search

LielAmar / 2FA

A Two Factor Authentication plugin for Bungeecord, Spigot & Paper
MIT License
43 stars 10 forks source link

Plugin Update 2.0: Enhancements, Features, and Compatibility #146

Open DirtyConcept opened 3 months ago

DirtyConcept commented 3 months ago

Overview

In the upcoming 2.0 update, we'll be making significant improvements to our plugin. This update aims to enhance maintainability, performance, and feature richness. Here's what you can expect:

  1. Recoded Structure:

    • We're reworking many parts of our plugin's structure to make it more modular and easier to maintain. This will streamline development and reduce the time to finish features & tasks.

  2. Performance Boosts:

    • Heavy database updates will be optimized to reduce latency.
    • Caching mechanisms will improve response times for frequently accessed data.
    • We're committed to providing a faster experience for users.

  3. Expanded Features:

    • More statistics and features will be available.
    • An API for developers will allow custom integrations and extensions.
    • Bug fixes will address any existing issues.

  4. Version Support:

    • Initially, the plugin will support Minecraft versions from 1.8 to 1.21.
    • Depending on the feasibility of maintaining legacy versions, we may extend support to 1.16 or 1.17 and above.
    • Supporting newer versions will allow us to leverage Minecraft's latest features and reduce the need for extensive bug hunting in older versions.
    • In case which legacy versions are no longer maintained, the plugin may not work as expected in these versions, and usage of it will not be recommended.

  5. Configurability:

    • Messages will be configurable across all servers (proxies and Bukkit servers).
    • We're considering adopting the MiniMessage format for more flexible and expressive messages.
    • There might be an introduction in the future for syncing configurations between all servers via databases.

Multi-Server Support

We're excited to announce that the 2.0 update will include better support for both Velocity and BungeeCord. Here's what's in store:

  1. Data Management:

    • BungeeCord/Velocity servers will manage 2FA data when the plugin is used across multiple servers, instead of each Bukkit server having its data.
    • Syncing features will ensure a seamless experience for users who transition from single-server usage to network-wide deployment.

  2. Authentication System Customization:

    • Users can choose between asynchronous (async) and synchronous (sync) handling for database operations, network-wide communication, and similar.
    • This customization will allow server administrators to tailor the plugin to their needs.

  3. Future Plans:

    • Communication between servers will be possible via Redis and RabbitMQ (when a proxy is present, or a database is being used with many single-instance servers). This feature is on our roadmap for future releases.

How You Can Help

We value your feedback! We'd love to hear your thoughts and suggestions as we work on this update. Feel free to contribute to the discussion on this issue.

DirtyConcept commented 3 months ago

Need to fix a possible exploit with the current TOTP library that I'm using for the project, or swap to a different one. library: dev.samstevens.totp:totp:1.7.1 https://devhub.checkmarx.com/cve-details/Cx8fd408ac-dd80/

DirtyConcept commented 3 months ago

Will be using Atlassian's 1time library for the 2FA codes for now. https://github.com/atlassian/1time