You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I turned on the option to register online players automatically, however one particular player keeps getting the message that is normally sent after you type /premium command.
His nickname doesn't appear in the database, I tried /forcechangepassword him, nothing helps
Here's the config:
version: "1.1.12"
# Available serializers:
# LEGACY_AMPERSAND - "&c&lExample &c&9Text".
# LEGACY_SECTION - "§c§lExample §c§9Text".
# MINIMESSAGE - "<bold><red>Example</red> <blue>Text</blue></bold>". (https://webui.adventure.kyori.net/)
# GSON - "[{"text":"Example","bold":true,"color":"red"},{"text":" ","bold":true},{"text":"Text","bold":true,"color":"blue"}]". (https://minecraft.tools/en/json_text.php/)
# GSON_COLOR_DOWNSAMPLING - Same as GSON, but uses downsampling.
serializer: LEGACY_AMPERSAND
prefix: ""
# Don't use \n, use {NL} for new line, and {PRFX} for prefix.
main:
# Maximum time for player to authenticate in milliseconds. If the player stays on the auth limbo for longer than this time, then the player will be kicked.
auth-time: 60000
enable-bossbar: false
# Available colors: PINK, BLUE, RED, GREEN, YELLOW, PURPLE, WHITE
bossbar-color: RED
# Available overlays: PROGRESS, NOTCHED_6, NOTCHED_10, NOTCHED_12, NOTCHED_20
bossbar-overlay: NOTCHED_20
min-password-length: 4
# Max password length for the BCrypt hashing algorithm, which is used in this plugin, can't be higher than 71. You can set a lower value than 71.
max-password-length: 71
check-password-strength: true
unsafe-passwords-file: "unsafe_passwords.txt"
# Players with premium nicknames should register/auth if this option is enabled
# Players with premium nicknames must login with a premium Minecraft account if this option is disabled
online-mode-need-auth: false
# Needs floodgate plugin if disabled.
floodgate-need-auth: false
# TOTALLY disables hybrid auth feature
force-offline-mode: false
# Forces all players to get offline uuid
force-offline-uuid: false
# If enabled, the plugin will firstly check whether the player is premium through the local database, and secondly through Mojang API.
check-premium-priority-internal: true
# Delay in milliseconds before sending auth-confirming titles and messages to the player. (login-premium-title, login-floodgate, etc.)
premium-and-floodgate-messages-delay: 1250
# Forcibly set player's UUID to the value from the database
# If the player had the cracked account, and switched to the premium account, the cracked UUID will be used.
save-uuid: false
# Saves in the database the accounts of premium users whose login is via online-mode-need-auth: false
# Can be disabled to reduce the size of stored data in the database
save-premium-accounts: true
enable-totp: true
totp-need-password: true
register-need-repeat-password: true
change-password-need-old-password: true
# Used in unregister and premium commands.
confirm-keyword: "confirm"
# This prefix will be added to offline mode players nickname
offline-mode-prefix: ""
# This prefix will be added to online mode players nickname
online-mode-prefix: ""
# If you want to migrate your database from another plugin, which is not using BCrypt.
# You can set an old hash algorithm to migrate from.
# AUTHME - AuthMe SHA256(SHA256(password) + salt) that looks like $SHA$salt$hash (AuthMe, MoonVKAuth, DSKAuth, DBA)
# AUTHME_NP - AuthMe SHA256(SHA256(password) + salt) that looks like SHA$salt$hash (JPremium)
# SHA256_NP - SHA256(password) that looks like SHA$salt$hash
# SHA256_P - SHA256(password) that looks like $SHA$salt$hash
# SHA512_NP - SHA512(password) that looks like SHA$salt$hash
# SHA512_P - SHA512(password) that looks like $SHA$salt$hash
# SHA512_DBA - DBA plugin SHA512(SHA512(password) + salt) that looks like SHA$salt$hash (DBA, JPremium)
# MD5 - Basic md5 hash
# ARGON2 - Argon2 hash that looks like $argon2i$v=1234$m=1234,t=1234,p=1234$hash
# MOON_SHA256 - Moon SHA256(SHA256(password)) that looks like $SHA$hash (no salt)
# SHA256_NO_SALT - SHA256(password) that looks like $SHA$hash (NexAuth)
# SHA512_NO_SALT - SHA512(password) that looks like $SHA$hash (NexAuth)
# SHA512_P_REVERSED_HASH - SHA512(password) that looks like $SHA$hash$salt (nLogin)
# SHA512_NLOGIN - SHA512(SHA512(password) + salt) that looks like $SHA$hash$salt (nLogin)
migration-hash: AUTHME
# Available dimensions: OVERWORLD, NETHER, THE_END
dimension: THE_END
purge-cache-millis: 3600000
purge-premium-cache-millis: 28800000
purge-bruteforce-cache-millis: 28800000
# Used to ban IPs when a possible attacker incorrectly enters the password
bruteforce-max-attempts: 10
# QR Generator URL, set {data} placeholder
qr-generator-url: "https://api.qrserver.com/v1/create-qr-code/?data={data}&size=200x200&ecc=M&margin=30"
totp-issuer: "LimboAuth by Elytrium"
bcrypt-cost: 10
login-attempts: 3
ip-limit-registrations: 3
totp-recovery-codes-amount: 16
# Time in milliseconds, when ip limit works, set to 0 for disable.
ip-limit-valid-time: 21600000
# Regex of allowed nicknames
# ^ means the start of the line, $ means the end of the line
# [A-Za-z0-9_] is a character set of A-Z, a-z, 0-9 and _
# {3,16} means that allowed length is from 3 to 16 chars
allowed-nickname-regex: "^[A-Za-z0-9_]{3,16}$"
load-world: false
# World file type:
# SCHEMATIC (MCEdit .schematic, 1.12.2 and lower, not recommended)
# STRUCTURE (structure block .nbt, any Minecraft version is supported, but the latest one is recommended).
# WORLDEDIT_SCHEM (WorldEdit .schem, any Minecraft version is supported, but the latest one is recommended).
world-file-type: STRUCTURE
world-file-path: "world.nbt"
disable-falling: true
# World time in ticks (24000 ticks == 1 in-game day)
world-ticks: 1000
# World light level (from 0 to 15)
world-light-level: 15
# Available: ADVENTURE, CREATIVE, SURVIVAL, SPECTATOR
game-mode: ADVENTURE
# Custom isPremium URL
# You can use Mojang one's API (set by default)
# Or CloudFlare one's: https://api.ashcon.app/mojang/v2/user/%s
# Or use this code to make your own API: https://blog.cloudflare.com/minecraft-api-with-workers-coffeescript/
# Or implement your own API, it should just respond with HTTP code 200 (see parameters below) only if the player is premium
ispremium-auth-url: "https://api.mojang.com/users/profiles/minecraft/%s"
# Status codes (see the comment above)
# Responses with unlisted status codes will be identified as responses with a server error
# Set 200 if you use using Mojang or CloudFlare API
status-code-user-exists:
- 200
# Set 204 and 404 if you use Mojang API, 404 if you use CloudFlare API
status-code-user-not-exists:
- 204
- 404
# Set 429 if you use Mojang or CloudFlare API
status-code-rate-limit:
- 429
# Sample Mojang API exists response: {"name":"hevav","id":"9c7024b2a48746b3b3934f397ae5d70f"}
# Sample CloudFlare API exists response: {"uuid":"9c7024b2a48746b3b3934f397ae5d70f","username":"hevav", ...}
#
# Sample Mojang API not exists response (sometimes can be empty): {"path":"/users/profiles/minecraft/someletters1234566","errorMessage":"Couldn't find any profile with that name"}
# Sample CloudFlare API not exists response: {"code":404,"error":"Not Found","reason":"No user with the name 'someletters123456' was found"}
#
# Responses with an invalid scheme will be identified as responses with a server error
# Set this parameter to [], to disable JSON scheme validation
user-exists-json-validator-fields:
- "name"
- "id"
json-uuid-field: "id"
user-not-exists-json-validator-fields: []
# If Mojang rate-limits your server, we cannot determine if the player is premium or not
# This option allows you to choose whether every player will be defined as premium or as cracked while Mojang is rate-limiting the server
# True - as premium; False - as cracked
on-rate-limit-premium: true
# If Mojang API is down, we cannot determine if the player is premium or not
# This option allows you to choose whether every player will be defined as premium or as cracked while Mojang API is unavailable
# True - as premium; False - as cracked
on-server-error-premium: true
register-command:
- "/r"
- "/reg"
- "/register"
login-command:
- "/l"
- "/log"
- "/login"
totp-command:
- "/2fa"
- "/totp"
# New players will be kicked with registrations-disabled-kick message
disable-registrations: false
# Implement the automatic login using the plugin, the LimboAuth client mod and optionally using a custom launcher
# See https://github.com/Elytrium/LimboAuth-ClientMod
mod:
enabled: true
# Should the plugin forbid logging in without a mod
login-only-by-mod: false
# The key must be the same in the plugin config and in the server hash issuer, if you use it
verify-key: "KhCOlrKyjgWnA1GCqtna0m5x"
world-coords:
x: 0
y: 0
z: 0
auth-coords:
x: 0.0
y: 0.0
z: 0.0
yaw: 0.0
pitch: 0.0
cracked-title-settings:
fade-in: 10
stay: 70
fade-out: 20
clear-after-login: false
premium-title-settings:
fade-in: 10
stay: 70
fade-out: 20
# Available values: FALSE, TRUE, PERMISSION
# FALSE - the command will be disallowed
# TRUE - the command will be allowed if player has false permission state
# PERMISSION - the command will be allowed if player has true permission state
command-permission-state:
# Permission: limboauth.commands.changepassword
change-password: PERMISSION
# Permission: limboauth.commands.destroysession
destroy-session: PERMISSION
# Permission: limboauth.commands.premium
premium: PERMISSION
# Permission: limboauth.commands.totp
totp: PERMISSION
# Permission: limboauth.commands.unregister
unregister: PERMISSION
# Permission: limboauth.admin.forcechangepassword
force-change-password: PERMISSION
# Permission: limboauth.admin.forceregister
force-register: PERMISSION
# Permission: limboauth.admin.forceunregister
force-unregister: PERMISSION
# Permission: limboauth.admin.reload
reload: PERMISSION
# Permission: limboauth.admin.help
help: TRUE
strings:
reload: "{PRFX} &aReloaded successfully!"
error-occurred: "{PRFX} &cAn internal error has occurred!"
database-error-kick: "{PRFX} &cA database error has occurred!"
not-player: "{PRFX} &cСonsole is not allowed to execute this command!"
not-registered: "{PRFX} &cТы не зарегистрирован или твой аккаунт не премиум!"
cracked-command: "{PRFX}{NL}&aYou can not use this command since your account is &6PREMIUM&a!"
wrong-password: "{PRFX} &cПароль неверный!"
nickname-invalid-kick: "{PRFX}В твоем нике есть запрещенные символы или он длиннее 15 символов, используй другой!"
reconnect-kick: "{PRFX}Премиум установлен, перезайди на сервер!"
# 6 hours by default in ip-limit-valid-time
ip-limit-kick: "{PRFX}{NL}{NL}&cYour IP has reached max registered accounts. If this is an error, restart your router, or wait about 6 hours."
wrong-nickname-case-kick: "{PRFX}{NL}&cYou should join using username &6{0}&c, not &6{1}&c."
bossbar: "{PRFX} You have &6{0} &fseconds left to log in."
times-up: "{PRFX}{NL}&cВремя на авторизацию истекло"
login-premium: "" # Can be empty.
login-premium-title: "" # Can be empty.
login-premium-subtitle: "" # Can be empty.
login-floodgate: "" # Can be empty.
login-floodgate-title: "" # Can be empty.
login-floodgate-subtitle: "" # Can be empty.
login: "{PRFX} Напиши &6/login <пароль>&a, чтобы зайти на сервер"
login-wrong-password: "{PRFX} &cПароль неверный, осталось &6{0} &cпопыток"
login-wrong-password-kick: "{PRFX}Пароль неверный!"
login-successful: "{PRFX} &aЛогин успешен!"
login-title: "Напиши &6/login <пароль>&a, чтобы зайти на сервер" # Can be empty.
login-subtitle: "" # Can be empty.
login-successful-title: "" # Can be empty.
login-successful-subtitle: "" # Can be empty.
# Or if register-need-repeat-password set to false remove the "<repeat password>" part.
register: "{PRFX} Пожалуйста, зарегистрируйся используя команду &6/register <пароль> <повтор пароля>"
register-different-passwords: "{PRFX} &cПароли различаются!"
register-password-too-short: "{PRFX} &cПароль слишком короткий!"
register-password-too-long: "{PRFX} &cПароль слишком длинный!"
register-password-unsafe: "{PRFX} &cПароль небезопасен, используй другой"
register-successful: "{PRFX} &aТы успешно зарегистрирован"
register-title: "" # Can be empty.
register-subtitle: "" # Can be empty.
register-successful-title: "{PRFX}" # Can be empty.
register-successful-subtitle: "&aТы успешно зарегистрирован" # Can be empty.
unregister-successful: "{PRFX}{NL}&aУспешно отменена регистрация!"
unregister-usage: "{PRFX} Usage: &6/unregister <current password> confirm"
premium-successful: "{PRFX}{NL}&aSuccessfully changed account state to &6PREMIUM&a!"
already-premium: "{PRFX} &cYour account is already &6PREMIUM&c!"
not-premium: "{PRFX} &cYour account is not &6PREMIUM&c!"
premium-usage: "{PRFX} Usage: &6/premium <current password> confirm"
event-cancelled: "{PRFX} Authorization event was cancelled"
force-unregister-successful: "{PRFX} &6{0} &asuccessfully unregistered!"
force-unregister-kick: "{PRFX}{NL}&aYou have been unregistered by administrator!"
force-unregister-not-successful: "{PRFX} &cUnable to unregister &6{0}&c. Most likely this player has never been on this server."
force-unregister-usage: "{PRFX} Usage: &6/forceunregister <nickname>"
registrations-disabled-kick: "{PRFX} Registrations are currently disabled."
change-password-successful: "{PRFX} &aSuccessfully changed password!"
# Or if change-password-need-old-pass set to false remove the "<old password>" part.
change-password-usage: "{PRFX} Usage: &6/changepassword <old password> <new password>"
force-change-password-successful: "{PRFX} &aSuccessfully changed password for player &6{0}&a!"
force-change-password-message: "{PRFX} &aYour password has been changed to &6{0} &aby administator!"
force-change-password-not-successful: "{PRFX} &cUnable to change password for &6{0}&c. Most likely this player has never been on this server."
force-change-password-usage: "{PRFX} Usage: &6/forcechangepassword <nickname> <new password>"
force-register-usage: "{PRFX} Usage: &6/forceregister <nickname> <password>"
force-register-incorrect-nickname: "{PRFX} &cNickname contains forbidden characters."
force-register-taken-nickname: "{PRFX} &cThis nickname is already taken."
force-register-successful: "{PRFX} &aSuccessfully registered player &6{0}&a!"
force-register-not-successful: "{PRFX} &cUnable to register player &6{0}&c."
totp: "{PRFX} Please, enter your 2FA key using &6/2fa <key>"
totp-title: "{PRFX}" # Can be empty.
totp-subtitle: "&aEnter your 2FA key using &6/2fa <key>" # Can be empty.
totp-successful: "{PRFX} &aSuccessfully enabled 2FA!"
totp-disabled: "{PRFX} &aSuccessfully disabled 2FA!"
# Or if totp-need-pass set to false remove the "<current password>" part.
totp-usage: "{PRFX} Usage: &6/2fa enable <current password>&f or &6/2fa disable <totp key>&f."
totp-wrong: "{PRFX} &cWrong 2FA key!"
totp-already-enabled: "{PRFX} &c2FA is already enabled. Disable it using &6/2fa disable <key>&c."
totp-qr: "{PRFX} Click here to open 2FA QR code in browser."
totp-token: "{PRFX} &aYour 2FA token &7(Click to copy)&a: &6{0}"
totp-recovery: "{PRFX} &aYour recovery codes &7(Click to copy)&a: &6{0}"
destroy-session-successful: "{PRFX} &eYour session is now destroyed, you'll need to log in again after reconnecting."
mod-session-expired: "{PRFX} Your session has expired, log in again."
# Database settings
database:
# Database type: mysql, postgresql, sqlite or h2.
storage-type: MYSQL
# Settings for Network-based database (like MySQL, PostgreSQL):
hostname: "127.0.0.1:3306"
user: "root"
password: ""
database: "limboauth"
connection-parameters: "?autoReconnect=true&initialTimeout=1&useSSL=false"
The text was updated successfully, but these errors were encountered:
I turned on the option to register online players automatically, however one particular player keeps getting the message that is normally sent after you type /premium command.
![image](https://private-user-images.githubusercontent.com/124439290/246843495-569a1ff7-8c40-4de0-9064-2be4d9da3b63.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTkzNzA2MDksIm5iZiI6MTcxOTM3MDMwOSwicGF0aCI6Ii8xMjQ0MzkyOTAvMjQ2ODQzNDk1LTU2OWExZmY3LThjNDAtNGRlMC05MDY0LTJiZTRkOWRhM2I2My5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNjI2JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDYyNlQwMjUxNDlaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT00NDA5ZmI3YTk4YTViNGI5YmVmMmYzM2Q0YTQ2YWY5ODQ5NzVjNWY2OGVlMWJhYTNlNWMxMzNkOWJiYWE1M2VlJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.MLCg9alQVdyst1Z98PMUpEua8i5yR_mInFc1iquX2CI)
His nickname doesn't appear in the database, I tried /forcechangepassword him, nothing helps
Here's the config:
The text was updated successfully, but these errors were encountered: