On Attack List and Player Profile, render the players army size

There's an issue with the overall ranking calculation or script that sets the values. See screenshot. Player with rank of 0 and two players with a rank of 2

As the API is currently authenticated with cookies, it's possible to commit CSRF (Cross Site Request Forgery) requests tricking players into performing actions they don't want to.

Switch to authenticating requests using an Authorization header and a Bearer token.

The Armoury is a key feature of DarkThrone. It allows for much more control over the offensive and defensive power that a player has. Players can purchase different types weapons and armour for their units to use.

• Players cannot exploit this for additional power.
  • Equipment MUST be used by a unit.
  • Surplus items have no effect on player stats.
• Selection is limited and additional items are unlocked with upgrades (Not a part of the Alpha).
• Players can sell excess items to regain some of the items value.

ToDo

• Compile list of available items with prices.

Screenshots from original game

Just tested out some validations, you can untrain citizens by sending over negative numbers :D

➜ project_api git:(main) curl 'https://api.darkthronereborn.com/training/train' \
 -H 'Accept: application/json, text/plain, */*' \
 -H 'Accept-Language: en-US,en;q=0.9,ro;q=0.8' \
 -H 'Connection: keep-alive' \
 -H 'Content-Type: application/json' \
 -H 'Cookie: DTAC=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySUQiOiJVU1ItMDFIUUUyUUg2MU00TVMzVFNFNVMwVFlNVlEiLCJpYXQiOjE3MDg3OTU4NzIsImV4cCI6MTcwODg4MjI3Mn0.etEhJMm6JpbTGGmFWmdi2ugxRNsY2mpngDbcoONJ6xc; ph_phc_Tbfg4EiRsr5iefFoth2Y1Hi3sttTeLQ5RV5TLg4hL1W_posthog=%7B%22distinct_id%22%3A%2218ddf239e00435d-0554c020e8f8c2-1e525637-29b188-18ddf239e014928%22%2C%22%24device_id%22%3A%2218ddf239e00435d-0554c020e8f8c2-1e525637-29b188-18ddf239e014928%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1708845669972%2C%2218ddf239e547c9-0d81210e11ffdd-1e525637-29b188-18ddf239e554cf4%22%2C1708845669972%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D' \
 -H 'DNT: 1' \
 -H 'Origin: https://play.darkthronereborn.com/' \
 -H 'Referer: https://play.darkthronereborn.com/' \
 -H 'Sec-Fetch-Dest: empty' \
 -H 'Sec-Fetch-Mode: cors' \
 -H 'Sec-Fetch-Site: same-site' \
 -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/[121.0.0.0](https://121.0.0.0/) Safari/537.36' \
 -H 'sec-ch-ua: "Not A(Brand";v="99", "Google Chrome";v="121", "Chromium";v="121"' \
 -H 'sec-ch-ua-mobile: ?0' \
 -H 'sec-ch-ua-platform: "macOS"' \
 --data-raw '[{"unitType":"worker","quantity":-1}]' \
 --compressed
{"message":"Training Complete"}%

This makes it possible to untrain.

also tested and it seems that you can gain population by having negatives for any citizen type -> sent over -1000 defense got a lot of gold and population being able to attack with a nice offensive force

You can still try to create a new player even if the validation fails, you then get redirected to the Player Select screen.

The error is easy to miss, we should make it 🔴 and make the create player button disabled so the user has more feedback.

To comply with regulations such as GDPR, Users must have the ability to delete their account if they wish. The process for account deletion should protect against the possibility of malicious intent. Once a user has chosen to delete their account. All players associated with that user are marked as deleted and are removed from the game. After 3 months. The data is deleted forever.

Acceptance Criteria

• Players marked as deleted are not accessible
  • They do not appear in attack lists
  • Only the user can fetch their data from the API
• The Usernames of deleted players are un-available for new players.
• After 3 months, players marked as deleted are removed permanently from the game (the rows are deleted)
• Deleted Users remain in the system for 3 months from the data of deletion.
  • After 3 months, all data related to the user is removed from the database.

Fortification is a structure that the player can upgrade. With each structure upgrade, the player receives bonuses. These bonuses improve Gold per turn, defence strength and more.

Registration does not appear to work in the Chrome browser running on Android. There is no visual feedback to the user on what the issue is, it simply seem to be the case that nothing happens.

Source

I tried registering on mobile but tapping register did not seem to do anything, also, I received no email address

https://www.reddit.com/r/DarkThroneMMO/comments/1aywhhm/comment/krxya3z/?utm_source=share&utm_medium=web2x&context=3

For every level the player gains, they also gain a single proficiency point. These can then be spend on one of five possible upgrades. Spending a proficiency point is permanent.

The upgrades are:

• Strength (Offence Boost)
• Constitution (Defence Boost)
• Wealth (Income Boost)
• Dexterity (Spy & Sentry Boost)
• Charisma (Reduced Prices)

One point spent is equal to a % increase. Example, 50 points spent on Strength will result in a 50% boost to Offence Stats.

Prepare and publish documents outlining our legal position on:

• Privacy, GDPR, CCPA, etc.
• Cookies
• Terms and Conditions

A key feature of DarkThrone is the ability to bank gold. Any gold that a player moves to the bank is safe and cannot be stolen by another player, no matter how much they attack.

Limits

There are limits to banking to help keep the game balanced. These are more-or-less pulled from the original game however and can be changed in the future if required.

Deposit amount

Players can deposit a maximum of 80% (rounded down) of their current balance into the bank in a single transaction.

Slots

Players are limited to a maximum of 3 deposits within a 24 hour period. Example:
Player banks at 09:00, 13:00, and 16:00. After this, they are unable to bank again until 09:00 the next day when one of the bank slots opens up again.

History

Players can see a history of their transactions with details of when and how much they deposited.

As a matter of balance and fairness, the original DarkThrone limited which players could be attacked to those within a range of levels around you, usually 6 below and 7 above.

This is an example. The player in she screenshot is level 52.

To begin with, we will implement the same range, this may be expanded in the future depending on testing and player feedback.

Requirements

• Restrict which players can be attacked with a range of levels of the player.
• Reject API requests attempting to attack outside of this range
• Implement front end validation and prevent the player from attempting to attack outside of the range
• Render the range that the player can currently attack within on the attack list.

Once per day, shortly after 00:00. Find the top ten players across each of the ranking categories and record their positions.

Overall categories look at current stats accumulated across the players account lifetime. They are by:

• Level
• Overall Rank
• Total Population
• Army Size
• Gold on Hand
• Banked Gold
• Attacks Won
• Defends Won

Daily categories are based on what happened exclusively in the 24 hour period for the previous day. 00:00:00 - 23:59:59:

• Attacks Won
• Gold Pillaged
• Banked Gold
• Attacks Won
• Defends Won

Time and next round seem to add up to hour:31 / hour:01

Also, next turn countdown jumps from 8:01 to 7:60 instead of 8:01 -> 8:00 -> 7:59:

As a way to make issue trouble shooting easier as well as to confirm that a deploy has completed successfully, render the commit hash in the apps.

API - Add it to the health check response
Web App & Placeholder Site - Add it to the page footers

Gold is updated only after refreshing the page after a successful attack

Each player have an Overall Rank. This rank represents how they compare to the rest of the players in the game. Multiple aspects go into determining the players Overall Rank.

• Ranks are calculated every hour.
• Players cannot have a joint rank.
• Overall Rank is public and appears on a player's profile.
• The Attack list is ordered by Overall Rank in ascending order.

Proposed Calculation

(Offence Strength + Defence Strength + Gold Per Turn) * ((Total Attacks + Total Defends) / (Attacks Won + Defends Won))

Users creating new player accounts for the sole purpose of boosting their main should be discouraged. Having more player accounts is, generally, a good thing. The issue is when we end up with spam accounts.

Suggestion, we implement some form of limit on player creation. Possible limit mechanisms:

• No more than X in a specific period of time. Example 1 new one every 10 days.
• Require users original player to reach a certain milestone. Example, 5k experience.

I'd be very interested in thoughts on this one. It's impossible to stop users from getting around this, they could simply create new accounts. The goal is to design the system in a way to discourage the behaviour.

Player Display Names need to be unique. It should not be possible for two players to have the same display name.

Additional Validations:

• Regex match ^[a-zA-Z0-9_]*$
• Min length 3 characters
• Max Length 20 characters

I received a update on my linux OS and it removed my chrome settings and extensions, ergo I lost access to what details I used for the account

I am requesting a forgot password function so I can re gain access, I assume this is already in the works.

The current player attack list lacks pagination, leading to potential performance issues and usability concerns as the list grows. Implementing pagination will ensure the list remains manageable both on the backend and frontend. This feature ticket involves updating both backend and frontend components to enable pagination functionality.

Requirements

• The API endpoint to fetch All players is paginated
• Records are ordered by overall rank in ascending order
• The front end includes pagination navigation at the bottom of the page allowing for moving between previous and next pages as well as a number selection.
• Paginated responses are 100 records at a time
  • Ideally, page size can be specified as an optional additional param.