Make it more clear which account is used for which instance

[TNTUP]

1. When I start an instance, MultiMC "closes" but it opens the instance console viewer, but I can't go back to MultiMc while the instance is running. (Other launchers or mojang can do this)
2. If the token or password invalid, I want to keep that setting enabled so I don't need to retype the same password if I log it from another computer/IP. Players with strong passwords can be annoying... well :/ If I change the password and I try logging in, MultiMC will say "Invalid Credentials" so I need to type the new password and saving in a file (encrypted?). (Mojang does not this, but MagicLauncher does. It just auth to the server than caching the token)
3. While launching an instance, it shows the console window, can it load the player's helmet skin rather than the defined icon? If possible, allowing us to configure where it loads the player skin/helm, I'd use my skin server like /helm//16.png

I have lots of owned accounts which I want to use on MultiMC because actually I cannot do that due to MagicLauncher 10 account limit so I tried MultiMC and I guess it can support a lot of saved MC accounts.

[peterix]

1. That's already on the pile of ideas. Actually, quite a bit more than that. Server support is part of this too, along with the ability to actually close MultiMC and it picking up still running instances after you start it again - https://workflowy.com/s/2EyDMcp7CU#/?q=%23launch-agent%2B Right now, everything is tied together using the GUI and modal dialogs - so when things can't work in parallel, it's hidden by how the UI behaves. Running multiple instances will require having a very light-weight 'launch agent' that wraps the running client or server and manages it independently from MultiMC.
2. Any sort of encryption where you store the keys next to the encrypted data is no encryption at all. You are trusting all of your software on the whole computer at that point... I don't think that it is safe or reasonable to allow by default.
3. Yeah... tracking which account is used and which isn't will be required for 1. - so at that point, this will make sense. Created: https://workflowy.com/s/2EyDMcp7CU#/fb96f82976f0

[TNTUP]

1. Sweet then! If this idea gets implemented, that means I can launch one MultiMC, open like 4 instances from the same MultiMC launcher ;) 2. Oh okay. Everytime my token expires it requires me to reenter the password which in MagicLauncher doesn't need it (it just auth than using token auth) so well, thanks anyway^^
2. Oh okay. Sweet :) Thanks :D

[peterix]

Your token should not be expiring... generally, they don't. It can happen under certain circumstances though:

• Using the same same client ID with one profile ID - if you copy MultiMC whole along with the accounts file and run it from multiple locations, you will have the same client Id in both. And the two copies will fight over the auth token. The solution to that is to remove the accounts file when you copy MultiMC and re-add all the accounts there.
• If you run multiple MultiMC processes from the same folder and they write over the accounts file as you log in - you will end up with stale tokens that have to be refreshed.

When MultiMC can run multiple instances I will add something like this: https://github.com/qtproject/qt-solutions/tree/master/qtsingleapplication - basically prevent running more than one MultiMC from one folder at the same time.

[TNTUP]

Yeah, I've tried copying MultiMc on another USB drive to test the performance while running MC and it expired the token on the source copy so the copied MultiMC renewed the token. So I had to retype the password to renew the token from the new copy^^

[peterix]

So... maybe it would make sense to add some button for re-generating new client tokens.

[TNTUP]

Could be nice so it will prevent myself to reenter the password. I'll keep an eye on your workflowy ;) <- "flowy" = undertale ref?

[cookta2012]

Just as a side idea the whole save the password bit it could be protected with XD another password or a google auth rotating rsa token

[xarses]

So... maybe it would make sense to add some button for re-generating new client tokens.

Uh, that would be fantastic, I move networks alot with my laptop and re-launching with a pile of mods is tedious. I was going to open an issue asking for just that

[peterix]

1. is partially implemented.

[TNTUP]

More suggestions when 1. 2. 3. are done,

_4. Able to use servers.dat, options.txt (Optifine's options aswell), ressourcepacks folder

_5. Using the ./MultiMC/mods folder globally than the instance's mods (stored in each MC version(s) and storing their configs/data either in MultiMC/mods or MultiMC/ like journeymap. Should be possible if the user wants it globally or in the instance's work folder

_6. This should load the helmet + head rather than its head. Could we change where the helmet is loaded? I could try forking and changing the URL where it loads the head :)

[ghost]

Instead of posting a new issue I would like to see "Add an option to close MultiMC entirely on launch" implemented, especially for launching with the command line argument. It really bothers me that it opens the main window when launching an instance from command line, not so much for when launching instances from the main window because then I can launch more instances without it hiding.

[xarses]

I'm not sure how that relates to the topic of verifying and managing tokens

[peterix]

So this issue now has 4 suggestions in it. It needs to be split.

[peterix]

And the original 1. is DONE.

[peterix]

2. is nonsense. If you login from an another computer, it does not invalidate the other login -- as long as you have a different client ID in the other MultiMC copy. Remove and add all the accounts in N-1 of the N copies and it will work as it should.

Sorry for not mentioning it before, looks like I haven't realized back in March.

[peterix]

As for 3. - that would be neat. I just don't know if I want to do it that way. I'll put it on the pile of ideas :)

[peterix]

And I'll call the last one 4. @gLynx4, please open a proper issue for it, this one is now only for 3.

[TNTUP]

for the 2. then I'll stay on MagicLauncher, has everything I needed though. I'll discard the 2nd suggestion^^

[peterix]

What do you even mean? It works. Just don't copy the accounts files and there should be no issue.

[TNTUP]

Everytime my auth token expires, I need to reenter the pwd which MagicLauncher is not needed. Anyways, discard the 2nd idea

[peterix]

It really doesn't expire all that often. Usually, the cause is using the same client ID in multiple launchers. This can happen if you do something silly like run MultiMC multiple times at the same time, or if you put a copy on a second machine, log in there and then try to log in on the first machine again. The tokens go out of sync.

The develop version no longer allows running it multiple times. Instead, you can run as many instances using as many accounts as you want.

The second problem is unfortunate, but easily avoided by not copying the accounts file along with MultiMC.

[QuImUfu]

@peterix Why don't you automatically generate a new client ID when a token expires? wouldn't that solve the problem? Or are there other reasons a token might expire?

[peterix]

Hmm... I guess that would take care of the problem with multiple copies on different computers.

It would ask once, and then you'd get a new client token.

[peterix]

Sorry if I seemed rude. I'm just super, super tired.

There should be a new develop build incoming that solves the second problem (having to delete accounts when you copy MultiMC to a second machine). Now it just automatically re-generates the client token on refresh failure.

@QuImUfu +1, great idea :)

[TNTUP]

@peterix It's okay, it's your project so I've accepted that decision.

[peterix]

Well, it would inevitably be used to steal Minecraft accounts. Everyone could read how the 'encryption' works in the source code... The system created by Mojang works nicely, and the changes made in develop should minimize any need to type in passwords.

[TNTUP]

Sorry for necro my old issue, just saying I still need to re-enter my password everytime the token expires (same as Mojang launcher) because I try to replace MagicLauncher which does not work in 1.13. Sadly I don't code so I don't know how I can add a remember option (it should crypt/decrypt the password info like it used to be with the old Minecraft launcher (aka lastlogin)).

Anyways, I'm expecting this entire issue cannot be added/fixed or whatever I don't know xD

Since this is a 2016 issue I've made, I will close it. Though, I'd love using MultiMC but because I have many accounts (don't quote me on that, friends gave me their account) prevents me using it so I'm still sticking to MagicLauncher and be locked to 1.12.2 xD

Overall, keep the good work Peterix!

[TNTUP]

Edit, I don't understand at all how to use QtCreator and how to add a "Remember me" option to save passwords (I know the risks for it, it should be encrypted like Mojang does before with their old lanchers and MagicLauncher!) as I'm still sticking with MagicLauncher because of this.

Like, it saves my password, it encrypts then when I select it and launch, it will re-auth if the token expires. If someone knows how to do that, I'm able to compile MultiMC.

[TNTUP]

Is there a way to make this happen privately? Cause I have a lot of accounts and sometimes when the token expires, it forces me to re-enter the password which is annoying. MagicLauncher doesn't support 1.13.x and up and the dev seems busy or not to care so I'm trying to find another suitable launcher but I couldn't. Thats why I'm trying to use MultiMC again but thinking about token expiration I reverted back with ML.

What I think, it remembers my account email and password then it encrypts the contents then while logging in it decrypts. Incase of token expiration, a warning will show that I need to re-enter my password but since it got saved it re-entered itself and I click "OK" or it should do automatically. I tried with QCreator, I got it "working" but when I click "OK" the window reappears and nothing happens. I don't know how to save it in the accounts.json file if you have ideads, I really want to move off MagicLauncher.

[QuImUfu]

One proper way to implement your request would be having some kind of master password that you'd have to type in when starting MultiMC and that protects all the other passwords (and maybe emails) from being stolen by other programs. Preferably they'd be stored in a system-wide secure keyring to ease MultiMC from implementing a secure method of encrypting that data and providing authentication. Additionally this would allow the user to use the same password for authentication he already uses everywhere else on his system.
Problems:

• Someone would have to implement and maintain it, working on all supported OS and user-friendly.
• @peterix might not want that solution as it might confuse "normal" users and would be another dependency that needs to be updated and that may produce additional issues.

If peterix has nothing against this solution, you could be the one to implement and maintain that feature. If you want to do that, learn enough C++, inform yourself about the libraries out there that could help you, implement it and create a pull request.

If you want to implement the easy and absolutely insecure way for yourself, the steps are similar:
learn C++, change MultiMC privately to save the password and username to a file and reload it from there if a token expires. Update that hack for every version of MultiMC on you PC. There are even hackier ways that may not involve rebasing your code all the time (Runtime injection or Window/input field detection and mouse/keyboard automation).

Of curse you could pay someone to do one of the above.

Or you can hope that someone with the necessary skills decides to implement that for any reason and makes it public.

[peterix]

System? The immediate answer to using anything connected to the system is a decisive 'no'.

[TNTUP]

I can manage myself, I just don't know which file to edit to make it work...

Edit: Managed to have the "password" thing in the json file, just don't know how to show/save it while adding new account, and it could make it would encrypt it and on login it decrypts.

[TNTUP]

I know it would be not possible to, have a code snippet that allows me to save/load passwords (even if at my own risk) in an encrypted form (then cloning and compile myself).. Been trying to ditch MagicLauncher for months without success. It's a pain in the *** to manage accounts.