Add debug code

Acquire save lock before getting a SQL connection
Increase leak detection threshold
2025-12-23 15:18:09 +01:00 · 2023-04-12 09:53:04 +02:00 · 2023-04-12 09:27:26 +02:00 · 2023-04-12 09:08:30 +02:00 · 2023-04-12 09:04:31 +02:00 · 2023-04-11 17:38:57 +02:00
156 changed files with 13544 additions and 1092 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -0,0 +1,67 @@
+name: 🐞 Bug Report
+description: Something isn't working, broken, not expected behavior
+labels: [ bug ]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        This ticket is about bugs, so broken, not expected behavior. Feedback about this form is appreciated.
+  - type: textarea
+    attributes:
+      label: What happened?
+      description: What behavior is observed?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: What did you expect?
+      description: What behavior is expected?
+  - type: textarea
+    attributes:
+      label: Steps to reproduce
+      description: The actions that cause the issues. Please explain it in detail.
+  - type: input
+    attributes:
+      label: Plugin list
+      description: This can be found by running `/pl`
+      placeholder: AuthMe, ProtocolLib, ...
+  - type: input
+    attributes:
+      label: Configuration file
+      description: |
+        Link to the contents of your config.yml file.
+        You can use [GitHub](https://gist.github.com/), [Hastebin](https://hastebin.com) or similar for that.
+      placeholder: https://gist.github.com/games647/88c4439e1cd7810f21318b1b24a04ee0
+  - type: textarea
+    attributes:
+      label: Server log
+      description: The error, stacktrace or link the complete log. You can use the links above for long versions.
+      placeholder: https://hastebin.com/ / https://gist.github.com/
+  - type: input
+    attributes:
+      label: Plugin version
+      description: Plugin version or build number. This can be found by running `/version plugin-name`
+      placeholder: v3.1-SNAPSHOT-570b321
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Platform
+      description: Server software - choose your proxy software if you have multiple servers
+      options:
+        - Spigot
+        - BungeeCord
+        - Velocity
+    validations:
+      required: true
+  - type: checkboxes
+    attributes:
+      label: Relevance
+      description: Check list for previous tickets
+      options:
+        - label: I tried the latest build (build refers to development builds not necessary a release version)
+          required: true
+        - label: |
+            I checked for existing tickets -
+            If there are, please vote them with a thumps reaction and not create new ones
+          required: true
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,12 @@
+# General configuration for issue templates
+
+# Allow issues without a template
+#blank_issues_enabled: false
+
+# Extra section on creating issues to redirect to another site
+contact_links:
+  - name: 📌 Questions
+    url: https://github.com/games647/FastLogin/discussions
+    about:
+      You want to ask something - general questions. Example includes how to set it up or how it is working internally
+
--- a/.github/ISSUE_TEMPLATE/enhancement_request.md
+++ b/.github/ISSUE_TEMPLATE/enhancement_request.md
@@ -0,0 +1,30 @@
+---
+name: 💡 Enhancement request
+about: New feature or change request
+title: ''
+labels: 'enhancement'
+assignees: ''
+
+---
+
+[//]: # (Lines in this format are considered as comments and will not be displayed.)
+
+[//]: # (Before reporting make sure you're running the **latest build** of the plugin and checked for existing issues!)
+
+[//]: # (This ticket is about suggestions for a feature or particular enhancement)
+
+### Is your feature request related to a problem? Please describe.
+
+[//]: # (A clear and concise description of what the problem is. Ex. I'm always frustrated when [...])
+
+### Describe the solution you'd like
+
+[//]: # (A clear and concise description of what you want to happen.)
+
+### Describe alternatives you've considered
+
+[//]: # (A clear and concise description of any alternative solutions or features you've considered.)
+
+### Additional context
+
+[//]: # (Add any other context or screenshots about the feature request here.)
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+version: 2
+
+updates:
+  # Updates for workflow files
+  - package-ecosystem: "github-actions"
+    # Workflow files stored in the
+    # default location of `.github/workflows`
+    directory: "/"
+    schedule:
+      interval: "monthly"
+
+  # Maven project
+  - package-ecosystem: maven
+    directory: "/"
+    schedule:
+      interval: weekly
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -0,0 +1,11 @@
+[//]: # (Lines in this format are considered as comments and will not be displayed.)
+
+[//]: # (If your work is in progress, please consider making a draft pull request.)
+
+### Summary of your change
+
+[//]: # (Example: motivation, enhancement)
+
+### Related issue
+
+[//]: # (Reference it using '#NUMBER'. Ex: Fixes/Related #...)
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,60 @@
+# GitHub automatic code security scanning using CodeQL
+
+# Human-readable name in the actions tab
+name: "CodeQL"
+
+on:
+  # Scan only for push on the primary branch for now
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  # job i
+  analyze:
+
+    # Display name
+    name: Analyze
+
+    # Environment
+    runs-on: ubuntu-latest
+
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: true
+      matrix:
+        # Languages to scan
+        language: [ 'java' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Setup Java
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: 19
+          cache: 'maven'
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      # Auto build attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{matrix.language}}"
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -0,0 +1,43 @@
+# Automatically build, run unit and integration tests to detect errors early (CI provided by GitHub)
+# including making pull requests review easier
+
+# Human-readable name in the actions tab
+name: Maven Build
+
+# Build on every pull request regardless of the branch
+# Wiki: https://help.github.com/en/actions/reference/events-that-trigger-workflows
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  # job id
+  build_and_test:
+
+    # Environment image - always use the newest OS
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    # Run steps
+    steps:
+      # Pull changes
+      - uses: actions/checkout@v3
+
+      # Setup Java
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: 19
+          cache: 'maven'
+
+      # Build and test (included in package)
+      - name: Build with Maven and test
+        # Run non-interactive, package (with compile+test),
+        # ignore snapshot updates, because they are likely to have breaking changes, enforce checksums
+        run: mvn test --batch-mode --threads 2.0C --no-snapshot-updates --strict-checksums --file pom.xml
--- a/.gitignore
+++ b/.gitignore
@@ -1,37 +1,25 @@
-# Eclipse stuff
-/.classpath
-/.project
-/.settings
+# Eclipse
+.classpath
+.project
+.settings/

-# netbeans
-/nbproject
+# NetBeans
+nbproject/
 nb-configuration.xml

-# maven
-/target
-
-# vim
-.*.sw[a-p]
-
-# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
-hs_err_pid*
-
-# various other potential build files
-/build
-/bin
-/dist
-/manifest.mf
-*.log
-
-# Mac filesystem dust
-.DS_Store
-
-# intellij
+# IntelliJ
 *.iml
 *.ipr
 *.iws
 .idea/

+# VSCode
+.vscode/
+
+# Maven
+target/
+pom.xml.versionsBackup
+
 # Gradle
 .gradle

@@ -40,3 +28,22 @@ gradle-app.setting

 # Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored)
 !gradle-wrapper.jar
+
+# various other potential build files
+build/
+bin/
+dist/
+manifest.mf
+*.log
+
+# Vim
+.*.sw[a-p]
+
+# virtual machine crash logs, see https://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+
+# Mac filesystem dust
+.DS_Store
+
+# Factorypath from Visual Studio Code
+.factorypath
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,260 @@
+### 1.11
+
+* TODO: Replace reflection with methodhandles
+
+* Use direct proxies instead of ssl factories for multiple IP-addresses
+* Remove local address check for multiple IP-addresses
+* Fix parsing of local IP-addresses
+* Fix address rotating for contacting the Mojang API
+* Optimize issue template
+* Use Instant for timestamps
+* Migrate SLF4J logging (Fixes #177)
+* Use Gson's TypeAdapter for more type safety
+* Add support for IPv6 proxies
+* Shared configuration implementation for easier maintained code
+* Use Gson for json parsing, because it's supported on all platforms and removes code duplicates
+* Clean up project code
+* Drop support for deprecated AuthMe API
+* Remove legacy database migration code
+* Drop support for RoyalAuth, because it doesn't seem to be supported anymore
+* Clean up client-server encryption -> use only one cipher per connection, simplify code
+
+### 1.10
+
+* Prevent authentication proxies
+* Drop database importer
+* More logging by default
+* Add support for HTTP proxies
+* Set the fake offline UUID on lowest priority (-> as soon as possible)
+* Remove bungee chatcolor for Bukkit to support KCauldron
+* Minor cleanup using inspections + Https
+* Increase hook delay to let ProtocolLib inject the listener
+* Drop support for old AuthMe API + Add support for new AuthMe API
+* Remove eBean util usage to make it compatible with 1.12
+* Do not try to hook into a plugin if auth plugin hook is already set using the FastLogin API
+* Automatically register accounts if they are not in the auth plugin database but in the FastLogin database
+* Update BungeeAuth dependency and use the new API. Please update your plugin if you still use the old one.
+* Remove deprecated API methods from the last version
+* Finally, update the IP column on every login
+* No duplicate session login
+* Fix timestamp parsing in newer versions of SQLite
+* Fix Spigot console command invocation sends result to in game players
+
+### 1.9
+
+* Added second attempt login -> cracked login
+* Added cracked whitelist (switch-mode -> switching to online-mode from offlinemode)
+* Added configuration to disable auto logins for 2Factor authentication
+* Added missing add-premium-other message
+* Upgrade to Java 8 -> Minimize file size
+* Refactored/Cleaned up a lot of code
+* [API] Deprecated platform specific auth-plugin. Please use AuthPlugin< platform specific player type >
+* [API] Deprecated bukkit's password generator. Please use PasswordGenerator< platform specific player type >
+* Fix ProtocolSupport autoRegister
+* Fix update username in FastLogin database after nameChange
+* Fix logging exceptions on encryption enabling
+* Fix compatibility with older ProtocolLib versions (for 1.7) because of the missing getMethodAcccessorOrNull method
+* Fix correct cracked permission for bukkit
+* A try to fix SQLite timestamp parsing
+* Drop support for LoginSecurity 1.X since 2.X seems to be stable
+* Remove the nasty UltraAuth fakeplayer workaround by using a new api method. You should UltraAuth if you have it
+
+### 1.8
+
+* Added autoIn importer
+* Added BFA importer
+* Added ElDziAuth importer
+* Fix third-party not premium player detection
+* Fix ProtocolSupport BungeeCord
+* Fix duplicate logins for BungeeAuth users
+
+### 1.7.1
+
+* Fix BungeeCord autoRegister (Fixes #46)
+* Fix ProtocolSupport auto-register
+
+### 1.7
+
+* Added support for making requests to Mojang from different IPv4 addresses
+* Added us.mcapi.com as third-party APIs to workaround rate-limits
+* Fixed NPE in BungeeCord on cracked session
+* Fixed skin applies if premium uuid is deactivated
+* Fix player entry is not saved if namechangecheck is enabled
+* Fix skin applies for third-party plugins
+* Switch to mcapi.ca for uuid lookups
+* Fix BungeeCord not setting a premium uuid
+* Fix setting skin on Cauldron
+* Fix saving on name change
+
+### 1.6.2
+
+* Fixed support for new LoginSecurity version
+
+### 1.6.1
+
+* Fix message typo in BungeeCord which created a NPE if premium-warning is activated
+
+### 1.6
+
+* Add a warning message if the user tries to invoke the premium command
+* Added missing translation if the server isn't fully started
+* Removed ProtocolLib as required dependency. You can use ProtocolSupport or BungeeCord as alternative
+* Reduce the number of worker threads from 5 to 3 in ProtocolLib
+* Process packets in ProtocolLib async/non-blocking -> better performance
+* Fixed missing translation in commands
+* Fixed cracked command not working on BungeeCord
+* Fix error if forward skins is disabled
+
+### 1.5.2
+
+* Fixed BungeeCord force logins if there is a lobby server
+* Removed cache expire in BungeeCord
+* Applies skin earlier to make it visible for other plugins listening on login events
+
+### 1.5.1
+
+* Fixed BungeeCord support by correctly saving the proxy ids
+
+### 1.5
+
+* Added localization
+* Fixed NPE on premium name check if it's pure cracked player
+* Fixed NPE in BungeeCord on cracked login for existing players
+* Fixed saving of existing cracked players
+
+### 1.4
+
+* Added Bungee setAuthPlugin method
+* Added nameChangeCheck
+* Multiple BungeeCord support
+
+### 1.3.1
+
+* Prevent thread create violation in BungeeCord
+
+### 1.3
+
+* Added support for AuthMe 3.X
+* Fixed premium logins if the server is not fully started
+* Added other command argument to /premium and /cracked
+* Added support for LogIt
+* Fixed 1.7 Minecraft support by removing guava 11+ only features -> Cauldron support
+* Fixed BungeeCord support in Cauldron
+
+### 1.2.1
+
+* Fix premium status change notification message on BungeeCord
+
+### 1.2
+
+* Fix race condition in BungeeCord
+* Fix deadlock in xAuth
+* Added API methods for plugins to set their own password generator
+* Added API methods for plugins to set their own auth plugin hook
+=> Added support for AdvancedLogin
+
+### 1.1
+
+* Make the configuration options also work under BungeeCord (premiumUUID, forwardSkin)
+* Catch configuration loading exception if it's not spigot build
+* Fix config loading for older Spigot builds
+
+### 1.0
+
+* Massive refactor to handle errors on force actions safely
+* force Methods now runs async too
+* force methods now returns a boolean to reflect if the method was successful
+* isRegistered method should now throw an exception if the plugin was unable to query the requested data
+
+### 0.8
+
+* Fixed BungeeCord support for the Bukkit module
+* Added database storage to save the premium state
+* Fix logical error on /premium (Thanks to @NorbiPeti)
+* Fixed issues with host lookup from hosts file (Thanks to @NorbiPeti)
+* Remove handshake listener because it creates errors on some systems
+
+### 0.7
+
+* Added BungeeAuth support
+* Added /premium [player] command with optional player parameter
+* Added a check if the player is already on the premium list
+* Added a forwardSkin config option
+* Added premium UUID support
+* Updated to the newest changes of Spigot
+* Removes the need of a Bukkit auth plugin if you use a bungeecord one
+* Optimize performance and thread-safety
+* Fixed BungeeCord support
+* Changed config option auto-login to auto-register to clarify the usage
+
+### 0.6
+
+* Fixed 1.9 bugs
+* Added UltraAuth support
+
+### 0.5
+
+* Added cracked command
+* Added auto-login - See config
+* Added config
+* Added isRegistered API method
+* Added forceRegister API method
+
+* Fixed CrazyLogin player data restore -> Fixes memory leaks with this plugin
+* Fixed premium name check to ProtocolSupport
+* Improved permissions management
+
+### 0.4
+
+* Added forward premium skin
+* Added plugin support for ProtocolSupport
+
+### 0.3.2
+
+* Run packet readers in a different thread (separated from the Netty I/O Thread)
+-> Improves performance
+* Fixed Plugin disable if the server is in online mode but have to be in offline mode
+
+### 0.3.1
+
+* Improved BungeeCord security
+
+### 0.3
+
+* Added BungeeCord support
+* Decrease timeout checks in order to fail faster on connection problems
+* Code style improvements
+
+### 0.2.4
+
+* Fixed NPE on invalid sessions
+* Improved security by generating a randomized serverId
+* Removed /premium [player] because it's safer for premium players who join without registration
+
+### 0.2.3
+
+* Remove useless AuthMe force-login code
+* Send a kick message to the client instead of just "Disconnect"
+* Reformat source code
+* Fix thread safety for fake start packets (Bukkit.getOfflinePlayer doesn't look like to be thread-safe)
+* Added more documentation
+
+### 0.2.2
+
+* Compile project with Java 7 :(
+
+### 0.2.1
+* A couple of security fixes (premium players cannot longer steal the account of a cracked account)
+* Added a /premium command to mark you as premium player
+
+### 0.2
+
+* Added support for CrazyLogin and LoginSecurity
+* Now minecraft version independent
+* Added debug logging
+* Code clean up
+* More state validation
+* Added better error handling
+
+### 0.1
+* First release
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 The MIT License (MIT)

-Copyright (c) 2015 
+Copyright (c) 2015-2022 games647 and contributors

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/README.md
+++ b/README.md
@@ -1,13 +1,128 @@
 # FastLogin

-Checks if a minecraft player has a valid premium (paid account). If so, they can skip offline authentification.
+Checks if a Minecraft player has a paid account (premium). If so, they can skip offline authentication (auth plugins).
+So they don't need to enter passwords. This is also called auto login (auto-login).

-Requirements:
-* [ProtocolLib](http://www.spigotmc.org/resources/protocollib.1997/)
-* Bukkit 1.8.8
-* Java 8 or above
-* An auth plugin. Supported Plugins:
-    * [AuthMe](http://dev.bukkit.org/bukkit-plugins/authme-reloaded/)
-    * [xAuth](http://dev.bukkit.org/bukkit-plugins/xauth/)
-    * [CrazyLogin](http://dev.bukkit.org/bukkit-plugins/crazylogin/)
-    * [LoginSecurity](http://dev.bukkit.org/bukkit-plugins/loginsecurity/)
+## Features
+
+* Detect paid accounts from others
+* Automatically login paid accounts (premium)
+* Support various of auth plugins
+* Cauldron support
+* Forge/Sponge message support
+* Premium UUID support
+* Forward skins
+* Detect username changed and will update the existing database record
+* BungeeCord support
+* Auto register new premium players
+* Plugin: ProtocolSupport is supported and can be used as an alternative to ProtocolLib
+* No client modifications needed
+* Good performance by using async operations
+* Locale messages
+* Support for Bedrock players proxies through FloodGate
+
+## Issues
+
+Please use issues for bug reports, suggestions, questions and more. Please check for existing issues. Existing issues
+can be voted up by adding up vote to the original post. Closing issues means that they are marked as resolved. Comments
+are still allowed and it could be re-opened.
+
+## Development builds
+
+Development builds contain the latest changes from the Source-Code. They are bleeding edge and could introduce new bugs,
+but also include features, enhancements and bug fixes that are not yet in a released version. If you click on the left
+side on `Changes`, you can see iterative change sets leading to a specific build.
+
+You can download them from here: https://ci.codemc.org/job/Games647/job/FastLogin/
+
+***
+
+## Commands
+
+    /premium [player] Label the invoker or the argument as paid account
+    /cracked [player] Label the invoker or the argument as cracked account
+
+## Permissions
+
+    fastlogin.bukkit.command.premium
+    fastlogin.bukkit.command.cracked
+    fastlogin.command.premium.other
+    fastlogin.command.cracked.other
+
+## Placeholder
+
+This plugin supports `PlaceholderAPI` on `Spigot`. It exports the following variable
+`%fastlogin_status%`. In BungeeCord environments, the status of a player will be delivered with a delay after the player
+already successful joined the server. This takes about a couple of milliseconds. In this case the value
+will be `Unknown`.
+
+Possible values: `Premium`, `Cracked`, `Unknown`
+
+## Requirements
+
+* Java 17+
+* Server software in offlinemode:
+  * Spigot (or a fork e.g. Paper) 1.8.8+
+    * Protocol plugin:
+      * [ProtocolLib 5.0+](https://www.spigotmc.org/resources/protocollib.1997/) or
+      * [ProtocolSupport](https://www.spigotmc.org/resources/protocolsupport.7201/)
+  * Latest BungeeCord (or a fork e.g. Waterfall)
+* An auth plugin.
+
+### Supported auth plugins
+
+#### Spigot/Paper
+
+* [AdvancedLogin (Paid)](https://www.spigotmc.org/resources/advancedlogin.10510/)
+* [AuthMe (5.X)](https://dev.bukkit.org/bukkit-plugins/authme-reloaded/)
+* [CrazyLogin](https://dev.bukkit.org/bukkit-plugins/crazylogin/)
+* [LoginSecurity](https://dev.bukkit.org/bukkit-plugins/loginsecurity/)
+* [LogIt](https://github.com/games647/LogIt)
+* [UltraAuth](https://dev.bukkit.org/bukkit-plugins/ultraauth-aa/)
+* [UserLogin](https://www.spigotmc.org/resources/userlogin.80669/)
+* [xAuth](https://dev.bukkit.org/bukkit-plugins/xauth/)
+
+#### BungeeCord/Waterfall
+
+* [BungeeAuth](https://www.spigotmc.org/resources/bungeeauth.493/)
+* [BungeeAuthenticator](https://www.spigotmc.org/resources/bungeecordauthenticator.87669/)
+
+## Network requests
+
+This plugin performs network requests to:
+
+* https://api.mojang.com - retrieving uuid data to decide if we should activate premium login
+* https://sessionserver.mojang.com - verify if the player is the owner of that account
+
+***
+
+## How to install
+
+### Spigot/Paper
+
+1. Download and install ProtocolLib/ProtocolSupport
+2. Download and install FastLogin (or `FastLoginBukkit` for newer versions)
+3. Set your server in offline mode by setting the value `onlinemode` in your server.properties to false
+
+### BungeeCord/Waterfall or Velocity
+
+Install the plugin on both platforms, that is proxy (BungeeCord or Velocity) and backend server (Spigot).
+
+1. Activate proxy support in the server configuration
+   * This is often found in `spigot.yml` or `paper.yml`
+2. Restart the backend server
+3. Now there is `allowed-proxies.txt` file in the FastLogin folder of the restarted server
+    * BungeeCord: Put your `stats`-id from the BungeeCord config into this file
+    * Velocity: On plugin startup the plugin generates a `proxyId.txt` inside the plugins folder of the proxy
+4. Activate ip forwarding in your proxy config
+5. Check your database settings in the config of FastLogin on your proxy
+    * The proxies only ship with a limited set of drivers where Spigot supports more. Therefore, these are supported:
+    * BungeeCord: `com.mysql.jdbc.Driver` for MySQL/MariaDB
+    * Velocity: `fastlogin.mariadb.jdbc.Driver` for MySQL/MariaDB
+    * Note the embedded file storage SQLite is not available
+    * MySQL/MariaDB requires an external database server running. Check your server provider if there is one available
+   or install one.
+6. Set proxy and Spigot in offline mode by setting the value `onlinemode` in your `config.yml` to false
+7. You should *always* configure the firewall for your Spigot server so that it's only accessible through your proxy
+   * This is also the case without this plugin
+   * https://www.spigotmc.org/wiki/bungeecord-installation/#post-installation
--- a/bukkit/lib/CrazyCore
+++ b/bukkit/lib/CrazyCore
--- a/bukkit/lib/CrazyLogin
+++ b/bukkit/lib/CrazyLogin
--- a/bukkit/lib/UltraAuth
+++ b/bukkit/lib/UltraAuth
--- a/bukkit/pom.xml
+++ b/bukkit/pom.xml
@@ -0,0 +1,400 @@
+<!--
+
+    SPDX-License-Identifier: MIT
+
+    The MIT License (MIT)
+
+    Copyright (c) 2015-2022 games647 and contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+
+-->
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <properties>
+        <nettyVersion>4.1.79.Final</nettyVersion>
+    </properties>
+
+    <parent>
+        <groupId>com.github.games647</groupId>
+        <artifactId>fastlogin</artifactId>
+        <version>1.12-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <!--This has to be in lowercase because it's used by plugin.yml-->
+    <artifactId>fastlogin.bukkit</artifactId>
+    <packaging>jar</packaging>
+
+    <name>FastLoginBukkit</name>
+
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-shade-plugin</artifactId>
+                <version>3.4.1</version>
+                <configuration>
+                    <createDependencyReducedPom>false</createDependencyReducedPom>
+                    <shadedArtifactAttached>false</shadedArtifactAttached>
+                    <relocations>
+                        <relocation>
+                            <pattern>com.zaxxer.hikari</pattern>
+                            <shadedPattern>fastlogin.hikari</shadedPattern>
+                        </relocation>
+                        <relocation>
+                            <pattern>org.slf4j</pattern>
+                            <shadedPattern>fastlogin.slf4j</shadedPattern>
+                        </relocation>
+                        <relocation>
+                            <pattern>net.md_5.bungee.config</pattern>
+                            <shadedPattern>fastlogin.config</shadedPattern>
+                        </relocation>
+                        <relocation>
+                            <pattern>com.google.gson</pattern>
+                            <shadedPattern>fastlogin.gson</shadedPattern>
+                        </relocation>
+                        <relocation>
+                            <pattern>com.google.common</pattern>
+                            <shadedPattern>fastlogin.guava</shadedPattern>
+                            <excludes>
+                                <exclude>com.google.common.collect.Multimap</exclude>
+                            </excludes>
+                        </relocation>
+                        <relocation>
+                            <pattern>io.papermc.lib</pattern>
+                            <shadedPattern>fastlogin.paperlib</shadedPattern>
+                        </relocation>
+                    </relocations>
+                    <!-- Rename the service file too to let SLF4J api find our own relocated jdk logger -->
+                    <!-- Located in META-INF/services -->
+                    <transformers>
+                        <transformer
+                                implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
+                    </transformers>
+                    <minimizeJar>true</minimizeJar>
+                    <filters>
+                        <filter>
+                            <artifact>*:*</artifact>
+                            <excludes>
+                                <exclude>META-INF/MANIFEST.MF</exclude>
+                                <exclude>**/module-info.class</exclude>
+                            </excludes>
+                        </filter>
+                    </filters>
+                </configuration>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>shade</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+    <repositories>
+        <!-- PaperSpigot API and PaperLib -->
+        <repository>
+            <id>papermc</id>
+            <url>https://papermc.io/repo/repository/maven-public/</url>
+        </repository>
+
+        <!-- ProtocolLib -->
+        <repository>
+            <id>dmulloy2-repo</id>
+            <url>https://repo.dmulloy2.net/repository/public/</url>
+        </repository>
+
+        <!-- AuthMe Reloaded, xAuth and LoginSecurity -->
+        <repository>
+            <id>codemc-releases</id>
+            <url>https://repo.codemc.io/repository/maven-public/</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+
+        <!-- PlaceholderAPI -->
+        <repository>
+            <id>placeholderapi</id>
+            <url>https://repo.extendedclip.com/content/repositories/placeholderapi</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+
+        <!-- GitHub automatic maven builds -->
+        <repository>
+            <id>jitpack.io</id>
+            <url>https://jitpack.io</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+
+    <dependencies>
+        <!--Common plugin component-->
+        <dependency>
+            <groupId>com.github.games647</groupId>
+            <artifactId>fastlogin.core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
+        <!-- PaperSpigot API for correcting user cache usage -->
+        <dependency>
+            <groupId>io.papermc.paper</groupId>
+            <artifactId>paper-api</artifactId>
+            <version>1.19.4-R0.1-SNAPSHOT</version>
+            <scope>provided</scope>
+            <!-- Use our own newer api version -->
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- PaperLib for checking if server uses PaperSpigot -->
+        <dependency>
+            <groupId>io.papermc</groupId>
+            <artifactId>paperlib</artifactId>
+            <version>1.0.8</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.mojang</groupId>
+            <artifactId>datafixerupper</artifactId>
+            <version>5.0.28</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Library for listening and sending Minecraft packets-->
+        <dependency>
+            <groupId>com.comphenix.protocol</groupId>
+            <artifactId>ProtocolLib</artifactId>
+            <version>5.0.0-SNAPSHOT</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Changing onlinemode on login process-->
+        <dependency>
+            <groupId>com.github.ProtocolSupport</groupId>
+            <artifactId>ProtocolSupport</artifactId>
+            <!--4.29.dev after commit about API improvements-->
+            <version>master-66b494a8dd-1</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Floodgate for Xbox Live Authentication-->
+        <dependency>
+            <groupId>org.geysermc.floodgate</groupId>
+            <artifactId>api</artifactId>
+            <version>${floodgate.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- Bedrock player bridge -->
+        <dependency>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>core</artifactId>
+            <version>${geyser.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- We need the API, but it was excluded above -->
+        <dependency>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>api</artifactId>
+            <version>${geyser.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Provide premium placeholders-->
+        <dependency>
+            <groupId>me.clip</groupId>
+            <artifactId>placeholderapi</artifactId>
+            <version>2.11.3</version>
+            <scope>provided</scope>
+            <optional>true</optional>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Login Plugins-->
+        <dependency>
+            <groupId>fr.xephi</groupId>
+            <artifactId>authme</artifactId>
+            <version>5.6.0-beta2</version>
+            <scope>provided</scope>
+            <optional>true</optional>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>com.lenis0012.bukkit</groupId>
+            <artifactId>loginsecurity</artifactId>
+            <version>3.1.1</version>
+            <scope>provided</scope>
+            <optional>true</optional>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>com.github.games647</groupId>
+            <artifactId>LogIt</artifactId>
+            <version>9e3581db27</version>
+            <scope>provided</scope>
+            <optional>true</optional>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>de.luricos.bukkit</groupId>
+            <artifactId>xAuth</artifactId>
+            <version>2.6</version>
+            <scope>provided</scope>
+            <optional>true</optional>
+            <!--These artifacts produce conflicts on downloading-->
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--No maven repository :(-->
+        <dependency>
+            <groupId>de.st_ddt.crazy</groupId>
+            <artifactId>CrazyCore</artifactId>
+            <version>10.7.7</version>
+            <optional>true</optional>
+            <scope>system</scope>
+            <systemPath>${project.basedir}/lib/CrazyCore v10.7.7.jar</systemPath>
+        </dependency>
+
+        <dependency>
+            <groupId>de.st_ddt.crazy</groupId>
+            <artifactId>CrazyLogin</artifactId>
+            <version>7.23</version>
+            <optional>true</optional>
+            <scope>system</scope>
+            <systemPath>${project.basedir}/lib/CrazyLogin v7.23.2.jar</systemPath>
+        </dependency>
+
+        <dependency>
+            <groupId>ultraauth</groupId>
+            <artifactId>ultraauth</artifactId>
+            <version>2.0.2</version>
+            <optional>true</optional>
+            <scope>system</scope>
+            <systemPath>${project.basedir}/lib/UltraAuth v2.1.2.jar</systemPath>
+        </dependency>
+
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk18on</artifactId>
+            <version>1.72</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-transport</artifactId>
+            <version>${nettyVersion}</version>
+            <scope>provided</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-codec</artifactId>
+            <version>${nettyVersion}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <!-- Provided by the spigot, required for testing ProtocolLib -->
+        <dependency>
+            <groupId>commons-lang</groupId>
+            <artifactId>commons-lang</artifactId>
+            <version>2.6</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+</project>
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BukkitLoginSession.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BukkitLoginSession.java
@@ -0,0 +1,125 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import com.github.games647.craftapi.model.skin.SkinProperty;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+
+import java.util.Optional;
+
+import org.jetbrains.annotations.Nullable;
+
+/**
+ * Represents a client connecting to the server.
+ * <p>
+ * This session is invalid if the player disconnects or the login was successful
+ */
+public class BukkitLoginSession extends LoginSession {
+
+    private static final byte[] EMPTY_ARRAY = {};
+
+    private final byte[] verifyToken;
+
+    private final ClientPublicKey clientPublicKey;
+
+    private boolean verified;
+
+    private SkinProperty skinProperty;
+
+    public BukkitLoginSession(String username, byte[] verifyToken, ClientPublicKey publicKey, boolean registered,
+                              StoredProfile profile) {
+        super(username, registered, profile);
+
+        this.clientPublicKey = publicKey;
+        this.verifyToken = verifyToken.clone();
+    }
+
+    //available for BungeeCord
+    public BukkitLoginSession(String username, boolean registered) {
+        this(username, EMPTY_ARRAY, null, registered, null);
+    }
+
+    //cracked player
+    public BukkitLoginSession(String username, StoredProfile profile) {
+        this(username, EMPTY_ARRAY, null, false, profile);
+    }
+
+    //ProtocolSupport
+    public BukkitLoginSession(String username, boolean registered, StoredProfile profile) {
+        this(username, EMPTY_ARRAY, null, registered, profile);
+    }
+
+    /**
+     * Gets the verify-token the server sent to the client.
+     * <p>
+     * Empty if it's a BungeeCord connection
+     *
+     * @return verify token from the server
+     */
+    public synchronized byte[] getVerifyToken() {
+        return verifyToken.clone();
+    }
+
+    @Nullable
+    public ClientPublicKey getClientPublicKey() {
+        return clientPublicKey;
+    }
+
+    /**
+     * @return premium skin if available
+     */
+    public synchronized Optional<SkinProperty> getSkin() {
+        return Optional.ofNullable(skinProperty);
+    }
+
+    /**
+     * Sets the premium skin property which was retrieved by the session server
+     * @param skinProperty premium skin
+     */
+    public synchronized void setSkinProperty(SkinProperty skinProperty) {
+        this.skinProperty = skinProperty;
+    }
+
+    /**
+     * Sets whether the player has a premium (paid account) account and valid session
+     *
+     * @param verified whether the player has valid session
+     */
+    public synchronized void setVerified(boolean verified) {
+        this.verified = verified;
+    }
+
+    /**
+     * Get whether the player has a premium (paid account) account and valid session
+     *
+     * @return whether the player has a valid session
+     */
+    public synchronized boolean isVerified() {
+        return verified;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BukkitScheduler.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BukkitScheduler.java
@@ -0,0 +1,49 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import com.github.games647.fastlogin.core.AsyncScheduler;
+
+import java.util.concurrent.Executor;
+
+import org.bukkit.Bukkit;
+import org.bukkit.plugin.Plugin;
+import org.slf4j.Logger;
+
+public class BukkitScheduler extends AsyncScheduler {
+
+    private final Executor syncExecutor;
+
+    public BukkitScheduler(Plugin plugin, Logger logger) {
+        super(logger, command -> Bukkit.getScheduler().runTaskAsynchronously(plugin, command));
+
+        syncExecutor = r -> Bukkit.getScheduler().runTask(plugin, r);
+    }
+
+    public Executor getSyncExecutor() {
+        return syncExecutor;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BungeeManager.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/BungeeManager.java
@@ -0,0 +1,233 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import com.github.games647.fastlogin.bukkit.listener.BungeeListener;
+import com.github.games647.fastlogin.core.message.ChannelMessage;
+import com.github.games647.fastlogin.core.message.LoginActionMessage;
+import com.github.games647.fastlogin.core.message.NamespaceKey;
+import com.google.common.io.ByteArrayDataOutput;
+import com.google.common.io.ByteStreams;
+
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.lang.reflect.InvocationTargetException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.UUID;
+import java.util.stream.Stream;
+
+import org.bukkit.Bukkit;
+import org.bukkit.Server;
+import org.bukkit.entity.Player;
+import org.bukkit.plugin.messaging.PluginMessageRecipient;
+
+import static com.github.games647.fastlogin.core.message.ChangePremiumMessage.CHANGE_CHANNEL;
+import static com.github.games647.fastlogin.core.message.SuccessMessage.SUCCESS_CHANNEL;
+import static java.util.stream.Collectors.toSet;
+
+public class BungeeManager {
+
+    private static final String LEGACY_FILE_NAME = "proxy-whitelist.txt";
+    private static final String FILE_NAME = "allowed-proxies.txt";
+
+    //null if proxies allowed list is empty so bungeecord support is disabled
+    private Set<UUID> proxyIds;
+
+    private final FastLoginBukkit plugin;
+    private boolean enabled;
+
+    private final Collection<UUID> firedJoinEvents = new HashSet<>();
+
+    public BungeeManager(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    public void cleanup() {
+        //remove old blocked status
+        Bukkit.getOnlinePlayers().forEach(player -> player.removeMetadata(plugin.getName(), plugin));
+    }
+
+    public void sendPluginMessage(PluginMessageRecipient player, ChannelMessage message) {
+        if (player != null) {
+            ByteArrayDataOutput dataOutput = ByteStreams.newDataOutput();
+            message.writeTo(dataOutput);
+
+            NamespaceKey channel = new NamespaceKey(plugin.getName(), message.getChannelName());
+            player.sendPluginMessage(plugin, channel.getCombinedName(), dataOutput.toByteArray());
+        }
+    }
+
+    public boolean isEnabled() {
+        return enabled;
+    }
+
+    public void initialize() {
+        enabled = detectProxy();
+
+        if (enabled) {
+            proxyIds = loadBungeeCordIds();
+            registerPluginChannels();
+            plugin.getLog().info("Found enabled proxy configuration");
+            plugin.getLog().info("Remember to follow the proxy guide to complete your setup");
+        } else {
+            plugin.getLog().warn("Disabling Minecraft proxy configuration. Assuming direct connections from now on.");
+        }
+    }
+
+    private boolean isProxySupported(String className, String fieldName)
+        throws ClassNotFoundException, NoSuchFieldException, IllegalAccessException {
+        return Class.forName(className).getDeclaredField(fieldName).getBoolean(null);
+    }
+
+    private boolean isVelocityEnabled()
+        throws NoSuchFieldException, IllegalArgumentException, IllegalAccessException, ClassNotFoundException,
+        NoSuchMethodException, InvocationTargetException {
+        try {
+            Class<?> globalConfig = Class.forName("io.papermc.paper.configuration.GlobalConfiguration");
+            Object global = globalConfig.getDeclaredMethod("get").invoke(null);
+            Object proxiesConfiguration = global.getClass().getDeclaredField("proxies").get(global);
+
+            Field velocitySectionField = proxiesConfiguration.getClass().getDeclaredField("velocity");
+            Object velocityConfig = velocitySectionField.get(proxiesConfiguration);
+
+            return velocityConfig.getClass().getDeclaredField("enabled").getBoolean(velocityConfig);
+        } catch (ClassNotFoundException classNotFoundException) {
+            // try again using the older Paper configuration, because the old class file still exists in newer versions
+            if (isProxySupported("com.destroystokyo.paper.PaperConfig", "velocitySupport")) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private boolean detectProxy() {
+        try {
+            if (isProxySupported("org.spigotmc.SpigotConfig", "bungee")) {
+                return true;
+            }
+        } catch (ClassNotFoundException classNotFoundException) {
+            // leave stacktrace for class not found out
+            plugin.getLog().warn("Cannot check for BungeeCord support: {}", classNotFoundException.getMessage());
+        } catch (NoSuchFieldException | IllegalAccessException ex) {
+            plugin.getLog().warn("Cannot check for BungeeCord support", ex);
+        }
+
+        try {
+            return isVelocityEnabled();
+        } catch (ClassNotFoundException classNotFoundException) {
+            plugin.getLog().warn("Cannot check for Velocity support in Paper: {}", classNotFoundException.getMessage());
+        } catch (NoSuchFieldException | IllegalAccessException | NoSuchMethodException | InvocationTargetException ex) {
+            plugin.getLog().warn("Cannot check for Velocity support in Paper", ex);
+        }
+
+        return false;
+    }
+
+    private void registerPluginChannels() {
+        Server server = Bukkit.getServer();
+
+        // check for incoming messages from the bungeecord version of this plugin
+        String groupId = plugin.getName();
+        String forceChannel = NamespaceKey.getCombined(groupId, LoginActionMessage.FORCE_CHANNEL);
+        server.getMessenger().registerIncomingPluginChannel(plugin, forceChannel, new BungeeListener(plugin));
+
+        // outgoing
+        String successChannel = new NamespaceKey(groupId, SUCCESS_CHANNEL).getCombinedName();
+        String changeChannel = new NamespaceKey(groupId, CHANGE_CHANNEL).getCombinedName();
+        server.getMessenger().registerOutgoingPluginChannel(plugin, successChannel);
+        server.getMessenger().registerOutgoingPluginChannel(plugin, changeChannel);
+    }
+
+    private Set<UUID> loadBungeeCordIds() {
+        Path proxiesFile = plugin.getPluginFolder().resolve(FILE_NAME);
+        Path legacyFile = plugin.getPluginFolder().resolve(LEGACY_FILE_NAME);
+        try {
+            if (Files.notExists(proxiesFile)) {
+                if (Files.exists(legacyFile)) {
+                    Files.move(legacyFile, proxiesFile);
+                }
+
+                if (Files.notExists(legacyFile)) {
+                    Files.createFile(proxiesFile);
+                }
+            }
+
+            Files.deleteIfExists(legacyFile);
+            try (Stream<String> lines = Files.lines(proxiesFile)) {
+                return lines.map(String::trim).map(UUID::fromString).collect(toSet());
+            }
+        } catch (IOException ex) {
+            plugin.getLog().error("Failed to read proxies", ex);
+        } catch (Exception ex) {
+            plugin.getLog().error("Failed to retrieve proxy Id. Disabling BungeeCord support", ex);
+        }
+
+        return Collections.emptySet();
+    }
+
+    public boolean isProxyAllowed(UUID proxyId) {
+        return proxyIds != null && proxyIds.contains(proxyId);
+    }
+
+    /**
+     * Mark the event to be fired including the task delay.
+     *
+     * @param player joining player
+     */
+    public synchronized void markJoinEventFired(Player player) {
+        firedJoinEvents.add(player.getUniqueId());
+    }
+
+    /**
+     * Check if the event fired including with the task delay. This necessary to restore the order of processing the
+     * BungeeCord messages after the PlayerJoinEvent fires including the delay.
+     * <p>
+     * If the join event fired, the delay exceeded, but it ran earlier and couldn't find the recently started login
+     * session. If not fired, we can start a new force login task. This will still match the requirement that we wait
+     * a certain time after the player join event fired.
+     *
+     * @param player joining player
+     * @return event fired including delay
+     */
+    public synchronized boolean didJoinEventFired(Player player) {
+        return firedJoinEvents.contains(player.getUniqueId());
+    }
+
+    /**
+     * Player quit clean up
+     *
+     * @param player joining player
+     */
+    public synchronized void cleanup(Player player) {
+        firedJoinEvents.remove(player.getUniqueId());
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/FastLoginBukkit.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/FastLoginBukkit.java
@@ -0,0 +1,308 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import com.comphenix.protocol.ProtocolLibrary;
+import com.github.games647.fastlogin.bukkit.command.CrackedCommand;
+import com.github.games647.fastlogin.bukkit.command.PremiumCommand;
+import com.github.games647.fastlogin.bukkit.listener.ConnectionListener;
+import com.github.games647.fastlogin.bukkit.listener.PaperCacheListener;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.ProtocolLibListener;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.SkinApplyListener;
+import com.github.games647.fastlogin.bukkit.listener.protocolsupport.ProtocolSupportListener;
+import com.github.games647.fastlogin.bukkit.task.DelayedAuthHook;
+import com.github.games647.fastlogin.core.CommonUtil;
+import com.github.games647.fastlogin.core.PremiumStatus;
+import com.github.games647.fastlogin.core.hooks.bedrock.BedrockService;
+import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
+import com.github.games647.fastlogin.core.hooks.bedrock.GeyserService;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.PlatformPlugin;
+
+import io.papermc.lib.PaperLib;
+
+import java.net.InetSocketAddress;
+import java.nio.file.Path;
+import java.util.Map;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+import org.bukkit.Bukkit;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.bukkit.plugin.PluginManager;
+import org.bukkit.plugin.java.JavaPlugin;
+import org.geysermc.floodgate.api.FloodgateApi;
+import org.geysermc.geyser.GeyserImpl;
+import org.jetbrains.annotations.NotNull;
+import org.slf4j.Logger;
+
+/**
+ * This plugin checks if a player has a paid account and if so tries to skip offline mode authentication.
+ */
+public class FastLoginBukkit extends JavaPlugin implements PlatformPlugin<CommandSender> {
+
+    //1 minutes should be enough as a timeout for bad internet connection (Server, Client and Mojang)
+    private final ConcurrentMap<String, BukkitLoginSession> loginSession = CommonUtil.buildCache(1, -1);
+    private final Map<UUID, PremiumStatus> premiumPlayers = new ConcurrentHashMap<>();
+    private final Logger logger;
+
+    private boolean serverStarted;
+    private BungeeManager bungeeManager;
+    private final BukkitScheduler scheduler;
+    private FastLoginCore<Player, CommandSender, FastLoginBukkit> core;
+    private FloodgateService floodgateService;
+    private GeyserService geyserService;
+
+    private PremiumPlaceholder premiumPlaceholder;
+
+    public FastLoginBukkit() {
+        this.logger = CommonUtil.initializeLoggerService(getLogger());
+        this.scheduler = new BukkitScheduler(this, logger);
+    }
+
+    @Override
+    public void onEnable() {
+        core = new FastLoginCore<>(this);
+        core.load();
+
+        if (getServer().getOnlineMode()) {
+            //we need to require offline to prevent a loginSession request for an offline player
+            logger.error("Server has to be in offline mode");
+            setEnabled(false);
+            return;
+        }
+
+        if (!initializeFloodgate()) {
+            setEnabled(false);
+        }
+
+        bungeeManager = new BungeeManager(this);
+        bungeeManager.initialize();
+
+        PluginManager pluginManager = getServer().getPluginManager();
+        if (bungeeManager.isEnabled()) {
+            markInitialized();
+        } else {
+            if (!core.setupDatabase()) {
+                setEnabled(false);
+                return;
+            }
+
+            if (pluginManager.isPluginEnabled("ProtocolSupport")) {
+                pluginManager.registerEvents(new ProtocolSupportListener(this, core.getAntiBot()), this);
+            } else if (pluginManager.isPluginEnabled("ProtocolLib")) {
+                ProtocolLibListener.register(this, core.getAntiBot(), core.getConfig().getBoolean("verifyClientKeys"));
+
+                //if server is using paper - we need to set the skin at pre login anyway, so no need for this listener
+                if (!PaperLib.isPaper() && getConfig().getBoolean("forwardSkin")) {
+                    pluginManager.registerEvents(new SkinApplyListener(this), this);
+                }
+            } else {
+                logger.warn("Either ProtocolLib or ProtocolSupport have to be installed if you don't use BungeeCord");
+                setEnabled(false);
+                return;
+            }
+        }
+
+        //delay dependency setup because we load the plugin very early where plugins are initialized yet
+        getServer().getScheduler().runTaskLater(this, new DelayedAuthHook(this), 5L);
+
+        pluginManager.registerEvents(new ConnectionListener(this), this);
+
+        //if server is using paper - we need to add one more listener to correct the user cache usage
+        if (PaperLib.isPaper()) {
+            pluginManager.registerEvents(new PaperCacheListener(this), this);
+        }
+
+        //register commands using a unique name
+        Optional.ofNullable(getCommand("premium")).ifPresent(c -> c.setExecutor(new PremiumCommand(this)));
+        Optional.ofNullable(getCommand("cracked")).ifPresent(c -> c.setExecutor(new CrackedCommand(this)));
+
+        if (pluginManager.isPluginEnabled("PlaceholderAPI")) {
+            premiumPlaceholder = new PremiumPlaceholder(this);
+            premiumPlaceholder.register();
+        }
+    }
+
+    private boolean initializeFloodgate() {
+        if (getServer().getPluginManager().getPlugin("Geyser-Spigot") != null) {
+            geyserService = new GeyserService(GeyserImpl.getInstance(), core);
+        }
+
+        if (getServer().getPluginManager().getPlugin("floodgate") != null) {
+            floodgateService = new FloodgateService(FloodgateApi.getInstance(), core);
+
+            // Check Floodgate config values and return
+            return floodgateService.isValidFloodgateConfigString("autoLoginFloodgate")
+                    && floodgateService.isValidFloodgateConfigString("allowFloodgateNameConflict");
+        }
+
+        return true;
+    }
+
+    @Override
+    public void onDisable() {
+        loginSession.clear();
+        premiumPlayers.clear();
+
+        if (core != null) {
+            core.close();
+        }
+
+        if (bungeeManager != null) {
+            bungeeManager.cleanup();
+        }
+
+        if (premiumPlaceholder != null && getServer().getPluginManager().isPluginEnabled("PlaceholderAPI")) {
+            try {
+                premiumPlaceholder.unregister();
+            } catch (Exception | NoSuchMethodError exception) {
+                logger.error("Failed to unregister placeholder", exception);
+            }
+        }
+
+        if (getServer().getPluginManager().isPluginEnabled("ProtocolLib")) {
+            ProtocolLibrary.getProtocolManager().getAsynchronousManager().unregisterAsyncHandlers(this);
+        }
+    }
+
+    public FastLoginCore<Player, CommandSender, FastLoginBukkit> getCore() {
+        return core;
+    }
+
+    /**
+     * Gets a thread-safe map about players which are connecting to the server are being checked to be premium (paid
+     * account)
+     *
+     * @return a thread-safe loginSession map
+     */
+    public ConcurrentMap<String, BukkitLoginSession> getLoginSessions() {
+        return loginSession;
+    }
+
+    public BukkitLoginSession getSession(InetSocketAddress address) {
+        String id = getSessionId(address);
+        return loginSession.get(id);
+    }
+
+    public String getSessionId(InetSocketAddress address) {
+        return address.getAddress().getHostAddress() + ':' + address.getPort();
+    }
+
+    public void putSession(InetSocketAddress address, BukkitLoginSession session) {
+        String id = getSessionId(address);
+        loginSession.put(id, session);
+    }
+
+    public void removeSession(InetSocketAddress address) {
+        String id = getSessionId(address);
+        loginSession.remove(id);
+    }
+
+    public Map<UUID, PremiumStatus> getPremiumPlayers() {
+        return premiumPlayers;
+    }
+
+    /**
+     * Fetches the premium status of an online player.
+     *
+     * @param onlinePlayer player that is currently online player (play state)
+     * @return the online status or unknown if an error happened, the player isn't online or BungeeCord doesn't send
+     * us the status message yet (This means you cannot check the login status on the PlayerJoinEvent).
+     */
+    public @NotNull PremiumStatus getStatus(@NotNull UUID onlinePlayer) {
+        return premiumPlayers.getOrDefault(onlinePlayer, PremiumStatus.UNKNOWN);
+    }
+
+    /**
+     * Wait before the server is fully started. This is workaround, because connections right on startup are not
+     * injected by ProtocolLib
+     *
+     * @return true if ProtocolLib can now intercept packets
+     */
+    public boolean isServerFullyStarted() {
+        return serverStarted;
+    }
+
+    public void markInitialized() {
+        this.serverStarted = true;
+    }
+
+    public BungeeManager getBungeeManager() {
+        return bungeeManager;
+    }
+
+    @Override
+    public Path getPluginFolder() {
+        return getDataFolder().toPath();
+    }
+
+    @Override
+    public Logger getLog() {
+        return logger;
+    }
+
+    @Override
+    public BukkitScheduler getScheduler() {
+        return scheduler;
+    }
+
+    @Override
+    public void sendMessage(CommandSender receiver, String message) {
+        receiver.sendMessage(message);
+    }
+
+    /**
+     * Checks if a plugin is installed on the server
+     *
+     * @param name the name of the plugin
+     * @return true if the plugin is installed
+     */
+    @Override
+    public boolean isPluginInstalled(String name) {
+        // the plugin may be enabled after FastLogin, so isPluginEnabled() won't work here
+        return Bukkit.getServer().getPluginManager().getPlugin(name) != null;
+    }
+
+    public FloodgateService getFloodgateService() {
+        return floodgateService;
+    }
+
+    public GeyserService getGeyserService() {
+        return geyserService;
+    }
+
+    @Override
+    public BedrockService<?> getBedrockService() {
+        if (floodgateService != null) {
+            return floodgateService;
+        }
+        return geyserService;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/PremiumPlaceholder.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/PremiumPlaceholder.java
@@ -0,0 +1,85 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import java.util.Collections;
+import java.util.List;
+
+import me.clip.placeholderapi.expansion.PlaceholderExpansion;
+
+import org.bukkit.OfflinePlayer;
+import org.jetbrains.annotations.NotNull;
+
+public class PremiumPlaceholder extends PlaceholderExpansion {
+
+    private static final String PLACEHOLDER_VARIABLE = "status";
+
+    private final FastLoginBukkit plugin;
+
+    public PremiumPlaceholder(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public boolean persist() {
+        return true;
+    }
+
+    @Override
+    public @NotNull List<String> getPlaceholders() {
+        return Collections.singletonList(PLACEHOLDER_VARIABLE);
+    }
+
+    @Override
+    public String onRequest(OfflinePlayer player, @NotNull String identifier) {
+        // player is null if offline
+        if (player != null && PLACEHOLDER_VARIABLE.equals(identifier)) {
+            return plugin.getStatus(player.getUniqueId()).getReadableName();
+        }
+
+        return null;
+    }
+
+    @Override
+    public @NotNull String getIdentifier() {
+        return plugin.getName();
+    }
+
+    @Override
+    public String getRequiredPlugin() {
+        return plugin.getName();
+    }
+
+    @Override
+    public @NotNull String getAuthor() {
+        return String.join(", ", plugin.getDescription().getAuthors());
+    }
+
+    @Override
+    public @NotNull String getVersion() {
+        return plugin.getDescription().getVersion();
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/CrackedCommand.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/CrackedCommand.java
@@ -0,0 +1,116 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.command;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPremiumToggleEvent;
+import com.github.games647.fastlogin.core.StoredProfile;
+
+import org.bukkit.command.Command;
+import org.bukkit.command.CommandSender;
+import org.jetbrains.annotations.NotNull;
+
+import static com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent.PremiumToggleReason;
+
+public class CrackedCommand extends ToggleCommand {
+
+    public CrackedCommand(FastLoginBukkit plugin) {
+        super(plugin);
+    }
+
+    @Override
+    public boolean onCommand(@NotNull CommandSender sender, @NotNull Command command, @NotNull String label,
+                             String[] args) {
+        if (args.length == 0) {
+            onCrackedSelf(sender);
+        } else {
+            onCrackedOther(sender, command, args);
+        }
+
+        return true;
+    }
+
+    private void onCrackedSelf(CommandSender sender) {
+        if (isConsole(sender)) {
+            return;
+        }
+
+        if (forwardCrackedCommand(sender, sender.getName())) {
+            return;
+        }
+
+        // todo: load async if
+        StoredProfile profile = plugin.getCore().getStorage().loadProfile(sender.getName());
+        if (profile.isPremium()) {
+            plugin.getCore().sendLocaleMessage("remove-premium", sender);
+
+            profile.setPremium(false);
+            profile.setId(null);
+            plugin.getScheduler().runAsync(() -> {
+                plugin.getCore().getStorage().save(profile);
+                plugin.getServer().getPluginManager().callEvent(
+                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_OTHER));
+            });
+        } else {
+            plugin.getCore().sendLocaleMessage("not-premium", sender);
+        }
+    }
+
+    private void onCrackedOther(CommandSender sender, Command command, String[] args) {
+        if (!hasOtherPermission(sender, command)) {
+            return;
+        }
+
+        if (forwardCrackedCommand(sender, args[0])) {
+            return;
+        }
+
+        //todo: load async
+        StoredProfile profile = plugin.getCore().getStorage().loadProfile(args[0]);
+        if (profile == null) {
+            sender.sendMessage("Error occurred");
+            return;
+        }
+
+        //existing player is already cracked
+        if (profile.isSaved() && !profile.isPremium()) {
+            plugin.getCore().sendLocaleMessage("not-premium-other", sender);
+        } else {
+            plugin.getCore().sendLocaleMessage("remove-premium", sender);
+
+            profile.setPremium(false);
+            plugin.getScheduler().runAsync(() -> {
+                plugin.getCore().getStorage().save(profile);
+                plugin.getServer().getPluginManager().callEvent(
+                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_OTHER));
+            });
+        }
+    }
+
+    private boolean forwardCrackedCommand(CommandSender sender, String target) {
+        return forwardBungeeCommand(sender, target, false);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/PremiumCommand.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/PremiumCommand.java
@@ -0,0 +1,131 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.command;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPremiumToggleEvent;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent.PremiumToggleReason;
+
+import java.util.UUID;
+
+import org.bukkit.command.Command;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.jetbrains.annotations.NotNull;
+
+/**
+ * Let users activate fast login by command. This only be accessible if
+ * the user has access to its account. So we can make sure that not another
+ * person with a paid account and the same username can steal their account.
+ */
+public class PremiumCommand extends ToggleCommand {
+
+    public PremiumCommand(FastLoginBukkit plugin) {
+        super(plugin);
+    }
+
+    @Override
+    public boolean onCommand(@NotNull CommandSender sender, @NotNull Command command, @NotNull String label,
+                             String[] args) {
+        if (args.length == 0) {
+            onPremiumSelf(sender);
+        } else {
+            onPremiumOther(sender, command, args);
+        }
+
+        return true;
+    }
+
+    private void onPremiumSelf(CommandSender sender) {
+        if (isConsole(sender)) {
+            return;
+        }
+
+        if (forwardPremiumCommand(sender, sender.getName())) {
+            return;
+        }
+
+        UUID id = ((Player) sender).getUniqueId();
+        if (plugin.getConfig().getBoolean("premium-warning") && !plugin.getCore().getPendingConfirms().contains(id)) {
+            sender.sendMessage(plugin.getCore().getMessage("premium-warning"));
+            plugin.getCore().getPendingConfirms().add(id);
+            return;
+        }
+
+        plugin.getCore().getPendingConfirms().remove(id);
+        //todo: load async
+        StoredProfile profile = plugin.getCore().getStorage().loadProfile(sender.getName());
+        if (profile.isPremium()) {
+            plugin.getCore().sendLocaleMessage("already-exists", sender);
+        } else {
+            //todo: resolve uuid
+            profile.setPremium(true);
+            plugin.getScheduler().runAsync(() -> {
+                plugin.getCore().getStorage().save(profile);
+                plugin.getServer().getPluginManager().callEvent(
+                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_SELF));
+            });
+
+            plugin.getCore().sendLocaleMessage("add-premium", sender);
+        }
+    }
+
+    private void onPremiumOther(CommandSender sender, Command command, String[] args) {
+        if (!hasOtherPermission(sender, command)) {
+            return;
+        }
+
+        if (forwardPremiumCommand(sender, args[0])) {
+            return;
+        }
+
+        //todo: load async
+        StoredProfile profile = plugin.getCore().getStorage().loadProfile(args[0]);
+        if (profile == null) {
+            plugin.getCore().sendLocaleMessage("player-unknown", sender);
+            return;
+        }
+
+        if (profile.isPremium()) {
+            plugin.getCore().sendLocaleMessage("already-exists-other", sender);
+        } else {
+            //todo: resolve uuid
+            profile.setPremium(true);
+            plugin.getScheduler().runAsync(() -> {
+                plugin.getCore().getStorage().save(profile);
+                plugin.getServer().getPluginManager().callEvent(
+                        new BukkitFastLoginPremiumToggleEvent(profile, PremiumToggleReason.COMMAND_OTHER));
+            });
+
+            plugin.getCore().sendLocaleMessage("add-premium-other", sender);
+        }
+    }
+
+    private boolean forwardPremiumCommand(CommandSender sender, String target) {
+        return forwardBungeeCommand(sender, target, true);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/ToggleCommand.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/command/ToggleCommand.java
@@ -0,0 +1,94 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.command;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.message.ChangePremiumMessage;
+import com.github.games647.fastlogin.core.message.ChannelMessage;
+
+import java.util.Optional;
+
+import org.bukkit.Bukkit;
+import org.bukkit.command.Command;
+import org.bukkit.command.CommandExecutor;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.bukkit.plugin.messaging.PluginMessageRecipient;
+
+public abstract class ToggleCommand implements CommandExecutor {
+
+    protected final FastLoginBukkit plugin;
+
+    public ToggleCommand(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    protected boolean hasOtherPermission(CommandSender sender, Command cmd) {
+        if (sender.hasPermission(cmd.getPermission() + ".other")) {
+            return true;
+        }
+
+        plugin.getCore().sendLocaleMessage("no-permission", sender);
+        return false;
+    }
+
+    protected boolean forwardBungeeCommand(CommandSender sender, String target, boolean activate) {
+        if (plugin.getBungeeManager().isEnabled()) {
+            sendBungeeActivateMessage(sender, target, activate);
+            plugin.getCore().sendLocaleMessage("wait-on-proxy", sender);
+            return true;
+        }
+
+        return false;
+    }
+
+    protected boolean isConsole(CommandSender sender) {
+        if (sender instanceof Player) {
+            return false;
+        }
+
+        //console or command block
+        sender.sendMessage(plugin.getCore().getMessage("no-console"));
+        return true;
+    }
+
+    protected void sendBungeeActivateMessage(CommandSender invoker, String target, boolean activate) {
+        if (invoker instanceof PluginMessageRecipient) {
+            ChannelMessage message = new ChangePremiumMessage(target, activate, true);
+            plugin.getBungeeManager().sendPluginMessage((PluginMessageRecipient) invoker, message);
+        } else {
+            Optional<? extends Player> optPlayer = Bukkit.getServer().getOnlinePlayers().stream().findFirst();
+            if (!optPlayer.isPresent()) {
+                plugin.getLog().info("No player online to send a plugin message to the proxy");
+                return;
+            }
+
+            Player sender = optPlayer.get();
+            ChannelMessage message = new ChangePremiumMessage(target, activate, false);
+            plugin.getBungeeManager().sendPluginMessage(sender, message);
+        }
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginAutoLoginEvent.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginAutoLoginEvent.java
@@ -0,0 +1,79 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.event;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
+
+import org.bukkit.event.Cancellable;
+import org.bukkit.event.Event;
+import org.bukkit.event.HandlerList;
+import org.jetbrains.annotations.NotNull;
+
+public class BukkitFastLoginAutoLoginEvent extends Event implements FastLoginAutoLoginEvent, Cancellable {
+
+    private static final HandlerList HANDLERS = new HandlerList();
+    private final LoginSession session;
+    private final StoredProfile profile;
+    private boolean cancelled;
+
+    public BukkitFastLoginAutoLoginEvent(LoginSession session, StoredProfile profile) {
+        super(true);
+
+        this.session = session;
+        this.profile = profile;
+    }
+
+    @Override
+    public LoginSession getSession() {
+        return session;
+    }
+
+    @Override
+    public StoredProfile getProfile() {
+        return profile;
+    }
+
+    @Override
+    public boolean isCancelled() {
+        return cancelled;
+    }
+
+    @Override
+    public void setCancelled(boolean cancelled) {
+        this.cancelled = cancelled;
+    }
+
+    @Override
+    public @NotNull HandlerList getHandlers() {
+        return HANDLERS;
+    }
+
+    public static HandlerList getHandlerList() {
+        return HANDLERS;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginPreLoginEvent.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginPreLoginEvent.java
@@ -0,0 +1,74 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.event;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.LoginSource;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
+
+import org.bukkit.event.Event;
+import org.bukkit.event.HandlerList;
+import org.jetbrains.annotations.NotNull;
+
+public class BukkitFastLoginPreLoginEvent extends Event implements FastLoginPreLoginEvent {
+
+    private static final HandlerList HANDLERS = new HandlerList();
+    private final String username;
+    private final LoginSource source;
+    private final StoredProfile profile;
+
+    public BukkitFastLoginPreLoginEvent(String username, LoginSource source, StoredProfile profile) {
+        super(true);
+
+        this.username = username;
+        this.source = source;
+        this.profile = profile;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    @Override
+    public LoginSource getSource() {
+        return source;
+    }
+
+    @Override
+    public StoredProfile getProfile() {
+        return profile;
+    }
+
+    @Override
+    public @NotNull HandlerList getHandlers() {
+        return HANDLERS;
+    }
+
+    public static HandlerList getHandlerList() {
+        return HANDLERS;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginPremiumToggleEvent.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/event/BukkitFastLoginPremiumToggleEvent.java
@@ -0,0 +1,65 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.event;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent;
+
+import org.bukkit.event.Event;
+import org.bukkit.event.HandlerList;
+import org.jetbrains.annotations.NotNull;
+
+public class BukkitFastLoginPremiumToggleEvent extends Event implements FastLoginPremiumToggleEvent {
+
+    private static final HandlerList HANDLERS = new HandlerList();
+    private final StoredProfile profile;
+    private final PremiumToggleReason reason;
+
+    public BukkitFastLoginPremiumToggleEvent(StoredProfile profile, PremiumToggleReason reason) {
+        super(true);
+        this.profile = profile;
+        this.reason = reason;
+    }
+
+    @Override
+    public StoredProfile getProfile() {
+        return profile;
+    }
+
+    @Override
+    public PremiumToggleReason getReason() {
+        return reason;
+    }
+
+    @Override
+    public @NotNull HandlerList getHandlers() {
+        return HANDLERS;
+    }
+
+    public static HandlerList getHandlerList() {
+        return HANDLERS;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/AuthMeHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/AuthMeHook.java
@@ -0,0 +1,116 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import fr.xephi.authme.api.v3.AuthMeApi;
+import fr.xephi.authme.events.RestoreSessionEvent;
+import fr.xephi.authme.process.Management;
+import fr.xephi.authme.process.register.executors.ApiPasswordRegisterParams;
+import fr.xephi.authme.process.register.executors.RegistrationMethod;
+
+import java.lang.reflect.Field;
+
+import org.bukkit.entity.Player;
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.EventPriority;
+import org.bukkit.event.Listener;
+
+/**
+ * GitHub: <a href="https://github.com/Xephi/AuthMeReloaded/">...</a>
+ * <p>
+ * Project page:
+ * <p>
+ * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/authme-reloaded/">...</a>
+ * <p>
+ * Spigot: <a href="https://www.spigotmc.org/resources/authme-reloaded.6269/">...</a>
+ */
+public class AuthMeHook implements AuthPlugin<Player>, Listener {
+
+    private final FastLoginBukkit plugin;
+
+    private final AuthMeApi authmeAPI;
+    private Management authmeManagement;
+
+    public AuthMeHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+        this.authmeAPI = AuthMeApi.getInstance();
+
+        if (plugin.getCore().getConfig().getBoolean("respectIpLimit", false)) {
+            try {
+                Field managementField = this.authmeAPI.getClass().getDeclaredField("management");
+                managementField.setAccessible(true);
+                this.authmeManagement = (Management) managementField.get(this.authmeAPI);
+            } catch (NoSuchFieldException | IllegalAccessException exception) {
+                this.authmeManagement = null;
+            }
+        }
+    }
+
+    @EventHandler(priority = EventPriority.HIGHEST, ignoreCancelled = true)
+    public void onSessionRestore(RestoreSessionEvent restoreSessionEvent) {
+        Player player = restoreSessionEvent.getPlayer();
+
+        BukkitLoginSession session = plugin.getSession(player.spigot().getRawAddress());
+        if (session != null && session.isVerified()) {
+            restoreSessionEvent.setCancelled(true);
+        }
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        if (authmeAPI.isAuthenticated(player)) {
+            plugin.getLog().warn(ALREADY_AUTHENTICATED, player);
+            return false;
+        }
+
+        //skips registration and login
+        authmeAPI.forceLogin(player);
+        return true;
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        return authmeAPI.isRegistered(playerName);
+    }
+
+    @Override
+    //this automatically login the player too
+    public boolean forceRegister(Player player, String password) {
+        //if we have the management - we can trigger register with IP limit checks
+        if (authmeManagement != null) {
+            authmeManagement.performRegister(RegistrationMethod.PASSWORD_REGISTRATION,
+                    ApiPasswordRegisterParams.of(player, password, true));
+        } else {
+            authmeAPI.forceRegister(player, password);
+        }
+
+        return true;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/CrazyLoginHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/CrazyLoginHook.java
@@ -0,0 +1,142 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.FieldAccessor;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import de.st_ddt.crazylogin.CrazyLogin;
+import de.st_ddt.crazylogin.data.LoginPlayerData;
+import de.st_ddt.crazylogin.databases.CrazyLoginDataDatabase;
+import de.st_ddt.crazylogin.listener.PlayerListener;
+import de.st_ddt.crazylogin.metadata.Authenticated;
+
+import java.util.Optional;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Future;
+
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+
+/**
+ * GitHub: <a href="https://github.com/ST-DDT/CrazyLogin">...</a>
+ * <p>
+ * Project page:
+ * <p>
+ * Bukkit: <a href="https://dev.bukkit.org/server-mods/crazylogin/">...</a>
+ */
+public class CrazyLoginHook implements AuthPlugin<Player> {
+
+    private final FastLoginBukkit plugin;
+
+    private final CrazyLogin crazyLoginPlugin;
+    private final PlayerListener playerListener;
+
+    public CrazyLoginHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+
+        crazyLoginPlugin = CrazyLogin.getPlugin();
+        playerListener = getListener();
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        //not thread-safe operation
+        Future<Optional<LoginPlayerData>> future = Bukkit.getScheduler().callSyncMethod(plugin, () -> {
+            LoginPlayerData playerData = crazyLoginPlugin.getPlayerData(player);
+            if (playerData != null) {
+                //mark the account as logged in
+                playerData.setLoggedIn(true);
+
+                String ip = player.getAddress().getAddress().getHostAddress();
+//this should be done after login to restore the inventory, show players, prevent potential memory leaks...
+//from: https://github.com/ST-DDT/CrazyLogin/blob/master/src/main/java/de/st_ddt/crazylogin/CrazyLogin.java#L1948
+                playerData.resetLoginFails();
+                player.setFireTicks(0);
+
+                if (playerListener != null) {
+                    playerListener.removeMovementBlocker(player);
+                    playerListener.disableHidenInventory(player);
+                    playerListener.disableSaveLogin(player);
+                    playerListener.unhidePlayer(player);
+                }
+
+//loginFailuresPerIP.remove(IP);
+//illegalCommandUsesPerIP.remove(IP);
+//tempBans.remove(IP);
+                playerData.addIP(ip);
+                player.setMetadata("Authenticated", new Authenticated(crazyLoginPlugin, player));
+                crazyLoginPlugin.unregisterDynamicHooks();
+                return Optional.of(playerData);
+            }
+
+            return Optional.empty();
+        });
+
+        try {
+            Optional<LoginPlayerData> result = future.get().filter(LoginPlayerData::isLoggedIn);
+            if (result.isPresent()) {
+                //SQL-Queries should run async
+                crazyLoginPlugin.getCrazyDatabase().saveWithoutPassword(result.get());
+                return true;
+            }
+        } catch (InterruptedException | ExecutionException ex) {
+            plugin.getLog().error("Failed to forceLogin player: {}", player, ex);
+            return false;
+        }
+
+        return false;
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        return crazyLoginPlugin.getPlayerData(playerName) != null;
+    }
+
+    @Override
+    public boolean forceRegister(Player player, String password) {
+        CrazyLoginDataDatabase crazyDatabase = crazyLoginPlugin.getCrazyDatabase();
+
+        //this executes a sql query and accesses only thread safe collections, so we can run it async
+        LoginPlayerData playerData = crazyLoginPlugin.getPlayerData(player.getName());
+        if (playerData == null) {
+            //create a fake account - this will be saved to the database with the password=FAILEDLOADING
+            //user cannot log in with that password unless the admin uses plain text
+            //this automatically marks the player as logged in
+            crazyDatabase.save(new LoginPlayerData(player));
+            return forceLogin(player);
+        }
+
+        return false;
+    }
+
+    protected PlayerListener getListener() {
+        FieldAccessor accessor = Accessors.getFieldAccessor(crazyLoginPlugin.getClass(), PlayerListener.class, true);
+        return (PlayerListener) accessor.get(crazyLoginPlugin);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/LogItHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/LogItHook.java
@@ -0,0 +1,83 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import io.github.lucaseasedup.logit.CancelledState;
+import io.github.lucaseasedup.logit.LogItCore;
+import io.github.lucaseasedup.logit.account.Account;
+import io.github.lucaseasedup.logit.session.SessionManager;
+
+import java.time.Instant;
+
+import org.bukkit.entity.Player;
+
+/**
+ * GitHub: <a href="https://github.com/XziomekX/LogIt">...</a>
+ * <p>
+ * Project page:
+ * <p>
+ * Bukkit: Unknown
+ * <p>
+ * Spigot: Unknown
+ */
+public class LogItHook implements AuthPlugin<Player> {
+
+    private final FastLoginBukkit plugin;
+
+    public LogItHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        SessionManager sessionManager = LogItCore.getInstance().getSessionManager();
+        if (sessionManager.isSessionAlive(player)) {
+            plugin.getLog().warn(ALREADY_AUTHENTICATED, player);
+            return false;
+        }
+
+        return sessionManager.startSession(player) == CancelledState.NOT_CANCELLED;
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        return LogItCore.getInstance().getAccountManager().isRegistered(playerName);
+    }
+
+    @Override
+    public boolean forceRegister(Player player, String password) {
+        Account account = new Account(player.getName());
+        account.changePassword(password);
+
+        Instant now = Instant.now();
+        account.setLastActiveDate(now.getEpochSecond());
+        account.setRegistrationDate(now.getEpochSecond());
+        return LogItCore.getInstance().getAccountManager().insertAccount(account) == CancelledState.NOT_CANCELLED;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/LoginSecurityHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/LoginSecurityHook.java
@@ -0,0 +1,78 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+import com.lenis0012.bukkit.loginsecurity.LoginSecurity;
+import com.lenis0012.bukkit.loginsecurity.session.AuthService;
+import com.lenis0012.bukkit.loginsecurity.session.PlayerSession;
+import com.lenis0012.bukkit.loginsecurity.session.action.LoginAction;
+import com.lenis0012.bukkit.loginsecurity.session.action.RegisterAction;
+
+import org.bukkit.entity.Player;
+
+/**
+ * GitHub: <a href="https://github.com/lenis0012/LoginSecurity-2">...</a>
+ * <p>
+ * Project page:
+ * <p>
+ * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/loginsecurity/">...</a>
+ * <p>
+ * Spigot: <a href="https://www.spigotmc.org/resources/loginsecurity.19362/">...</a>
+ */
+public class LoginSecurityHook implements AuthPlugin<Player> {
+
+    private final FastLoginBukkit plugin;
+
+    public LoginSecurityHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        PlayerSession session = LoginSecurity.getSessionManager().getPlayerSession(player);
+        if (session.isAuthorized()) {
+            plugin.getLog().warn(ALREADY_AUTHENTICATED, player);
+            return true;
+        }
+
+        return session.isAuthorized()
+                || session.performAction(new LoginAction(AuthService.PLUGIN, plugin)).isSuccess();
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        PlayerSession session = LoginSecurity.getSessionManager().getOfflineSession(playerName);
+        return session.isRegistered();
+    }
+
+    @Override
+    public boolean forceRegister(Player player, String password) {
+        PlayerSession session = LoginSecurity.getSessionManager().getPlayerSession(player);
+        return session.performAction(new RegisterAction(AuthService.PLUGIN, plugin, password)).isSuccess();
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/UltraAuthHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/UltraAuthHook.java
@@ -0,0 +1,86 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Future;
+
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+import ultraauth.api.UltraAuthAPI;
+import ultraauth.managers.PlayerManager;
+
+/**
+ * Project page:
+ * <p>
+ * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/ultraauth-aa/">...</a>
+ * <p>
+ * Spigot: <a href="https://www.spigotmc.org/resources/ultraauth.17044/">...</a>
+ */
+public class UltraAuthHook implements AuthPlugin<Player> {
+
+    private final FastLoginBukkit plugin;
+
+    public UltraAuthHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        //not thread-safe
+        Future<Boolean> future = Bukkit.getScheduler().callSyncMethod(plugin, () -> {
+            if (UltraAuthAPI.isAuthenticated(player)) {
+                plugin.getLog().warn(ALREADY_AUTHENTICATED, player);
+                return false;
+            }
+
+            UltraAuthAPI.authenticatedPlayer(player);
+            return UltraAuthAPI.isAuthenticated(player);
+        });
+
+        try {
+            return future.get();
+        } catch (InterruptedException | ExecutionException ex) {
+            plugin.getLog().error("Failed to forceLogin player: {}", player, ex);
+            return false;
+        }
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        return UltraAuthAPI.isRegisterd(playerName);
+    }
+
+    @Override
+    public boolean forceRegister(Player player, String password) {
+        UltraAuthAPI.setPlayerPasswordOnline(player, password);
+        //the register method silents any exception so check if our entry was saved
+        return PlayerManager.getInstance().checkPlayerPassword(player, password) && forceLogin(player);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/XAuthHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/hook/XAuthHook.java
@@ -0,0 +1,112 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import de.luricos.bukkit.xAuth.xAuth;
+import de.luricos.bukkit.xAuth.xAuthPlayer;
+
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.Future;
+
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+
+/**
+ * GitHub: <a href="https://github.com/LycanDevelopment/xAuth/">...</a>
+ * <p>
+ * Project page:
+ * <p>
+ * Bukkit: <a href="https://dev.bukkit.org/bukkit-plugins/xauth/">...</a>
+ */
+public class XAuthHook implements AuthPlugin<Player> {
+
+    private final xAuth xAuthPlugin = xAuth.getPlugin();
+    private final FastLoginBukkit plugin;
+
+    public XAuthHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public boolean forceLogin(Player player) {
+        //not thread-safe
+        Future<Boolean> future = Bukkit.getScheduler().callSyncMethod(plugin, () -> {
+            xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(player);
+            if (xAuthPlayer != null) {
+                if (xAuthPlayer.isAuthenticated()) {
+                    plugin.getLog().warn(ALREADY_AUTHENTICATED, player);
+                    return false;
+                }
+
+                //we checked that the player is premium (paid account)
+                xAuthPlayer.setPremium(true);
+
+                //unprotect the inventory, op status...
+                return xAuthPlugin.getPlayerManager().doLogin(xAuthPlayer);
+            }
+
+            return false;
+        });
+
+        try {
+            return future.get();
+        } catch (InterruptedException | ExecutionException ex) {
+            plugin.getLog().error("Failed to forceLogin player: {}", player, ex);
+            return false;
+        }
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        //this will load the player if it's not in the cache
+        xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(playerName);
+        return xAuthPlayer != null && xAuthPlayer.isRegistered();
+    }
+
+    @Override
+    public boolean forceRegister(Player player, final String password) {
+        //not thread-safe
+        Future<Boolean> future = Bukkit.getScheduler().callSyncMethod(xAuthPlugin, () -> {
+            xAuthPlayer xAuthPlayer = xAuthPlugin.getPlayerManager().getPlayer(player);
+            //this should run async because the plugin executes a sql query, but the method
+            //accesses non thread-safe collections :(
+            return xAuthPlayer != null
+                    && xAuthPlugin.getAuthClass(xAuthPlayer).adminRegister(player.getName(), password, null);
+
+        });
+
+        try {
+            //login in the player after registration
+            return future.get() && forceLogin(player);
+        } catch (InterruptedException | ExecutionException ex) {
+            plugin.getLog().error("Failed to forceRegister player: {}", player, ex);
+            return false;
+        }
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeListener.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/BungeeListener.java
@@ -0,0 +1,140 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener;
+
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.task.ForceLoginTask;
+import com.github.games647.fastlogin.core.PremiumStatus;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+import com.github.games647.fastlogin.core.message.LoginActionMessage;
+import com.github.games647.fastlogin.core.message.LoginActionMessage.Type;
+import com.google.common.io.ByteArrayDataInput;
+import com.google.common.io.ByteStreams;
+
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+import org.bukkit.plugin.messaging.PluginMessageListener;
+import org.jetbrains.annotations.NotNull;
+
+/**
+ * Responsible for receiving messages from a BungeeCord instance.
+ * <p>
+ * This class also receives the plugin message from the bungeecord version of this plugin in order to get notified if
+ * the connection is in online mode.
+ */
+public class BungeeListener implements PluginMessageListener {
+
+    private final FastLoginBukkit plugin;
+
+    public BungeeListener(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public void onPluginMessageReceived(@NotNull String channel, Player player, byte[] message) {
+        ByteArrayDataInput dataInput = ByteStreams.newDataInput(message);
+
+        LoginActionMessage loginMessage = new LoginActionMessage();
+        loginMessage.readFrom(dataInput);
+
+        plugin.getLog().debug("Received plugin message {}", loginMessage);
+
+        Player targetPlayer = player;
+        if (!loginMessage.getPlayerName().equals(player.getName())) {
+            targetPlayer = Bukkit.getPlayerExact(loginMessage.getPlayerName());
+        }
+
+        if (targetPlayer == null) {
+            plugin.getLog().warn("Force action player {} not found", loginMessage.getPlayerName());
+            return;
+        }
+
+        // fail if target player is blocked because already authenticated or wrong bungeecord id
+        if (targetPlayer.hasMetadata(plugin.getName())) {
+            plugin.getLog().warn("Received message {} from a blocked player {}", loginMessage, targetPlayer);
+        } else {
+            UUID sourceId = loginMessage.getProxyId();
+            if (plugin.getBungeeManager().isProxyAllowed(sourceId)) {
+                readMessage(targetPlayer, loginMessage);
+            } else {
+                plugin.getLog().warn("Received proxy id: {} that doesn't exist in the proxy file", sourceId);
+            }
+        }
+    }
+
+    private void readMessage(Player player, LoginActionMessage message) {
+        String playerName = message.getPlayerName();
+        Type type = message.getType();
+
+        InetSocketAddress address = player.getAddress();
+        plugin.getLog().info("Player info {} command for {} from proxy", type, playerName);
+        if (type == Type.LOGIN) {
+            onLoginMessage(player, playerName, address);
+        } else if (type == Type.REGISTER) {
+            onRegisterMessage(player, playerName, address);
+        } else if (type == Type.CRACKED) {
+            //we don't start a force login task here so update it manually
+            plugin.getPremiumPlayers().put(player.getUniqueId(), PremiumStatus.CRACKED);
+        }
+    }
+
+    private void onLoginMessage(Player player, String playerName, InetSocketAddress address) {
+        BukkitLoginSession playerSession = new BukkitLoginSession(playerName, true);
+        startLoginTaskIfReady(player, playerSession);
+    }
+
+    private void onRegisterMessage(Player player, String playerName, InetSocketAddress address) {
+        Bukkit.getScheduler().runTaskAsynchronously(plugin, () -> {
+            AuthPlugin<Player> authPlugin = plugin.getCore().getAuthPluginHook();
+            try {
+                //we need to check if the player is registered on Bukkit too
+                if (authPlugin == null || !authPlugin.isRegistered(playerName)) {
+                    BukkitLoginSession playerSession = new BukkitLoginSession(playerName, false);
+                    startLoginTaskIfReady(player, playerSession);
+                }
+            } catch (Exception ex) {
+                plugin.getLog().error("Failed to query isRegistered for player: {}", player, ex);
+            }
+        });
+    }
+
+    private void startLoginTaskIfReady(Player player, BukkitLoginSession session) {
+        session.setVerified(true);
+        plugin.putSession(player.spigot().getRawAddress(), session);
+
+        // only start a new login task if the join event fired earlier. This event then didn't
+        boolean result = plugin.getBungeeManager().didJoinEventFired(player);
+        plugin.getLog().info("Delaying force login until join event fired?: {}", result);
+        if (result) {
+            Runnable forceLoginTask = new ForceLoginTask(plugin.getCore(), player, session);
+            Bukkit.getScheduler().runTaskAsynchronously(plugin, forceLoginTask);
+        }
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/ConnectionListener.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/ConnectionListener.java
@@ -0,0 +1,123 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener;
+
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.task.FloodgateAuthTask;
+import com.github.games647.fastlogin.bukkit.task.ForceLoginTask;
+import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
+
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.EventPriority;
+import org.bukkit.event.Listener;
+import org.bukkit.event.player.PlayerJoinEvent;
+import org.bukkit.event.player.PlayerLoginEvent;
+import org.bukkit.event.player.PlayerLoginEvent.Result;
+import org.bukkit.event.player.PlayerQuitEvent;
+import org.bukkit.metadata.Metadatable;
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
+
+/**
+ * This listener tells authentication plugins weather the player has a premium account. So the
+ * plugin can skip authentication.
+ */
+public class ConnectionListener implements Listener {
+
+    private static final long DELAY_LOGIN = 20L / 2;
+
+    private final FastLoginBukkit plugin;
+
+    public ConnectionListener(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @EventHandler(priority = EventPriority.LOWEST)
+    public void onPlayerLogin(PlayerLoginEvent loginEvent) {
+        removeBlockedStatus(loginEvent.getPlayer());
+        if (loginEvent.getResult() == Result.ALLOWED && !plugin.isServerFullyStarted()) {
+            loginEvent.disallow(Result.KICK_OTHER, plugin.getCore().getMessage("not-started"));
+        }
+    }
+
+    @EventHandler(ignoreCancelled = true)
+    public void onPlayerJoin(PlayerJoinEvent joinEvent) {
+        Player player = joinEvent.getPlayer();
+
+        Bukkit.getScheduler().runTaskLater(plugin, () -> {
+            delayForceLogin(player);
+            // delay the login process to let auth plugins initialize the player
+            // Magic number however as there is no direct event from those plugins
+        }, DELAY_LOGIN);
+    }
+
+    private void delayForceLogin(Player player) {
+        // session exists so the player is ready for force login
+        // cases: Paper (firing BungeeCord message before PlayerJoinEvent) or not running BungeeCord and already
+        // having the login session from the login process
+        BukkitLoginSession session = plugin.getSession(player.spigot().getRawAddress());
+
+        if (session == null) {
+            // Floodgate players usually don't have a session at this point
+            // exception: if force login by bungee message had been delayed
+            FloodgateService floodgateService = plugin.getFloodgateService();
+            if (floodgateService != null) {
+                FloodgatePlayer floodgatePlayer = floodgateService.getBedrockPlayer(player.getUniqueId());
+                if (floodgatePlayer != null) {
+                    Runnable floodgateAuthTask = new FloodgateAuthTask(plugin.getCore(), player, floodgatePlayer);
+                    Bukkit.getScheduler().runTaskAsynchronously(plugin, floodgateAuthTask);
+                    return;
+                }
+            }
+
+            String sessionId = plugin.getSessionId(player.spigot().getRawAddress());
+            plugin.getLog().info("No on-going login session for player: {} with ID {}. ", player, sessionId);
+            plugin.getLog().info("Setups using Minecraft proxies will start delayed "
+                + "when the command from the proxy is received");
+        } else {
+            Runnable forceLoginTask = new ForceLoginTask(plugin.getCore(), player, session);
+            Bukkit.getScheduler().runTaskAsynchronously(plugin, forceLoginTask);
+        }
+
+        plugin.getBungeeManager().markJoinEventFired(player);
+    }
+
+    @EventHandler
+    public void onPlayerQuit(PlayerQuitEvent quitEvent) {
+        Player player = quitEvent.getPlayer();
+
+        removeBlockedStatus(player);
+        plugin.getCore().getPendingConfirms().remove(player.getUniqueId());
+        plugin.getPremiumPlayers().remove(player.getUniqueId());
+        plugin.getBungeeManager().cleanup(player);
+    }
+
+    private void removeBlockedStatus(Metadatable player) {
+        player.removeMetadata(plugin.getName(), plugin);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/PaperCacheListener.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/PaperCacheListener.java
@@ -0,0 +1,67 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener;
+
+import com.destroystokyo.paper.profile.ProfileProperty;
+import com.github.games647.craftapi.model.skin.Textures;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.EventPriority;
+import org.bukkit.event.Listener;
+import org.bukkit.event.player.AsyncPlayerPreLoginEvent;
+import org.bukkit.event.player.AsyncPlayerPreLoginEvent.Result;
+
+public class PaperCacheListener implements Listener {
+
+    private final FastLoginBukkit plugin;
+
+    public PaperCacheListener(final FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @EventHandler(priority = EventPriority.HIGHEST)
+    //if paper is used - player skin must be set at pre login, otherwise user cache is used
+    // user cache makes premium name change basically impossible
+    public void onAsyncPlayerPreLogin(AsyncPlayerPreLoginEvent event) {
+        if (event.getLoginResult() != Result.ALLOWED) {
+            return;
+        }
+
+        // event gives us only IP, not the port, so we need to loop through all the sessions
+        for (BukkitLoginSession session : plugin.getLoginSessions().values()) {
+            if (!event.getName().equals(session.getUsername())) {
+                continue;
+            }
+
+            session.getSkin().ifPresent(skin -> event.getPlayerProfile().setProperty(new ProfileProperty(Textures.KEY,
+                    skin.getValue(), skin.getSignature())));
+            break;
+        }
+    }
+
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/EncryptionUtil.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/EncryptionUtil.java
@@ -0,0 +1,228 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.google.common.hash.Hasher;
+import com.google.common.hash.Hashing;
+import com.google.common.io.Resources;
+import com.google.common.primitives.Longs;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.Base64.Encoder;
+import java.util.Random;
+import java.util.UUID;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import lombok.val;
+
+/**
+ * Encryption and decryption minecraft util for connection between servers
+ * and paid Minecraft account clients.
+ */
+final class EncryptionUtil {
+
+    public static final int VERIFY_TOKEN_LENGTH = 4;
+    public static final String KEY_PAIR_ALGORITHM = "RSA";
+
+    private static final int RSA_LENGTH = 1_024;
+
+    private static final PublicKey MOJANG_SESSION_KEY;
+    private static final int LINE_LENGTH = 76;
+    private static final Encoder KEY_ENCODER = Base64.getMimeEncoder(
+            LINE_LENGTH, "\n".getBytes(StandardCharsets.UTF_8)
+    );
+    private static final int MILLISECOND_SIZE = 8;
+    private static final int UUID_SIZE = 2 * MILLISECOND_SIZE;
+
+    static {
+        try {
+            MOJANG_SESSION_KEY = loadMojangSessionKey();
+        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException ex) {
+            throw new RuntimeException("Failed to load Mojang session key", ex);
+        }
+    }
+
+    private EncryptionUtil() {
+        throw new RuntimeException("No instantiation of utility classes allowed");
+    }
+
+    /**
+     * Generate an RSA key pair
+     *
+     * @return The RSA key pair.
+     */
+    public static KeyPair generateKeyPair() {
+        try {
+            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_PAIR_ALGORITHM);
+
+            keyPairGenerator.initialize(RSA_LENGTH);
+            return keyPairGenerator.generateKeyPair();
+        } catch (NoSuchAlgorithmException nosuchalgorithmexception) {
+            // Should be existing in every vm
+            throw new ExceptionInInitializerError(nosuchalgorithmexception);
+        }
+    }
+
+    /**
+     * Generate a random token. This is used to verify that we are communicating with the same player
+     * in a login session.
+     *
+     * @param random random generator
+     * @return a token with 4 bytes long
+     */
+    public static byte[] generateVerifyToken(Random random) {
+        byte[] token = new byte[VERIFY_TOKEN_LENGTH];
+        random.nextBytes(token);
+        return token;
+    }
+
+    /**
+     * Generate the server id based on client and server data.
+     *
+     * @param serverId     session for the current login attempt
+     * @param sharedSecret shared secret between the client and the server
+     * @param publicKey    public key of the server
+     * @return the server id formatted as a hexadecimal string.
+     */
+    public static String getServerIdHashString(String serverId, SecretKey sharedSecret, PublicKey publicKey) {
+        byte[] serverHash = getServerIdHash(serverId, publicKey, sharedSecret);
+        return (new BigInteger(serverHash)).toString(16);
+    }
+
+    /**
+     * Decrypts the content and extracts the key spec.
+     *
+     * @param privateKey private server key
+     * @param sharedKey  the encrypted shared key
+     * @return shared secret key
+     */
+    public static SecretKey decryptSharedKey(PrivateKey privateKey, byte[] sharedKey)
+            throws NoSuchPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException,
+            BadPaddingException, InvalidKeyException {
+        return new SecretKeySpec(decrypt(privateKey, sharedKey), "AES");
+    }
+
+    public static boolean verifyClientKey(ClientPublicKey clientKey, Instant verifyTimestamp, UUID premiumId)
+            throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
+        if (clientKey.isExpired(verifyTimestamp)) {
+            return false;
+        }
+
+        Signature verifier = Signature.getInstance("SHA1withRSA");
+        // key of the signer
+        verifier.initVerify(MOJANG_SESSION_KEY);
+        verifier.update(toSignable(clientKey, premiumId));
+        return verifier.verify(clientKey.signature());
+    }
+
+    private static byte[] toSignable(ClientPublicKey clientPublicKey, UUID ownerPremiumId) {
+        if (ownerPremiumId == null) {
+            long expiry = clientPublicKey.expiry().toEpochMilli();
+            String encoded = KEY_ENCODER.encodeToString(clientPublicKey.key().getEncoded());
+            return (expiry + "-----BEGIN RSA PUBLIC KEY-----\n" + encoded + "\n-----END RSA PUBLIC KEY-----\n")
+                    .getBytes(StandardCharsets.US_ASCII);
+        }
+
+        byte[] keyData = clientPublicKey.key().getEncoded();
+        return ByteBuffer.allocate(keyData.length + UUID_SIZE + MILLISECOND_SIZE)
+                .putLong(ownerPremiumId.getMostSignificantBits())
+                .putLong(ownerPremiumId.getLeastSignificantBits())
+                .putLong(clientPublicKey.expiry().toEpochMilli())
+                .put(keyData)
+                .array();
+    }
+
+    public static boolean verifyNonce(byte[] expected, PrivateKey decryptionKey, byte[] encryptedNonce)
+            throws NoSuchPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException,
+            BadPaddingException, InvalidKeyException {
+        byte[] decryptedNonce = decrypt(decryptionKey, encryptedNonce);
+        return Arrays.equals(expected, decryptedNonce);
+    }
+
+    public static boolean verifySignedNonce(byte[] nonce, PublicKey clientKey, long signatureSalt, byte[] signature)
+            throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
+        Signature verifier = Signature.getInstance("SHA256withRSA");
+        // key of the signer
+        verifier.initVerify(clientKey);
+
+        verifier.update(nonce);
+        verifier.update(Longs.toByteArray(signatureSalt));
+        return verifier.verify(signature);
+    }
+
+    private static PublicKey loadMojangSessionKey()
+            throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
+        val keyUrl = FastLoginBukkit.class.getClassLoader().getResource("yggdrasil_session_pubkey.der");
+        val keyData = Resources.toByteArray(keyUrl);
+        val keySpec = new X509EncodedKeySpec(keyData);
+
+        return KeyFactory.getInstance("RSA").generatePublic(keySpec);
+    }
+
+    private static byte[] decrypt(PrivateKey key, byte[] data)
+            throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException,
+            IllegalBlockSizeException, BadPaddingException {
+        Cipher cipher = Cipher.getInstance(key.getAlgorithm());
+        cipher.init(Cipher.DECRYPT_MODE, key);
+        return cipher.doFinal(data);
+    }
+
+    private static byte[] getServerIdHash(String sessionId, PublicKey publicKey, SecretKey sharedSecret) {
+        @SuppressWarnings("deprecation")
+        Hasher hasher = Hashing.sha1().newHasher();
+
+        hasher.putBytes(sessionId.getBytes(StandardCharsets.ISO_8859_1));
+        hasher.putBytes(sharedSecret.getEncoded());
+        hasher.putBytes(publicKey.getEncoded());
+
+        return hasher.hash().asBytes();
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/NameCheckTask.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/NameCheckTask.java
@@ -0,0 +1,119 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.comphenix.protocol.ProtocolLibrary;
+import com.comphenix.protocol.events.PacketEvent;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPreLoginEvent;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.JoinManagement;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
+
+import java.security.PublicKey;
+import java.util.Random;
+
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+
+public class NameCheckTask extends JoinManagement<Player, CommandSender, ProtocolLibLoginSource>
+    implements Runnable {
+
+    private final FastLoginBukkit plugin;
+    private final PacketEvent packetEvent;
+
+    private final ClientPublicKey clientKey;
+    private final PublicKey serverKey;
+
+    private final Random random;
+
+    private final Player player;
+    private final String username;
+
+    public NameCheckTask(FastLoginBukkit plugin, Random random, Player player, PacketEvent packetEvent,
+                         String username, ClientPublicKey clientKey, PublicKey serverKey) {
+        super(plugin.getCore(), plugin.getCore().getAuthPluginHook(), plugin.getBedrockService());
+
+        this.plugin = plugin;
+        this.packetEvent = packetEvent;
+        this.clientKey = clientKey;
+        this.serverKey = serverKey;
+        this.random = random;
+        this.player = player;
+        this.username = username;
+    }
+
+    @Override
+    public void run() {
+        try {
+            super.onLogin(username, new ProtocolLibLoginSource(player, random, serverKey, clientKey));
+        } finally {
+            ProtocolLibrary.getProtocolManager().getAsynchronousManager().signalPacketTransmission(packetEvent);
+        }
+    }
+
+    @Override
+    public FastLoginPreLoginEvent callFastLoginPreLoginEvent(String username, ProtocolLibLoginSource source,
+                                                             StoredProfile profile) {
+        BukkitFastLoginPreLoginEvent event = new BukkitFastLoginPreLoginEvent(username, source, profile);
+        plugin.getServer().getPluginManager().callEvent(event);
+        return event;
+    }
+
+    //Minecraft server implementation
+    //https://github.com/bergerkiller/CraftSource/blob/master/net.minecraft.server/LoginListener.java#L161
+    @Override
+    public void requestPremiumLogin(ProtocolLibLoginSource source, StoredProfile profile,
+                                    String username, boolean registered) {
+        try {
+            source.enableOnlinemode();
+        } catch (Exception ex) {
+            plugin.getLog().error("Cannot send encryption packet. Falling back to cracked login for: {}", profile, ex);
+            return;
+        }
+
+        String ip = player.getAddress().getAddress().getHostAddress();
+        core.getPendingLogin().put(ip + username, new Object());
+
+        byte[] verify = source.getVerifyToken();
+        ClientPublicKey clientKey = source.getClientKey();
+
+        BukkitLoginSession playerSession = new BukkitLoginSession(username, verify, clientKey, registered, profile);
+        plugin.putSession(player.getAddress(), playerSession);
+        //cancel only if the player has a paid account otherwise login as normal offline player
+        synchronized (packetEvent.getAsyncMarker().getProcessingLock()) {
+            packetEvent.setCancelled(true);
+        }
+    }
+
+    @Override
+    public void startCrackedSession(ProtocolLibLoginSource source, StoredProfile profile, String username) {
+        BukkitLoginSession loginSession = new BukkitLoginSession(username, profile);
+        plugin.putSession(player.getAddress(), loginSession);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibListener.java
@@ -0,0 +1,331 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.comphenix.protocol.PacketType;
+import com.comphenix.protocol.ProtocolLibrary;
+import com.comphenix.protocol.events.PacketAdapter;
+import com.comphenix.protocol.events.PacketContainer;
+import com.comphenix.protocol.events.PacketEvent;
+import com.comphenix.protocol.injector.PacketFilterManager;
+import com.comphenix.protocol.injector.player.PlayerInjectionHandler;
+import com.comphenix.protocol.reflect.FuzzyReflection;
+import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.FieldAccessor;
+import com.comphenix.protocol.utility.MinecraftVersion;
+import com.comphenix.protocol.wrappers.BukkitConverters;
+import com.comphenix.protocol.wrappers.Converters;
+import com.comphenix.protocol.wrappers.WrappedGameProfile;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.github.games647.fastlogin.core.antibot.AntiBotService;
+import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
+import com.mojang.datafixers.util.Either;
+
+import io.netty.channel.Channel;
+import io.netty.channel.ChannelHandler;
+import io.netty.util.AttributeKey;
+
+import java.net.InetSocketAddress;
+import java.security.InvalidKeyException;
+import java.security.KeyPair;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.SignatureException;
+import java.time.Instant;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.function.Function;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+
+import lombok.val;
+import org.bukkit.entity.Player;
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
+
+import static com.comphenix.protocol.PacketType.Login.Client.ENCRYPTION_BEGIN;
+import static com.comphenix.protocol.PacketType.Login.Client.START;
+
+public class ProtocolLibListener extends PacketAdapter {
+
+    private final FastLoginBukkit plugin;
+    private final PlayerInjectionHandler handler;
+
+    //just create a new once on plugin enable. This used for verify token generation
+    private final SecureRandom random = new SecureRandom();
+    private final KeyPair keyPair = EncryptionUtil.generateKeyPair();
+    private final AntiBotService antiBotService;
+
+    private final boolean verifyClientKeys;
+
+    public ProtocolLibListener(FastLoginBukkit plugin, AntiBotService antiBotService, boolean verifyClientKeys) {
+        //run async in order to not block the server, because we are making api calls to Mojang
+        super(params()
+                .plugin(plugin)
+                .types(START, ENCRYPTION_BEGIN)
+                .optionAsync());
+
+        this.plugin = plugin;
+        this.antiBotService = antiBotService;
+        this.verifyClientKeys = verifyClientKeys;
+        this.handler = getHandler();
+    }
+
+    public static void register(FastLoginBukkit plugin, AntiBotService antiBotService, boolean verifyClientKeys) {
+        // they will be created with a static builder, because otherwise it will throw a NoClassDefFoundError
+        // TODO: make synchronous processing, but do web or database requests async
+        ProtocolLibrary.getProtocolManager()
+                .getAsynchronousManager()
+                .registerAsyncHandler(new ProtocolLibListener(plugin, antiBotService, verifyClientKeys))
+                .start();
+    }
+
+    @Override
+    public void onPacketReceiving(PacketEvent packetEvent) {
+        if (packetEvent.isCancelled()
+                || plugin.getCore().getAuthPluginHook() == null
+                || !plugin.isServerFullyStarted()) {
+            return;
+        }
+
+        plugin.getLog().info("New packet {} from {}", packetEvent.getPacketType(), packetEvent.getPlayer());
+
+        Player sender = packetEvent.getPlayer();
+        PacketType packetType = packetEvent.getPacketType();
+        if (packetType == START) {
+
+            if (plugin.getFloodgateService() != null) {
+                boolean success = processFloodgateTasks(packetEvent);
+                // don't continue execution if the player was kicked by Floodgate
+                if (!success) {
+                    return;
+                }
+            }
+
+            PacketContainer packet = packetEvent.getPacket();
+
+            InetSocketAddress address = sender.getAddress();
+            String username = getUsername(packet);
+
+            Action action = antiBotService.onIncomingConnection(address, username);
+            switch (action) {
+                case Ignore:
+                    // just ignore
+                    return;
+                case Block:
+                    String message = plugin.getCore().getMessage("kick-antibot");
+                    sender.kickPlayer(message);
+                    break;
+                case Continue:
+                default:
+                    //player.getName() won't work at this state
+                    onLoginStart(packetEvent, sender, username);
+                    break;
+            }
+        } else {
+            onEncryptionBegin(packetEvent, sender);
+        }
+    }
+
+    private void onEncryptionBegin(PacketEvent packetEvent, Player sender) {
+        byte[] sharedSecret = packetEvent.getPacket().getByteArrays().read(0);
+
+        BukkitLoginSession session = plugin.getSession(sender.getAddress());
+        if (session == null) {
+            plugin.getLog().warn("Profile {} tried to send encryption response at invalid state", sender.getAddress());
+            sender.kickPlayer(plugin.getCore().getMessage("invalid-request"));
+        } else {
+            byte[] expectedVerifyToken = session.getVerifyToken();
+            if (verifyNonce(sender, packetEvent.getPacket(), session.getClientPublicKey(), expectedVerifyToken)) {
+                packetEvent.getAsyncMarker().incrementProcessingDelay();
+
+                Runnable verifyTask = new VerifyResponseTask(
+                        plugin, packetEvent, sender, session, sharedSecret, keyPair
+                );
+                plugin.getScheduler().runAsync(verifyTask);
+            } else {
+                sender.kickPlayer(plugin.getCore().getMessage("invalid-verify-token"));
+            }
+        }
+    }
+
+    private boolean verifyNonce(Player sender, PacketContainer packet,
+                                ClientPublicKey clientPublicKey, byte[] expectedToken) {
+        try {
+            if (new MinecraftVersion(1, 19, 0).atOrAbove()
+                    && !(new MinecraftVersion(1, 19, 3).atOrAbove())) {
+                Either<byte[], ?> either = packet.getSpecificModifier(Either.class).read(0);
+                if (clientPublicKey == null) {
+                    Optional<byte[]> left = either.left();
+                    if (!left.isPresent()) {
+                        plugin.getLog().error("No verify token sent if requested without player signed key {}", sender);
+                        return false;
+                    }
+
+                    return EncryptionUtil.verifyNonce(expectedToken, keyPair.getPrivate(), left.get());
+                } else {
+                    Optional<?> optSignatureData = either.right();
+                    if (!optSignatureData.isPresent()) {
+                        plugin.getLog().error("No signature given to sent player signing key {}", sender);
+                        return false;
+                    }
+
+                    Object signatureData = optSignatureData.get();
+                    long salt = FuzzyReflection.getFieldValue(signatureData, Long.TYPE, true);
+                    byte[] signature = FuzzyReflection.getFieldValue(signatureData, byte[].class, true);
+
+                    PublicKey publicKey = clientPublicKey.key();
+                    return EncryptionUtil.verifySignedNonce(expectedToken, publicKey, salt, signature);
+                }
+            } else {
+                byte[] nonce = packet.getByteArrays().read(1);
+                return EncryptionUtil.verifyNonce(expectedToken, keyPair.getPrivate(), nonce);
+            }
+        } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException | NoSuchPaddingException
+                 | IllegalBlockSizeException | BadPaddingException signatureEx) {
+            plugin.getLog().error("Invalid signature from player {}", sender, signatureEx);
+            return false;
+        }
+    }
+
+    private void onLoginStart(PacketEvent packetEvent, Player player, String username) {
+        //this includes ip:port. Should be unique for an incoming login request with a timeout of 2 minutes
+        String sessionKey = player.getAddress().toString();
+
+        //remove old data every time on a new login in order to keep the session only for one person
+        plugin.removeSession(player.getAddress());
+
+        PacketContainer packet = packetEvent.getPacket();
+        Optional<ClientPublicKey> clientKey;
+        if (new MinecraftVersion(1, 19, 3).atOrAbove()) {
+            // public key sent separate
+            clientKey = Optional.empty();
+        } else {
+            val profileKey = packet.getOptionals(BukkitConverters.getWrappedPublicKeyDataConverter())
+                    .optionRead(0);
+
+            clientKey = profileKey.flatMap(Function.identity()).flatMap(data -> {
+                Instant expires = data.getExpireTime();
+                PublicKey key = data.getKey();
+                byte[] signature = data.getSignature();
+                return Optional.of(ClientPublicKey.of(expires, key, signature));
+            });
+
+            // start reading from index 1, because 0 is already used by the public key
+            Optional<UUID> sessionUUID = packet.getOptionals(Converters.passthrough(UUID.class)).readSafely(1);
+            if (verifyClientKeys && sessionUUID.isPresent() && clientKey.isPresent()
+                    && verifyPublicKey(clientKey.get(), sessionUUID.get())) {
+                // missing or incorrect
+                // expired always not allowed
+                player.kickPlayer(plugin.getCore().getMessage("invalid-public-key"));
+                plugin.getLog().warn("Invalid public key from player {}", username);
+                return;
+            }
+        }
+
+        plugin.getLog().trace("GameProfile {} with {} connecting", sessionKey, username);
+
+        packetEvent.getAsyncMarker().incrementProcessingDelay();
+        Runnable nameCheckTask = new NameCheckTask(
+                plugin, random, player, packetEvent, username, clientKey.orElse(null), keyPair.getPublic()
+        );
+        plugin.getScheduler().runAsync(nameCheckTask);
+    }
+
+    private boolean verifyPublicKey(ClientPublicKey clientKey, UUID sessionPremiumUUID) {
+        try {
+            return EncryptionUtil.verifyClientKey(clientKey, Instant.now(), sessionPremiumUUID);
+        } catch (SignatureException | InvalidKeyException | NoSuchAlgorithmException ex) {
+            return false;
+        }
+    }
+
+    private String getUsername(PacketContainer packet) {
+        WrappedGameProfile profile = packet.getGameProfiles().readSafely(0);
+        if (profile == null) {
+            return packet.getStrings().read(0);
+        }
+
+        //player.getName() won't work at this state
+        return profile.getName();
+    }
+
+    private static PlayerInjectionHandler getHandler() {
+        PacketFilterManager manager = (PacketFilterManager) ProtocolLibrary.getProtocolManager();
+        FieldAccessor accessor = Accessors.getFieldAccessor(manager.getClass(), PlayerInjectionHandler.class, true);
+        return (PlayerInjectionHandler) accessor.get(manager);
+    }
+
+    private FloodgatePlayer getFloodgatePlayer(Player player) {
+        Channel channel = handler.getChannel(player);
+        AttributeKey<FloodgatePlayer> floodgateAttribute = AttributeKey.valueOf("floodgate-player");
+        return channel.attr(floodgateAttribute).get();
+    }
+
+    /**
+     * Reimplementation of the tasks injected Floodgate in ProtocolLib that are not run due to a bug
+     * @see <a href="https://github.com/GeyserMC/Floodgate/issues/143">Issue Floodgate#143</a>
+     * @see <a href="https://github.com/GeyserMC/Floodgate/blob/5d5713ed9e9eeab0f4abdaa9cf5cd8619dc1909b/spigot/src/main/java/org/geysermc/floodgate/addon/data/SpigotDataHandler.java#L121-L175">Floodgate/SpigotDataHandler</a>
+     * @param packetEvent the PacketEvent that won't be processed by Floodgate
+     * @return false if the player was kicked
+     */
+    private boolean processFloodgateTasks(PacketEvent packetEvent) {
+        PacketContainer packet = packetEvent.getPacket();
+        Player player = packetEvent.getPlayer();
+        FloodgatePlayer floodgatePlayer = getFloodgatePlayer(player);
+        if (floodgatePlayer == null) {
+            return true;
+        }
+
+        // kick the player, if necessary
+        Channel channel = handler.getChannel(packetEvent.getPlayer());
+        AttributeKey<String> kickMessageAttribute = AttributeKey.valueOf("floodgate-kick-message");
+        String kickMessage = channel.attr(kickMessageAttribute).get();
+        if (kickMessage != null) {
+            player.kickPlayer(kickMessage);
+            return false;
+        }
+
+        // add prefix
+        String username = floodgatePlayer.getCorrectUsername();
+        if (packet.getGameProfiles().size() > 0) {
+            packet.getGameProfiles().write(0,
+                    new WrappedGameProfile(floodgatePlayer.getCorrectUniqueId(), username));
+        } else {
+            packet.getStrings().write(0, username);
+        }
+
+        // remove real Floodgate data handler
+        ChannelHandler floodgateHandler = channel.pipeline().get("floodgate_data_handler");
+        channel.pipeline().remove(floodgateHandler);
+
+        return true;
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibLoginSource.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ProtocolLibLoginSource.java
@@ -0,0 +1,136 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.comphenix.protocol.ProtocolLibrary;
+import com.comphenix.protocol.ProtocolManager;
+import com.comphenix.protocol.events.PacketContainer;
+import com.comphenix.protocol.reflect.StructureModifier;
+import com.comphenix.protocol.wrappers.WrappedChatComponent;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.github.games647.fastlogin.core.shared.LoginSource;
+
+import java.net.InetSocketAddress;
+import java.security.PublicKey;
+import java.util.Arrays;
+import java.util.Random;
+
+import org.bukkit.entity.Player;
+
+import static com.comphenix.protocol.PacketType.Login.Server.DISCONNECT;
+import static com.comphenix.protocol.PacketType.Login.Server.ENCRYPTION_BEGIN;
+
+class ProtocolLibLoginSource implements LoginSource {
+
+    private final Player player;
+
+    private final Random random;
+
+    private final ClientPublicKey clientKey;
+    private final PublicKey publicKey;
+
+    private final String serverId = "";
+    private byte[] verifyToken;
+
+    ProtocolLibLoginSource(Player player, Random random, PublicKey serverPublicKey, ClientPublicKey clientKey) {
+        this.player = player;
+        this.random = random;
+        this.publicKey = serverPublicKey;
+        this.clientKey = clientKey;
+    }
+
+    @Override
+    public void enableOnlinemode() {
+        verifyToken = EncryptionUtil.generateVerifyToken(random);
+
+        /*
+         * Packet Information: https://wiki.vg/Protocol#Encryption_Request
+         *
+         * ServerID="" (String) key=public server key verifyToken=random 4 byte array
+         */
+        PacketContainer newPacket = new PacketContainer(ENCRYPTION_BEGIN);
+
+        newPacket.getStrings().write(0, serverId);
+        StructureModifier<PublicKey> keyModifier = newPacket.getSpecificModifier(PublicKey.class);
+        int verifyField = 0;
+        if (keyModifier.getFields().isEmpty()) {
+            // Since 1.16.4 this is now a byte field
+            newPacket.getByteArrays().write(0, publicKey.getEncoded());
+            verifyField++;
+        } else {
+            keyModifier.write(0, publicKey);
+        }
+
+        newPacket.getByteArrays().write(verifyField, verifyToken);
+
+        //serverId is an empty string
+        ProtocolLibrary.getProtocolManager().sendServerPacket(player, newPacket);
+    }
+
+    @Override
+    public void kick(String message) {
+        ProtocolManager protocolManager = ProtocolLibrary.getProtocolManager();
+
+        PacketContainer kickPacket = new PacketContainer(DISCONNECT);
+        kickPacket.getChatComponents().write(0, WrappedChatComponent.fromText(message));
+
+        try {
+            //send kick packet at login state
+            //the normal event.getPlayer.kickPlayer(String) method does only work at play state
+            protocolManager.sendServerPacket(player, kickPacket);
+        } finally {
+            //tell the server that we want to close the connection
+            player.kickPlayer("Disconnect");
+        }
+    }
+
+    @Override
+    public InetSocketAddress getAddress() {
+        return player.getAddress();
+    }
+
+    public ClientPublicKey getClientKey() {
+        return clientKey;
+    }
+
+    public String getServerId() {
+        return serverId;
+    }
+
+    public byte[] getVerifyToken() {
+        return verifyToken.clone();
+    }
+
+    @Override
+    public String toString() {
+        return this.getClass().getSimpleName() + '{'
+            + "player=" + player
+            + ", random=" + random
+            + ", serverId='" + serverId + '\''
+            + ", verifyToken=" + Arrays.toString(verifyToken)
+            + '}';
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SkinApplyListener.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SkinApplyListener.java
@@ -0,0 +1,74 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.comphenix.protocol.wrappers.WrappedGameProfile;
+import com.comphenix.protocol.wrappers.WrappedSignedProperty;
+import com.github.games647.craftapi.model.skin.Textures;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+
+import org.bukkit.entity.Player;
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.EventPriority;
+import org.bukkit.event.Listener;
+import org.bukkit.event.player.PlayerLoginEvent;
+import org.bukkit.event.player.PlayerLoginEvent.Result;
+
+public class SkinApplyListener implements Listener {
+
+    private final FastLoginBukkit plugin;
+
+    public SkinApplyListener(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @EventHandler(priority = EventPriority.LOW)
+    //run this on the loginEvent to let skins plugins see the skin like in normal Minecraft behaviour
+    public void onPlayerLogin(PlayerLoginEvent loginEvent) {
+        if (loginEvent.getResult() != Result.ALLOWED) {
+            return;
+        }
+
+        Player player = loginEvent.getPlayer();
+
+        //go through every session, because player.getAddress is null
+        //loginEvent.getAddress is just a InetAddress not InetSocketAddress, so not unique enough
+        for (BukkitLoginSession session : plugin.getLoginSessions().values()) {
+            if (session.getUsername().equals(player.getName())) {
+                session.getSkin().ifPresent(skin -> applySkin(player, skin.getValue(), skin.getSignature()));
+                break;
+            }
+        }
+    }
+
+    private void applySkin(Player player, String skinData, String signature) {
+        WrappedGameProfile gameProfile = WrappedGameProfile.fromPlayer(player);
+
+        WrappedSignedProperty skin = WrappedSignedProperty.fromValues(Textures.KEY, skinData, signature);
+        gameProfile.getProperties().put(Textures.KEY, skin);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java
@@ -0,0 +1,298 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.comphenix.protocol.ProtocolLibrary;
+import com.comphenix.protocol.events.PacketContainer;
+import com.comphenix.protocol.events.PacketEvent;
+import com.comphenix.protocol.injector.packet.PacketRegistry;
+import com.comphenix.protocol.injector.temporary.TemporaryPlayerFactory;
+import com.comphenix.protocol.reflect.EquivalentConverter;
+import com.comphenix.protocol.reflect.FuzzyReflection;
+import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.ConstructorAccessor;
+import com.comphenix.protocol.reflect.accessors.FieldAccessor;
+import com.comphenix.protocol.utility.MinecraftReflection;
+import com.comphenix.protocol.utility.MinecraftVersion;
+import com.comphenix.protocol.wrappers.BukkitConverters;
+import com.comphenix.protocol.wrappers.WrappedChatComponent;
+import com.comphenix.protocol.wrappers.WrappedGameProfile;
+import com.comphenix.protocol.wrappers.WrappedProfilePublicKey.WrappedProfileKeyData;
+import com.github.games647.craftapi.model.auth.Verification;
+import com.github.games647.craftapi.model.skin.SkinProperty;
+import com.github.games647.craftapi.resolver.MojangResolver;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+
+import java.io.IOException;
+import java.lang.reflect.Method;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.util.Arrays;
+import java.util.Optional;
+import java.util.UUID;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+
+import lombok.val;
+import org.bukkit.entity.Player;
+
+import static com.comphenix.protocol.PacketType.Login.Client.START;
+import static com.comphenix.protocol.PacketType.Login.Server.DISCONNECT;
+
+public class VerifyResponseTask implements Runnable {
+
+    private static final String ENCRYPTION_CLASS_NAME = "MinecraftEncryption";
+    private static final Class<?> ENCRYPTION_CLASS;
+
+    static {
+        ENCRYPTION_CLASS = MinecraftReflection.getMinecraftClass(
+            "util." + ENCRYPTION_CLASS_NAME, ENCRYPTION_CLASS_NAME
+        );
+    }
+
+    private final FastLoginBukkit plugin;
+    private final PacketEvent packetEvent;
+    private final KeyPair serverKey;
+
+    private final Player player;
+
+    private final BukkitLoginSession session;
+
+    private final byte[] sharedSecret;
+
+    private static Method encryptMethod;
+    private static Method cipherMethod;
+
+    public VerifyResponseTask(FastLoginBukkit plugin, PacketEvent packetEvent,
+                              Player player, BukkitLoginSession session,
+                              byte[] sharedSecret, KeyPair keyPair) {
+        this.plugin = plugin;
+        this.packetEvent = packetEvent;
+        this.player = player;
+        this.session = session;
+        this.sharedSecret = Arrays.copyOf(sharedSecret, sharedSecret.length);
+        this.serverKey = keyPair;
+    }
+
+    @Override
+    public void run() {
+        try {
+            verifyResponse(session);
+        } finally {
+            //this is a fake packet; it shouldn't be sent to the server
+            synchronized (packetEvent.getAsyncMarker().getProcessingLock()) {
+                packetEvent.setCancelled(true);
+            }
+
+            ProtocolLibrary.getProtocolManager().getAsynchronousManager().signalPacketTransmission(packetEvent);
+        }
+    }
+
+    private void verifyResponse(BukkitLoginSession session) {
+        PrivateKey privateKey = serverKey.getPrivate();
+
+        SecretKey loginKey;
+        try {
+            loginKey = EncryptionUtil.decryptSharedKey(privateKey, sharedSecret);
+        } catch (GeneralSecurityException securityEx) {
+            disconnect("error-kick", "Cannot decrypt received contents", securityEx);
+            return;
+        }
+
+        try {
+            if (!enableEncryption(loginKey)) {
+                return;
+            }
+        } catch (Exception ex) {
+            disconnect("error-kick", "Cannot decrypt received contents", ex);
+            return;
+        }
+
+        String serverId = EncryptionUtil.getServerIdHashString("", loginKey, serverKey.getPublic());
+
+        String requestedUsername = session.getRequestUsername();
+        InetSocketAddress socketAddress = player.getAddress();
+        try {
+            MojangResolver resolver = plugin.getCore().getResolver();
+            InetAddress address = socketAddress.getAddress();
+            Optional<Verification> response = resolver.hasJoined(requestedUsername, serverId, address);
+            if (response.isPresent()) {
+                encryptConnection(session, requestedUsername, response.get());
+            } else {
+                //user tried to fake an authentication
+                disconnect(
+                    "invalid-session",
+                    "GameProfile {} ({}) tried to log in with an invalid session. ServerId: {}",
+                    session.getRequestUsername(), socketAddress, serverId
+                );
+            }
+        } catch (IOException ioEx) {
+            disconnect("error-kick", "Failed to connect to session server", ioEx);
+        }
+    }
+
+    private void encryptConnection(BukkitLoginSession session, String requestedUsername, Verification verification) {
+        plugin.getLog().info("Profile {} has a verified premium account", requestedUsername);
+        String realUsername = verification.getName();
+        if (realUsername == null) {
+            disconnect("invalid-session", "Username field null for {}", requestedUsername);
+            return;
+        }
+
+        SkinProperty[] properties = verification.getProperties();
+        if (properties.length > 0) {
+            session.setSkinProperty(properties[0]);
+        }
+
+        session.setVerifiedUsername(realUsername);
+        session.setUuid(verification.getId());
+        session.setVerified(true);
+
+        setPremiumUUID(session.getUuid());
+        receiveFakeStartPacket(realUsername, session.getClientPublicKey());
+    }
+
+    private void setPremiumUUID(UUID premiumUUID) {
+        if (plugin.getConfig().getBoolean("premiumUuid") && premiumUUID != null) {
+            try {
+                Object networkManager = getNetworkManager();
+                //https://github.com/bergerkiller/CraftSource/blob/master/net.minecraft.server/NetworkManager.java#L69
+
+                Class<?> managerClass = networkManager.getClass();
+                FieldAccessor accessor = Accessors.getFieldAccessorOrNull(managerClass, "spoofedUUID", UUID.class);
+                accessor.set(networkManager, premiumUUID);
+            } catch (Exception exc) {
+                plugin.getLog().error("Error setting premium uuid of {}", player, exc);
+            }
+        }
+    }
+
+    //try to get the networkManager from ProtocolLib
+    private Object getNetworkManager() throws ClassNotFoundException {
+        Object injectorContainer = TemporaryPlayerFactory.getInjectorFromPlayer(player);
+
+        // ChannelInjector
+        Class<?> injectorClass = Class.forName("com.comphenix.protocol.injector.netty.Injector");
+        Object rawInjector = FuzzyReflection.getFieldValue(injectorContainer, injectorClass, true);
+
+        Class<?> rawInjectorClass = rawInjector.getClass();
+        FieldAccessor accessor = Accessors.getFieldAccessorOrNull(rawInjectorClass, "networkManager", Object.class);
+        return accessor.get(rawInjector);
+    }
+
+    private boolean enableEncryption(SecretKey loginKey) throws IllegalArgumentException {
+        plugin.getLog().info("Enabling onlinemode encryption for {}", player.getAddress());
+        // Initialize method reflections
+        if (encryptMethod == null) {
+            Class<?> networkManagerClass = MinecraftReflection.getNetworkManagerClass();
+
+            try {
+                // Try to get the old (pre MC 1.16.4) encryption method
+                encryptMethod = FuzzyReflection.fromClass(networkManagerClass)
+                    .getMethodByParameters("a", SecretKey.class);
+            } catch (IllegalArgumentException exception) {
+                // Get the new encryption method
+                encryptMethod = FuzzyReflection.fromClass(networkManagerClass)
+                    .getMethodByParameters("a", Cipher.class, Cipher.class);
+
+                // Get the needed Cipher helper method (used to generate ciphers from login key)
+                cipherMethod = FuzzyReflection.fromClass(ENCRYPTION_CLASS)
+                    .getMethodByParameters("a", int.class, Key.class);
+            }
+        }
+
+        try {
+            Object networkManager = this.getNetworkManager();
+
+            // If cipherMethod is null - use old encryption (pre MC 1.16.4), otherwise use the new cipher one
+            if (cipherMethod == null) {
+                // Encrypt/decrypt packet flow, this behaviour is expected by the client
+                encryptMethod.invoke(networkManager, loginKey);
+            } else {
+                // Create ciphers from login key
+                Object decryptionCipher = cipherMethod.invoke(null, Cipher.DECRYPT_MODE, loginKey);
+                Object encryptionCipher = cipherMethod.invoke(null, Cipher.ENCRYPT_MODE, loginKey);
+
+                // Encrypt/decrypt packet flow, this behaviour is expected by the client
+                encryptMethod.invoke(networkManager, decryptionCipher, encryptionCipher);
+            }
+        } catch (Exception ex) {
+            disconnect("error-kick", "Couldn't enable encryption", ex);
+            return false;
+        }
+
+        return true;
+    }
+
+    private void disconnect(String reasonKey, String logMessage, Object... arguments) {
+        plugin.getLog().error(logMessage, arguments);
+        kickPlayer(plugin.getCore().getMessage(reasonKey));
+    }
+
+    private void kickPlayer(String reason) {
+        PacketContainer kickPacket = new PacketContainer(DISCONNECT);
+        kickPacket.getChatComponents().write(0, WrappedChatComponent.fromText(reason));
+        //send kick packet at login state
+        //the normal event.getPlayer.kickPlayer(String) method does only work at play state
+        ProtocolLibrary.getProtocolManager().sendServerPacket(player, kickPacket);
+        //tell the server that we want to close the connection
+        player.kickPlayer("Disconnect");
+    }
+
+    //fake a new login packet in order to let the server handle all the other stuff
+    private void receiveFakeStartPacket(String username, ClientPublicKey clientKey) {
+        PacketContainer startPacket;
+        if (new MinecraftVersion(1, 19, 0).atOrAbove()) {
+            startPacket = new PacketContainer(START);
+            startPacket.getStrings().write(0, username);
+
+            EquivalentConverter<WrappedProfileKeyData> converter = BukkitConverters.getWrappedPublicKeyDataConverter();
+            val wrappedKey = Optional.ofNullable(clientKey).map(key ->
+                new WrappedProfileKeyData(clientKey.expiry(), clientKey.key(), clientKey.signature())
+            );
+
+            startPacket.getOptionals(converter).write(0, wrappedKey);
+        } else {
+            //uuid is ignored by the packet definition
+            WrappedGameProfile fakeProfile = new WrappedGameProfile(UUID.randomUUID(), username);
+
+            Class<?> profileHandleType = fakeProfile.getHandleType();
+            Class<?> packetHandleType = PacketRegistry.getPacketClassFromType(START);
+            ConstructorAccessor startCons = Accessors.getConstructorAccessorOrNull(packetHandleType, profileHandleType);
+            startPacket = new PacketContainer(START, startCons.invoke(fakeProfile.getHandle()));
+        }
+
+        //we don't want to handle our own packets so ignore filters
+        ProtocolLibrary.getProtocolManager().receiveClientPacket(player, startPacket, false);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/packet/ClientPublicKey.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/packet/ClientPublicKey.java
@@ -0,0 +1,55 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib.packet;
+
+import java.security.PublicKey;
+import java.time.Instant;
+import java.util.Base64;
+import java.util.StringJoiner;
+
+import lombok.Value;
+import lombok.experimental.Accessors;
+
+@Accessors(fluent = true)
+@Value(staticConstructor = "of")
+public class ClientPublicKey {
+    Instant expiry;
+    PublicKey key;
+    byte[] signature;
+
+    public boolean isExpired(Instant verifyTimestamp) {
+        return !verifyTimestamp.isBefore(expiry);
+    }
+
+    @Override
+    public String toString() {
+        return new StringJoiner(", ", ClientPublicKey.class.getSimpleName() + '[', "]")
+                .add("expiry=" + expiry)
+                .add("key=" + Base64.getEncoder().encodeToString(key.getEncoded()))
+                .add("signature=" + Base64.getEncoder().encodeToString(signature))
+                .toString();
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocolsupport/ProtocolLoginSource.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocolsupport/ProtocolLoginSource.java
@@ -0,0 +1,67 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocolsupport;
+
+import com.github.games647.fastlogin.core.shared.LoginSource;
+
+import java.net.InetSocketAddress;
+
+import protocolsupport.api.events.PlayerLoginStartEvent;
+
+public class ProtocolLoginSource implements LoginSource {
+
+    private final PlayerLoginStartEvent loginStartEvent;
+
+    public ProtocolLoginSource(PlayerLoginStartEvent loginStartEvent) {
+        this.loginStartEvent = loginStartEvent;
+    }
+
+    @Override
+    public void enableOnlinemode() {
+        loginStartEvent.setOnlineMode(true);
+    }
+
+    @Override
+    public void kick(String message) {
+        loginStartEvent.denyLogin(message);
+    }
+
+    @Override
+    public InetSocketAddress getAddress() {
+        return loginStartEvent.getConnection().getRawAddress();
+    }
+
+    public PlayerLoginStartEvent getLoginStartEvent() {
+        return loginStartEvent;
+    }
+
+    @Override
+    public String toString() {
+        return this.getClass().getSimpleName() + '{'
+            + "loginStartEvent=" + loginStartEvent
+            + '}';
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocolsupport/ProtocolSupportListener.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocolsupport/ProtocolSupportListener.java
@@ -0,0 +1,140 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocolsupport;
+
+import com.github.games647.craftapi.UUIDAdapter;
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginPreLoginEvent;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.antibot.AntiBotService;
+import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
+import com.github.games647.fastlogin.core.shared.JoinManagement;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
+
+import java.net.InetSocketAddress;
+import java.util.Optional;
+
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.Listener;
+import protocolsupport.api.events.ConnectionCloseEvent;
+import protocolsupport.api.events.PlayerLoginStartEvent;
+import protocolsupport.api.events.PlayerProfileCompleteEvent;
+
+public class ProtocolSupportListener extends JoinManagement<Player, CommandSender, ProtocolLoginSource>
+        implements Listener {
+
+    private final FastLoginBukkit plugin;
+    private final AntiBotService antiBotService;
+
+    public ProtocolSupportListener(FastLoginBukkit plugin, AntiBotService antiBotService) {
+        super(plugin.getCore(), plugin.getCore().getAuthPluginHook(), plugin.getBedrockService());
+
+        this.plugin = plugin;
+        this.antiBotService = antiBotService;
+    }
+
+    @EventHandler
+    public void onLoginStart(PlayerLoginStartEvent loginStartEvent) {
+        if (loginStartEvent.isLoginDenied() || plugin.getCore().getAuthPluginHook() == null) {
+            return;
+        }
+
+        String username = loginStartEvent.getConnection().getProfile().getName();
+        InetSocketAddress address = loginStartEvent.getConnection().getRawAddress();
+        plugin.getLog().info("Incoming login request for {} from {}", username, address);
+
+        Action action = antiBotService.onIncomingConnection(address, username);
+        switch (action) {
+            case Ignore:
+                // just ignore
+                return;
+            case Block:
+                String message = plugin.getCore().getMessage("kick-antibot");
+                loginStartEvent.denyLogin(message);
+                break;
+            case Continue:
+            default:
+                //remove old data every time on a new login in order to keep the session only for one person
+                plugin.removeSession(address);
+
+                ProtocolLoginSource source = new ProtocolLoginSource(loginStartEvent);
+                super.onLogin(username, source);
+                break;
+        }
+    }
+
+    @EventHandler
+    public void onConnectionClosed(ConnectionCloseEvent closeEvent) {
+        InetSocketAddress address = closeEvent.getConnection().getRawAddress();
+        plugin.removeSession(address);
+    }
+
+    @EventHandler
+    public void onPropertiesResolve(PlayerProfileCompleteEvent profileCompleteEvent) {
+        InetSocketAddress address = profileCompleteEvent.getConnection().getRawAddress();
+
+        BukkitLoginSession session = plugin.getSession(address);
+
+        if (session != null && profileCompleteEvent.getConnection().getProfile().isOnlineMode()) {
+            session.setVerified(true);
+
+            if (!plugin.getConfig().getBoolean("premiumUuid")) {
+                String username = Optional.ofNullable(profileCompleteEvent.getForcedName())
+                        .orElse(profileCompleteEvent.getConnection().getProfile().getName());
+                profileCompleteEvent.setForcedUUID(UUIDAdapter.generateOfflineId(username));
+            }
+        }
+    }
+
+    @Override
+    public FastLoginPreLoginEvent callFastLoginPreLoginEvent(String username, ProtocolLoginSource source,
+                                                             StoredProfile profile) {
+        BukkitFastLoginPreLoginEvent event = new BukkitFastLoginPreLoginEvent(username, source, profile);
+        plugin.getServer().getPluginManager().callEvent(event);
+        return event;
+    }
+
+    @Override
+    public void requestPremiumLogin(ProtocolLoginSource source, StoredProfile profile, String username,
+                                    boolean registered) {
+        source.enableOnlinemode();
+
+        String ip = source.getAddress().getAddress().getHostAddress();
+        plugin.getCore().getPendingLogin().put(ip + username, new Object());
+
+        BukkitLoginSession playerSession = new BukkitLoginSession(username, registered, profile);
+        plugin.putSession(source.getAddress(), playerSession);
+    }
+
+    @Override
+    public void startCrackedSession(ProtocolLoginSource source, StoredProfile profile, String username) {
+        BukkitLoginSession loginSession = new BukkitLoginSession(username, profile);
+        plugin.putSession(source.getAddress(), loginSession);
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/DelayedAuthHook.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/DelayedAuthHook.java
@@ -0,0 +1,125 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.task;
+
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.hook.AuthMeHook;
+import com.github.games647.fastlogin.bukkit.hook.CrazyLoginHook;
+import com.github.games647.fastlogin.bukkit.hook.LogItHook;
+import com.github.games647.fastlogin.bukkit.hook.LoginSecurityHook;
+import com.github.games647.fastlogin.bukkit.hook.UltraAuthHook;
+import com.github.games647.fastlogin.bukkit.hook.XAuthHook;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import java.lang.reflect.Constructor;
+import java.util.Arrays;
+import java.util.List;
+
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+import org.bukkit.event.Listener;
+
+public class DelayedAuthHook implements Runnable {
+
+    private final FastLoginBukkit plugin;
+
+    public DelayedAuthHook(FastLoginBukkit plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public void run() {
+        boolean hookFound = isHookFound();
+        if (plugin.getBungeeManager().isEnabled()) {
+            plugin.getLog().info("BungeeCord setting detected. No auth plugin is required");
+        } else if (!hookFound) {
+            plugin.getLog().warn("No auth plugin were found by this plugin "
+                    + "(other plugins could hook into this after the initialization of this plugin)"
+                    + "and BungeeCord is deactivated. "
+                    + "Either one or both of the checks have to pass in order to use this plugin");
+        }
+
+        if (hookFound) {
+            plugin.markInitialized();
+        }
+    }
+
+    private boolean isHookFound() {
+        return plugin.getCore().getAuthPluginHook() != null || registerHooks();
+    }
+
+    private boolean registerHooks() {
+        AuthPlugin<Player> authPluginHook = getAuthHook();
+        if (authPluginHook == null) {
+            //run this check for exceptions (errors) and not found plugins
+            plugin.getLog().warn("No support offline Auth plugin found. ");
+            return false;
+        }
+
+        if (authPluginHook instanceof Listener) {
+            Bukkit.getPluginManager().registerEvents((Listener) authPluginHook, plugin);
+        }
+
+        if (plugin.getCore().getAuthPluginHook() == null) {
+            plugin.getLog().info("Hooking into auth plugin: {}", authPluginHook.getClass().getSimpleName());
+            plugin.getCore().setAuthPluginHook(authPluginHook);
+        }
+
+        return true;
+    }
+
+    private AuthPlugin<Player> getAuthHook() {
+        try {
+            List<Class<? extends AuthPlugin<Player>>> hooks = Arrays.asList(AuthMeHook.class,
+                    CrazyLoginHook.class, LogItHook.class, LoginSecurityHook.class, UltraAuthHook.class,
+                    XAuthHook.class);
+
+            for (Class<? extends AuthPlugin<Player>> clazz : hooks) {
+                String pluginName = clazz.getSimpleName();
+                pluginName = pluginName.substring(0, pluginName.length() - "Hook".length());
+                //uses only member classes which uses AuthPlugin interface (skip interfaces)
+                if (Bukkit.getPluginManager().isPluginEnabled(pluginName)) {
+                    //check only for enabled plugins. A single plugin could be disabled by plugin managers
+                    return newInstance(clazz);
+                }
+            }
+        } catch (ReflectiveOperationException ex) {
+            plugin.getLog().error("Couldn't load the auth hook class", ex);
+        }
+
+        return null;
+    }
+
+    protected AuthPlugin<Player> newInstance(Class<? extends AuthPlugin<Player>> clazz)
+            throws ReflectiveOperationException {
+        try {
+            Constructor<? extends AuthPlugin<Player>> cons = clazz.getDeclaredConstructor(FastLoginBukkit.class);
+            return cons.newInstance(plugin);
+        } catch (NoSuchMethodException noMethodEx) {
+            return clazz.getDeclaredConstructor().newInstance();
+        }
+    }
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/FloodgateAuthTask.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/FloodgateAuthTask.java
@@ -0,0 +1,72 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.task;
+
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.FloodgateManagement;
+
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
+import org.bukkit.Bukkit;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
+
+public class FloodgateAuthTask extends FloodgateManagement<Player, CommandSender, BukkitLoginSession, FastLoginBukkit> {
+
+    public FloodgateAuthTask(FastLoginCore<Player, CommandSender, FastLoginBukkit> core, Player player,
+                             FloodgatePlayer floodgatePlayer) {
+        super(core, player, floodgatePlayer);
+    }
+
+    @Override
+    protected void startLogin() {
+        BukkitLoginSession session = new BukkitLoginSession(player.getName(), isRegistered, profile);
+
+        // enable auto login based on the value of 'autoLoginFloodgate' in config.yml
+        session.setVerified(isAutoAuthAllowed(autoLoginFloodgate));
+
+        // run login task
+        Runnable forceLoginTask = new ForceLoginTask(core.getPlugin().getCore(), player, session);
+        Bukkit.getScheduler().runTaskAsynchronously(core.getPlugin(), forceLoginTask);
+    }
+
+    protected String getName(Player player) {
+        return player.getName();
+    }
+
+    protected UUID getUUID(Player player) {
+        return player.getUniqueId();
+    }
+
+    protected InetSocketAddress getAddress(Player player) {
+        return player.getAddress();
+    }
+
+}
--- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/ForceLoginTask.java
+++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/task/ForceLoginTask.java
@@ -0,0 +1,109 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.task;
+
+import com.github.games647.fastlogin.bukkit.BukkitLoginSession;
+import com.github.games647.fastlogin.bukkit.FastLoginBukkit;
+import com.github.games647.fastlogin.bukkit.event.BukkitFastLoginAutoLoginEvent;
+import com.github.games647.fastlogin.core.PremiumStatus;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.message.SuccessMessage;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.ForceLoginManagement;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
+
+import java.util.concurrent.ExecutionException;
+
+import org.bukkit.Bukkit;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+import org.bukkit.metadata.FixedMetadataValue;
+
+public class ForceLoginTask extends ForceLoginManagement<Player, CommandSender, BukkitLoginSession, FastLoginBukkit> {
+
+    public ForceLoginTask(FastLoginCore<Player, CommandSender, FastLoginBukkit> core, Player player,
+                          BukkitLoginSession session) {
+        super(core, player, session);
+    }
+
+    @Override
+    public void run() {
+        // block this target player for BungeeCord ID brute force attacks
+        FastLoginBukkit plugin = core.getPlugin();
+        player.setMetadata(core.getPlugin().getName(), new FixedMetadataValue(plugin, true));
+
+        if (session != null && !session.getUsername().equals(player.getName())) {
+            String playerName = player.getName();
+            plugin.getLog().warn("Player username {} is not matching session {}", playerName, session.getUsername());
+            return;
+        }
+
+        super.run();
+
+        PremiumStatus status = PremiumStatus.CRACKED;
+        if (isOnlineMode()) {
+            status = PremiumStatus.PREMIUM;
+        }
+
+        plugin.getPremiumPlayers().put(player.getUniqueId(), status);
+    }
+
+    @Override
+    public FastLoginAutoLoginEvent callFastLoginAutoLoginEvent(LoginSession session, StoredProfile profile) {
+        BukkitFastLoginAutoLoginEvent event = new BukkitFastLoginAutoLoginEvent(session, profile);
+        core.getPlugin().getServer().getPluginManager().callEvent(event);
+        return event;
+    }
+
+    @Override
+    public void onForceActionSuccess(LoginSession session) {
+        if (core.getPlugin().getBungeeManager().isEnabled()) {
+            core.getPlugin().getBungeeManager().sendPluginMessage(player, new SuccessMessage());
+        }
+    }
+
+    @Override
+    public String getName(Player player) {
+        return player.getName();
+    }
+
+    @Override
+    public boolean isOnline(Player player) {
+        try {
+            //the player-list isn't thread-safe
+            return Bukkit.getScheduler().callSyncMethod(core.getPlugin(), player::isOnline).get();
+        } catch (InterruptedException | ExecutionException ex) {
+            core.getPlugin().getLog().error("Failed to perform thread-safe online check for {}", player, ex);
+            return false;
+        }
+    }
+
+    @Override
+    public boolean isOnlineMode() {
+        return session.isVerified();
+    }
+}
--- a/bukkit/src/main/resources/plugin.yml
+++ b/bukkit/src/main/resources/plugin.yml
@@ -0,0 +1,65 @@
+# project data for Bukkit in order to register our plugin with all it's components
+# ${-} are variables from Maven (pom.xml) which will be replaced after the build
+name: ${project.parent.name}
+version: ${project.version}-${git.commit.id.abbrev}
+main: ${project.groupId}.${project.artifactId}.${project.name}
+
+# meta data for plugin managers
+authors: [games647, 'https://github.com/games647/FastLogin/graphs/contributors']
+description: |
+    ${project.description}
+website: ${project.url}
+dev-url: ${project.url}
+
+# This plugin doesn't have to be transformed for compatibility with Minecraft >= 1.13
+api-version: '1.13'
+
+softdepend:
+    # We depend on either ProtocolLib or ProtocolSupport
+    - ProtocolSupport
+    - ProtocolLib
+    # Premium variable
+    - PlaceholderAPI
+    # Bedrock Player Bridge
+    - Geyser-Spigot
+    - floodgate
+    # Auth plugins
+    - AuthMe
+    - LoginSecurity
+    - SodionAuth
+    - xAuth
+    - LogIt
+    - UltraAuth
+    - CrazyLogin
+
+commands:
+    ${project.parent.name}:
+        description: 'Label the invoker as premium'
+        aliases: [prem, premium, loginfast]
+        usage: /<command> [player]
+        permission: ${project.artifactId}.command.premium
+
+    cracked:
+        description: 'Label the invoker or the player specified as cracked if marked premium before'
+        aliases: [unpremium]
+        usage: /<command> [player]
+        permission: ${project.artifactId}.command.cracked
+
+permissions:
+    ${project.artifactId}.command.premium:
+        description: 'Label themselves as premium'
+        default: true
+
+    ${project.artifactId}.command.premium.other:
+        description: 'Label others as premium'
+        children:
+            ${project.artifactId}.command.premium: true
+
+    ${project.artifactId}.command.cracked:
+        description: 'Label themselves as cracked'
+        default: true
+
+    ${project.artifactId}.command.cracked.other:
+        description: 'Label others as cracked'
+        children:
+            ${project.artifactId}.command.cracked: true
--- a/bukkit/src/main/resources/yggdrasil_session_pubkey.der
+++ b/bukkit/src/main/resources/yggdrasil_session_pubkey.der
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/FastLoginBukkitTest.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/FastLoginBukkitTest.java
@@ -0,0 +1,50 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import com.github.games647.fastlogin.core.CommonUtil;
+
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.chat.ComponentSerializer;
+
+import lombok.val;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+class FastLoginBukkitTest {
+
+    @Test
+    void testRGB() {
+        val message = "&x00002a00002b&lText";
+        val msg = CommonUtil.translateColorCodes(message);
+        assertEquals(msg, "§x00002a00002b§lText");
+
+        val components = TextComponent.fromLegacyText(msg);
+        val expected = "{\"bold\":true,\"color\":\"#00a00b\",\"text\":\"Text\"}";
+        assertEquals(ComponentSerializer.toString(components), expected);
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/ReflectionTest.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/ReflectionTest.java
@@ -0,0 +1,45 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit;
+
+import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.FieldAccessor;
+
+import fr.xephi.authme.api.v3.AuthMeApi;
+import fr.xephi.authme.process.Management;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+class ReflectionTest {
+
+    @Test
+    void testAuthMeManagementField() {
+        FieldAccessor accessor = Accessors.getFieldAccessor(AuthMeApi.class, Management.class, true);
+        assertNotNull(accessor.getField());
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/hook/CrazyLoginHookTest.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/hook/CrazyLoginHookTest.java
@@ -0,0 +1,46 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.hook;
+
+import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.FieldAccessor;
+
+import de.st_ddt.crazylogin.CrazyLogin;
+import de.st_ddt.crazylogin.listener.PlayerListener;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+class CrazyLoginHookTest {
+
+    @Test
+    void testPlayerListener() {
+        FieldAccessor accessor = Accessors.getFieldAccessor(CrazyLogin.class, PlayerListener.class, true);
+        assertNotNull(accessor.getField());
+    }
+
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/Base64Adapter.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/Base64Adapter.java
@@ -0,0 +1,50 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.google.gson.TypeAdapter;
+import com.google.gson.stream.JsonReader;
+import com.google.gson.stream.JsonWriter;
+
+import java.io.IOException;
+import java.util.Base64;
+
+import lombok.val;
+
+public class Base64Adapter extends TypeAdapter<byte[]> {
+
+    @Override
+    public void write(JsonWriter out, byte[] value) throws IOException {
+        val encoded = Base64.getEncoder().encodeToString(value);
+        out.value(encoded);
+    }
+
+    @Override
+    public byte[] read(JsonReader in) throws IOException {
+        String encoded = in.nextString();
+        return Base64.getDecoder().decode(encoded);
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/EncryptionUtilTest.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/EncryptionUtilTest.java
@@ -0,0 +1,300 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.github.games647.fastlogin.bukkit.listener.protocollib.SignatureTestData.SignatureData;
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.google.common.hash.Hashing;
+
+import java.math.BigInteger;
+import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyPair;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.SignatureException;
+import java.security.interfaces.RSAPublicKey;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.UUID;
+import java.util.concurrent.ThreadLocalRandom;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import lombok.val;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class EncryptionUtilTest {
+
+    @Test
+    void testVerifyToken() {
+        val random = ThreadLocalRandom.current();
+        byte[] token = EncryptionUtil.generateVerifyToken(random);
+
+        assertAll(
+                () -> assertNotNull(token),
+                () -> assertEquals(token.length, 4)
+        );
+    }
+
+    @Test
+    void testServerKey() {
+        KeyPair keyPair = EncryptionUtil.generateKeyPair();
+
+        Key privateKey = keyPair.getPrivate();
+        assertEquals(privateKey.getAlgorithm(), "RSA");
+
+        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
+        assertEquals(publicKey.getAlgorithm(), "RSA");
+
+        // clients accept larger values than the standard vanilla server, but we shouldn't crash them
+        assertAll(
+                () -> assertTrue(publicKey.getModulus().bitLength() >= 1024),
+                () -> assertTrue(publicKey.getModulus().bitLength() < 8192)
+        );
+    }
+
+    @Test
+    void testExpiredClientKey() throws Exception {
+        val clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
+
+        // Client expires at the exact second mentioned, so use it for verification
+        val expiredTimestamp = clientKey.expiry();
+        assertFalse(EncryptionUtil.verifyClientKey(clientKey, expiredTimestamp, null));
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {
+            // expiration date changed should make the signature invalid while still being not expired
+            "client_keys/invalid_wrong_expiration.json",
+            // changed public key no longer corresponding to the signature
+            "client_keys/invalid_wrong_key.json",
+            // signature modified no longer corresponding to key and expiration date
+            "client_keys/invalid_wrong_signature.json"
+    })
+    void testInvalidClientKey(String clientKeySource) throws Exception {
+        val clientKey = ResourceLoader.loadClientKey(clientKeySource);
+        Instant expireTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+
+        assertFalse(EncryptionUtil.verifyClientKey(clientKey, expireTimestamp, null));
+    }
+
+    @Test
+    void testValidClientKey() throws Exception {
+        val clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
+        val verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+
+        assertTrue(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp, null));
+    }
+
+    @Test
+    void testValid191ClientKey() throws Exception {
+        val clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key_19_1.json");
+        val verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+
+        val ownerPremiumId = UUID.fromString("0aaa2c13-922a-411b-b655-9b8c08404695");
+        assertTrue(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp, ownerPremiumId));
+    }
+
+    @Test
+    void testIncorrect191ClientOwner() throws Exception {
+        val clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key_19_1.json");
+        val verificationTimestamp = clientKey.expiry().minus(5, ChronoUnit.HOURS);
+
+        val ownerPremiumId = UUID.fromString("61699b2e-d327-4a01-9f1e-0ea8c3f06bc6");
+        assertFalse(EncryptionUtil.verifyClientKey(clientKey, verificationTimestamp, ownerPremiumId));
+    }
+
+    @Test
+    void testDecryptSharedSecret() throws Exception {
+        KeyPair serverPair = EncryptionUtil.generateKeyPair();
+        val serverPK = serverPair.getPublic();
+
+        SecretKey secretKey = generateSharedKey();
+        byte[] encryptedSecret = encrypt(serverPK, secretKey.getEncoded());
+
+        SecretKey decryptSharedKey = EncryptionUtil.decryptSharedKey(serverPair.getPrivate(), encryptedSecret);
+        assertEquals(decryptSharedKey, secretKey);
+    }
+
+    private static byte[] encrypt(PublicKey receiverKey, byte... message)
+            throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
+            IllegalBlockSizeException, BadPaddingException {
+        val encryptCipher = Cipher.getInstance(receiverKey.getAlgorithm());
+        encryptCipher.init(Cipher.ENCRYPT_MODE, receiverKey);
+        return encryptCipher.doFinal(message);
+    }
+
+    private static SecretKeySpec generateSharedKey() {
+        // according to wiki.vg 16 bytes long
+        byte[] sharedKey = new byte[16];
+        ThreadLocalRandom.current().nextBytes(sharedKey);
+        // shared key is to be used for the AES/CFB8 stream cipher to encrypt the traffic
+        // therefore the encryption/decryption has to be AES
+        return new SecretKeySpec(sharedKey, "AES");
+    }
+
+    @Test
+    void testServerIdHash() throws Exception {
+        val serverId = "";
+        val sharedSecret = generateSharedKey();
+        val serverPK = ResourceLoader.loadClientKey("client_keys/valid_public_key.json").key();
+
+        String sessionHash = getServerHash(serverId, sharedSecret, serverPK);
+        assertEquals(EncryptionUtil.getServerIdHashString(serverId, sharedSecret, serverPK), sessionHash);
+    }
+
+    private static String getServerHash(@SuppressWarnings("SameParameterValue") CharSequence serverId,
+                                        SecretKey sharedSecret, PublicKey serverPK) {
+        // https://wiki.vg/Protocol_Encryption#Client
+        // sha1 := Sha1()
+        // sha1.update(ASCII encoding of the server id string from Encryption Request)
+        // sha1.update(shared secret)
+        // sha1.update(server's encoded public key from Encryption Request)
+        // hash := sha1.hexdigest() # String of hex characters
+        @SuppressWarnings("deprecation")
+        val hasher = Hashing.sha1().newHasher();
+        hasher.putString(serverId, StandardCharsets.US_ASCII);
+        hasher.putBytes(sharedSecret.getEncoded());
+        hasher.putBytes(serverPK.getEncoded());
+        //  It works by treating the sha1 output bytes as one large integer in two's complement and then printing the
+        //  integer in base 16, placing a minus sign if the interpreted number is negative.
+        // reference: 
+        // https://github.com/SpigotMC/BungeeCord/blob/ff5727c5ef9c0b56ad35f9816ae6bd660b622cf0/proxy/src/main/java/net/md_5/bungee/connection/InitialHandler.java#L456
+        return new BigInteger(hasher.hash().asBytes()).toString(16);
+    }
+
+    @Test
+    void testServerIdHashWrongSecret() throws Exception {
+        val serverId = "";
+        val sharedSecret = generateSharedKey();
+        val serverPK = ResourceLoader.loadClientKey("client_keys/valid_public_key.json").key();
+
+        String sessionHash = getServerHash(serverId, sharedSecret, serverPK);
+        assertNotEquals(EncryptionUtil.getServerIdHashString("", generateSharedKey(), serverPK), sessionHash);
+    }
+
+    @Test
+    void testServerIdHashWrongServerKey() {
+        val serverId = "";
+        val sharedSecret = generateSharedKey();
+        val serverPK = EncryptionUtil.generateKeyPair().getPublic();
+
+        String sessionHash = getServerHash(serverId, sharedSecret, serverPK);
+        val wrongPK = EncryptionUtil.generateKeyPair().getPublic();
+        assertNotEquals(EncryptionUtil.getServerIdHashString("", sharedSecret, wrongPK), sessionHash);
+    }
+
+    @Test
+    void testValidSignedNonce() throws Exception {
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
+        SignatureTestData testData = SignatureTestData.fromResource("signature/valid_signature.json");
+        assertTrue(verifySignedNonce(testData, clientKey));
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {
+            "signature/incorrect_nonce.json",
+            "signature/incorrect_salt.json",
+            "signature/incorrect_signature.json",
+    })
+    void testIncorrectNonce(String signatureSource) throws Exception {
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/valid_public_key.json");
+        SignatureTestData testData = SignatureTestData.fromResource(signatureSource);
+        assertFalse(verifySignedNonce(testData, clientKey));
+    }
+
+    @Test
+    void testWrongPublicKeySigned() throws Exception {
+        // load a different public key
+        ClientPublicKey clientKey = ResourceLoader.loadClientKey("client_keys/invalid_wrong_key.json");
+        SignatureTestData testData = SignatureTestData.fromResource("signature/valid_signature.json");
+        assertFalse(verifySignedNonce(testData, clientKey));
+    }
+
+    private static boolean verifySignedNonce(SignatureTestData testData, ClientPublicKey clientKey)
+            throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
+        PublicKey clientPublicKey = clientKey.key();
+
+        byte[] nonce = testData.getNonce();
+        SignatureData signature = testData.getSignature();
+        long salt = signature.getSalt();
+        return EncryptionUtil.verifySignedNonce(nonce, clientPublicKey, salt, signature.getSignature());
+    }
+
+    @Test
+    void testNonce() throws Exception {
+        byte[] expected = {1, 2, 3, 4};
+        val serverKey = EncryptionUtil.generateKeyPair();
+        val encryptedNonce = encrypt(serverKey.getPublic(), expected);
+
+        assertTrue(EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce));
+    }
+
+    @Test
+    void testNonceIncorrect() throws Exception {
+        byte[] expected = {1, 2, 3, 4};
+        val serverKey = EncryptionUtil.generateKeyPair();
+
+        // flipped first character
+        val encryptedNonce = encrypt(serverKey.getPublic(), new byte[]{0, 2, 3, 4});
+        assertFalse(EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce));
+    }
+
+    @Test
+    void testNonceFailedDecryption() throws Exception {
+        byte[] expected = {1, 2, 3, 4};
+        val serverKey = EncryptionUtil.generateKeyPair();
+        // generate a new keypair that is different
+        val encryptedNonce = encrypt(EncryptionUtil.generateKeyPair().getPublic(), expected);
+
+        assertThrows(GeneralSecurityException.class,
+                () -> EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce)
+        );
+    }
+
+    @Test
+    void testNonceIncorrectEmpty() {
+        byte[] expected = {1, 2, 3, 4};
+        val serverKey = EncryptionUtil.generateKeyPair();
+        byte[] encryptedNonce = {};
+
+        assertThrows(GeneralSecurityException.class,
+                () -> EncryptionUtil.verifyNonce(expected, serverKey.getPrivate(), encryptedNonce)
+        );
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ResourceLoader.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/ResourceLoader.java
@@ -0,0 +1,98 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.github.games647.fastlogin.bukkit.listener.protocollib.packet.ClientPublicKey;
+import com.google.common.io.Resources;
+import com.google.gson.Gson;
+import com.google.gson.JsonObject;
+
+import java.io.IOException;
+import java.io.Reader;
+import java.io.StringReader;
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.time.Instant;
+import java.util.Base64;
+
+import org.bouncycastle.util.io.pem.PemObject;
+import org.bouncycastle.util.io.pem.PemReader;
+
+public class ResourceLoader {
+
+    public static RSAPrivateKey parsePrivateKey(String keySpec)
+        throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
+        try (
+            Reader reader = new StringReader(keySpec);
+            PemReader pemReader = new PemReader(reader)
+        ) {
+            PemObject pemObject = pemReader.readPemObject();
+            byte[] content = pemObject.getContent();
+            KeySpec privateKeySpec = new PKCS8EncodedKeySpec(content);
+
+            KeyFactory factory = KeyFactory.getInstance("RSA");
+            return (RSAPrivateKey) factory.generatePrivate(privateKeySpec);
+        }
+    }
+
+    protected static ClientPublicKey loadClientKey(String path)
+        throws NoSuchAlgorithmException, IOException, InvalidKeySpecException {
+        URL keyUrl = Resources.getResource(path);
+
+        String lines = Resources.toString(keyUrl, StandardCharsets.US_ASCII);
+        JsonObject object = new Gson().fromJson(lines, JsonObject.class);
+
+        Instant expires = Instant.parse(object.getAsJsonPrimitive("expires_at").getAsString());
+        String key = object.getAsJsonPrimitive("key").getAsString();
+        RSAPublicKey publicKey = parsePublicKey(key);
+
+        byte[] signature = Base64.getDecoder().decode(object.getAsJsonPrimitive("signature").getAsString());
+        return ClientPublicKey.of(expires, publicKey, signature);
+    }
+
+    private static RSAPublicKey parsePublicKey(String keySpec)
+        throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
+        try (
+            Reader reader = new StringReader(keySpec);
+            PemReader pemReader = new PemReader(reader)
+        ) {
+            PemObject pemObject = pemReader.readPemObject();
+            byte[] content = pemObject.getContent();
+            KeySpec pubKeySpec = new X509EncodedKeySpec(content);
+
+            KeyFactory factory = KeyFactory.getInstance("RSA");
+            return (RSAPublicKey) factory.generatePublic(pubKeySpec);
+        }
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SignatureTestData.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/SignatureTestData.java
@@ -0,0 +1,74 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.google.common.io.Resources;
+import com.google.gson.Gson;
+import com.google.gson.annotations.JsonAdapter;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+import lombok.val;
+
+public class SignatureTestData {
+
+    public static SignatureTestData fromResource(String resourceName) throws IOException {
+        val keyUrl = Resources.getResource(resourceName);
+        val encodedSignature = Resources.toString(keyUrl, StandardCharsets.US_ASCII);
+
+        return new Gson().fromJson(encodedSignature, SignatureTestData.class);
+    }
+
+    @JsonAdapter(Base64Adapter.class)
+    private byte[] nonce;
+
+    private SignatureData signature;
+
+    public byte[] getNonce() {
+        return nonce;
+    }
+
+    public SignatureData getSignature() {
+        return signature;
+    }
+
+    public static class SignatureData {
+
+        private long salt;
+
+        @JsonAdapter(Base64Adapter.class)
+        private byte[] signature;
+
+        public long getSalt() {
+            return salt;
+        }
+
+        public byte[] getSignature() {
+            return signature;
+        }
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTaskTest.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTaskTest.java
@@ -0,0 +1,68 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.listener.protocollib;
+
+import com.comphenix.protocol.injector.packet.PacketRegistry;
+import com.comphenix.protocol.reflect.accessors.Accessors;
+import com.comphenix.protocol.reflect.accessors.FieldAccessor;
+import com.comphenix.protocol.utility.MinecraftReflection;
+
+import java.util.Optional;
+
+import org.bukkit.Bukkit;
+import org.junit.jupiter.api.Test;
+import org.mockito.MockedStatic;
+
+import static org.mockito.ArgumentMatchers.any;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.mockito.Mockito.mockStatic;
+
+class VerifyResponseTaskTest {
+
+    private static final String NETTY_INJECTOR_CLASS =
+            "com.comphenix.protocol.injector.netty.channel.NettyChannelInjector";
+
+    @Test
+    void getNetworkManagerReflection() throws ClassNotFoundException {
+        try (
+                MockedStatic<Bukkit> bukkitMock = mockStatic(Bukkit.class);
+                MockedStatic<MinecraftReflection> reflectionMock = mockStatic(MinecraftReflection.class);
+                MockedStatic<PacketRegistry> registryMock = mockStatic(PacketRegistry.class)
+        ) {
+            bukkitMock.when(Bukkit::getVersion).thenReturn("git-Bukkit-18fbb24 (MC: 1.17)");
+            reflectionMock.when(MinecraftReflection::getMinecraftPackage).thenReturn("xyz");
+            reflectionMock.when(MinecraftReflection::getEnumProtocolClass).thenReturn(Object.class);
+
+            registryMock.when(() -> PacketRegistry.tryGetPacketClass(any())).thenReturn(Optional.empty());
+            
+            
+            Class<?> injectorClass = Class.forName(NETTY_INJECTOR_CLASS);
+            FieldAccessor accessor = Accessors.getFieldAccessorOrNull(injectorClass, "networkManager", Object.class);
+            assertNotNull(accessor.getField());
+        }
+    }
+}
--- a/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/task/DelayedAuthHookTest.java
+++ b/bukkit/src/test/java/com/github/games647/fastlogin/bukkit/task/DelayedAuthHookTest.java
@@ -0,0 +1,61 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bukkit.task;
+
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import lombok.val;
+import org.bukkit.entity.Player;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+class DelayedAuthHookTest {
+
+    @Test
+    void createNewReflectiveInstance() throws ReflectiveOperationException {
+        val authHook = new DelayedAuthHook(null);
+        assertNotNull(authHook.newInstance(DummyHook.class));
+    }
+
+    public static class DummyHook implements AuthPlugin<Player> {
+
+        @Override
+        public boolean forceLogin(Player player) {
+            return false;
+        }
+
+        @Override
+        public boolean forceRegister(Player player, String password) {
+            return false;
+        }
+
+        @Override
+        public boolean isRegistered(String playerName) throws Exception {
+            return false;
+        }
+    }
+}
--- a/bukkit/src/test/java/integration/README.md
+++ b/bukkit/src/test/java/integration/README.md
@@ -0,0 +1,53 @@
+# Integration tests for authentication
+
+## Description
+
+Projects require integration tests in order to check against errors that could only occur if connected to other
+components. However, they are heavier in terms of performance and require a more complex setup. Unit tests often make
+use of fake, mock, stubs, etc. implementations to test the unit in isolation and thus could hide issues across
+boundaries of a unit. Nevertheless, both are not replacement for each other.
+
+## Usage in this project
+
+The authentication system is a core component, so it requires some kind of testing. Here we are going to
+spin up a Spigot server and test with the supported authentication schemes against the implementation of MCProtocolLib.
+
+### Goals
+
+* OS platform independent
+* Reproducible, but not fixed to a specific image hash
+    * This is a dev container, so fixing it to feature/major version is enough instead of a version fixed by hash
+* Improve container spin up
+    * E.g. Remove/Reduce world generation
+
+### Note on automation
+
+The simplest solution it to use the official Mojang session and authentication servers. However, this would require
+a spare Minecraft account. Mocking the auth servers would be a solution to avoid this.
+
+## Related
+
+Interest blog article about integration tests and why they are necessary.
+https://software.rajivprab.com/2019/04/28/rethinking-software-testing-perspectives-from-the-world-of-hardware/
+
+## Issues
+
+### Slow startup
+
+Tried a lot of optimizations like only loading a single world without the nether or the end. However, there the startup
+is still slow. If you have any ideas on how to tune the startup parameters of the Minecraft server or the JVM
+itself to reduce the startup time, please suggest it.
+
+### Checkpoint
+
+An idea to optimize the time is to use CRIU (checkpoint and restore). So to save the process at a certain stage and
+restore all data multiple times. This could cause a lot of issues like open files have to be present. However, the
+impact is significant and since it runs inside the container all files, pids (pid=1) should be matching. Potential
+checkpoint locations are:
+
+* Direct before loading the plugins
+  * Likely before binding the port to prevent issues
+* After loading the libraries
+
+Nevertheless, the current state requires to run it with root and the Java support is currently still in progress.
+
--- a/bukkit/src/test/resources/client_keys/README.md
+++ b/bukkit/src/test/resources/client_keys/README.md
@@ -0,0 +1,27 @@
+# About
+
+This contains test resources for the unit tests. The files are extracted from the Minecraft directory with slight
+modifications. The files are found in `$MINECRAFT_HOME$/profilekeys/`, where `$MINECRAFT_HOME$` represents the
+OS-dependent minecraft folder.
+
+**Notable the files in this folder do not contain the private key information. It should be explicitly
+stripped before including it.**
+
+## Minecraft folder
+
+* Windows: `%appdata%\.minecraft`
+* Linux: `/home/username/.minecraft`
+* Mac: `~/Library/Application Support/minecraft`
+
+## Directory structure
+
+* `valid_public_key.json`: Extracted from the actual file
+* `invalid_wrong_expiration.json`: Changed the expiration date
+* `invalid_wrong_key.json`: Modified public key while keeping the RSA structure valid
+* `invalid_wrong_signature.json`: Changed a character in the public key signature
+
+## File content
+
+* `expires_at`: Expiration date
+* `key`: Public key from the original file out of `public_key.key`
+* `signature`: Mojang signed signature of this public key
--- a/bukkit/src/test/resources/client_keys/invalid_wrong_expiration.json
+++ b/bukkit/src/test/resources/client_keys/invalid_wrong_expiration.json
@@ -0,0 +1,5 @@
+{
+    "expires_at": "2022-06-20T07:31:47.318722344Z",
+    "key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd3ZxDhcRWWru1XEBke6uYqmbnS2Oxyk\nOMj+QDKrkwUqhVJYciyXGsMx46Mgr/KIoGCcokP5OtIxc6+69/ZLqJ9PvM81kLIxAqyvfBMKMGjP\n376LgxTF1FeDpbe5zXaNRxfmnvQhS5YTLbzgk36qWVjqxJMG4VLVmh7RV5zWsb7XlckZb2zRHM2Y\nMHbEC+ggX+l6zQyfG1KK0MH5k+O6b0xD0rv1wm24sLOesTXH6RZG8cNE3ofdnavxjFodTOnra6w1\naiVcoUTdEPSS86wQwq9j0YCcAKOwMXsqbk9NhpujrdyJ94dev+ELwkNS7P0pPrcfiyFTQeJCZTXz\nJB36MwIDAQAB\n-----END RSA PUBLIC KEY-----\n",
+    "signature": "lfRXK4zL213wBKg760eiPV7yvnLZ6a6v9Iohmw78yxIzqXO3tfrC5Z+P2LGiO1BdI4xckx8yz4ktn82zX97+r2zktBw0As7g71H/FjInpoZ76j3gMUaiFNrQJ0vKCCI7xsjonemroWAVDCAqlvdyqwUu/Fnz85+WoR2kCQ721vwy6IjWA3xhq8XrWjkI/AlBmoS/kVqnvjjjc9vocdddJXbUYzCse/hWWIbsFeBXyiGCd3v7apgtXwQfM++tt87fq7444zQskiYb14oQP8/uNwqZWQ9jAs00i1BZ0MNM6+TZYGHOfS6rbHZ1bcX34VZdcCwpapK/Z2HBRIgDN4QOcgJkyq1GcjvlM2wjfhN8gXTsmbF9Ee+5Y6a4ONRkxRZK2sT8oAXdm0OlTEGB0P0+WRRFOQ/PnRqbI7lvANao2METT2EUHHrtqFMe53kqCHdzy5qyuHxdCEa6l/gSR08fybx9DdRRmhOlhSPGxhgwqyi1fEMrN4CsSKNrv5u+sMqhspA05b3DQJeLDX+UV5ujRHwm0A49NF+h1ZYlrcefz5IMUUisOOw6HiLc/YGLD2jHwSePGdfMwMnrIxbxjCta7/7A91aaN7eYm16KW9erCOwAfJmBSQC6Pbmg5f7rd7rAKVOPxglq7nayXmd+BK53Mal5tltMSgd/0iY6SEtGSEU="
+}
--- a/bukkit/src/test/resources/client_keys/invalid_wrong_key.json
+++ b/bukkit/src/test/resources/client_keys/invalid_wrong_key.json
@@ -0,0 +1,5 @@
+{
+    "expires_at": "2022-06-20T08:31:47.318722344Z",
+    "key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOv23jt2QPyab6bPRBwH2ggmzQU3I+xmDpi3X5ZB5Em/4uzyZqNVLJc0gShpk0XsdoB28Nq1bPxczOTBxuXi3rg5ax5gL+iymDSU27DLM8s/33lOofzGPJUEQGKlFm0QelDKZ/q5Y/9inHE3hEJKf7h0tnmGahXFmZSF/nRz9GHnfSYpjtDr9bsZOzQuLhHXT5E4ksNRTFW41h0MlZ1qOhO+NiiVgk7LmgVYiV7RRbgO8U6RaCEqg5n28Ewo6QtzB+DF4NTDeu3E9BLH5G0npdUrVNhdRUWCFDmH6n9hqSIz2J7o6GvWqEvp0h9e/3qtLsoS60hnQXunrcWcPaEIYQIDAQAB\n-----END RSA PUBLIC KEY-----\n",
+    "signature": "lfRXK4zL213wBKg760eiPV7yvnLZ6a6v9Iohmw78yxIzqXO3tfrC5Z+P2LGiO1BdI4xckx8yz4ktn82zX97+r2zktBw0As7g71H/FjInpoZ76j3gMUaiFNrQJ0vKCCI7xsjonemroWAVDCAqlvdyqwUu/Fnz85+WoR2kCQ721vwy6IjWA3xhq8XrWjkI/AlBmoS/kVqnvjjjc9vocdddJXbUYzCse/hWWIbsFeBXyiGCd3v7apgtXwQfM++tt87fq7444zQskiYb14oQP8/uNwqZWQ9jAs00i1BZ0MNM6+TZYGHOfS6rbHZ1bcX34VZdcCwpapK/Z2HBRIgDN4QOcgJkyq1GcjvlM2wjfhN8gXTsmbF9Ee+5Y6a4ONRkxRZK2sT8oAXdm0OlTEGB0P0+WRRFOQ/PnRqbI7lvANao2METT2EUHHrtqFMe53kqCHdzy5qyuHxdCEa6l/gSR08fybx9DdRRmhOlhSPGxhgwqyi1fEMrN4CsSKNrv5u+sMqhspA05b3DQJeLDX+UV5ujRHwm0A49NF+h1ZYlrcefz5IMUUisOOw6HiLc/YGLD2jHwSePGdfMwMnrIxbxjCta7/7A91aaN7eYm16KW9erCOwAfJmBSQC6Pbmg5f7rd7rAKVOPxglq7nayXmd+BK53Mal5tltMSgd/0iY6SEtGSEU="
+}
--- a/bukkit/src/test/resources/client_keys/invalid_wrong_signature.json
+++ b/bukkit/src/test/resources/client_keys/invalid_wrong_signature.json
@@ -0,0 +1,5 @@
+{
+    "expires_at": "2022-06-20T08:31:47.318722344Z",
+    "key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd3ZxDhcRWWru1XEBke6uYqmbnS2Oxyk\nOMj+QDKrkwUqhVJYciyXGsMx46Mgr/KIoGCcokP5OtIxc6+69/ZLqJ9PvM81kLIxAqyvfBMKMGjP\n376LgxTF1FeDpbe5zXaNRxfmnvQhS5YTLbzgk36qWVjqxJMG4VLVmh7RV5zWsb7XlckZb2zRHM2Y\nMHbEC+ggX+l6zQyfG1KK0MH5k+O6b0xD0rv1wm24sLOesTXH6RZG8cNE3ofdnavxjFodTOnra6w1\naiVcoUTdEPSS86wQwq9j0YCcAKOwMXsqbk9NhpujrdyJ94dev+ELwkNS7P0pPrcfiyFTQeJCZTXz\nJB36MwIDAQAB\n-----END RSA PUBLIC KEY-----\n",
+    "signature": "lfRxK4zL213wBKg760eiPV7yvnLZ6a6v9Iohmw78yxIzqXO3tfrC5Z+P2LGiO1BdI4xckx8yz4ktn82zX97+r2zktBw0As7g71H/FjInpoZ76j3gMUaiFNrQJ0vKCCI7xsjonemroWAVDCAqlvdyqwUu/Fnz85+WoR2kCQ721vwy6IjWA3xhq8XrWjkI/AlBmoS/kVqnvjjjc9vocdddJXbUYzCse/hWWIbsFeBXyiGCd3v7apgtXwQfM++tt87fq7444zQskiYb14oQP8/uNwqZWQ9jAs00i1BZ0MNM6+TZYGHOfS6rbHZ1bcX34VZdcCwpapK/Z2HBRIgDN4QOcgJkyq1GcjvlM2wjfhN8gXTsmbF9Ee+5Y6a4ONRkxRZK2sT8oAXdm0OlTEGB0P0+WRRFOQ/PnRqbI7lvANao2METT2EUHHrtqFMe53kqCHdzy5qyuHxdCEa6l/gSR08fybx9DdRRmhOlhSPGxhgwqyi1fEMrN4CsSKNrv5u+sMqhspA05b3DQJeLDX+UV5ujRHwm0A49NF+h1ZYlrcefz5IMUUisOOw6HiLc/YGLD2jHwSePGdfMwMnrIxbxjCta7/7A91aaN7eYm16KW9erCOwAfJmBSQC6Pbmg5f7rd7rAKVOPxglq7nayXmd+BK53Mal5tltMSgd/0iY6SEtGSEU="
+}
--- a/bukkit/src/test/resources/client_keys/valid_public_key.json
+++ b/bukkit/src/test/resources/client_keys/valid_public_key.json
@@ -0,0 +1,5 @@
+{
+    "expires_at": "2022-06-20T08:31:47.318722344Z",
+    "key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd3ZxDhcRWWru1XEBke6uYqmbnS2Oxyk\nOMj+QDKrkwUqhVJYciyXGsMx46Mgr/KIoGCcokP5OtIxc6+69/ZLqJ9PvM81kLIxAqyvfBMKMGjP\n376LgxTF1FeDpbe5zXaNRxfmnvQhS5YTLbzgk36qWVjqxJMG4VLVmh7RV5zWsb7XlckZb2zRHM2Y\nMHbEC+ggX+l6zQyfG1KK0MH5k+O6b0xD0rv1wm24sLOesTXH6RZG8cNE3ofdnavxjFodTOnra6w1\naiVcoUTdEPSS86wQwq9j0YCcAKOwMXsqbk9NhpujrdyJ94dev+ELwkNS7P0pPrcfiyFTQeJCZTXz\nJB36MwIDAQAB\n-----END RSA PUBLIC KEY-----\n",
+    "signature": "lfRXK4zL213wBKg760eiPV7yvnLZ6a6v9Iohmw78yxIzqXO3tfrC5Z+P2LGiO1BdI4xckx8yz4ktn82zX97+r2zktBw0As7g71H/FjInpoZ76j3gMUaiFNrQJ0vKCCI7xsjonemroWAVDCAqlvdyqwUu/Fnz85+WoR2kCQ721vwy6IjWA3xhq8XrWjkI/AlBmoS/kVqnvjjjc9vocdddJXbUYzCse/hWWIbsFeBXyiGCd3v7apgtXwQfM++tt87fq7444zQskiYb14oQP8/uNwqZWQ9jAs00i1BZ0MNM6+TZYGHOfS6rbHZ1bcX34VZdcCwpapK/Z2HBRIgDN4QOcgJkyq1GcjvlM2wjfhN8gXTsmbF9Ee+5Y6a4ONRkxRZK2sT8oAXdm0OlTEGB0P0+WRRFOQ/PnRqbI7lvANao2METT2EUHHrtqFMe53kqCHdzy5qyuHxdCEa6l/gSR08fybx9DdRRmhOlhSPGxhgwqyi1fEMrN4CsSKNrv5u+sMqhspA05b3DQJeLDX+UV5ujRHwm0A49NF+h1ZYlrcefz5IMUUisOOw6HiLc/YGLD2jHwSePGdfMwMnrIxbxjCta7/7A91aaN7eYm16KW9erCOwAfJmBSQC6Pbmg5f7rd7rAKVOPxglq7nayXmd+BK53Mal5tltMSgd/0iY6SEtGSEU="
+}
--- a/bukkit/src/test/resources/client_keys/valid_public_key_19_1.json
+++ b/bukkit/src/test/resources/client_keys/valid_public_key_19_1.json
@@ -0,0 +1,5 @@
+{
+  "expires_at": "2022-07-29T12:57:39.011Z",
+  "key": "-----BEGIN RSA PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYOUXdid0c09/eYoseLf8qG9fKQ/G2DY9wlSyEZaFMflwZ8ZpLFYigxzfaimpT3A5cbFIdIH2W2sYl5PwsKSs128GBh/rxXUEZlLkIkS+EfxyuMp9ITclxAjCqvFgfJbZHugtB9Ofi6knCEEgjFwMDh2efdpOXkCxtHuPFfnVzDJBbHWdlCCtJesMAnA2jCT7CqCwsi7sW2QxuTarqHP/cHKiBeBIu/SngGUB6eWmvAwERW5x2D+O26w8Z5sQCND3xQ4D868RALiPNG94TyKoJV+jKi0tTUmjGGs/1ksbSGDQb5xqIH0NYKZhoZrczYPNmJX4k7g5BA5RHX8AGORaQIDAQAB\n-----END RSA PUBLIC KEY-----\n",
+  "signature": "Fto/GDqEMTWpNrktWSi3tnP3ZZlo8r4Jled/5PKYRvaL/zksfjB2RK2O8pZL+w5mI2VAViTVAQmSJEF2o/BCb2L0zXp3/hC9VhZj5NTVi4KbHfnfMorj7/WJP2vvMgVxIxgLb3EEQXGS2Mmo0w2ikUVauwXgLWECvVt10KAZnTAWNIvpM8NUoZ2oCCxVimYHBtlwWQ7WvowAatP4ypa7fo3xhQg8Im1hvQDsFTNp58pgnd7l3l99xLj1uYOUJM06HGZJ/Xd0kzzJz44Csh4m50Q0RP4Nq5L+fYPeUx990Z1r1lw0sSayk+vA2Qnxgbs/z6KgkxfhBg7oOlp4ykl9cLC2kA/LdV6igqsdr/KoP4GWxwTA7RgQbhMkDFdmIg1W+gh3XqwASFQK2BAN/eAfmDTf8u9BtOEF7Ehn9uPOaiFiGztyaHxXNIkVSPTG2GXMFSijnd3Ms28jHYVY/67INTnDRmN0//KzBAoTRMe1S5idai19kug4EUVIRKDziipowzCPdbD18trdQGpK0dYOrw9XQiQd4N4V3eItpyAULGiZd8KcjgKo4orqgsUfNyhLI1keig7TyJUE3FkBOfX4hlZBm7Q/Wq4hwarlc5yZIjhsuivKV/q4tcnYYPwjP7kNMRsIApWG+yHmSIo8QfZhBiPxvtWSSLZgoFgnlxfaEko="
+}
--- a/bukkit/src/test/resources/signature/README.md
+++ b/bukkit/src/test/resources/signature/README.md
@@ -0,0 +1,16 @@
+# About
+
+This contains test resources for the unit tests. Files in this folder include pre-made cryptographic signatures.
+
+## Directory structure
+
+* `valid_signature.json`: Extracted using packet extract from an actual authentication
+* `incorrect_nonce.json`: Different nonce token simulating that the server expected a different token than signed
+* `incorrect_salt.json`: Salt sent is different to the content signed by the signature (changed salt field)
+* `incorrect_signature.json`: Changed signature
+
+## File content
+
+* `nonce`: Server generated nonce token
+* `salt`: Client generated random token that will be signed
+* `signature`: Nonce and salt signed using the client key from `valid_public_key.json`
--- a/bukkit/src/test/resources/signature/incorrect_nonce.json
+++ b/bukkit/src/test/resources/signature/incorrect_nonce.json
@@ -0,0 +1,7 @@
+{
+    "nonce": "galNig\u003d\u003d",
+    "signature": {
+        "signature": "JlXAUtIGDjxUOnF5vkg/NUEN2wlzXcqADyYIw2WRTb5hgKwIgxyUPO5v/2M7xU3hxz2Zf0iYHM97h8qNMGQ43cLgfVH9VWZ1kGMuOby2LNSb6nDaMzm0b02ftThaWOWj9kJXbR8fN7qdpB+28t2CTW5ILT+2AZYI/Sn8gFFR+LvJJt1ENMfEj2ZIIkHecpNBuKyLz1aDCZ5BEASSLfAqHEAA3dpHV1DIgzfpO6xwo7bVFDtcBEeusl/Nc3KyGyT8sDFTsZWgitgz53xNKrZUK8Q2BaJfP0zrGAX36rpYURJSVD0AtI1ic9s5aG+OFUC1YhLXb/1cDv37ZjHcdV2ppw\u003d\u003d",
+        "salt": -2985008842905108412
+    }
+}
--- a/bukkit/src/test/resources/signature/incorrect_salt.json
+++ b/bukkit/src/test/resources/signature/incorrect_salt.json
@@ -0,0 +1,7 @@
+{
+    "nonce": "GalNig\u003d\u003d",
+    "signature": {
+        "signature": "JlXAUtIGDjxUOnF5vkg/NUEN2wlzXcqADyYIw2WRTb5hgKwIgxyUPO5v/2M7xU3hxz2Zf0iYHM97h8qNMGQ43cLgfVH9VWZ1kGMuOby2LNSb6nDaMzm0b02ftThaWOWj9kJXbR8fN7qdpB+28t2CTW5ILT+2AZYI/Sn8gFFR+LvJJt1ENMfEj2ZIIkHecpNBuKyLz1aDCZ5BEASSLfAqHEAA3dpHV1DIgzfpO6xwo7bVFDtcBEeusl/Nc3KyGyT8sDFTsZWgitgz53xNKrZUK8Q2BaJfP0zrGAX36rpYURJSVD0AtI1ic9s5aG+OFUC1YhLXb/1cDv37ZjHcdV2ppw\u003d\u003d",
+        "salt": -1985008842905108412
+    }
+}
--- a/bukkit/src/test/resources/signature/incorrect_signature.json
+++ b/bukkit/src/test/resources/signature/incorrect_signature.json
@@ -0,0 +1,7 @@
+{
+    "nonce": "GalNig\u003d\u003d",
+    "signature": {
+        "signature": "jlXAUtIGDjxUOnF5vkg/NUEN2wlzXcqADyYIw2WRTb5hgKwIgxyUPO5v/2M7xU3hxz2Zf0iYHM97h8qNMGQ43cLgfVH9VWZ1kGMuOby2LNSb6nDaMzm0b02ftThaWOWj9kJXbR8fN7qdpB+28t2CTW5ILT+2AZYI/Sn8gFFR+LvJJt1ENMfEj2ZIIkHecpNBuKyLz1aDCZ5BEASSLfAqHEAA3dpHV1DIgzfpO6xwo7bVFDtcBEeusl/Nc3KyGyT8sDFTsZWgitgz53xNKrZUK8Q2BaJfP0zrGAX36rpYURJSVD0AtI1ic9s5aG+OFUC1YhLXb/1cDv37ZjHcdV2ppw\u003d\u003d",
+        "salt": -2985008842905108412
+    }
+}
--- a/bukkit/src/test/resources/signature/valid_signature.json
+++ b/bukkit/src/test/resources/signature/valid_signature.json
@@ -0,0 +1,7 @@
+{
+    "nonce": "GalNig\u003d\u003d",
+    "signature": {
+        "signature": "JlXAUtIGDjxUOnF5vkg/NUEN2wlzXcqADyYIw2WRTb5hgKwIgxyUPO5v/2M7xU3hxz2Zf0iYHM97h8qNMGQ43cLgfVH9VWZ1kGMuOby2LNSb6nDaMzm0b02ftThaWOWj9kJXbR8fN7qdpB+28t2CTW5ILT+2AZYI/Sn8gFFR+LvJJt1ENMfEj2ZIIkHecpNBuKyLz1aDCZ5BEASSLfAqHEAA3dpHV1DIgzfpO6xwo7bVFDtcBEeusl/Nc3KyGyT8sDFTsZWgitgz53xNKrZUK8Q2BaJfP0zrGAX36rpYURJSVD0AtI1ic9s5aG+OFUC1YhLXb/1cDv37ZjHcdV2ppw\u003d\u003d",
+        "salt": -2985008842905108412
+    }
+}
--- a/bungee/lib/BungeeAuth-1.4.jar
+++ b/bungee/lib/BungeeAuth-1.4.jar
--- a/bungee/pom.xml
+++ b/bungee/pom.xml
@@ -0,0 +1,215 @@
+<!--
+
+    SPDX-License-Identifier: MIT
+
+    The MIT License (MIT)
+
+    Copyright (c) 2015-2022 games647 and contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+
+-->
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>com.github.games647</groupId>
+        <artifactId>fastlogin</artifactId>
+        <version>1.12-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <!--This has to be in lowercase because it's used by plugin.yml-->
+    <artifactId>fastlogin.bungee</artifactId>
+    <packaging>jar</packaging>
+
+    <!--Represents the main plugin-->
+    <name>FastLoginBungee</name>
+
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-shade-plugin</artifactId>
+                <version>3.4.1</version>
+                <configuration>
+                    <minimizeJar>true</minimizeJar>
+
+                    <createDependencyReducedPom>false</createDependencyReducedPom>
+                    <shadedArtifactAttached>false</shadedArtifactAttached>
+                    <artifactSet>
+                        <excludes>
+                            <!--Those classes are already present in BungeeCord version-->
+                            <exclude>net.md-5:bungeecord-config</exclude>
+                            <exclude>com.google.code.gson:gson</exclude>
+                            <exclude>com.google.guava:guava</exclude>
+                        </excludes>
+                    </artifactSet>
+                    <relocations>
+                        <relocation>
+                            <pattern>com.zaxxer.hikari</pattern>
+                            <shadedPattern>fastlogin.hikari</shadedPattern>
+                        </relocation>
+                        <relocation>
+                            <pattern>org.slf4j</pattern>
+                            <shadedPattern>fastlogin.slf4j</shadedPattern>
+                        </relocation>
+                    </relocations>
+                    <!-- Rename the service file too to let SLF4J api find our own relocated jdk logger -->
+                    <!-- Located in META-INF/services -->
+                    <transformers>
+                        <transformer
+                                implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
+                    </transformers>
+                    <filters>
+                        <filter>
+                            <artifact>*:*</artifact>
+                            <excludes>
+                                <exclude>META-INF/MANIFEST.MF</exclude>
+                                <exclude>**/module-info.class</exclude>
+                            </excludes>
+                        </filter>
+                    </filters>
+                </configuration>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>shade</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+    <repositories>
+        <repository>
+            <id>codemc-repo</id>
+            <url>https://repo.codemc.io/repository/maven-public/</url>
+        </repository>
+
+        <repository>
+            <id>jitpack.io</id>
+            <url>https://jitpack.io</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+
+    <dependencies>
+        <!--Common plugin component-->
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>fastlogin.core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
+        <!--BungeeCord with also the part outside the API-->
+        <dependency>
+            <groupId>net.md-5</groupId>
+            <artifactId>bungeecord-proxy</artifactId>
+            <version>1.19-R0.1-SNAPSHOT</version>
+            <scope>provided</scope>
+            <!-- Use our own newer api version -->
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>mysql</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>net.md-5</groupId>
+                    <artifactId>bungeecord-native</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>net.md-5</groupId>
+                    <artifactId>bungeecord-query</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>net.md-5</groupId>
+                    <artifactId>bungeecord-slf4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.maven</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.maven.resolver</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Floodgate for Xbox Live Authentication-->
+        <dependency>
+            <groupId>org.geysermc.floodgate</groupId>
+            <artifactId>api</artifactId>
+            <version>${floodgate.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- Bedrock player bridge -->
+        <dependency>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>core</artifactId>
+            <version>${geyser.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- We need the API, but it was excluded above -->
+        <dependency>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>api</artifactId>
+            <version>${geyser.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Login plugin-->
+        <dependency>
+            <groupId>me.vik1395</groupId>
+            <artifactId>BungeeAuth</artifactId>
+            <version>1.4</version>
+            <scope>system</scope>
+            <systemPath>${project.basedir}/lib/BungeeAuth-1.4.jar</systemPath>
+        </dependency>
+    </dependencies>
+</project>
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/BungeeLoginSession.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/BungeeLoginSession.java
@@ -0,0 +1,68 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+
+public class BungeeLoginSession extends LoginSession {
+
+    private boolean alreadySaved;
+    private boolean alreadyLogged;
+
+    public BungeeLoginSession(String username, boolean registered, StoredProfile profile) {
+        super(username, registered, profile);
+    }
+
+    public synchronized void setRegistered(boolean registered) {
+        this.registered = registered;
+    }
+
+    public synchronized boolean isAlreadySaved() {
+        return alreadySaved;
+    }
+
+    public synchronized void setAlreadySaved(boolean alreadySaved) {
+        this.alreadySaved = alreadySaved;
+    }
+
+    public synchronized boolean isAlreadyLogged() {
+        return alreadyLogged;
+    }
+
+    public synchronized void setAlreadyLogged(boolean alreadyLogged) {
+        this.alreadyLogged = alreadyLogged;
+    }
+
+    @Override
+    public synchronized String toString() {
+        return this.getClass().getSimpleName() + '{'
+            + "alreadySaved=" + alreadySaved
+            + ", alreadyLogged=" + alreadyLogged
+            + ", registered=" + registered
+            + "} " + super.toString();
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/BungeeLoginSource.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/BungeeLoginSource.java
@@ -0,0 +1,79 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee;
+
+import com.github.games647.fastlogin.core.shared.LoginSource;
+
+import java.net.InetSocketAddress;
+
+import net.md_5.bungee.api.ChatColor;
+import net.md_5.bungee.api.chat.ComponentBuilder;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.PendingConnection;
+import net.md_5.bungee.api.event.PreLoginEvent;
+
+public class BungeeLoginSource implements LoginSource {
+
+    private final PendingConnection connection;
+    private final PreLoginEvent preLoginEvent;
+
+    public BungeeLoginSource(PendingConnection connection, PreLoginEvent preLoginEvent) {
+        this.connection = connection;
+        this.preLoginEvent = preLoginEvent;
+    }
+
+    @Override
+    public void enableOnlinemode() {
+        connection.setOnlineMode(true);
+    }
+
+    @Override
+    public void kick(String message) {
+        preLoginEvent.setCancelled(true);
+
+        if (message == null) {
+            preLoginEvent.setCancelReason(new ComponentBuilder("Kicked").color(ChatColor.WHITE).create());
+        } else {
+            preLoginEvent.setCancelReason(TextComponent.fromLegacyText(message));
+        }
+    }
+
+    @Override
+    public InetSocketAddress getAddress() {
+        return connection.getAddress();
+    }
+
+    public PendingConnection getConnection() {
+        return connection;
+    }
+
+    @Override
+    public String toString() {
+        return this.getClass().getSimpleName() + '{'
+            + "connection=" + connection
+            + '}';
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/FastLoginBungee.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/FastLoginBungee.java
@@ -0,0 +1,218 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee;
+
+import com.github.games647.fastlogin.bungee.hook.BungeeAuthHook;
+import com.github.games647.fastlogin.bungee.listener.ConnectListener;
+import com.github.games647.fastlogin.bungee.listener.PluginMessageListener;
+import com.github.games647.fastlogin.core.AsyncScheduler;
+import com.github.games647.fastlogin.core.CommonUtil;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+import com.github.games647.fastlogin.core.hooks.bedrock.BedrockService;
+import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
+import com.github.games647.fastlogin.core.hooks.bedrock.GeyserService;
+import com.github.games647.fastlogin.core.message.ChangePremiumMessage;
+import com.github.games647.fastlogin.core.message.ChannelMessage;
+import com.github.games647.fastlogin.core.message.NamespaceKey;
+import com.github.games647.fastlogin.core.message.SuccessMessage;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.PlatformPlugin;
+import com.google.common.collect.MapMaker;
+import com.google.common.io.ByteArrayDataOutput;
+import com.google.common.io.ByteStreams;
+import com.google.common.util.concurrent.ThreadFactoryBuilder;
+
+import java.nio.file.Path;
+import java.util.Collections;
+import java.util.List;
+import java.util.concurrent.ConcurrentMap;
+import java.util.concurrent.ThreadFactory;
+
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.PendingConnection;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+import net.md_5.bungee.api.connection.Server;
+import net.md_5.bungee.api.plugin.Listener;
+import net.md_5.bungee.api.plugin.Plugin;
+import net.md_5.bungee.api.plugin.PluginManager;
+import net.md_5.bungee.api.scheduler.GroupedThreadFactory;
+
+import org.geysermc.floodgate.api.FloodgateApi;
+import org.geysermc.geyser.GeyserImpl;
+import org.slf4j.Logger;
+
+/**
+ * BungeeCord version of FastLogin. This plugin keeps track on online mode connections.
+ */
+public class FastLoginBungee extends Plugin implements PlatformPlugin<CommandSender> {
+
+    private final ConcurrentMap<PendingConnection, BungeeLoginSession> session = new MapMaker().weakKeys().makeMap();
+
+    private FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core;
+    private AsyncScheduler scheduler;
+    private FloodgateService floodgateService;
+    private GeyserService geyserService;
+    private Logger logger;
+
+    @Override
+    public void onEnable() {
+        logger = CommonUtil.initializeLoggerService(getLogger());
+        scheduler = new AsyncScheduler(logger, task -> getProxy().getScheduler().runAsync(this, task));
+
+        core = new FastLoginCore<>(this);
+        core.load();
+        if (!core.setupDatabase()) {
+            return;
+        }
+
+        if (isPluginInstalled("floodgate")) {
+            floodgateService = new FloodgateService(FloodgateApi.getInstance(), core);
+        }
+
+        if (isPluginInstalled("Geyser-BungeeCord")) {
+            geyserService = new GeyserService(GeyserImpl.getInstance(), core);
+        }
+
+        //events
+        PluginManager pluginManager = getProxy().getPluginManager();
+
+        Listener connectListener = new ConnectListener(this, core.getAntiBot());
+        pluginManager.registerListener(this, connectListener);
+        pluginManager.registerListener(this, new PluginMessageListener(this));
+
+        //this is required to listen to incoming messages from the server
+        getProxy().registerChannel(NamespaceKey.getCombined(getName(), ChangePremiumMessage.CHANGE_CHANNEL));
+        getProxy().registerChannel(NamespaceKey.getCombined(getName(), SuccessMessage.SUCCESS_CHANNEL));
+
+        registerHook();
+    }
+
+    @Override
+    public void onDisable() {
+        if (core != null) {
+            core.close();
+        }
+    }
+
+    public FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> getCore() {
+        return core;
+    }
+
+    public ConcurrentMap<PendingConnection, BungeeLoginSession> getSession() {
+        return session;
+    }
+
+    private void registerHook() {
+        try {
+            List<Class<? extends AuthPlugin<ProxiedPlayer>>> hooks = Collections.singletonList(
+                    BungeeAuthHook.class
+            );
+
+            for (Class<? extends AuthPlugin<ProxiedPlayer>> clazz : hooks) {
+                String pluginName = clazz.getSimpleName();
+                pluginName = pluginName.substring(0, pluginName.length() - "Hook".length());
+                //uses only member classes which uses AuthPlugin interface (skip interfaces)
+                Plugin plugin = getProxy().getPluginManager().getPlugin(pluginName);
+                if (plugin != null) {
+                    logger.info("Hooking into auth plugin: {}", pluginName);
+                    core.setAuthPluginHook(
+                            clazz.getDeclaredConstructor(FastLoginBungee.class).newInstance(this));
+                    break;
+                }
+            }
+        } catch (ReflectiveOperationException ex) {
+            logger.error("Couldn't load the auth hook class", ex);
+        }
+    }
+
+    public void sendPluginMessage(Server server, ChannelMessage message) {
+        if (server != null) {
+            ByteArrayDataOutput dataOutput = ByteStreams.newDataOutput();
+            message.writeTo(dataOutput);
+
+            NamespaceKey channel = new NamespaceKey(getName(), message.getChannelName());
+            server.sendData(channel.getCombinedName(), dataOutput.toByteArray());
+        }
+    }
+
+    @Override
+    public String getName() {
+        return getDescription().getName();
+    }
+
+    @Override
+    public Path getPluginFolder() {
+        return getDataFolder().toPath();
+    }
+
+    @Override
+    public Logger getLog() {
+        return logger;
+    }
+
+    @Override
+    public void sendMessage(CommandSender receiver, String message) {
+        receiver.sendMessage(TextComponent.fromLegacyText(message));
+    }
+
+    @Override
+    @SuppressWarnings("deprecation")
+    public ThreadFactory getThreadFactory() {
+        return new ThreadFactoryBuilder()
+                .setNameFormat(getName() + " Pool Thread #%1$d")
+                //Hikari create daemons by default
+                .setDaemon(true)
+                .setThreadFactory(new GroupedThreadFactory(this, getName()))
+                .build();
+    }
+
+    @Override
+    public AsyncScheduler getScheduler() {
+        return scheduler;
+    }
+
+    @Override
+    public boolean isPluginInstalled(String name) {
+        return getProxy().getPluginManager().getPlugin(name) != null;
+    }
+
+    public FloodgateService getFloodgateService() {
+        return floodgateService;
+    }
+
+    public GeyserService getGeyserService() {
+        return geyserService;
+    }
+
+    @Override
+    public BedrockService<?> getBedrockService() {
+        if (floodgateService != null) {
+            return floodgateService;
+        }
+        return geyserService;
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginAutoLoginEvent.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginAutoLoginEvent.java
@@ -0,0 +1,65 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.event;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
+
+import net.md_5.bungee.api.plugin.Cancellable;
+import net.md_5.bungee.api.plugin.Event;
+
+public class BungeeFastLoginAutoLoginEvent extends Event implements FastLoginAutoLoginEvent, Cancellable {
+
+    private final LoginSession session;
+    private final StoredProfile profile;
+    private boolean cancelled;
+
+    public BungeeFastLoginAutoLoginEvent(LoginSession session, StoredProfile profile) {
+        this.session = session;
+        this.profile = profile;
+    }
+
+    @Override
+    public LoginSession getSession() {
+        return session;
+    }
+
+    @Override
+    public StoredProfile getProfile() {
+        return profile;
+    }
+
+    @Override
+    public boolean isCancelled() {
+        return cancelled;
+    }
+
+    @Override
+    public void setCancelled(boolean cancelled) {
+        this.cancelled = cancelled;
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginPreLoginEvent.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginPreLoginEvent.java
@@ -0,0 +1,60 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.event;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.LoginSource;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
+
+import net.md_5.bungee.api.plugin.Event;
+
+public class BungeeFastLoginPreLoginEvent extends Event implements FastLoginPreLoginEvent {
+
+    private final String username;
+    private final LoginSource source;
+    private final StoredProfile profile;
+
+    public BungeeFastLoginPreLoginEvent(String username, LoginSource source, StoredProfile profile) {
+        this.username = username;
+        this.source = source;
+        this.profile = profile;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    @Override
+    public LoginSource getSource() {
+        return source;
+    }
+
+    @Override
+    public StoredProfile getProfile() {
+        return profile;
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginPremiumToggleEvent.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/event/BungeeFastLoginPremiumToggleEvent.java
@@ -0,0 +1,52 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.event;
+
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent;
+
+import net.md_5.bungee.api.plugin.Event;
+
+public class BungeeFastLoginPremiumToggleEvent extends Event implements FastLoginPremiumToggleEvent {
+
+    private final StoredProfile profile;
+    private final PremiumToggleReason reason;
+
+    public BungeeFastLoginPremiumToggleEvent(StoredProfile profile, PremiumToggleReason reason) {
+        this.profile = profile;
+        this.reason = reason;
+    }
+
+    @Override
+    public StoredProfile getProfile() {
+        return profile;
+    }
+
+    @Override
+    public PremiumToggleReason getReason() {
+        return reason;
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/hook/BungeeAuthHook.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/hook/BungeeAuthHook.java
@@ -0,0 +1,67 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.hook;
+
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.core.hooks.AuthPlugin;
+
+import me.vik1395.BungeeAuth.Main;
+import me.vik1395.BungeeAuthAPI.RequestHandler;
+
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+
+/**
+ * GitHub:
+ * <a href="https://github.com/vik1395/BungeeAuth-Minecraft">...</a>
+ * <p>
+ * Project page:
+ * <p>
+ * Spigot:
+ * <a href="https://www.spigotmc.org/resources/bungeeauth.493/">...</a>
+ */
+public class BungeeAuthHook implements AuthPlugin<ProxiedPlayer> {
+
+    private final RequestHandler requestHandler = new RequestHandler();
+
+    public BungeeAuthHook(FastLoginBungee plugin) {
+    }
+
+    @Override
+    public boolean forceLogin(ProxiedPlayer player) {
+        String playerName = player.getName();
+        return Main.plonline.contains(playerName) || requestHandler.forceLogin(playerName);
+    }
+
+    @Override
+    public boolean isRegistered(String playerName) {
+        return requestHandler.isRegistered(playerName);
+    }
+
+    @Override
+    public boolean forceRegister(ProxiedPlayer player, String password) {
+        return requestHandler.forceRegister(player, password);
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/listener/ConnectListener.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/listener/ConnectListener.java
@@ -0,0 +1,227 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.listener;
+
+import com.github.games647.craftapi.UUIDAdapter;
+import com.github.games647.fastlogin.bungee.BungeeLoginSession;
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.bungee.task.AsyncPremiumCheck;
+import com.github.games647.fastlogin.bungee.task.FloodgateAuthTask;
+import com.github.games647.fastlogin.bungee.task.ForceLoginTask;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.antibot.AntiBotService;
+import com.github.games647.fastlogin.core.antibot.AntiBotService.Action;
+import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.google.common.base.Throwables;
+
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodHandles.Lookup;
+import java.lang.reflect.Field;
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.PendingConnection;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+import net.md_5.bungee.api.connection.Server;
+import net.md_5.bungee.api.event.LoginEvent;
+import net.md_5.bungee.api.event.PlayerDisconnectEvent;
+import net.md_5.bungee.api.event.PreLoginEvent;
+import net.md_5.bungee.api.event.ServerConnectedEvent;
+import net.md_5.bungee.api.plugin.Listener;
+import net.md_5.bungee.connection.InitialHandler;
+import net.md_5.bungee.connection.LoginResult;
+import net.md_5.bungee.event.EventHandler;
+import net.md_5.bungee.event.EventPriority;
+import net.md_5.bungee.protocol.Property;
+
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Enables online mode logins for specified users and sends plugin message to the Bukkit version of this plugin in
+ * order to clear that the connection is online mode.
+ */
+public class ConnectListener implements Listener {
+
+    private static final String UUID_FIELD_NAME = "uniqueId";
+    protected static final MethodHandle UNIQUE_ID_SETTER;
+
+    static {
+        MethodHandle setHandle = null;
+        try {
+            Lookup lookup = MethodHandles.lookup();
+
+            Class.forName("net.md_5.bungee.connection.InitialHandler");
+
+            Field uuidField = InitialHandler.class.getDeclaredField(UUID_FIELD_NAME);
+            uuidField.setAccessible(true);
+            setHandle = lookup.unreflectSetter(uuidField);
+        } catch (ReflectiveOperationException reflectiveOperationException) {
+            Logger logger = LoggerFactory.getLogger(ConnectListener.class);
+            logger.error(
+                    "Cannot find Bungee initial handler; Disabling premium UUID and skin won't work.",
+                    reflectiveOperationException
+            );
+        }
+
+        UNIQUE_ID_SETTER = setHandle;
+    }
+
+    private final FastLoginBungee plugin;
+    private final AntiBotService antiBotService;
+    private final Property[] emptyProperties = {};
+
+    public ConnectListener(FastLoginBungee plugin, AntiBotService antiBotService) {
+        this.plugin = plugin;
+        this.antiBotService = antiBotService;
+    }
+
+    @EventHandler
+    public void onPreLogin(PreLoginEvent preLoginEvent) {
+        PendingConnection connection = preLoginEvent.getConnection();
+        if (preLoginEvent.isCancelled()) {
+            return;
+        }
+
+        InetSocketAddress address = preLoginEvent.getConnection().getAddress();
+        String username = connection.getName();
+
+        plugin.getLog().info("Incoming login request for {} from {}", username, connection.getSocketAddress());
+
+        Action action = antiBotService.onIncomingConnection(address, username);
+        switch (action) {
+            case Ignore:
+                // just ignore
+                return;
+            case Block:
+                String message = plugin.getCore().getMessage("kick-antibot");
+                preLoginEvent.setCancelReason(TextComponent.fromLegacyText(message));
+                preLoginEvent.setCancelled(true);
+                break;
+            case Continue:
+            default:
+                preLoginEvent.registerIntent(plugin);
+                Runnable asyncPremiumCheck = new AsyncPremiumCheck(plugin, preLoginEvent, connection, username);
+                plugin.getScheduler().runAsync(asyncPremiumCheck);
+                break;
+        }
+    }
+
+    @EventHandler(priority = EventPriority.LOWEST)
+    public void onLogin(LoginEvent loginEvent) {
+        if (loginEvent.isCancelled()) {
+            return;
+        }
+
+        //use the login event instead of the post login event in order to send the login success packet to the client
+        //with the offline uuid this makes it possible to set the skin then
+        PendingConnection connection = loginEvent.getConnection();
+        if (connection.isOnlineMode()) {
+            LoginSession session = plugin.getSession().get(connection);
+
+            UUID verifiedUUID = connection.getUniqueId();
+            String verifiedUsername = connection.getName();
+            session.setUuid(verifiedUUID);
+            session.setVerifiedUsername(verifiedUsername);
+
+            StoredProfile playerProfile = session.getProfile();
+            playerProfile.setId(verifiedUUID);
+
+            // BungeeCord will do this automatically so override it on disabled option
+            if (UNIQUE_ID_SETTER != null) {
+                InitialHandler initialHandler = (InitialHandler) connection;
+
+                if (!plugin.getCore().getConfig().get("premiumUuid", true)) {
+                    setOfflineId(initialHandler, verifiedUsername);
+                }
+
+                if (!plugin.getCore().getConfig().get("forwardSkin", true)) {
+                    // this is null on offline mode
+                    LoginResult loginProfile = initialHandler.getLoginProfile();
+                    loginProfile.setProperties(emptyProperties);
+                }
+            }
+        }
+    }
+
+    protected void setOfflineId(InitialHandler connection, String username) {
+        try {
+            UUID oldPremiumId = connection.getUniqueId();
+            UUID offlineUUID = UUIDAdapter.generateOfflineId(username);
+
+            // BungeeCord only allows setting the UUID in PreLogin events and before requesting online mode
+            // However if online mode is requested, it will override previous values
+            // So we have to do it with reflection
+            UNIQUE_ID_SETTER.invokeExact(connection, offlineUUID);
+
+            String format = "Overridden UUID from {} to {} (based of {}) on {}";
+            plugin.getLog().info(format, oldPremiumId, offlineUUID, username, connection);
+        } catch (Exception ex) {
+            plugin.getLog().error("Failed to set offline uuid of {}", username, ex);
+        } catch (Throwable throwable) {
+            // throw remaining exceptions like out of memory that we shouldn't handle ourselves
+            Throwables.throwIfUnchecked(throwable);
+        }
+    }
+
+    @EventHandler
+    public void onServerConnected(ServerConnectedEvent serverConnectedEvent) {
+        ProxiedPlayer player = serverConnectedEvent.getPlayer();
+        Server server = serverConnectedEvent.getServer();
+
+        FloodgateService floodgateService = plugin.getFloodgateService();
+        if (floodgateService != null) {
+            FloodgatePlayer floodgatePlayer = floodgateService.getBedrockPlayer(player.getUniqueId());
+            if (floodgatePlayer != null) {
+                Runnable floodgateAuthTask = new FloodgateAuthTask(plugin.getCore(), player, floodgatePlayer, server);
+                plugin.getScheduler().runAsync(floodgateAuthTask);
+                return;
+            }
+        }
+
+        BungeeLoginSession session = plugin.getSession().get(player.getPendingConnection());
+        if (session == null) {
+            return;
+        }
+
+        // delay sending force command, because Paper will process the login event asynchronously
+        // In this case it means that the force command (plugin message) is already received and processed while
+        // player is still in the login phase and reported to be offline.
+        Runnable loginTask = new ForceLoginTask(plugin.getCore(), player, server, session);
+        plugin.getScheduler().runAsync(loginTask);
+    }
+
+    @EventHandler
+    public void onDisconnect(PlayerDisconnectEvent disconnectEvent) {
+        ProxiedPlayer player = disconnectEvent.getPlayer();
+        plugin.getSession().remove(player.getPendingConnection());
+        plugin.getCore().getPendingConfirms().remove(player.getUniqueId());
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/listener/PluginMessageListener.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/listener/PluginMessageListener.java
@@ -0,0 +1,141 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.listener;
+
+import com.github.games647.fastlogin.bungee.BungeeLoginSession;
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.bungee.task.AsyncToggleMessage;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.hooks.bedrock.FloodgateService;
+import com.github.games647.fastlogin.core.message.ChangePremiumMessage;
+import com.github.games647.fastlogin.core.message.NamespaceKey;
+import com.github.games647.fastlogin.core.message.SuccessMessage;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.google.common.io.ByteArrayDataInput;
+import com.google.common.io.ByteStreams;
+
+import java.util.Arrays;
+
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+import net.md_5.bungee.api.connection.Server;
+import net.md_5.bungee.api.event.PluginMessageEvent;
+import net.md_5.bungee.api.plugin.Listener;
+import net.md_5.bungee.event.EventHandler;
+
+public class PluginMessageListener implements Listener {
+
+    private final FastLoginBungee plugin;
+
+    private final String successChannel;
+    private final String changeChannel;
+
+    public PluginMessageListener(FastLoginBungee plugin) {
+        this.plugin = plugin;
+
+        this.successChannel = new NamespaceKey(plugin.getName(), SuccessMessage.SUCCESS_CHANNEL).getCombinedName();
+        this.changeChannel = new NamespaceKey(plugin.getName(), ChangePremiumMessage.CHANGE_CHANNEL).getCombinedName();
+    }
+
+    @EventHandler
+    public void onPluginMessage(PluginMessageEvent pluginMessageEvent) {
+        String channel = pluginMessageEvent.getTag();
+        if (pluginMessageEvent.isCancelled() || !channel.startsWith(plugin.getName().toLowerCase())) {
+            return;
+        }
+
+        //the client shouldn't be able to read the messages in order to know something about server internal states
+        //moreover the client shouldn't be able to fake a running premium check by sending the result message
+        pluginMessageEvent.setCancelled(true);
+
+        if (!(pluginMessageEvent.getSender() instanceof Server)) {
+            //check if the message is sent from the server
+            return;
+        }
+
+        //so that we can safely process this in the background
+        byte[] data = Arrays.copyOf(pluginMessageEvent.getData(), pluginMessageEvent.getData().length);
+        ProxiedPlayer forPlayer = (ProxiedPlayer) pluginMessageEvent.getReceiver();
+
+        plugin.getScheduler().runAsync(() -> readMessage(forPlayer, channel, data));
+    }
+
+    private void readMessage(ProxiedPlayer forPlayer, String channel, byte[] data) {
+        FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core = plugin.getCore();
+
+        ByteArrayDataInput dataInput = ByteStreams.newDataInput(data);
+        if (successChannel.equals(channel)) {
+            onSuccessMessage(forPlayer);
+        } else if (changeChannel.equals(channel)) {
+            ChangePremiumMessage changeMessage = new ChangePremiumMessage();
+            changeMessage.readFrom(dataInput);
+
+            String playerName = changeMessage.getPlayerName();
+            boolean isSourceInvoker = changeMessage.isSourceInvoker();
+            if (changeMessage.shouldEnable()) {
+                if (playerName.equals(forPlayer.getName()) && plugin.getCore().getConfig().get("premium-warning", true)
+                        && !core.getPendingConfirms().contains(forPlayer.getUniqueId())) {
+                    String message = core.getMessage("premium-warning");
+                    forPlayer.sendMessage(TextComponent.fromLegacyText(message));
+                    core.getPendingConfirms().add(forPlayer.getUniqueId());
+                    return;
+                }
+
+                core.getPendingConfirms().remove(forPlayer.getUniqueId());
+                Runnable task = new AsyncToggleMessage(core, forPlayer, playerName, true, isSourceInvoker);
+                plugin.getScheduler().runAsync(task);
+            } else {
+                Runnable task = new AsyncToggleMessage(core, forPlayer, playerName, false, isSourceInvoker);
+                plugin.getScheduler().runAsync(task);
+            }
+        }
+    }
+
+    private void onSuccessMessage(ProxiedPlayer forPlayer) {
+        boolean shouldPersist = forPlayer.getPendingConnection().isOnlineMode();
+
+        FloodgateService floodgateService = plugin.getFloodgateService();
+        if (!shouldPersist && floodgateService != null) {
+            // always save floodgate players to lock this username
+            shouldPersist = floodgateService.isBedrockPlayer(forPlayer.getUniqueId());
+        }
+
+        if (shouldPersist) {
+            //bukkit module successfully received and force logged in the user
+            //update only on success to prevent corrupt data
+            BungeeLoginSession loginSession = plugin.getSession().get(forPlayer.getPendingConnection());
+            StoredProfile playerProfile = loginSession.getProfile();
+            loginSession.setRegistered(true);
+
+            if (!loginSession.isAlreadySaved()) {
+                playerProfile.setPremium(true);
+                plugin.getCore().getStorage().save(playerProfile);
+                loginSession.setAlreadySaved(true);
+            }
+        }
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/AsyncPremiumCheck.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/AsyncPremiumCheck.java
@@ -0,0 +1,92 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.task;
+
+import com.github.games647.fastlogin.bungee.BungeeLoginSession;
+import com.github.games647.fastlogin.bungee.BungeeLoginSource;
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.bungee.event.BungeeFastLoginPreLoginEvent;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.JoinManagement;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPreLoginEvent;
+
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.connection.PendingConnection;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+import net.md_5.bungee.api.event.PreLoginEvent;
+
+public class AsyncPremiumCheck extends JoinManagement<ProxiedPlayer, CommandSender, BungeeLoginSource>
+        implements Runnable {
+
+    private final FastLoginBungee plugin;
+    private final PreLoginEvent preLoginEvent;
+
+    private final String username;
+    private final PendingConnection connection;
+
+    public AsyncPremiumCheck(FastLoginBungee plugin, PreLoginEvent preLoginEvent, PendingConnection connection,
+                             String username) {
+        super(plugin.getCore(), plugin.getCore().getAuthPluginHook(), plugin.getBedrockService());
+
+        this.plugin = plugin;
+        this.preLoginEvent = preLoginEvent;
+        this.connection = connection;
+        this.username = username;
+    }
+
+    @Override
+    public void run() {
+        plugin.getSession().remove(connection);
+
+        try {
+            super.onLogin(username, new BungeeLoginSource(connection, preLoginEvent));
+        } finally {
+            preLoginEvent.completeIntent(plugin);
+        }
+    }
+
+    @Override
+    public FastLoginPreLoginEvent callFastLoginPreLoginEvent(String username, BungeeLoginSource source,
+                                                             StoredProfile profile) {
+        return plugin.getProxy().getPluginManager()
+                .callEvent(new BungeeFastLoginPreLoginEvent(username, source, profile));
+    }
+
+    @Override
+    public void requestPremiumLogin(BungeeLoginSource source, StoredProfile profile,
+                                    String username, boolean registered) {
+        source.enableOnlinemode();
+        plugin.getSession().put(source.getConnection(), new BungeeLoginSession(username, registered, profile));
+
+        String ip = source.getAddress().getAddress().getHostAddress();
+        plugin.getCore().getPendingLogin().put(ip + username, new Object());
+    }
+
+    @Override
+    public void startCrackedSession(BungeeLoginSource source, StoredProfile profile, String username) {
+        plugin.getSession().put(source.getConnection(), new BungeeLoginSession(username, false, profile));
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/AsyncToggleMessage.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/AsyncToggleMessage.java
@@ -0,0 +1,108 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.task;
+
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.bungee.event.BungeeFastLoginPremiumToggleEvent;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.event.FastLoginPremiumToggleEvent.PremiumToggleReason;
+
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.ProxyServer;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+
+public class AsyncToggleMessage implements Runnable {
+
+    private final FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core;
+    private final ProxiedPlayer sender;
+    private final String targetPlayer;
+    private final boolean toPremium;
+    private final boolean isPlayerSender;
+
+    public AsyncToggleMessage(FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core,
+             ProxiedPlayer sender, String playerName, boolean toPremium, boolean playerSender) {
+        this.core = core;
+        this.sender = sender;
+        this.targetPlayer = playerName;
+        this.toPremium = toPremium;
+        this.isPlayerSender = playerSender;
+    }
+
+    @Override
+    public void run() {
+        if (toPremium) {
+            activatePremium();
+        } else {
+            turnOffPremium();
+        }
+    }
+
+    private void turnOffPremium() {
+        StoredProfile playerProfile = core.getStorage().loadProfile(targetPlayer);
+        //existing player is already cracked
+        if (playerProfile.isSaved() && !playerProfile.isPremium()) {
+            sendMessage("not-premium");
+            return;
+        }
+
+        playerProfile.setPremium(false);
+        playerProfile.setId(null);
+        core.getStorage().save(playerProfile);
+        PremiumToggleReason reason = (!isPlayerSender || !sender.getName().equalsIgnoreCase(playerProfile.getName()))
+            ? PremiumToggleReason.COMMAND_OTHER : PremiumToggleReason.COMMAND_SELF;
+        core.getPlugin().getProxy().getPluginManager().callEvent(
+                new BungeeFastLoginPremiumToggleEvent(playerProfile, reason));
+        sendMessage("remove-premium");
+    }
+
+    private void activatePremium() {
+        StoredProfile playerProfile = core.getStorage().loadProfile(targetPlayer);
+        if (playerProfile.isPremium()) {
+            sendMessage("already-exists");
+            return;
+        }
+
+        playerProfile.setPremium(true);
+        core.getStorage().save(playerProfile);
+        PremiumToggleReason reason = (!isPlayerSender || !sender.getName().equalsIgnoreCase(playerProfile.getName()))
+            ? PremiumToggleReason.COMMAND_OTHER : PremiumToggleReason.COMMAND_SELF;
+        core.getPlugin().getProxy().getPluginManager().callEvent(
+                new BungeeFastLoginPremiumToggleEvent(playerProfile, reason));
+        sendMessage("add-premium");
+    }
+
+    private void sendMessage(String localeId) {
+        String message = core.getMessage(localeId);
+        if (isPlayerSender) {
+            sender.sendMessage(TextComponent.fromLegacyText(message));
+        } else {
+            CommandSender console = ProxyServer.getInstance().getConsole();
+            console.sendMessage(TextComponent.fromLegacyText(message));
+        }
+    }
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/FloodgateAuthTask.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/FloodgateAuthTask.java
@@ -0,0 +1,79 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.task;
+
+import com.github.games647.fastlogin.bungee.BungeeLoginSession;
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.FloodgateManagement;
+
+import java.net.InetSocketAddress;
+import java.util.UUID;
+
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+import net.md_5.bungee.api.connection.Server;
+
+import org.geysermc.floodgate.api.player.FloodgatePlayer;
+
+public class FloodgateAuthTask
+        extends FloodgateManagement<ProxiedPlayer, CommandSender, BungeeLoginSession, FastLoginBungee> {
+
+    private final Server server;
+
+    public FloodgateAuthTask(FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core, ProxiedPlayer player,
+            FloodgatePlayer floodgatePlayer, Server server) {
+        super(core, player, floodgatePlayer);
+        this.server = server;
+    }
+
+    @Override
+    protected void startLogin() {
+        BungeeLoginSession session = new BungeeLoginSession(player.getName(), isRegistered, profile);
+        core.getPlugin().getSession().put(player.getPendingConnection(), session);
+
+        // run login task
+        Runnable forceLoginTask = new ForceLoginTask(core.getPlugin().getCore(), player, server, session,
+                isAutoAuthAllowed(autoLoginFloodgate));
+        core.getPlugin().getScheduler().runAsync(forceLoginTask);
+    }
+
+    @Override
+    protected String getName(ProxiedPlayer player) {
+        return player.getName();
+    }
+
+    @Override
+    protected UUID getUUID(ProxiedPlayer player) {
+        return player.getUniqueId();
+    }
+
+    @Override
+    protected InetSocketAddress getAddress(ProxiedPlayer player) {
+        return player.getAddress();
+    }
+
+}
--- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/ForceLoginTask.java
+++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/task/ForceLoginTask.java
@@ -0,0 +1,131 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.task;
+
+import com.github.games647.fastlogin.bungee.BungeeLoginSession;
+import com.github.games647.fastlogin.bungee.FastLoginBungee;
+import com.github.games647.fastlogin.bungee.event.BungeeFastLoginAutoLoginEvent;
+import com.github.games647.fastlogin.core.StoredProfile;
+import com.github.games647.fastlogin.core.message.ChannelMessage;
+import com.github.games647.fastlogin.core.message.LoginActionMessage;
+import com.github.games647.fastlogin.core.message.LoginActionMessage.Type;
+import com.github.games647.fastlogin.core.shared.FastLoginCore;
+import com.github.games647.fastlogin.core.shared.ForceLoginManagement;
+import com.github.games647.fastlogin.core.shared.LoginSession;
+import com.github.games647.fastlogin.core.shared.event.FastLoginAutoLoginEvent;
+
+import java.util.UUID;
+
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.ProxyServer;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+import net.md_5.bungee.api.connection.Server;
+
+public class ForceLoginTask
+        extends ForceLoginManagement<ProxiedPlayer, CommandSender, BungeeLoginSession, FastLoginBungee> {
+
+    private final Server server;
+
+    //treat player as if they had a premium account, even when they don't
+    //use for Floodgate auto login/register
+    private final boolean forcedOnlineMode;
+
+    public ForceLoginTask(FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core,
+                          ProxiedPlayer player, Server server, BungeeLoginSession session, boolean forcedOnlineMode) {
+        super(core, player, session);
+
+        this.server = server;
+        this.forcedOnlineMode = forcedOnlineMode;
+    }
+
+    public ForceLoginTask(FastLoginCore<ProxiedPlayer, CommandSender, FastLoginBungee> core, ProxiedPlayer player,
+            Server server, BungeeLoginSession session) {
+        this(core, player, server, session, false);
+    }
+
+    @Override
+    public void run() {
+        if (session == null) {
+            return;
+        }
+
+        super.run();
+
+        if (!isOnlineMode()) {
+            session.setAlreadySaved(true);
+        }
+    }
+
+    @Override
+    public boolean forceLogin(ProxiedPlayer player) {
+        if (session.isAlreadyLogged()) {
+            return true;
+        }
+
+        session.setAlreadyLogged(true);
+        return super.forceLogin(player);
+    }
+
+    @Override
+    public FastLoginAutoLoginEvent callFastLoginAutoLoginEvent(LoginSession session, StoredProfile profile) {
+        return core.getPlugin().getProxy().getPluginManager()
+                .callEvent(new BungeeFastLoginAutoLoginEvent(session, profile));
+    }
+
+    @Override
+    public boolean forceRegister(ProxiedPlayer player) {
+        return session.isAlreadyLogged() || super.forceRegister(player);
+    }
+
+    @Override
+    public void onForceActionSuccess(LoginSession session) {
+        //sub channel name
+        Type type = Type.LOGIN;
+        if (session.needsRegistration()) {
+            type = Type.REGISTER;
+        }
+
+        UUID proxyId = UUID.fromString(ProxyServer.getInstance().getConfig().getUuid());
+        ChannelMessage loginMessage = new LoginActionMessage(type, player.getName(), proxyId);
+
+        core.getPlugin().sendPluginMessage(server, loginMessage);
+    }
+
+    @Override
+    public String getName(ProxiedPlayer player) {
+        return player.getName();
+    }
+
+    @Override
+    public boolean isOnline(ProxiedPlayer player) {
+        return player.isConnected();
+    }
+
+    @Override
+    public boolean isOnlineMode() {
+        return forcedOnlineMode || player.getPendingConnection().isOnlineMode();
+    }
+}
--- a/bungee/src/main/resources/bungee.yml
+++ b/bungee/src/main/resources/bungee.yml
@@ -0,0 +1,21 @@
+# project data for BungeeCord
+# This file will be prioritised over plugin.yml which can be also used for Bungee
+# This make it easy to combine BungeeCord and Bukkit support in one plugin
+name: ${project.parent.name}
+# ${-} will be automatically replaced by Maven
+main: ${project.groupId}.${project.artifactId}.${project.name}
+
+version: ${project.version}-${git.commit.id.abbrev}
+author: games647, https://github.com/games647/FastLogin/graphs/contributors
+
+softDepends:
+    # BungeeCord auth plugins
+    - BungeeAuth
+    - BungeeCordAuthenticatorBungee
+    - SodionAuth
+    # Bedrock Player Bridge
+    - Geyser-BungeeCord
+    - floodgate
+
+description: |
+    ${project.description}
--- a/bungee/src/test/java/com/github/games647/fastlogin/bungee/listener/ConnectListenerTest.java
+++ b/bungee/src/test/java/com/github/games647/fastlogin/bungee/listener/ConnectListenerTest.java
@@ -0,0 +1,58 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.bungee.listener;
+
+import java.lang.reflect.Field;
+import java.util.UUID;
+
+import net.md_5.bungee.BungeeCord;
+import net.md_5.bungee.conf.Configuration;
+import net.md_5.bungee.connection.InitialHandler;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.mock;
+
+class ConnectListenerTest {
+
+    @Test
+    void testUUIDSetter() throws Throwable {
+        BungeeCord proxyMock = mock(BungeeCord.class);
+        BungeeCord.setInstance(proxyMock);
+        
+        Configuration configMock = mock(Configuration.class);
+        Field configField = proxyMock.getClass().getField("config");
+        configField.setAccessible(true);
+        configField.set(proxyMock, configMock);
+
+        InitialHandler handler = new InitialHandler(proxyMock, null);
+
+        UUID expectedUUID = UUID.randomUUID();
+        ConnectListener.UNIQUE_ID_SETTER.invokeExact(handler, expectedUUID);
+        assertEquals(expectedUUID, handler.getUniqueId());
+    }
+}
--- a/checkstyle.xml
+++ b/checkstyle.xml
@@ -0,0 +1,225 @@
+<?xml version="1.0"?>
+<!--
+
+    SPDX-License-Identifier: MIT
+
+    The MIT License (MIT)
+
+    Copyright (c) 2015-2022 games647 and contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+
+-->
+<!DOCTYPE module PUBLIC
+          "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
+          "https://checkstyle.org/dtds/configuration_1_3.dtd">
+
+<!--
+
+  Checkstyle configuration that checks the sun coding conventions from:
+
+    - the Java Language Specification at
+      https://docs.oracle.com/javase/specs/jls/se11/html/index.html
+
+    - the Sun Code Conventions at https://www.oracle.com/java/technologies/javase/codeconventions-contents.html
+
+    - the Javadoc guidelines at
+      https://www.oracle.com/technical-resources/articles/java/javadoc-tool.html
+
+    - the JDK Api documentation https://docs.oracle.com/en/java/javase/11/
+
+    - some best practices
+
+  Checkstyle is very configurable. Be sure to read the documentation at
+  https://checkstyle.org (or in your downloaded distribution).
+
+  Most Checks are configurable, be sure to consult the documentation.
+
+  To completely disable a check, just comment it out or delete it from the file.
+  To suppress certain violations please review suppression filters.
+
+  Finally, it is worth reading the documentation.
+
+-->
+
+<module name="Checker">
+  <!--
+      If you set the basedir property below, then all reported file
+      names will be relative to the specified directory. See
+      https://checkstyle.org/config.html#Checker
+
+      <property name="basedir" value="${basedir}"/>
+  -->
+  <property name="severity" value="error"/>
+
+  <property name="fileExtensions" value="java, properties, xml"/>
+
+  <!-- Excludes all 'module-info.java' files              -->
+  <!-- See https://checkstyle.org/config_filefilters.html -->
+  <module name="BeforeExecutionExclusionFileFilter">
+    <property name="fileNamePattern" value="module\-info\.java$"/>
+  </module>
+
+  <!-- https://checkstyle.org/config_filters.html#SuppressionFilter -->
+  <module name="SuppressionFilter">
+    <property name="file" value="${org.checkstyle.sun.suppressionfilter.config}"
+              default="checkstyle-suppressions.xml" />
+    <property name="optional" value="true"/>
+  </module>
+
+  <!-- Checks that a package-info.java file exists for each package.     -->
+  <!-- See https://checkstyle.org/config_javadoc.html#JavadocPackage -->
+  <!--<module name="JavadocPackage"/>-->
+
+  <!-- Checks whether files end with a new line.                        -->
+  <!-- See https://checkstyle.org/config_misc.html#NewlineAtEndOfFile -->
+  <module name="NewlineAtEndOfFile"/>
+
+  <!-- Checks that property files contain the same keys.         -->
+  <!-- See https://checkstyle.org/config_misc.html#Translation -->
+  <module name="Translation"/>
+
+  <!-- Checks for Size Violations.                    -->
+  <!-- See https://checkstyle.org/config_sizes.html -->
+  <module name="FileLength"/>
+  <module name="LineLength">
+    <property name="max" value="120"/>
+    <property name="fileExtensions" value="java"/>
+    <property name="ignorePattern" value="^ *\* *@see.+$"/>
+  </module>
+
+  <!-- Checks for whitespace                               -->
+  <!-- See https://checkstyle.org/config_whitespace.html -->
+  <module name="FileTabCharacter"/>
+
+  <!-- Miscellaneous other checks.                   -->
+  <!-- See https://checkstyle.org/config_misc.html -->
+  <module name="RegexpSingleline">
+    <property name="format" value="\s+$"/>
+    <property name="minimum" value="0"/>
+    <property name="maximum" value="0"/>
+    <property name="message" value="Line has trailing spaces."/>
+  </module>
+
+  <!-- Checks for Headers                                -->
+  <!-- See https://checkstyle.org/config_header.html   -->
+  <!-- <module name="Header"> -->
+  <!--   <property name="headerFile" value="${checkstyle.header.file}"/> -->
+  <!--   <property name="fileExtensions" value="java"/> -->
+  <!-- </module> -->
+
+  <module name="TreeWalker">
+
+    <!-- Checks for Javadoc comments.                     -->
+    <!-- See https://checkstyle.org/config_javadoc.html -->
+    <module name="InvalidJavadocPosition"/>
+    <module name="JavadocMethod"/>
+    <!--<module name="JavadocType"/>-->
+    <!--<module name="JavadocVariable"/>-->
+    <!--<module name="JavadocStyle"/>-->
+    <!--<module name="MissingJavadocMethod"/>-->
+
+    <!-- Checks for Naming Conventions.                  -->
+    <!-- See https://checkstyle.org/config_naming.html -->
+    <module name="ConstantName"/>
+    <module name="LocalFinalVariableName"/>
+    <module name="LocalVariableName"/>
+    <module name="MemberName"/>
+    <module name="MethodName"/>
+    <module name="PackageName"/>
+    <module name="ParameterName"/>
+    <module name="StaticVariableName"/>
+    <module name="TypeName"/>
+
+    <!-- Checks for imports                              -->
+    <!-- See https://checkstyle.org/config_imports.html -->
+    <module name="AvoidStarImport"/>
+    <module name="IllegalImport"/> <!-- defaults to sun.* packages -->
+    <module name="RedundantImport"/>
+    <module name="UnusedImports">
+      <property name="processJavadoc" value="false"/>
+    </module>
+
+    <!-- Checks for Size Violations.                    -->
+    <!-- See https://checkstyle.org/config_sizes.html -->
+    <module name="MethodLength"/>
+    <module name="ParameterNumber"/>
+
+    <!-- Checks for whitespace                               -->
+    <!-- See https://checkstyle.org/config_whitespace.html -->
+    <module name="EmptyForIteratorPad"/>
+    <module name="GenericWhitespace"/>
+    <module name="MethodParamPad"/>
+    <module name="NoWhitespaceAfter"/>
+    <module name="NoWhitespaceBefore"/>
+    <module name="OperatorWrap"/>
+    <module name="ParenPad"/>
+    <module name="TypecastParenPad"/>
+    <module name="WhitespaceAfter"/>
+    <module name="WhitespaceAround"/>
+
+    <!-- Modifier Checks                                    -->
+    <!-- See https://checkstyle.org/config_modifier.html -->
+    <module name="ModifierOrder"/>
+    <module name="RedundantModifier"/>
+
+    <!-- Checks for blocks. You know, those {}'s         -->
+    <!-- See https://checkstyle.org/config_blocks.html -->
+    <module name="AvoidNestedBlocks"/>
+    <module name="EmptyBlock"/>
+    <module name="LeftCurly"/>
+    <module name="NeedBraces"/>
+    <module name="RightCurly"/>
+
+    <!-- Checks for common coding problems               -->
+    <!-- See https://checkstyle.org/config_coding.html -->
+    <module name="EmptyStatement"/>
+    <module name="EqualsHashCode"/>
+    <module name="IllegalInstantiation"/>
+    <module name="InnerAssignment"/>
+    <!--<module name="MagicNumber"/>-->
+    <module name="MissingSwitchDefault"/>
+    <module name="MultipleVariableDeclarations"/>
+    <module name="SimplifyBooleanExpression"/>
+    <module name="SimplifyBooleanReturn"/>
+
+    <!-- Checks for class design                         -->
+    <!-- See https://checkstyle.org/config_design.html -->
+    <!--<module name="DesignForExtension"/>-->
+    <module name="FinalClass"/>
+    <module name="HideUtilityClassConstructor"/>
+    <module name="InterfaceIsType"/>
+
+    <!-- Miscellaneous other checks.                   -->
+    <!-- See https://checkstyle.org/config_misc.html -->
+    <module name="ArrayTypeStyle"/>
+    <!--<module name="FinalParameters"/>-->
+<!--    <module name="TodoComment"/>-->
+    <module name="UpperEll"/>
+
+    <!-- https://checkstyle.org/config_filters.html#SuppressionXpathFilter -->
+    <module name="SuppressionXpathFilter">
+      <property name="file" value="${org.checkstyle.sun.suppressionxpathfilter.config}"
+                default="checkstyle-xpath-suppressions.xml" />
+      <property name="optional" value="true"/>
+    </module>
+
+  </module>
+
+</module>
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -0,0 +1,197 @@
+<!--
+
+    SPDX-License-Identifier: MIT
+
+    The MIT License (MIT)
+
+    Copyright (c) 2015-2022 games647 and contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+
+-->
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>com.github.games647</groupId>
+        <artifactId>fastlogin</artifactId>
+        <version>1.12-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>fastlogin.core</artifactId>
+    <packaging>jar</packaging>
+
+    <name>FastLoginCore</name>
+
+    <repositories>
+        <repository>
+            <id>luck-repo</id>
+            <url>https://ci.lucko.me/plugin/repository/everything/</url>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+        <repository>
+            <id>codemc-repo</id>
+            <url>https://repo.codemc.io/repository/maven-public/</url>
+        </repository>
+        <!-- Floodgate -->
+        <repository>
+            <id>opencollab-snapshot</id>
+            <url>https://repo.opencollab.dev/maven-snapshots/</url>
+            <releases>
+                <enabled>false</enabled>
+            </releases>
+        </repository>
+    </repositories>
+
+    <dependencies>
+        <!-- Libraries that we shade into the project -->
+
+        <!--Database pooling-->
+        <dependency>
+            <groupId>com.zaxxer</groupId>
+            <artifactId>HikariCP</artifactId>
+            <version>5.0.2-SNAPSHOT</version>
+            <exclusions>
+                <!-- HikariCP uses an old version of this API that has a typo in the service interface -->
+                <!-- We will use the api provided by the jdk14 dependency -->
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-api</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Logging framework implements slf4j which is required by hikari-->
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+            <version>2.0.7</version>
+        </dependency>
+
+        <!-- snakeyaml is present in Bungee, Spigot, Cauldron, so we could use this independent implementation -->
+        <dependency>
+            <groupId>net.md-5</groupId>
+            <artifactId>bungeecord-config</artifactId>
+            <version>1.19-R0.1-SNAPSHOT</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Floodgate for Xbox Live Authentication-->
+        <dependency>
+            <groupId>org.geysermc.floodgate</groupId>
+            <artifactId>api</artifactId>
+            <version>${floodgate.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- Bedrock player bridge -->
+        <dependency>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>core</artifactId>
+            <version>${geyser.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- We need the API, but it was excluded above -->
+        <dependency>
+            <groupId>org.geysermc.geyser</groupId>
+            <artifactId>api</artifactId>
+            <version>${geyser.version}</version>
+            <scope>provided</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>*</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!--Common component for contacting the Mojang API-->
+        <dependency>
+            <groupId>com.github.games647</groupId>
+            <artifactId>craftapi</artifactId>
+            <version>0.6.2</version>
+        </dependency>
+
+        <!-- APIs we can use because they are available in all platforms (Spigot, Bungee, Velocity) -->
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <!-- Old version for velocity -->
+            <version>25.1-jre</version>
+            <!-- Exclude compile time dependencies not marked as such on upstream  -->
+            <exclusions>
+                <exclusion>
+                    <groupId>com.google.code.findbugs</groupId>
+                    <artifactId>jsr305</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.checkerframework</groupId>
+                    <artifactId>checker-qual</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>com.google.errorprone</groupId>
+                    <artifactId>error_prone_annotations</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>com.google.j2objc</groupId>
+                    <artifactId>j2objc-annotations</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.codehaus.mojo</groupId>
+                    <artifactId>animal-sniffer-annotations</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>com.google.code.gson</groupId>
+            <artifactId>gson</artifactId>
+            <version>2.10</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.xerial</groupId>
+            <artifactId>sqlite-jdbc</artifactId>
+            <version>[3.36,)</version>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
+</project>
--- a/core/src/main/java/com/github/games647/fastlogin/core/AsyncScheduler.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/AsyncScheduler.java
@@ -0,0 +1,75 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core;
+
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.Executor;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import org.slf4j.Logger;
+
+/**
+ * This limits the number of threads that are used at maximum. Thread creation can be very heavy for the CPU and
+ * context switching between threads too. However, we need many threads for blocking HTTP and database calls.
+ * Nevertheless, this number can be further limited, because the number of actually working database threads
+ * is limited by the size of our database pool. The goal is to separate concerns into processing and blocking only
+ * threads.
+ */
+public class AsyncScheduler {
+
+    private static final int MAX_CAPACITY = 1024;
+
+    //todo: single thread for delaying and scheduling tasks
+    private final Logger logger;
+
+    // 30 threads are still too many - the optimal solution is to separate into processing and blocking threads
+    // where processing threads could only be max number of cores while blocking threads could be minimized using
+    // non-blocking I/O and a single event executor
+    private final Executor processingPool;
+
+    private final AtomicInteger currentlyRunning = new AtomicInteger();
+
+    public AsyncScheduler(Logger logger, Executor processingPool) {
+        this.logger = logger;
+        this.processingPool = processingPool;
+    }
+
+    public CompletableFuture<Void> runAsync(Runnable task) {
+        return CompletableFuture.runAsync(() -> process(task), processingPool).exceptionally(error -> {
+            logger.warn("Error occurred on thread pool", error);
+            return null;
+        });
+    }
+
+    private void process(Runnable task) {
+        currentlyRunning.incrementAndGet();
+        try {
+            task.run();
+        } finally {
+            currentlyRunning.getAndDecrement();
+        }
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/CommonUtil.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/CommonUtil.java
@@ -0,0 +1,117 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core;
+
+import com.google.common.cache.CacheBuilder;
+
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.util.concurrent.ConcurrentMap;
+import java.util.concurrent.TimeUnit;
+import java.util.logging.Level;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.slf4j.jul.JDK14LoggerAdapter;
+
+public final class CommonUtil {
+
+    private static final char COLOR_CHAR = '&';
+    private static final char TRANSLATED_CHAR = '§';
+
+    public static <K, V> ConcurrentMap<K, V> buildCache(int expireAfterWrite, int maxSize) {
+        CacheBuilder<Object, Object> builder = CacheBuilder.newBuilder();
+
+        if (expireAfterWrite > 0) {
+            builder.expireAfterWrite(expireAfterWrite, TimeUnit.MINUTES);
+        }
+
+        if (maxSize > 0) {
+            builder.maximumSize(maxSize);
+        }
+
+        return builder.<K, V>build().asMap();
+    }
+
+    public static String translateColorCodes(String rawMessage) {
+        char[] chars = rawMessage.toCharArray();
+        for (int i = 0; i < chars.length - 1; i++) {
+            if (chars[i] == COLOR_CHAR && "x0123456789AaBbCcDdEeFfKkLlMmNnOoRr".indexOf(chars[i + 1]) > -1) {
+                chars[i] = TRANSLATED_CHAR;
+                chars[i + 1] = Character.toLowerCase(chars[i + 1]);
+            }
+        }
+
+        return new String(chars);
+    }
+
+    /**
+     * This creates a SLF4J logger. In the process it initializes the SLF4J service provider. This method looks
+     * for the provider in the plugin jar instead of in the server jar when creating a Logger. The provider is only
+     * initialized once, so this method should be called early.
+     * <p>
+     * The provider is bound to the service class `SLF4JServiceProvider`. Relocating this class makes it available
+     * for exclusive own usage. Other dependencies will use the relocated service too, and therefore will find the
+     * initialized provider.
+     *
+     * @param parent JDK logger
+     * @return slf4j logger
+     */
+    public static Logger initializeLoggerService(java.util.logging.Logger parent) {
+        // set the class loader to the plugin one to find our own SLF4J provider in the plugin jar and not in the global
+        ClassLoader oldLoader = Thread.currentThread().getContextClassLoader();
+
+        ClassLoader pluginLoader = CommonUtil.class.getClassLoader();
+        Thread.currentThread().setContextClassLoader(pluginLoader);
+
+        // Trigger provider search
+        LoggerFactory.getLogger(parent.getName()).info("Initialize logging service");
+        try {
+            parent.setLevel(Level.ALL);
+            return createJDKLogger(parent);
+        } catch (IllegalAccessException | InstantiationException | InvocationTargetException
+                 | NoSuchMethodException reflectEx) {
+            parent.log(Level.WARNING, "Cannot create slf4j logging adapter", reflectEx);
+            parent.log(Level.WARNING, "Creating logger instance manually...");
+            return LoggerFactory.getLogger(parent.getName());
+        } finally {
+            // restore previous class loader
+            Thread.currentThread().setContextClassLoader(oldLoader);
+        }
+    }
+
+    protected static JDK14LoggerAdapter createJDKLogger(java.util.logging.Logger parent)
+            throws NoSuchMethodException, InstantiationException, IllegalAccessException, InvocationTargetException {
+        Class<JDK14LoggerAdapter> adapterClass = JDK14LoggerAdapter.class;
+        Constructor<JDK14LoggerAdapter> cons = adapterClass.getDeclaredConstructor(java.util.logging.Logger.class);
+        cons.setAccessible(true);
+        return cons.newInstance(parent);
+    }
+
+    private CommonUtil() {
+        throw new RuntimeException("No instantiation of utility classes allowed");
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/PremiumStatus.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/PremiumStatus.java
@@ -0,0 +1,45 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core;
+
+public enum PremiumStatus {
+
+    PREMIUM("Premium"),
+
+    CRACKED("Cracked"),
+
+    UNKNOWN("Unknown");
+
+    private final String readableName;
+
+    PremiumStatus(String readableName) {
+        this.readableName = readableName;
+    }
+
+    public String getReadableName() {
+        return readableName;
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/ProxyAgnosticMojangResolver.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/ProxyAgnosticMojangResolver.java
@@ -0,0 +1,81 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core;
+
+import com.github.games647.craftapi.model.auth.Verification;
+import com.github.games647.craftapi.resolver.MojangResolver;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.InetAddress;
+import java.util.Optional;
+
+/**
+ * An extension to {@link MojangResolver} which allows connection using transparent reverse proxies.
+ * The significant difference is that unlike MojangResolver from the CraftAPI implementation, which sends the
+ * "ip" parameter when the hostIp parameter is an IPv4 address, but skips it for IPv6, this implementation leaves out
+ * the "ip" parameter also for IPv4, effectively enabling transparent proxies to work.
+ *
+ * @author games647, Enginecrafter77
+ */
+public class ProxyAgnosticMojangResolver extends MojangResolver {
+
+    private static final String HOST = "sessionserver.mojang.com";
+
+    /**
+     * A formatting string containing a URL used to call the {@code hasJoined} method on mojang session servers.
+     * <p>
+     * Formatting parameters:
+     * 1. The username of the player in question
+     * 2. The serverId of this server
+     */
+    public static final String ENDPOINT = "https://" + HOST + "/session/minecraft/hasJoined?username=%s&serverId=%s";
+
+    @Override
+    public Optional<Verification> hasJoined(String username, String serverHash, InetAddress hostIp)
+        throws IOException {
+        String url = String.format(ENDPOINT, username, serverHash);
+
+        HttpURLConnection conn = this.getConnection(url);
+        int responseCode = conn.getResponseCode();
+
+        Verification verification = null;
+
+        // Mojang session servers send HTTP 204 (NO CONTENT) when the authentication seems invalid
+        // If that's not our case, the authentication is valid, and so we can parse the response.
+        if (responseCode != HttpURLConnection.HTTP_NO_CONTENT) {
+            verification = this.parseRequest(conn, this::parseVerification);
+        }
+
+        return Optional.ofNullable(verification);
+    }
+
+    // Functional implementation of InputStreamAction, used in hasJoined method in parseRequest call
+    protected Verification parseVerification(InputStream input) throws IOException {
+        return this.readJson(input, Verification.class);
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/StoredProfile.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/StoredProfile.java
@@ -0,0 +1,148 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core;
+
+import com.github.games647.craftapi.model.Profile;
+
+import java.time.Instant;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.concurrent.locks.ReentrantLock;
+
+public class StoredProfile extends Profile {
+
+    private long rowId;
+    private final ReentrantLock saveLock = new ReentrantLock();
+
+    private boolean premium;
+    private String lastIp;
+    private Instant lastLogin;
+
+    public StoredProfile(long rowId, UUID uuid, String playerName, boolean premium, String lastIp, Instant lastLogin) {
+        super(uuid, playerName);
+
+        this.rowId = rowId;
+        this.premium = premium;
+        this.lastIp = lastIp;
+        this.lastLogin = lastLogin;
+    }
+
+    public StoredProfile(UUID uuid, String playerName, boolean premium, String lastIp) {
+        this(-1, uuid, playerName, premium, lastIp, Instant.now());
+    }
+
+    public ReentrantLock getSaveLock() {
+        return saveLock;
+    }
+
+    public synchronized boolean isSaved() {
+        return rowId >= 0;
+    }
+
+    public synchronized void setPlayerName(String playerName) {
+        this.name = playerName;
+    }
+
+    public synchronized long getRowId() {
+        return rowId;
+    }
+
+    public synchronized void setRowId(long generatedId) {
+        this.rowId = generatedId;
+    }
+
+    // can be null
+    public synchronized UUID getId() {
+        return id;
+    }
+
+    public synchronized Optional<UUID> getOptId() {
+        return Optional.ofNullable(id);
+    }
+
+    public synchronized void setId(UUID uniqueId) {
+        this.id = uniqueId;
+    }
+
+    public synchronized boolean isPremium() {
+        return premium;
+    }
+
+    public synchronized void setPremium(boolean premium) {
+        this.premium = premium;
+    }
+
+    public synchronized String getLastIp() {
+        return lastIp;
+    }
+
+    public synchronized void setLastIp(String lastIp) {
+        this.lastIp = lastIp;
+    }
+
+    public synchronized Instant getLastLogin() {
+        return lastLogin;
+    }
+
+    public synchronized void setLastLogin(Instant lastLogin) {
+        this.lastLogin = lastLogin;
+    }
+
+    @Override
+    public synchronized boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+
+        if (!(o instanceof StoredProfile)) {
+            return false;
+        }
+
+        StoredProfile that = (StoredProfile) o;
+        if (!super.equals(o)) {
+            return false;
+        }
+
+        return rowId == that.rowId && premium == that.premium
+            && Objects.equals(lastIp, that.lastIp) && lastLogin.equals(that.lastLogin);
+    }
+
+    @Override
+    public synchronized int hashCode() {
+        return Objects.hash(super.hashCode(), rowId, premium, lastIp, lastLogin);
+    }
+
+    @Override
+    public synchronized String toString() {
+        return this.getClass().getSimpleName() + '{'
+            + "rowId=" + rowId
+            + ", premium=" + premium
+            + ", lastIp='" + lastIp + '\''
+            + ", lastLogin=" + lastLogin
+            + "} " + super.toString();
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/antibot/AntiBotService.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/antibot/AntiBotService.java
@@ -0,0 +1,62 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.antibot;
+
+import java.net.InetSocketAddress;
+
+import org.slf4j.Logger;
+
+public class AntiBotService {
+
+    private final Logger logger;
+
+    private final RateLimiter rateLimiter;
+    private final Action limitReachedAction;
+
+    public AntiBotService(Logger logger, RateLimiter rateLimiter, Action limitReachedAction) {
+        this.logger = logger;
+
+        this.rateLimiter = rateLimiter;
+        this.limitReachedAction = limitReachedAction;
+    }
+
+    public Action onIncomingConnection(InetSocketAddress clientAddress, String username) {
+        if (!rateLimiter.tryAcquire()) {
+            logger.warn("Anti-Bot join limit - Ignoring {}", clientAddress);
+            return limitReachedAction;
+        }
+
+        return Action.Continue;
+    }
+
+    public enum Action {
+        Ignore,
+
+        Block,
+
+        Continue
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/antibot/RateLimiter.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/antibot/RateLimiter.java
@@ -0,0 +1,32 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.antibot;
+
+@FunctionalInterface
+public interface RateLimiter {
+
+    boolean tryAcquire();
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/antibot/TickingRateLimiter.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/antibot/TickingRateLimiter.java
@@ -0,0 +1,147 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.antibot;
+
+import com.google.common.base.Ticker;
+
+import java.util.ArrayDeque;
+import java.util.Deque;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Limit the number of requests with a maximum size. Each requests expire after the specified time making it available
+ * for another request.
+ */
+public class TickingRateLimiter implements RateLimiter {
+
+    private final Ticker ticker;
+
+    // amount of milliseconds to expire
+    private final long expireTime;
+
+    // total request limit
+    private final int requestLimit;
+
+    private final Deque<TimeRecord> records;
+    private int totalRequests;
+
+    public TickingRateLimiter(Ticker ticker, int maxLimit, long expireTime) {
+        this.ticker = ticker;
+
+        this.requestLimit = maxLimit;
+        this.expireTime = expireTime;
+
+        records = new ArrayDeque<>(10);
+    }
+
+    /**
+     * Ask if access is allowed. If so register the request.
+     *
+     * @return true if allowed - false otherwise without any side effects
+     */
+    @Override
+    public boolean tryAcquire() {
+        // current time millis is not monotonic - it can jump back depending on user choice or NTP
+        long nowMilli = ticker.read() / 1_000_000;
+        synchronized (this) {
+            // having synchronized will limit the amount of concurrency a lot
+            TimeRecord oldest = records.peekFirst();
+            if (oldest != null && oldest.hasExpired(nowMilli)) {
+                records.pop();
+                totalRequests -= oldest.getRequestCount();
+            }
+
+            // total requests reached block any further requests
+            if (totalRequests >= requestLimit) {
+                return false;
+            }
+
+            TimeRecord latest = records.peekLast();
+            if (latest == null) {
+                // empty list - add new record
+                records.add(new TimeRecord(nowMilli, expireTime));
+                totalRequests++;
+                return true;
+            }
+
+            int res = latest.compareTo(nowMilli);
+            if (res < 0) {
+                // now is before than the record means time jumps
+                throw new IllegalStateException("Time jumped back");
+            }
+
+            if (res == 0) {
+                // same minute record
+                latest.hit();
+                totalRequests++;
+                return true;
+            }
+
+            // now is one minute newer
+            records.add(new TimeRecord(nowMilli, expireTime));
+            totalRequests++;
+            return true;
+        }
+    }
+
+    private static class TimeRecord implements Comparable<Long> {
+
+        private final long firstMinuteRecord;
+        private final long expireTime;
+        private int count;
+
+        TimeRecord(long firstMinuteRecord, long expireTime) {
+            this.firstMinuteRecord = firstMinuteRecord;
+            this.expireTime = expireTime;
+            this.count = 1;
+        }
+
+        public void hit() {
+            count++;
+        }
+
+        public int getRequestCount() {
+            return count;
+        }
+
+        public boolean hasExpired(long now) {
+            return firstMinuteRecord + expireTime <= now;
+        }
+
+        @Override
+        public int compareTo(Long other) {
+            if (other < firstMinuteRecord) {
+                return -1;
+            }
+
+            if (other > firstMinuteRecord + TimeUnit.MINUTES.toMillis(1)) {
+                return +1;
+            }
+
+            return 0;
+        }
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/hooks/AuthPlugin.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/hooks/AuthPlugin.java
@@ -0,0 +1,87 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.hooks;
+
+/**
+ * Represents a supporting authentication plugin in BungeeCord and Bukkit/Spigot/... servers
+ *
+ * @param <P> either {@link org.bukkit.entity.Player} for Bukkit or {@link net.md_5.bungee.api.connection.ProxiedPlayer}
+ *           for BungeeCord
+ */
+public interface AuthPlugin<P> {
+
+    String ALREADY_AUTHENTICATED = "Player {} is already authenticated. Cancelling force login.";
+
+    /**
+     * Login the premium (paid account) player after the player joined successfully the server.
+     * <p>
+     * <strong>This operation will be performed async while the player successfully
+     * joined the server.</strong>
+     *
+     * @param player the player that needs to be logged in
+     * @return if the operation was successful
+     */
+    boolean forceLogin(P player);
+
+    /**
+     * Forces a register in order to protect the paid account.
+     * <p>
+     * <strong>This operation will be performed async while the player successfully
+     * joined the server.</strong>
+     * <p>
+     * After a successful registration the player should be logged
+     * in too.
+     * <p>
+     * The method will be called only for premium accounts.
+     * So it's recommended to set additionally premium property
+     * if possible.
+     * <p>
+     * Background: If we don't register an account, cracked players
+     * could steal the unregistered account from the paid
+     * player account
+     *
+     * @param player the premium account
+     * @param password a strong random generated password
+     * @return if the operation was successful
+     */
+    boolean forceRegister(P player, String password);
+
+    /**
+     * Checks whether an account exists for this player name.
+     * <p>
+     * This check should check if a cracked player account exists,
+     * so we can be sure the premium player doesn't steal the account
+     * of that player.
+     * <p>
+     * This operation will be performed async while the player is
+     * connecting.
+     *
+     * @param playerName player name
+     * @return if the player has an account
+     * @throws Exception if an error occurred
+     */
+    boolean isRegistered(String playerName) throws Exception;
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/hooks/DefaultPasswordGenerator.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/hooks/DefaultPasswordGenerator.java
@@ -0,0 +1,50 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.hooks;
+
+import java.security.SecureRandom;
+import java.util.Random;
+import java.util.stream.IntStream;
+
+public class DefaultPasswordGenerator<P> implements PasswordGenerator<P> {
+
+    private static final int PASSWORD_LENGTH = 8;
+    private static final char[] PASSWORD_CHARACTERS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+            .toCharArray();
+
+    private final Random random = new SecureRandom();
+
+    @Override
+    public String getRandomPassword(P player) {
+        StringBuilder generatedPassword = new StringBuilder(8);
+        IntStream.rangeClosed(1, PASSWORD_LENGTH)
+                .map(i -> random.nextInt(PASSWORD_CHARACTERS.length - 1))
+                .mapToObj(pos -> PASSWORD_CHARACTERS[pos])
+                .forEach(generatedPassword::append);
+
+        return generatedPassword.toString();
+    }
+}
--- a/core/src/main/java/com/github/games647/fastlogin/core/hooks/PasswordGenerator.java
+++ b/core/src/main/java/com/github/games647/fastlogin/core/hooks/PasswordGenerator.java
@@ -0,0 +1,32 @@
+/*
+ * SPDX-License-Identifier: MIT
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2015-2022 games647 and contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.github.games647.fastlogin.core.hooks;
+
+@FunctionalInterface
+public interface PasswordGenerator<P> {
+
+    String getRandomPassword(P player);
+}
--- a/Show More
+++ b/Show More