LoginSecurity
LoginSecurity
LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.
How does it work?
Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.
Features
- Register your account optional or required (change in config)
- 5 Useful commands to mangage your password
- Advanced administrative control
- Advanced documentation via wiki
- Secure password storage using BCrypt
- Secure sessions storing to improve user experience
- Customizable time-out
- Map captcha upon registration (user friendly)
- Conversion from AuthMe and xAuth (check wiki for more info)
- Premium support through AutoIn
- Automatic update with changelog overview
- Username filtering (length and characters)
- Highly detailed configuration
- Automatically updated translation manager (user-submitted)
- Prevents being kicked by orther players loging in with your name
Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)
Commands
/lac - Admin command, rmpass and reload
/register <password> - Set your password
/login <password> - Login with your password
/changepass <old> <new> - change your password
/logout - Logout
Permissions
- loginsecurity.admin - allows admin command
- loginsecurity.update - shows update notifications
Video
Thanks to ServerMiner for making this informative tutorial
Orther tutorials: German (by MineCraftler4Live)
Planned
- Add translation interface for easier language selection
- Suggestions?
Known Bugs
- Players can mount/dismount and ride on vehicles while not logged in
Disclaimer
By default, LoginSecurity will check for updates from bukkitdev every 3 hours.
This feature can be disabled by setting "update-checker" to "false"
Anyone with the permission node ls.admin will be notified of updates, and it also able to download them via /lac update.
Which again can be disabled by disabling the update-checker
This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:
- A unique identifier
- The server's version of Java
- Whether the server is in offline or online mode
- The plugin's version
- The server's version
- The OS version/name and architecture
- The core count for the CPU
- The number of players online
The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
Additionally, when the language setting is changed, information is retrieved from lang.lenis0012.com to aquire up to date translations.
Links
- v3.0.2 - Download (18 - 1.15)
- Source code (GitHub)
- https://github.com/lenis0012/LoginSecurity-2/wiki (Wiki)
- https://github.com/lenis0012/Translations/wiki/Contribute (Translation Contribution)
Donate
If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner
Comments
-
lenis0012 Owner
-
View User Profile
-
Send Message
Posted Jan 19, 2013Can you PLEASE fix the exploit where you can login as players and play with the factions commands?
-
View User Profile
-
Send Message
Posted Jan 16, 2013@foxhoundvenom
its a MySQL error,
doublecheck your data, if that does still not work.
disable MySQL.
-
View User Profile
-
Send Message
Posted Jan 16, 2013I tried both builds from the 9th and 13th of v1.6.9.1 and I get this error:
15:51:37 [INFO] [LoginSecurity] Enabling LoginSecurity v1.6.9.1 15:51:37 [INFO] [LoginSecurity] safety first ;) 15:51:37 [INFO] [LoginSecurity] Started MySQL driver. 15:51:37 [SEVERE] Error occurred while enabling LoginSecurity v1.6.9.1 (Is it up to date?) java.lang.NullPointerException at me.lenis0012.ls.LoginData.PurgeDatabase(LoginData.java:160) at me.lenis0012.ls.LoginData.start(LoginData.java:27) at me.lenis0012.ls.ls.onEnable(ls.java:73) at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:217) at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader .java:457) at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManage r.java:381) at org.bukkit.craftbukkit.v1_4_6.CraftServer.loadPlugin(CraftServer.java :282) at org.bukkit.craftbukkit.v1_4_6.CraftServer.enablePlugins(CraftServer.j ava:264) at net.minecraft.server.v1_4_6.MinecraftServer.j(MinecraftServer.java:32 1) at net.minecraft.server.v1_4_6.MinecraftServer.e(MinecraftServer.java:30 0) at net.minecraft.server.v1_4_6.MinecraftServer.a(MinecraftServer.java:25 9) at net.minecraft.server.v1_4_6.DedicatedServer.init(DedicatedServer.java :149) at net.minecraft.server.v1_4_6.MinecraftServer.run(MinecraftServer.java: 399) at net.minecraft.server.v1_4_6.ThreadServerApplication.run(SourceFile:84 9)
-
View User Profile
-
Send Message
Posted Jan 15, 2013@dh35367
yes in the dev build on jenkins it should be.
-
View User Profile
-
Send Message
Posted Jan 15, 2013add Email support and xAuth import?
-
View User Profile
-
Send Message
Posted Jan 15, 2013is it possible to change the the commands? /setpass <password> to /register <password>? /changepass <old> <new> to /changepassword <old> <new>?
-
View User Profile
-
Send Message
Posted Jan 15, 2013@LordDWT
Wich version is having those issues?
-
View User Profile
-
Send Message
Posted Jan 14, 2013@Teqskater
just use v1.6.9.1
it works on 1.4.5
-
View User Profile
-
Send Message
Posted Jan 14, 2013There are instances that you are still able to break blocks, or drop/destroy an item in inventory before player is logged in. Inventory should be blanked, no blocks able to be placed or destroyed, and no movement until logged in. Also should have some way to "/logout". Thanks for all your work into this and hope that I can see these suggestions added into the plugin so I could use this full time. Thank you.
-
View User Profile
-
Send Message
Posted Jan 14, 2013@lenis0012
I need a "dutch" one.
I did place mine in plugins/LoginSecurity/
with the correct name: Language.yml
Thanks for helping me :)
#Edit: I did upload my translation here: http://pastebin.com/cMsuW8fH
Can't get /lac command to work either. I says "unknow command"
#Edit 2: I think i got a resolution on the problem. It seems that craftbukkit 1.4.6-R0.3 has problems with yml files in general. The exact same language file works on craftbukkit 1.4.5-R1.0 (Recommended build).
#Edit 3: I also think i found a bug in the LoginSecurity for craftbukkit 1.4.5-R1.0. The /lac commands can be used by anybody. Admin or not. I think this because i have preventgrief and it doenst give me rights to do anything as i log in with a "Normal Player". I am not shure because i can't get the default permissions to work. Im to much of a noob.
-
View User Profile
-
Send Message
Posted Jan 14, 2013@Teqskater
WHat language so you want?
i still have a ton of working yml language fiels in my dropbox.
you need to add it to 'plugins/LoginSecurity/'
and the name needs to be: Language.yml
the kick messages dont get changed but the player messages do.
-
View User Profile
-
Send Message
Posted Jan 14, 2013Hello,
My setup:
---------------------------------------
Craftbukkit: 1.4.6-R0.3
LoginSecurity: LoginSecurity v1.6.9.1 for CB 1.4.6-R0.3 Jan 07, 2013
--Temporary removed plugin for error solving: GriefPrevention 7.2.1 for CB 1.4.6-R0.3 Jan 09, 2013
Situation:
----------------------------------------
I downloaded a default translation file here: http://dev.bukkit.org/server-mods/loginsecurity/pages/language-creating/
I modified it so that it is in dutch because i am.
Then i saved it and placed it in the correct folder.
But it stays in english. No matter what i do
I checked on the internet and learned about yaml and i understand that i you want to indent text you need to use 4 spaces instead of a tab. I configured notepadd++ to do so. But i think its not the problem in this case because there is no indentation in the file.
Strange thing is when i use minecrafts default permissions.yml file it doesnt seem to work too. It doesnt add my entered suffix to a username for example. But i don't realy know how to check ingame in wich group the user is placed.
Would you like to help me please?
Thanks in advance.
-
View User Profile
-
Send Message
Posted Jan 13, 2013@redside1000
try the latest dev build from jenkins
-
View User Profile
-
Send Message
Posted Jan 13, 2013Hey, i got this plugin, but people could still use faction commands before even logging in. Can anyone help me with this? (ex. /f create, /f kick etc.)
-
View User Profile
-
Send Message
Posted Jan 12, 2013@lenis0012
you are just awsome.
ps. now that you have me hyped when is 1.7 ^^
-
View User Profile
-
Send Message
Posted Jan 10, 2013@lenis0012
Thanks a lot !
-
View User Profile
-
Send Message
Posted Jan 9, 2013@goakiller900
I will do it for v1.7 :)
the default will be 3 (in case of brothers and sisters)
-
View User Profile
-
Send Message
Posted Jan 9, 2013Suggestion:
A limited amount of accounts per IP address lock
But able to give a Admin defined override.
why iam suggesting this is when you run a offline server somepeople make multiple accounts to abuse lets say sky block game-play to get free stuff with a 1 letter difference in name if you can lock the amount of accounts a IP address can make it will severely limit it for most idiots.
-
View User Profile
-
Send Message
Posted Jan 9, 2013players can still use factions commands before there logged in, please prevent this i need to stop this quickly
-
View User Profile
-
Send Message
Posted Jan 9, 2013@ric0o
NoCheatPlus and AntiCheat both kick flying people :)
but not when thy get tp'ed back by LoginSecurity