Your auth plugin is here, for you. The PocketMine auth plugin with the most customization ever.
228
227
nil
Copyright (C) 2016 PEMapModder
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
- First byte written: Jan 14 2016
- First beta released: Jan 21 2016
- Authentication by typing password into chat
- sorry, no alternative, but there is an option to disallow passwords starting with slashes
- Blocks player from talking password into chat directly
- disable this in config
- Players can choose not to register (but using the /register command to start registering)
- enable this in config
- Advanced session control system over PocketMine's default one
- PocketMine by default kicks the old player if a player joins with the same name as an online player.
- HereAuth checks if the players have the same client secret (and IP address too, optional in config). If they do, that means it is from the same genuine player, so kick the old player. If they aren't, this most likely means that the new player is trying to get the old player kicked.
- Multiple database types supported
- MySQL
- filesystem (zlib-encoded JSON + SQLite3)
- External database through other plugins
- Count-limit or rate-limit accounts per IP (account-throttle)
- Time-based and attempts-based brute-force protection
- Customized automatic authentication methods
- By "customized", I mean to customize per player! This basically refers to
/opt
- By "customized", I mean to customize per player! This basically refers to
- Customized multi-factor authentication methods
- Customized data masking when player is not authenticated
- Don't let impostors see what is in your inventory!
- Don't let impostors see where you are!
- Don't let impostors see what chat messages are sent to you!
- Account management commands
-
/chpw
: change password -
/unreg
: unregister account -
/opt
: change account options (things inconfig.yml
:DefaultSettings
) -
/lock
: temporarily logout (deauthenticate) without entirely leaving the server -
/rename
: rename account
-
- Server-customized events to block when not authenticated
- Only blocks events that you want to block!
- Enforced password control
- Maybe we are being nanny, but we should disallow players to have weak passwords!
- Require custom extra information from players
- Server-customized messages
- Extensive audit logging
- Database importing
- AccountReader
- SimpleAuth
- YAML
- SQLite3
- MySQL
- ServerAuth
- ServerAuth hash algorithm detection
- YAML
- MySQL
- SimpleAuth
- AccountWriter
- JSON
- MySQL
- AccountReader
- An extensive API (W.I.P.)
Open this phar directly with PHP binaries to automatically extract the config files.
- 71 PHP source files
- 5304 lines of PHP code
- minus 1065 lines of license header
- Total: 4239