LoginPlugin
DESCRIPTION
Minecraft... What an amazing game... Except when the server is down, and when you can't play anymore... Well, this plugin might be a solution! Whenever a player join your server, he won't be allowed to do anything if he didn't log in (using /login command).
It is using a MySQL database, and a personalised encryption process. This way, you can create a website on which people will sign in, and use the very same password to log into your Minecraft server. You can also use this plugin to let people play only if they have an account on your server. That way, you can filter players more efficiently.
DATABASE STRUCTURE
- A Column <ColUsername>
- A Column <ColPassword>
- Any other column you want, as soon as you describe it in the encryption formula.
Where ColUsername contains a username, and ColPassword contains an encrypted password.
THE FORMULA THING
As everybody might want to use a different kind of encryption process, my idea was to let you the choice. Here is how it works :
You only have few functions available right now :
- MD5, MD2 => require 1 parameter
- SHA1, SHA256, SHA384, SHA512 => require 1 parameter
- CONCAT => require 2 or more parameters
- DB => require 1 parameter
- PASS => don't require any parameter
Each function will return a String, so you can combine them together. Here are few examples :
- MD5(PASS()) => will return a MD5 hash of the password given by the player.
- MD5(CONCAT("salt",PASS())) => will concatenate the given password with the String "salt", and create a MD5 hash of the result
- SHA1(CONCAT(PASS(),MD5(DB("username")))) => will create a MD5 hash of the "username" column from the database, concatenate it with the given password, and create a SHA1 hash of the result
- And so on...
The result of this formula will be compared with the content of the <ColPassword> in the database. If it's the same String, then the player is allowed to play.
WARNING : You must be careful and you shouldn't put any space in the formula, except in the String.
TODO
- Add SQLite database support;
- Create a default configuration file outside of the archive.
- Add more functions for the hash formula;
- Associate an action on each event (login fail, login success, ...) so that the database can keep a record of it.
- Add a /register for people who don't want to go online (op should be able to activate/deactivate it);
- Add a /valid-request for op, to validate request for an account;
- Add a /forgot-account command;
- Add a /login-enable and a /login-disable command;
- Add a /let-play command to let a player play for a certain amount of time (requires op permissions);
- ... (any suggestions?)
COMMAND
- /login <password> - Will try to log the player in with his pseudo and the given password.
PERMISSIONS
- login.login
INSTALLATION
- Download "LoginPlugin.jar" file
- Edit "config.yml" in the LoginPlugin.jar file you've downloaded
- Copy the archive in your "plugins/" folder
- Restart your server
VERSIONS
- v0.1 - first release.
- v0.2 - Add algorithm, encryption process. Reorganize code.
NEWS
I wont be able to keep on working on this project before the end of November. I will release the source code for anyone who would like to re-use it. I'm sorry about that, but be sure I will not let it down. Cheers!
If you have any questions, please ask me! If you have any suppositions, please tell me!
cool
Its not working! I do register with my password and then it says /register <pass>
Please release this plugin for CB 1.8 please. Porfavor libere este plugin para CB 1.8 Porfavor.
COMO ABAIXO ?
I forgot my password from a long time ago. i found a new server that requires this but i registered on a different server a long time ago and I don't remember it. Is there a way to reset the password? Also the server's website doesn't have a contact info.
@ShadowOfAGamer : This plugin only allow players to login with a valid, used account. But, sounds like a good idea to add an IP address checker. @a123b : I will release the source in a minute. ;) @Jake_Griffin : This is not exactly the purpose of this plugin, but it sounds interesting. I'll see if I can do something about it. @StuckingFoned : That's a good idea. I'll do that! @thomas_ruby_dragon_studios : My pleasure! :)
I'm sorry I can't work on the plugin right now, but I should be available for it around the end of November. Sorry about that!
Theobalt
Does this plugin support 1 computer at a same IP adress when you register an account?
Where can I get the source from?
Could I possible suggest a change?
Would it be possible for you to make a /register command which [optionally] does not require a password, /login is not required and the user automatically changes PEX group? I'm not sure if there is already a plugin that does this, but I can't find it!
Just to recap: Player logs in for the first time - in default group with only the chat permission node (Visitor). If the player wants to build etc. they type /register and it teleports them to a rules room. The player views the rules and it tells them to type /accept and they get teleported back to the spawn area as a different PermissionsEx group.
Sorry that this is detailed or too specific, let me know if this is possible or this has been done previously!
Thanks
Looks very promising!
Please add seperate custom database/table/column for username and seperate for pass, to allow all kinds of setup like forum user details etc and custom logins.
thank god for this!!! XD you have saved my server!
Yep, that's it! You can use a website to manage your database. And, in a future release, you will be able to subscribe directly from your Minecraft server. But I also want admins to have the choice between automatically allow people to get an account or not. So I still have a lot of work! ;) Cheers!
Not sure if i understood it correctly, but if you have a website where you can register, you then send those credentials to a mysql database, and then you can log in with this plugin? Also for those who want to register in-game, what about using DBPassword to generate a password in-game, so the user can log in with that password?
Thanks junkhacker, that's a good idea (much better idea than mine ;) ). For the installation process, I still have to do some modifications. So far, you have to open the jar file you've downloaded, and edit the "config.yml" file in it. I know that it's not really convenient, but I'll do something about it ASAP!
Cheers!
so, with this plugin i could guarantee that my users would be able to get on my server even if the minecraft login server is down, right? (hint: use something like that as the description. it's not about piracy, it's about control over your users' login credentials. ensuring that your users will be able to get on your server, even if the official system is down, as it is at the moment i'm writing this.) I would love to try your plugin but i'm stuck at the instruction "Edit "config.yml" in the archive" i see no archive, and no default configuration data was generation on the first run of the plugin.
Let's say that it's a plugin to allow access to your private server only for your friends... ;-)
Shame on you, Mr Piracy Supporter.
I just run some test and it's working for me. Are you sure you did edit the config.yml into the jar file? You can check your sever log to have a description of the error. If it's still not working, send me a private message. Cheers!
it doesn't realy work for me i can type /login [whatever i want] and it will log me in
@CharlesWCrete
Another cool solution would be to force it with a permission node. i.e. login.force. This could be given to moderators who have high-priority accounts. Also, a /logout command would be VERY cool, it could be used as an "AFK" command to protect an account when somebody is not at a computer (and more than likely has "remember password" enabled)