Wyvern Alpha Release Disaster
After honestly about 4 months of tears and Cross-Origin-Resource-Sharing errors, I have finally come up with a way to ship Wyvern off to production.
This has been my longest "consistently" worked on project ever (I worked on some part of it at least once a month). I started Wyvern on November 2nd, 2021. It is not October 8th, 2022. Almost a year, and I have a bug filled production version!
If you don't know what Wyvern is, I don't blame you. I haven't hyped it up enough. Basically, Wyvern is a bad recreation of Discord. It's not done, never will be, but I am attempting to implement all the core features of Discord.
The current version of Wyvern, available at https://wyvern.tkdkid1000.net is entirely custom CSS, and pretty much entirely home made React Components. (Wyvern may be down as I am working on breaking changes to fix the bugs...)
Anyway, I finally released alpha v1 after some motivation by certain people, and hell occurred.
The dangers of production
I never realized how much stuff breaks in production. Developers aren't great at catching bugs, our self arrogance makes it so we don't think about bugs that much. A good beta tester however, they are gonna try in every way to break your app.
First issue: I had literally no security whatsoever. Yep. So, Wyvern uses these things called Websockets, they allow for realtime message sending between a client and a server. Well, when I was listening for a chat message, I never verified that the user sending said message was even in the guild they were sending it in. Heck, I didn't even check if the user was in the guild. You could literally enter a certain guild's URL into the browser, and start chatting in someone else's guild.
This was an issue, not only could users use any channel by the previous bug, every channel ever created was visible in the channel navigator, regardless of the guild!
There were many other small things, but these were the significant ones.
I am working on fixes for all of these, and I have a theory of how all of the bugs started: I wasn't standardizing my requests.
You could make an api request, and it would do something completely different than making the same request to the websocket server. None of the api requests even sent stuff to the websocket users! This is where my next release (eventually) will come in. I am creating specific functions for handling every action. Ok, not every action, but any writing action.
My read requests to the database were mostly fine, so I can handle those. Most of my writes however, did not update things realtime. I am standardizing every action into the new
server/src/functions directory, where I'm writing things like
createChannel. They all take specific parameters, and then I can just put these functions into an api/websocket request. Much easier!
I am taking this slowly, mostly only rewriting the existing ones. What did I notice? I ended up creating React hooks for every server side function. It was a really weird coincidence that I genuinely did on accident. Either way, this new system is working out pretty well.
Wanna help in this boring process of code refactoring and writing React hooks? You can always contribue over on GitHub, even if you don't know too much, I am willing to assist anyone wanting to learn contribute to Wyvern.
Important Note: If you, yes you, reading this article, if you find a bug/error/security exploit in Wyvern, do tell! Make an issue in the Wyvern repository, and I will make it my highest priority to fix it.
That's all for now folks! Stay alive!
The 2 older versions of TKDKid1000's website worked, but they had their issues. In this article, I explain the history of these websites, and why and how I'm switching to Next.js and Firebase.
You must be logged in to comment!