I edited my answer :), and the idea is to only have one point of entry, which would be PlayerInfo linked to a Player, like they are actually linked to an AccessLevel, a Appearance, etc. SO drop inner variables of Player, and use only PlayerInfo to refresh those values.
The problem with having multiple points of truth is that you don't have a single one you can fully trust, that's why i trust nothing but the database and the World class. I also don't wanna touch the core at all so if I do any caching it will happen in the API level.
PlayerInfoTable retains some informations (cause player names are needed for stuff like friendlist), you probably can add missing ones, but it means you have to update it in same time otherwise you will refer to wrong values.
That whole class probably can be enhanced or used differently (PlayerInfo being maybe part of Player, once player is loaded ? Like loading an id card, which avoid duplicates variables or even caring about refreshing 2 places).
If such stuff is edited
The problem is that the offline players are not loaded in memory so the dB call is inevitable. Everything that is loaded in the in memory cache will be served by the cache when possible. If the endpoint was get online players only then yeah it would be coming from the World class.
Auth is very simple to add. It’s basically a simple middleware.
originally when I started this it was to actually make a new ACP but it’s too much work and I don’t really wanna do front end anym