discord_id: verification.discord_id,
success: response.ok,
error: response.ok ? null : await response.text()
});
}
return results;
}- Change default admin credentials
- Set a strong JWT secret
- Configure HTTPS
- Enable proper logging
- Set up database backups
- Configure monitoring
- Review rate limits
- Configure CORS if needed
Dockerfile
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
EXPOSE 3000
CMD ["npm", "start"]server {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}- Update the database schema if necessary
- Add the new method to the dashboard dropdown
- Implement verification logic in the backend
The verified_flags field accepts arbitrary JSON data:
{
"verified": true,
"role": "admin",
"permissions": ["ban", "kick", "mute"],
"verified_date": "2024-01-01",
"notes": "Verified through Discord authentication"
}Database locked error
- Ensure only one instance is running
- Check file permissions on
verification.db
Token expired errors
- Tokens expire after 24 hours
- Re-login to get a new token
Permission denied
- Verify the user role (admin vs user)
- Ensure token is valid
Logs currently output to the console.
MIT License – see the LICENSE file for details.