My First Major Project: A Discord Bot

My first big project as a programmer was a Discord Bot written with the library discord.py. I developed it for a Minecraft YouTuber, for whom I also manage a Patreon Minecraft server and a Discord server dedicated to his community. The task of the bot was rather simple:
Allow his patreons to whitelist themselves on the minecraft server via a discord command and remove them once they aren't patreons anymore.

I achieved that using MongoDB as database, RCON to issue commands to the server via discord and a VPS to host it 24/7 and for about 3 years now the bot works.

Unveiling Flaws: Security, Design, and Efficiency Issues

However everyone who codes knows that older projects will start looking very terrible with a bit of distance. Not only did discord.py change a lot during this 3 years but I also grew as a programmer and can now cleary see A LOT of design flaws, security risks and bugs that I blissfully wasn't aware of when I launched the bot.
To name a few:

• usernames and ids aren't encrypted in the database, neither is server information

• Minecraft UUIDs aren't saved therefore the bot can't keep track of a user who changes their minecraft name

• ALL database interactions are handled by a single class that has about 20 methods and a few hundred lines of code

• setting up the bot is a tedious process of sending information back and forth in a kind of Q and A with the bot

• certain edge cases aren't considered. Like a discord server that has two minecraft servers associated with it, or users who are allowed to whitelist multiple accounts on a server

The not encrypted information in the database is also the reason why I don't share the code base of the bot at this stage.

Planning the Refactor: Fixes and Future Goals

Addressing the identified issues, particularly the safety concerns and the loophole that allows users to circumvent removal from the whitelist by changing their Minecraft name, is my immediate focus. These fixes are crucial and demand prompt action. However, this doesn't mean I'll only be applying quick patches; I'm looking at the bigger picture.

My plan goes beyond mere fixes. I'm committed to a comprehensive refactor of the entire bot. The goal? To implement it not just for the sake of improvement but to ensure the bot's architecture is solid, maintainable, and ready for future scaling. My approach is guided by key design principles, specifically SOLID for robust architecture and YAGNI to prevent unnecessary features from complicating the bot.

The first step is to roll out these essential fixes as swiftly as possible. Once stability is ensured, I'll shift my focus to a meticulous, principle-driven refactor. This approach allows me to enhance the bot's functionality and reliability without rushing the process, ensuring quality and scalability for the future.

As I navigate through the nuances of refining and enhancing this bot, I'm keen to hear from both seasoned developers and those just starting their journey. For the veterans, what pivotal lessons have you learned from refactoring your past projects? And for the newcomers, what are your apprehensions or hopes about revisiting and improving your work in the future? Your insights and reflections can greatly benefit others, offering perspectives that span the spectrum of experience in software development. Please share your stories and thoughts in the comments below—let's learn from each other and grow together.