Added configuration to disable auto logins for 2Factor authentication

(Fixes #65)
2025-07-29 18:27:36 +02:00 · 2016-09-09 16:52:44 +02:00
parent 5022c9aa7b
commit 8e5da01be0
4 changed files with 25 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,12 +1,13 @@
 ######1.9

 * Added second attempt login -> cracked login
+* Add cracked whitelist (switch-mode -> switching to online-mode from offlinemode)
+* Added configuration to disable auto logins for 2Factor authentication
+* Add missing add-premium-other message
 * Fix ProtocolSupport autoRegister
 * Fix update username in FastLogin database after nameChange
 * Fix logging exceptions on encryption enabling
-* Add missing add-premium-other message
 * Fix compatibility with older ProtocolLib versions (for 1.7) because of the missing getMethodAcccessorOrNull method
-* Add cracked whitelist (switch-mode -> switching to online-mode from offlinemode)
 * Fix correct cracked permission for bukkit
 * A try to fix SQLite timestamp parsing

--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/tasks/ForceLoginTask.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/tasks/ForceLoginTask.java
@ -52,10 +52,14 @@ public class ForceLoginTask implements Runnable {
            } else {
                boolean success = false;
                if (isOnlineThreadSafe()) {
-                    if (session.needsRegistration()) {
-                        success = forceRegister(authPlugin, player);
+                    if (plugin.getConfig().getBoolean("autoLogin")) {
+                        if (session.needsRegistration()) {
+                            success = forceRegister(authPlugin, player);
+                        } else {
+                            success = forceLogin(authPlugin, player);
+                        }
                    } else {
-                        success = forceLogin(authPlugin, player);
+                        success = true;
                    }
                }

--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/tasks/ForceLoginTask.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/tasks/ForceLoginTask.java
@ -43,6 +43,14 @@ public class ForceLoginTask implements Runnable {
            if (pendingConnection.isOnlineMode()) {
                boolean autoRegister = session.needsRegistration();

+                //2fa authentication - no need to send bukkit force login notification and so we also don't need
+                // to wait for a response -> save immediatly
+                if (!plugin.getConfig().getBoolean("autoLogin")) {
+                    playerProfile.setPremium(true);
+                    plugin.getCore().getStorage().save(playerProfile);
+                    session.setAlreadySaved(true);
+                }
+
                BungeeAuthPlugin authPlugin = plugin.getBungeeAuthPlugin();
                if (authPlugin == null) {
                    //save will happen on success message from bukkit
--- a/core/src/main/resources/config.yml
+++ b/core/src/main/resources/config.yml
@ -144,6 +144,13 @@ ip-addresses: []
 # If you want to join the discussion visit this: https://github.com/games647/FastLogin/issues/27#issuecomment-226954350
 mojang-request-limit: 600

+# This disables the auto login from fastlogin. So a premium (like a paid account) authentication is requested, but
+# the player won't be auto logged into the account.
+#
+# This can be used as 2Factor authentication for better security of your accounts. A hacker then needs both passwords.
+# The password of your minecraft and the password to login in with your auth plugin
+autoLogin: true
+
 # Database configuration
 # Recommened is the use of MariaDB (a better version of MySQL)