Advertisement
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Type a password on chat auth

Comments in 'Plugin Development' started by icsmoke, Jan 30, 2015.

  1. icsmoke
    Offline

    icsmoke New Member

    Joined:
    Jan 29, 2015
    Posts:
    13
    Minecraft User:
    icsmoke
    hello :) this is my new post :D
    how to login without '/login' but just type a password on chat, such in legion or lbsg :D
    must i edit simple auth plugin? how? or this is use another plugin but like a simple auth?

    thank you for viewing or reply xD
  2. PEMapModder
    Offline

    PEMapModder Notable Member Plugin Developer

    Joined:
    Oct 9, 2013
    Posts:
    7,325
    Plugins:
    11
    Minecraft User:
    PEMapModder
    The LegionPE plugin listens to the PlayerCommandPreprocessEvent directly.

    First when a player logins (PlayerLoginEvent) his data are preloaded. Then when he joins (PlayerJoinEvent), the plugin checks:
    - if the player is registered, the plugin will attempt to IP auth him. On success the player enters a session state called SESSION_GAME_HUB, and call subsequent initialize calls. If IP doesn't match, the player will be asked to type password into chat. He enters a session state called SESSION_LOGIN_MIN.
    If he is not registered, he enters a session state called SESSION_REG_1.

    The plugin handles the PlayerCommandPreprocessEvent. If the player is logged in, plugin tries to stop player from sending password into chat. If player is registering, the plugin will save his password (in hashed form, or sensitive data may be leaked in memory dumps) in memory and enters the SESSION_REG_2. If he is typing the second time, the plugin checks if the password hashes are equal, and if true, let the player enter the session state SESSION_REG_IP. If he is in the IP auth yes/no step, the plugin checks if it is yes or no, if it is neither the player will be required to retry, otherwise the plugin saves the auth data (in hashed form, again) and lets the player enter the SESSION_GAME_HUB and call subsequent initialize calls. If player is logging in, plugin checks if the password hash is same as the password, let the player enter the SESSION_GAME_HUB session state and call subsequent initialize calls if matches, increment session if failure, and if failure for more than 5 times close the session.

    Also, here LegionPE guarantees that the plugin encrypts player-input passwords as soon as possible so as to protect your data from even careless peeps by our staffs :)
    Falk likes this.
  3. iJoshuaHD
    Offline

    iJoshuaHD Notable Member Plugin Developer

    Joined:
    Nov 7, 2013
    Posts:
    1,201
    Plugins:
    4
    Minecraft User:
    iJoshuaHD
    i handled things with PlayerChatEvent and PlayerCommandPreprocessEvent.
  4. PEMapModder
    Offline

    PEMapModder Notable Member Plugin Developer

    Joined:
    Oct 9, 2013
    Posts:
    7,325
    Plugins:
    11
    Minecraft User:
    PEMapModder
    PlayerChatEvent feels insecure for me.

    This post was edited. I meant PlayerChatEvent not PlayerCommandPreprocessEvent.
  5. iJoshuaHD
    Offline

    iJoshuaHD Notable Member Plugin Developer

    Joined:
    Nov 7, 2013
    Posts:
    1,201
    Plugins:
    4
    Minecraft User:
    iJoshuaHD
    just cancel the event if its not authenticated and set the priority to the highest \o/
  6. PEMapModder
    Offline

    PEMapModder Notable Member Plugin Developer

    Joined:
    Oct 9, 2013
    Posts:
    7,325
    Plugins:
    11
    Minecraft User:
    PEMapModder
    Well, then you can't prevent other plugins from reading it :p although we have none xD
  7. iJoshuaHD
    Offline

    iJoshuaHD Notable Member Plugin Developer

    Joined:
    Nov 7, 2013
    Posts:
    1,201
    Plugins:
    4
    Minecraft User:
    iJoshuaHD
    same :p

Share This Page

Advertisement