Like most problems in computer science, someone has already found a solution and converted it into code. In this regard, we have been particularly benefited by so many generous (and very smart) programmers who distribute their solutions through open source projects.
In this section, I invite you to look for existing solutions instead of taking the time to write your own. Although coding complex solutions to interesting problems is always fun (unless, maybe, your boss is pressing you about an upcoming deadline), you may find that your efforts are better invested in making your actual game.
As we've discussed in Chapter 2, Setting Up the Environment, having access to the Node.js ecosystem gives you a lot of leverage to find, use, and eventually share great tools for many problems that you may come across when you develop your games.
In sticking with the theme of security and fair play, what follows is a list of common tools that we can use through Npm and Bower (as well as Grunt and Gulp) to help us deal with security in our games.
This module allows you to validate and sanitize data very effortlessly. You can use validator on the server as well as in the browser. Simply require the module in and call its various methods on your input:
var validator = require('validator'),
validator.isEmail('[email protected]'), //=> true
validator.isBase64(inStr);
validator.isHexColor(inStr);
validator.isJSON(inStr);There are methods for checking just about any type of data or format as well as to sanitize data so that you don't have to write your own functions for it.
This simple module is used to hash strings using a variety of algorithms. To use the library as a standalone library in the browser, you can also import it using Bower:
bower install js-sha512
To use js-sha512, simply require it to the desired hashing function and send it the string to be hashed:
sha512 = require('js-sha512').sha512;
sha384 = require('js-sha512').sha384;
var s512 = sha512('Rodrigo Silveira'),
var s384 = sha384('Rodrigo Silveira'),As mentioned previously, Google's closure compiler is a very powerful software that was open-sourced several years ago. The benefits that can be gained by using the compiler extend far beyond simply wanting to obfuscate code. For example, the compiler allows you to annotate your JavaScript code with data types, which the compiler can then look at and tell you whether a variable violates that contract:
/**
* @param {HTMLImageElement} img
* @constructor
*/
var Sprite = function(img) {
this.img = img;
};
/**
* @param {CanvasRenderingContext2D} ctx
*/
Sprite.prototype.draw = function(ctx) {
// ...
};
/**
* @param {number} x
* @param {number} y
* @param {Sprite} sprite
* @constructor
*/
var Player = function(x, y, sprite) {
this.x = x;
this.y = y;
this.sprite = sprite;
};In the given sample code , you will note that the Player and Sprite constructor functions are annotated with the @constructor annotation. When the closure compiler sees the code calling these functions without a new operator, it will deduce that the code is being exercised in a way different from how it was intended and raise a compilation error so that you can fix the bad code. In addition, if you attempt to instantiate a Player, for example, and the value sent to the constructor is not a pair of numbers followed by an instance of the Sprite class, the compiler will bring this to your attention so that your code can be corrected.
The easiest way to use the closure compiler is to lean on Grunt or Gulp and install the equivalent build task for closure. The popular solutions are as follows:
// For Grunt users: npm install grunt-closure-compiler // If you prefer Gulp: npm install gulp-closure-compiler