TO UPDATE AN EXISTING MySQL DATABASE PLEASE RUN THE FOLLOWING QUERIES. FOR THE CAUTIOUS, STOP YOUR SERVER AND BACKUP THE DATABASE FIRST:
ALTER TABLE simpleauth.simpleauth_players ADD ip VARCHAR(50);ALTER TABLE simpleauth.simpleauth_players ADD cid BIGINT;ALTER TABLE simpleauth.simpleauth_players ADD skinhash VARCHAR(60);ALTER TABLE simpleauth.simpleauth_players ADD pin INT;
TO UPDATE AN EXISTING SQLITE DATABASE:
ALTER TABLE simpleauth.simpleauth_players ADD ip TEXT;ALTER TABLE simpleauth.simpleauth_players ADD cid INTEGER;ALTER TABLE simpleauth.simpleauth_players ADD skinhash TEXT;ALTER TABLE simpleauth.simpleauth_players ADD pin INTEGER;
Plugin for PocketMine-MP that prevents people from impersonating an account, requiring registration and login when connecting.
SimpleAuth plugin for PocketMine-MP
Copyright (C) 2014 PocketMine Team <https://github.com/PocketMine/SimpleAuth>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
This version of SimpleAuth adds automatic hack detection/protection to SimpleAuth.
When users register (or log in the first time after install or upgrade) they will be given a 4 digit PIN code.
If any player tries to login to an account with 2 or more changes to the previously recorded IP, CID or SKIN, then they will
need to login with /login <password> <PIN>, for example, /login dadada 1234. They will then receive a new PIN.
If a user only changes IP, SKIN or CID the PIN is not required, and the players security info is updated for the new IP/CID/SKIN (not the PIN).
If a player forgets their PIN, and cannot login because they joined with a new SKIN + IP, SKIN + CID, IP + CID or SKIN + CID
their security info can be reset on CONSOLE with login <player>. They will then get a new PIN code next time they login.
Players logging in normally will see a reminder on their PIN code.
Players can change their pin code by typing /login when already logged in.
Warnings are displayed on Console when players try to join with >= 2 changes to the security info (IP, CID, SKIN).
SimpleAuth2 is compatible with SimpleAuthHelper, and works with any provider: MySQL (tested), YAML (tested) and SQLITE (untested)
/login <password>/login <password> <PIN>(If 2 changes detected for a players IP, SKIN or CID since last login)/register <password>/unregister <password>(TODO)- For OPs:
/simpleauth <command: help|unregister> [parameters...](TODO) - For Console:
/login <player>to reset hack detection data for a player - For Players:
/loginwhen logged in to get a new PIN code
You can modify the SimpleAuth/config.yml file on the plugins directory once the plugin has been run at least once.
| Configuration | Type | Default | Description |
|---|---|---|---|
| timeout | integer | 60 | Unauthenticated players will be kicked after this period of time. Set it to 0 to disable. (TODO) |
| forceSingleSession | boolean | true | New players won't kick an authenticated player if using the same name. |
| minPasswordLength | integer | 6 | Minimum length of the register password. |
| blockAfterFail | integer | 6 | Block clients after several failed attempts |
| authenticateByLastUniqueId | boolean | false | Enables authentication by last unique id. |
| dataProvider | string | yaml | Selects the provider to get the data from (yaml, sqlite3, mysql, none) |
| dataProviderSettings | array | Sets the settings for the chosen dataProvider | |
| disableRegister | boolean | false | Will set all the permissions for simleauth.command.register to false |
| disableLogin | boolean | false | Will set all the permissions for simleauth.command.login to false |
You can modify the SimpleAuth/antihack.yml file on the plugins directory once the plugin has been run at least once.
| Configuration | Type | Default | Description |
|---|---|---|---|
| enabled | boolean | true | Enable AntiHack features |
| protectsuperadmins | boolean | true | Enable LOGIN protection ONLY for PurePerms SuperAdmin ranks (and OP if enabled) |
| protectops | boolean | true | Enable LOGIN protection for OPs |
| threat | integer | 2 | How many out of IP, CID and SKIN must be the same to allow unchecked login |
| Permission | Default | Description |
|---|---|---|
| simpleauth.chat | false | Allows using the chat while not being authenticated |
| simpleauth.move | false | Allows moving while not being authenticated |
| simpleauth.lastip | true | Allows authenticating using the lastIP when enabled in the config |
| simpleauth.command.register | true | Allows registering an account |
| simpleauth.command.login | true | Allows logging into an account |
- SimpleAuth\event\PlayerAuthenticateEvent
- SimpleAuth\event\PlayerDeauthenticateEvent
- SimpleAuth\event\PlayerRegisterEvent
- SimpleAuth\event\PlayerUnregisterEvent
All methods are available through the main plugin object
- bool isPlayerAuthenticated(pocketmine\Player $player)
- bool isPlayerRegistered(pocketmine\IPlayer $player
- bool authenticatePlayer(pocketmine\Player $player)
- bool deauthenticatePlayer(pocketmine\Player $player)
- bool registerPlayer(pocketmine\IPlayer $player, $password)
- bool unregisterPlayer(pocketmine\IPlayer $player)
- void setDataProvider(SimpleAuth\provider\DataProvider $provider)
- SimpleAuth\provider\DataProvider getDataProvider(void)
You can register an instantiated object that implements SimpleAuth\provider\DataProvider to the plugin using the setDataProvider() method