From 8e5da01be00848a2ced8d7112a5351c042caf831 Mon Sep 17 00:00:00 2001 From: games647 Date: Fri, 9 Sep 2016 16:52:44 +0200 Subject: [PATCH] Added configuration to disable auto logins for 2Factor authentication (Fixes #65) --- CHANGELOG.md | 5 +++-- .../fastlogin/bukkit/tasks/ForceLoginTask.java | 10 +++++++--- .../fastlogin/bungee/tasks/ForceLoginTask.java | 8 ++++++++ core/src/main/resources/config.yml | 7 +++++++ 4 files changed, 25 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5e7ff4c2..e13b9db9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,13 @@ ######1.9 * Added second attempt login -> cracked login +* Add cracked whitelist (switch-mode -> switching to online-mode from offlinemode) +* Added configuration to disable auto logins for 2Factor authentication +* Add missing add-premium-other message * Fix ProtocolSupport autoRegister * Fix update username in FastLogin database after nameChange * Fix logging exceptions on encryption enabling -* Add missing add-premium-other message * Fix compatibility with older ProtocolLib versions (for 1.7) because of the missing getMethodAcccessorOrNull method -* Add cracked whitelist (switch-mode -> switching to online-mode from offlinemode) * Fix correct cracked permission for bukkit * A try to fix SQLite timestamp parsing diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/tasks/ForceLoginTask.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/tasks/ForceLoginTask.java index 57131a8c..28b6c46b 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/tasks/ForceLoginTask.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/tasks/ForceLoginTask.java @@ -52,10 +52,14 @@ public class ForceLoginTask implements Runnable { } else { boolean success = false; if (isOnlineThreadSafe()) { - if (session.needsRegistration()) { - success = forceRegister(authPlugin, player); + if (plugin.getConfig().getBoolean("autoLogin")) { + if (session.needsRegistration()) { + success = forceRegister(authPlugin, player); + } else { + success = forceLogin(authPlugin, player); + } } else { - success = forceLogin(authPlugin, player); + success = true; } } diff --git a/bungee/src/main/java/com/github/games647/fastlogin/bungee/tasks/ForceLoginTask.java b/bungee/src/main/java/com/github/games647/fastlogin/bungee/tasks/ForceLoginTask.java index d8cb84bf..204924b0 100644 --- a/bungee/src/main/java/com/github/games647/fastlogin/bungee/tasks/ForceLoginTask.java +++ b/bungee/src/main/java/com/github/games647/fastlogin/bungee/tasks/ForceLoginTask.java @@ -43,6 +43,14 @@ public class ForceLoginTask implements Runnable { if (pendingConnection.isOnlineMode()) { boolean autoRegister = session.needsRegistration(); + //2fa authentication - no need to send bukkit force login notification and so we also don't need + // to wait for a response -> save immediatly + if (!plugin.getConfig().getBoolean("autoLogin")) { + playerProfile.setPremium(true); + plugin.getCore().getStorage().save(playerProfile); + session.setAlreadySaved(true); + } + BungeeAuthPlugin authPlugin = plugin.getBungeeAuthPlugin(); if (authPlugin == null) { //save will happen on success message from bukkit diff --git a/core/src/main/resources/config.yml b/core/src/main/resources/config.yml index 32f5f0b9..2a26ecca 100644 --- a/core/src/main/resources/config.yml +++ b/core/src/main/resources/config.yml @@ -144,6 +144,13 @@ ip-addresses: [] # If you want to join the discussion visit this: https://github.com/games647/FastLogin/issues/27#issuecomment-226954350 mojang-request-limit: 600 +# This disables the auto login from fastlogin. So a premium (like a paid account) authentication is requested, but +# the player won't be auto logged into the account. +# +# This can be used as 2Factor authentication for better security of your accounts. A hacker then needs both passwords. +# The password of your minecraft and the password to login in with your auth plugin +autoLogin: true + # Database configuration # Recommened is the use of MariaDB (a better version of MySQL)