search

Iru21 / Authy

A simple authentication plugin for Minecraft 1.17+!
https://modrinth.com/plugin/authy
GNU Lesser General Public License v3.0
25 stars 17 forks source link

Add the /logout command #56

Open f1refa11 opened 7 months ago

f1refa11 commented 7 months ago

It would be cool to have the /logout command which will log you out and kick off the server

Limeen commented 7 months ago

This command should also cancel the /remember session saving for security reasons

oplexz commented 6 months ago

It would be cool to have the /logout command which will log you out and kick off the server

I don't really see the point of this command, since you can just... disconnect? That pretty much does what you're asking for :)

This command should also cancel the /remember session saving for security reasons

This, on the other hand, might be a good idea -- although I feel like it should be a separate command altogether. As far as I'm concerned, there isn't a way to "forget" the session as of right now. I don't really see the use-cases, but it definitely makes sense to have this kind of functionality.

Limeen commented 6 months ago

It would be cool to have the /logout command which will log you out and kick off the server

I don't really see the point of this command, since you can just... disconnect? That pretty much does what you're asking for :)

This command should also cancel the /remember session saving for security reasons

This, on the other hand, might be a good idea -- although I feel like it should be a separate command altogether. As far as I'm concerned, there isn't a way to "forget" the session as of right now. I don't really see the use-cases, but it definitely makes sense to have this kind of functionality.

This can be useful if the player connects in a public space, such as a high school, a library, etc.

Since in theory this command is based only on IP, it would be enough for someone to use another player's username and log into their account and if the targeted player executed the command /remember, he wouldn't even need to enter the password

It can also be a danger if 2 players are brothers for example, one could connect to his account easily if the other has executed the command /remember

(Those cases can only happens if the server is in offline mode)

A command such as /unremember could do the trick since the targeted player can use this command if he plays in a public space or with someone in the same network to ensure he's safe.

oplexz commented 6 months ago

This can be useful if the player connects in a public space, such as a high school, a library, etc.

Well, I don't think running /remember in this scenario is a good idea anyway, much like checking the "remember me" checkbox while logging in to any account on a public computer.

It can also be a danger if 2 players are brothers for example, one could connect to his account easily if the other has executed the command /remember

Slightly far-fetched, but you have a point.