diff --git a/bukkit/pom.xml b/bukkit/pom.xml index 71656153..a1221089 100644 --- a/bukkit/pom.xml +++ b/bukkit/pom.xml @@ -5,7 +5,7 @@ com.github.games647 fastlogin-parent - 0.4 + 0.5 ../pom.xml diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthMeHook.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthMeHook.java index 96c86a55..3fc43b82 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthMeHook.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthMeHook.java @@ -15,4 +15,13 @@ public class AuthMeHook implements AuthPlugin { //skips registration and login NewAPI.getInstance().forceLogin(player); } + + public boolean isRegistered(String playerName) { + return NewAPI.getInstance().isRegistered(playerName); + } + + @Override + public void forceRegister(Player player, String password) { + NewAPI.getInstance().forceRegister(player, password); + } } diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthPlugin.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthPlugin.java index 3398d530..0992105f 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthPlugin.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/AuthPlugin.java @@ -13,4 +13,32 @@ public interface AuthPlugin { * @param player the player that needs to be logged in */ void forceLogin(Player player); + + /** + * Checks whether an account exists for this player name. + * + * This check should check if a cracked player account exists + * so we can be sure the premium player doesn't steal the account + * of that player. + * + * @param playerName player name + * @return if the player has an account + */ + boolean isRegistered(String playerName); + + /** + * Forces a register in order to protect the paid account. + * + * The method will be called only for premium accounts. + * So it's recommended to set additionally premium property + * if possible. + * + * If we don't register an account, cracked players + * could steal the unregistered account from the paid + * player account + * + * @param player the premium account + * @param password a strong random generated password + */ + void forceRegister(Player player, String password); } diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/CrazyLoginHook.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/CrazyLoginHook.java index c5c2b1f9..db513e5c 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/CrazyLoginHook.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/CrazyLoginHook.java @@ -15,6 +15,23 @@ public class CrazyLoginHook implements AuthPlugin { @Override public void forceLogin(Player player) { CrazyLogin crazyLoginPlugin = CrazyLogin.getPlugin(); + + LoginPlayerData playerData = crazyLoginPlugin.getPlayerData(player.getName()); + if (playerData != null) { + //mark the account as logged in + playerData.setLoggedIn(true); + } + } + + @Override + public boolean isRegistered(String playerName) { + CrazyLogin crazyLoginPlugin = CrazyLogin.getPlugin(); + return crazyLoginPlugin.getPlayerData(playerName) != null; + } + + @Override + public void forceRegister(Player player, String password) { + CrazyLogin crazyLoginPlugin = CrazyLogin.getPlugin(); CrazyLoginDataDatabase crazyDatabase = crazyLoginPlugin.getCrazyDatabase(); LoginPlayerData playerData = crazyLoginPlugin.getPlayerData(player.getName()); @@ -24,9 +41,6 @@ public class CrazyLoginHook implements AuthPlugin { //this automatically marks the player as logged in playerData = new LoginPlayerData(player); crazyDatabase.save(playerData); - } else { - //mark the account as logged in - playerData.setLoggedIn(true); } } } diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/LoginSecurityHook.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/LoginSecurityHook.java index a0fbfd2d..9e939316 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/LoginSecurityHook.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/LoginSecurityHook.java @@ -1,6 +1,12 @@ package com.github.games647.fastlogin.bukkit.hooks; +import com.google.common.base.Charsets; import com.lenis0012.bukkit.ls.LoginSecurity; +import com.lenis0012.bukkit.ls.data.DataManager; + +import java.net.InetAddress; + +import java.util.UUID; import org.bukkit.entity.Player; @@ -27,4 +33,28 @@ public class LoginSecurityHook implements AuthPlugin { //remove effects and restore location securityPlugin.rehabPlayer(player, name); } + + @Override + public boolean isRegistered(String playerName) { + //https://github.com/lenis0012/LoginSecurity-2/blob/master/src/main/java/com/lenis0012/bukkit/ls/LoginSecurity.java#L296 + LoginSecurity securityPlugin = LoginSecurity.instance; + DataManager dataManager = securityPlugin.data; + + //https://github.com/lenis0012/LoginSecurity-2/blob/master/src/main/java/com/lenis0012/bukkit/ls/LoginSecurity.java#L283 + UUID offlineUuid = UUID.nameUUIDFromBytes(playerName.getBytes(Charsets.UTF_8)); + return dataManager.isRegistered(offlineUuid.toString().replace("-", "")); + //check for sessions in order to prevent a sql query? + //sesUse && thread.getSession().containsKey(uuid) && checkLastIp(player)) { + } + + @Override + public void forceRegister(Player player, String password) { + LoginSecurity securityPlugin = LoginSecurity.instance; + DataManager dataManager = securityPlugin.data; + + UUID playerUUID = player.getUniqueId(); + String uuidString = playerUUID.toString().replace("-", ""); + InetAddress ipAddress = player.getAddress().getAddress(); + dataManager.register(uuidString, password, securityPlugin.hasher.getTypeId(), ipAddress.toString()); + } } diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/xAuthHook.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/xAuthHook.java index 36ab0dc2..bf16afbd 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/xAuthHook.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hooks/xAuthHook.java @@ -18,11 +18,33 @@ public class xAuthHook implements AuthPlugin { xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(player); if (xAuthPlayer != null) { xAuthPlugin.getPlayerManager().doLogin(xAuthPlayer); + + //we checked that the player is premium (paid account) + xAuthPlayer.setPremium(true); + } + } + + @Override + public boolean isRegistered(String playerName) { + xAuth xAuthPlugin = xAuth.getPlugin(); + //this will load the player if it's not in the cache + xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(playerName); + return xAuthPlayer != null && xAuthPlayer.isRegistered(); + } + + @Override + public void forceRegister(Player player, String password) { + xAuth xAuthPlugin = xAuth.getPlugin(); + + xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(player); + if (xAuthPlayer != null) { + xAuthPlugin.getAuthClass(xAuthPlayer).adminRegister(player.getName(), password, null); + //we checked that the player is premium (paid account) xAuthPlayer.setPremium(true); - //mark the player online - xAuthPlugin.getAuthClass(xAuthPlayer).online(xAuthPlayer.getName()); + //unprotect the inventory, op status... + xAuthPlugin.getPlayerManager().doLogin(xAuthPlayer); } } }