LoginSecurity
LoginSecurity
LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.
How does it work?
Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.
Features
- Register your account optional or required (change in config)
- 5 Useful commands to mangage your password
- Advanced administrative control
- Advanced documentation via wiki
- Secure password storage using BCrypt
- Secure sessions storing to improve user experience
- Customizable time-out
- Map captcha upon registration (user friendly)
- Conversion from AuthMe and xAuth (check wiki for more info)
- Premium support through AutoIn
- Automatic update with changelog overview
- Username filtering (length and characters)
- Highly detailed configuration
- Automatically updated translation manager (user-submitted)
- Prevents being kicked by orther players loging in with your name
Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)
Commands
/lac - Admin command, rmpass and reload
/register <password> - Set your password
/login <password> - Login with your password
/changepass <old> <new> - change your password
/logout - Logout
Permissions
- loginsecurity.admin - allows admin command
- loginsecurity.update - shows update notifications
Video
Thanks to ServerMiner for making this informative tutorial
Orther tutorials: German (by MineCraftler4Live)
Planned
- Add translation interface for easier language selection
- Suggestions?
Known Bugs
- Players can mount/dismount and ride on vehicles while not logged in
Disclaimer
By default, LoginSecurity will check for updates from bukkitdev every 3 hours.
This feature can be disabled by setting "update-checker" to "false"
Anyone with the permission node ls.admin will be notified of updates, and it also able to download them via /lac update.
Which again can be disabled by disabling the update-checker
This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:
- A unique identifier
- The server's version of Java
- Whether the server is in offline or online mode
- The plugin's version
- The server's version
- The OS version/name and architecture
- The core count for the CPU
- The number of players online
The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
Additionally, when the language setting is changed, information is retrieved from lang.lenis0012.com to aquire up to date translations.
Links
- v3.0.2 - Download (18 - 1.15)
- Source code (GitHub)
- https://github.com/lenis0012/LoginSecurity-2/wiki (Wiki)
- https://github.com/lenis0012/Translations/wiki/Contribute (Translation Contribution)
Donate
If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner
@LHammonds
oh haha
uploaded wrong jar :P
ill upload v1.5.5 today
the right jar
Hehehe...seems "LoginSecurity v1.5.4" is incorrectly associated to "Marriage.jar" which is about 28 kb....and 1.5.3 was 18 kb and 1.5.5 is 19 kb.
LHammonds
@OnyxianSoul
get a pre-release of v1.5.5 with /changepass here:
https://dl.dropbox.com/u/67122021/LoginSecurity.jar
@RasCas
fixed problem with blindness removing
fixed error in console (i hope)
added ip-lock for login session
get v1.5.4 now!
Fix change pass command as soon as you can, thanks Onyxian
@RasCas
its not immporsant, it does not infect features, all it does it displays an error
it will be fixed
Posted to early :-(
2012-09-19 20:20:09 [SEVERE] Exception in thread "pool-1-thread-10" 2012-09-19 20:20:09 [SEVERE] org.apache.commons.lang.UnhandledException: Plugin LoginSecurity v1.5.3 generated an exception while executing task 79 at org.bukkit.craftbukkit.scheduler.CraftAsyncTask.run(CraftAsyncTask.java:56) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.lang.NullPointerException at me.lenis0012.ls.LogginSession$1.run(LogginSession.java:32) at org.bukkit.craftbukkit.scheduler.CraftTask.run(CraftTask.java:52) at org.bukkit.craftbukkit.scheduler.CraftAsyncTask.run(CraftAsyncTask.java:53) ... 3 more
@TeamCobalt
I gave it another try and updated some other plugins. Up to now the console error has not occured again. I think it was a conflict with multiverse inventories, maybe.
@RasCas
I'll check that out tomorrow
@RasCas
I'll check that out tomorrow
@TeamCobalt
It did not work, the error was with 1.5.3 and Blindness was not removed at all. I had to disable it in the config. ..and wait about 15 Minutes to see again.
I would love to use 1.5.3 but the errors stopped me from doing so.
PS, i am on latest Dev Build of Bukkit if this is important.
@RasCas
ok, ill fix the typo
it removes the blindness on /login <password>
not on movement anymore
but ill just try debuging it in v1.5.3
also, 1 thing is imporsant,
if you have a cracked server, be carefull with the login session
im adding a ip-lock on it next update
but you should not get any errors.
please use v1.5.3 since it has an update notifier
back to 1.5.2 :-(
2012-09-17 18:17:11 [SEVERE] Exception in thread "pool-1-thread-8" 2012-09-17 18:17:11 [SEVERE] org.apache.commons.lang.UnhandledException: Plugin LoginSecurity v1.5.3 generated an exception while executing task 759 at org.bukkit.craftbukkit.scheduler.CraftAsyncTask.run(CraftAsyncTask.java:56) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.util.ConcurrentModificationException at java.util.WeakHashMap$HashIterator.nextEntry(Unknown Source) at java.util.WeakHashMap$KeyIterator.next(Unknown Source) at me.lenis0012.ls.LogginSession$1.run(LogginSession.java:29) at org.bukkit.craftbukkit.scheduler.CraftTask.run(CraftTask.java:52) at org.bukkit.craftbukkit.scheduler.CraftAsyncTask.run(CraftAsyncTask.java:53) ... 3 more
BUG with latest version, i used Blindness, but it won't go away on Player move. :-(
PS: typo continuing not continueing ;-) Besides this session works fine.
@XxHellFirexX
no problem m8!
I LOOOOOOVE YOU
i was looking for hours for such a plugin, suddenly i saw yours!!
THANK YOU ALL!!!!!!!!!!!!!!
@Gonzoman10
sounds like a change in the server software, sorry m8
i really like your plugin but is there a feature that i could ask for....... that it allows premium players to login, while none premium players can only login with 1 ip... i have friends who don't have money at the moment to buy minecraft but like to play on my server.... but i can't let them in becuase then people come in with some of my staff's names and just messes up the server..allowing non premium members to login with 1 ip would make it perfect for me.... i hope that you understand my situation... my server ip is 173.231.5.149.. premium at the moment
add translation support
@dotapurex1
good point! ill add that soon
@bukkitdood
ill do that
@RasCas
the point is that you can only catch the potion effect from an action
not with a command