-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow correct handling UUIDs on a mixed-mode server #31
Comments
I used to think UUID generated by offline servers are using md5("OfflinePlayer:<player name>") automatically. I will look into this case. I'm currently on vacation though :( |
I have just done some research regarding your situation, please confirm the following first:
There are some issue:
My current proposed solution will be incompatible with all currently owned signs for Mojang login users, as well as probably not able to support all "mixed-mode server" plugins. TBH I don't really think it will worth the effort, but pull requests are welcomed. |
Confirm: About issues: I don't know how does LockettePro store UUID or how it verify player's UUID because I'm sucked with Java programming. But if simply read from the Spigot does not work for you, I suggest you to try to generate the offline-UUID manually (through md5 as you said) and compare it again after LockettePro failed to verify the legit one in the first place. It is also a safe way to do because the chance of md5 collision is extremely low. Btw this feature should only be enabled at when In the case of "what if a mixed-mode server decided to use cracked UUID for its own legit players", idk man what's wrong with those servers. If they choose to stick with cracked UUIDs anyway then they should also expect and disallow players change their name as well. Please tell me if you have any thoughts. I will share my ideas as well. p.s. Just a reminder: you forgot to fix #30 in the last comments. |
I just came up with an idea, but I need to verify it first. For #30, sorry :( |
Sorry, but this idea will be longer considered. |
I have noticed that after setting
enable-uuid-support: true
, LockettePro can not let offline(cracked) players access to any chests/doors with their name correctly writen on signs. But It is no problem with premium players.So I'm guessing this is the problem with UUIDs handling inside of LockettePro (not detecting offline player's UUIDs for example). Could you please add support of "offline UUIDs" when
enable-uuid-support
is set totrue
? Our server is running on a kind of mixed-mode which allows both premium and offline players join the server. By using a plugin called "FastLogin" (https://www.spigotmc.org/resources/fastlogin.14153/), my offline(cracked) users can have their offline-uuid and all my premium can keep their online-UUIDs(UUIDs assigned by Mojang) allowing them to change names on Mojang.FastLogin is a great plugin. It is very useful when we decided to switch to online mode without losing all of the previous players we had. I believed that that are a lot of servers using this type of plugin as well. So please consider this feature.
A possible way to support such a feature is just to read the player UUIDs from the server. So LockettePro don's have to query the Mojang API every time when checking "who can open the chest". All you have to do is to get the player's UUID from bukkit/spigot directly then compare it to the storage.
Another way I could think of is to try to generate the offline UUID by name (https://gist.github.com/games647/2b6a00a8fc21fd3b88375f03c9e2e603). Then compare it with the player after he/she failed the premium-UUID check.
Thank you! And if you need any tests please ask me at any time. I can put you dev builds on my server for trial :)
The text was updated successfully, but these errors were encountered: