EhsanFox

Hello MTA community! My name is Ehsan/Exxon I’m excited to share a project I’ve been working on: mtasa-nestjs – a high-level API server framework for MTA:SA, inspired by Express.js and NestJS. What is mtasa-nestjs? mtasa-nestjs is a modular, structured Lua framework that makes building server-side APIs for MTA:SA simpler and more scalable. It brings modern backend patterns like Controllers, Middlewares, Guards, Interceptors, and DTOs directly into MTA:SA resources. It’s perfect for developers who want to build secure, maintainable, and professional APIs for their game servers. Key Features Express.js / NestJS-inspired structure: Clear separation of concerns for Controllers, Middlewares, Guards, and Interceptors. JWT Authentication & Password Hashing: Built-in secure JWT (HS256) implementation and password hashing from scratch. DTO Support: Validate and structure input data for cleaner code. Middlewares & Guards: Handle CORS, JSON parsing, authentication, authorization, and more. No External Dependencies: Works out-of-the-box in Lua for MTA:SA. Why I Built This Many MTA:SA servers handle HTTP requests in an ad-hoc manner, often leading to messy and hard-to-maintain code. With mtasa-nestjs, you can structure your API like a professional backend framework, making your server easier to scale and maintain. Example Usage Creating a JWT Token: local token = jwt.encode({userId = 123, role = "admin"}, "SECRET_KEY") iprint(token) Protecting Endpoints with Guards: AuthGuard = function(ctx) local authHeader = ctx.headers["authorization"] if not authHeader then error(Exception.Unauthorized("Missing Authorization header")) end local token = authHeader:match("^Bearer%s+(.+)$") local payload = jwt.verify(token, "SECRET_KEY") ctx.user = payload return true end Why You Should Try It If you’ve ever wanted a clean, structured, and modern API architecture for your MTA:SA server, this is a great starting point. It’s fully modular, fully Lua-based, and ready to handle complex server-side logic with minimal fuss. Where to Get It Ready on my github repository called mtsa-nestjs Make sure to create your own controllers, guards and etc. I’d love to hear feedback from the community. If you try it out, let me know what features you find most useful or what could be improved. Happy coding!

Hey guys, As I was developing a new gamemode from scratch, I noticed that if I wanna create my HUD in React, and since I had to plan to have it on web, so no local files (weird to say, but I think it's more secure this way) I noticed, in CEF, I fixed the issue Frontend -> Lua connection via creating a http-server resource (will be open-source soon on my Github, I gotta say, it's a full-on HTTP framework) But as I was going on, I noticed, If I wanna build a HUD, the HUD doesn't ask for info, the server tells the CEF the info (such as health and chats and ...) So I did a bit of searching, and I found a WebSocket GitHub repo, which is called mtasa-websocket, And I wanted to know if anyone here has worked with it or set it up before, to help me to set it up as well. Or, if you have any idea of what else I can do (besides putting HUD in local files as a resource) I would appreciate hearing your thoughts.

UPDATE: I figured that it was an acl issue, that I had to enable HTTP for everyone, so the created API can be available for everyone, even the ones who don't have any auth But I will be needing help on ACL, since I am creating a new form scratch gamemode, I will need to write my own and custom acl as well. Or perhaps use the current account system of MTA as well since I can't edit to create my own And I appreciate a lot for the helps IIYAMA gave me during this issue with the stuff I had with CEF and how they should communicate.

Thanks for pointing out the way JS works to do the authorization. The weird thing is, I tried to send a test request to my created HTTP API Resource, using Postman (and some other REST clients) But they seem to all say and return 401 errors from the mta server saying "Access denied, please login" Even tho i can see in my server console saying: "[2026-01-28 11:40:56] HTTP: 'ehsan' entered correct password from 127.0.0.1" And yet returning the access denied error Have you perhaps encountered any similar issues like this? Even tho I have debug logs to see if even the HTTP router function of mine get's triggered, but it does not.

Seems like there are a lot of things that I must see and learn again from the docs, thanks for pointing that out. With this information, I can update my frontend code to connect to the API resources I will create, which will handle everything; there will be no further events between the browser and the client. But as I wrote a test API server, it seems that I have to pass in the Basic Authentication on every request, Since I won't be using the default account system, it's fine for me to just pass a basic token, but generating it is the question for me at the moment. As you provided the link on Wikipedia, I don't know what I should send in the headers. There was a client ID and a client-secret-key. Should I just create an account on my MTA server, place the username instead of the client ID, and the password instead of the secret key, and generate a Basic auth key? Then, what header should I send it with? Because if I send a normal GET request on a resource I created with httpRouter, it asks me for username and password on my alert, I put the true creds, but after submitting, I see the server logs saying that I logged in, but the API asks again. So a little help on this part would be much appreciated.

Hey Everyone, I was creating my own framework from scratch, and I wanted to use CEFs as HUD's and obviously Login pages and stuff As I was going through, I wrote the perfect browser manager for myself, But for some reason, my events from the JS to LUA are not being triggered, Even tho I opened the dev console, and I saw that "window.mta" with the "triggerEvent" function inside that exists. So Idk, is this normal to not be able to trigger an event on a remote URL? And if not, I was thinking about the structure of how it should be, I know that if it's true, then I should be able to load my login/huds of the browsers somehow and let them connect to the server as well First Solution: - Load the remote login page -> React web page API calls to Backend -> Backend talks to MTA Server But obviously, how? The MTA doesn't provide us with any resources to at least create an API server on a server-side resource, so we can manage that, and it's impossible Or maybe you have an idea about what I can do in this solution 2nd Solution: - Load a local HTML Page that has an iframe inside it, set the iframe to max width and max height, load a JS file as well, and inside that JS file, provide a bunch of functions written, such as loadURL to change the URL of that iframe, etc. Now this custom HTML loads, works (at least fine, I have to change my frontend obviously, do not know if it's good to use for HUD's either. But it works, and in this solution, as I am writing this, I can't feel sorry for myself, But I don't know how to load that HTML File XD I have a resource called "[core]", inside this has a folder of resources called "browser", and inside that we have a folder called "ui" with index.html and other files inside it.And I have no idea how to load it, or even how the loading of the JS scripts should be written inside it If you can help me with my solution, and recommend me a way via this solution, I would appreciate it.