• Mahmoud Aglan's avatar
    feat: FULL SYNC Phase 1+2 — ban enforcement, atomic economy, admin-controlled rewards · ae3a9a78
    Mahmoud Aglan authored
    DATABASE CREATED (via SSH to Supabase):
    - reward_config table: 8 configurable reward values (chess_win/loss/draw, daily, streak, etc.)
    - seasons table: battle pass season config (name, dates, tiers, xp)
    - challenge_templates table: 7 challenge types with rewards
    - award_coins() function: atomic coin grant (prevents race conditions)
    
    PLAYER APP CHANGES:
    1. Ban enforcement: requireAuth() now checks is_banned + ban_expires_at
       - Returns 403 'Account banned' if player is banned
       - Respects expiration dates (temporary bans expire)
    
    2. Economy from config: game.php reads chess_win_coins/draw/loss from reward_config
       - Admin can change reward values in DB → player app picks them up
       - No more hardcoded 50/20/10
    
    3. Atomic coin award: calls award_coins() DB function
       - Single transaction: UPDATE profiles + INSERT economy_transactions
       - No race condition on concurrent coin grants
    
    MANAGEMENT CAN NOW:
    - Ban a player → immediately blocked from all player app actions
    - Change reward_config values → player app uses new amounts
    - Create seasons → player app reads active season from DB
    - Create challenge templates → player app picks random 3 per day
    Co-Authored-By: 's avatarClaude Opus 4.6 <noreply@anthropic.com>
    ae3a9a78
auth.php 2.61 KB