AuthMe Reloaded
The most famous and used /login|/register plugin!
WARNING: if you want to try the newest features please use the latest dev build! (https://ci.codemc.org/job/AuthMe/job/AuthMeReloaded/)
Prevent username stealing:
AuthMe Reloaded prevents players who aren't logged in from actions like placing blocks, moving, typing commands or seeing the inventory of the current player.
Anti-Spoof:
The possibility to set up name spoof protection kicks players with uncommon long or short player names before they could actually join.
Sessions:
Login Sessions make it possible that you don't have to login within a given time period.
Configurable:
Each command and every setting can be enabled or disabled by a easy structured config file.
Translatable:
If you don't like English or don't like our default translations you can easily edit almost every message sent by the plugin!
Features:
- E-Mail Recovery System!
- Playername spoof protection
- Countries Selection! (countries codes)
- AntiBot Features!
- Protection against "Logged in from another location" messages
- Two-factor (2FA) support!
- Login sessions
- Editable settings & messages
- MySQL and SQLITE support
- Supported hash algorithms: Available Hash Algorithms
- Supports tons of CMS! (Website integration)
- Custom MySQL tables/columns (useable for forums, other scripts)
- Database queries can be cached
- Compatible with NPC and CombatTag plugins
- Account restriction through IP and name
- Permissions group switching on un-logged-in
- Different permission group for Registered and unRegistered users
- Support for permissions onJoin with transient vault system
- Cache on file for all inventories and enchants for un-logged-in players
- Save Quit location to prevent loss of position
- Possible to use without a Permissions plugin
- Automatic backup system of all your user password data
- Default Language Style: en, de, br, cz, pl, fr, ru, hu, sk, es, zhtw, fi, zhcn, nl, and others! (feel free to send me new translations)
- Convert SQLite to an usefull authme.sql that you can import on a MySQL database!
- Import your database from Rakamak, CrazyLogin, RoyalAuth, vAuth !
Support:
Configuration
Commands
Permissions
Warning: if you're updating from AuthMe 3.4 to 5.2+ you need to change the permissions nodes.
List of all single permissions
How To
- How to use the converter
- WebSite Integration
- How to convert from Rakamak
- Convert from SQLite to MySQL: set MYSQL as backend and run the "/authme converter sqlitetosql" command.
Source: Source Code on Github
JavaDoc: AuthMe Javadoc
Dev Builds
Development builds of this project can be acquired at the provided continuous integration server. These builds have not been approved by the BukkitDev staff. Use them at your own risk.
DevBuilds: ci.codemc.org
Maven dependency:
<repositories>
<repository>
<id>codemc-repo</id>
<url>https://repo.codemc.io/repository/maven-public/</url>
</repository>
</repositories>
<dependencies>
<dependency>
<groupId>fr.xephi</groupId>
<artifactId>authme</artifactId>
<version>5.7.0</version>
<scope>provided</scope>
</dependency>
</dependencies>
Metrics
Usage statistics: AuthMeReloaded on BStats.org
Licenses
This product includes and download automatically GeoLite data created by MaxMind, available from https://www.maxmind.com
Credits
Current AuthMe development team members: Our Team
Credits for old versions of authme go to d4rkwarriors, fabe1337 , Whoami and pomo4ka.
-
View User Profile
-
Send Message
Posted Oct 23, 2013In my server they can't change password too, they can see in chat " an internal error occured " do you know how to fix that.
Sorry for my english I'm french.
-
View User Profile
-
Send Message
Posted Oct 23, 2013authme 3.0.x if i got creative world, it dont save stat and allow player in creative going to survial world -_-
-
View User Profile
-
Send Message
Posted Oct 22, 2013Hello, instead of use SaveLocation, can I use the save location of Minecraft ?
Since AuthMe 3.0.3, when I join, I'm at the spawn (because I set teleportUnAuthedToSpawn: true), but when I login, I'm still at the spawn :/ It worked before. Now I have to set SaveQuitLocation to true but the Location saved isn't enough precised for me.
-
View User Profile
-
Send Message
Posted Oct 22, 2013any option to login in people automatically if they have the same ip so that when the accidentally disconnect they can connect again without login in again. or for example when they change from server inside a bungeecord server?
-
View User Profile
-
Send Message
Posted Oct 21, 2013could there be a configurable option to, when registering, only need to type the pass once and not need to confirm it? I don't mind the current one but the confirm pass sometimes creates confusion for other players
-
View User Profile
-
Send Message
Posted Oct 21, 2013@piritacraft
kk i will release soon , thanks for testing
Xephi
-
View User Profile
-
Send Message
Posted Oct 21, 2013@Xephi59
Work now.
-
View User Profile
-
Send Message
Posted Oct 21, 2013@piritacraft
Can you please try this ?
DevBuild These builds have not been approved by the BukkitDev staff. Use them at your own risk.
https://dl.dropboxusercontent.com/u/60299638/AuthMe-Reloaded/AuthMe-3.0.3-dev.jar
Xephi
-
View User Profile
-
Send Message
Posted Oct 21, 2013@Xephi59
My config: http://pastebin.com/72Gt7PYE
-
View User Profile
-
Send Message
Posted Oct 21, 2013@craftik7
@piritacraft
@NoHoPeLess
Can i have your config maybe please?
Xephi
-
View User Profile
-
Send Message
Posted Oct 21, 2013rofl users cant change the password... An internal error...
Please fix that
-
View User Profile
-
Send Message
Posted Oct 21, 2013version 3.0.3 command to change password "/authme changepassword nick pass" not working. Error log: http://pastebin.com/f6J9eFFq
-
View User Profile
-
Send Message
Posted Oct 21, 2013Internal Error occur on /changepassword :(
-
View User Profile
-
Send Message
Posted Oct 21, 2013IP tables and good firewalls are safe.
Please note I did not say MS firewall.
bungee will pass the proper IP address to subset servers.
You can still allow the sub-servers only allow connections to localhost if they are on the same machine or 127.0.0.1. That along with firewalls should be enough for anyones security. my point is 1 authme should be fine.
-
View User Profile
-
Send Message
Posted Oct 21, 2013@antichip
All my servers are on the same machine. However this going to change when OVH starts selling servers again. Currently I'm using option one but I didn't trust it completely so I've put Authme on all the servers just to be sure.
I want to listen my servers to only accept connections thought the HUB in the future. The problem is however that everyone will get ip 127.0.0.1. This makes banning people a problem since we're cracked and every name can join.
For now I think I've the solution for my problem by removing ban management from the lobby. I'll make sure the other servers will only be accessible thought this lobby so they do not need Authme. And I will remove sessions since you will only have to login once.
-
View User Profile
-
Send Message
Posted Oct 20, 2013@antichip
"As far as sessions across multi servers, how would one server know about the session from the other unless it is stored in the database?
And as far as sessions are concerned they really are not a good idea in my humble opinion, but that goes back to the whole security by nature being flawed."
session is calculate through plugin , with timestamp , the method is easy , on player quit , update the lasltlogin to the current time, on server join, compare stored time with current time and the relation with last/current IP, nothing else , the settings needed to be the same in each server is the session timeout settings :)
Xephi
-
View User Profile
-
Send Message
Posted Oct 20, 2013@iaXedu
ok couple questions and answers,
Do you have all servers on same internal network, or on same machine? If so use IP tables and or a firewall to block acess to all server ports except bunge
Do you have the individual servers set to only listen to the bungee IP, This is most helpful when servers are in different locations and firewalling is not an option. set the server configs only to listen to bungee IP.
In either event force bungee to hub server.
Both of these above options allows you to remove the auth plugin from all but the forced host "hub" server. As you know all servers by nature of bungee must be in offline mode, so it makes sense to restrict access to these only through bungee, as allowing anything else is promoting piracy
As far as sessions across multi servers, how would one server know about the session from the other unless it is stored in the database?
And as far as sessions are concerned they really are not a good idea in my humble opinion, but that goes back to the whole security by nature being flawed.
I hope I have provided a little help anyway.
-
View User Profile
-
Send Message
Posted Oct 20, 2013@iaXedu
try to pm the Ban Management author and ask from him to find a solution :/ AuthMe disallow the PlayerLoginEvent has HIGHEST priority , but if BanManagement change the final reason to allow , also the player can login without any ip check
If you use : sessionExpireOnIpChange: true Are you sure the IP do not change between all servers ? :)
Xephi
-
View User Profile
-
Send Message
Posted Oct 20, 2013@Xephi59
Any possible fix for it or do I have to deal with it :P
Also I've my server connected through Bungecoord and when some one logs in on the lobby he has to login again when joining another one. Is this normal? Sessions are enabled and ofc all servers are on one MySQL. Or does my ban management also screws this up. Anyways keep up the good work I appreciate it :D
-
View User Profile
-
Send Message
Posted Oct 20, 2013Fix 3.0.3
Changes 3.0.3:
Changes 3.0.2:
Really sorry for convenients
Xephi