[Feature Request] Support for Hot-Seat LAN

[0xebjc]

This is an awesome mod, I see it being helpful in a closed LAN to keep people from login in as another player, which has 2 negative effects. One, it kicks the other person out, and second, it gives the person access to the other persons player and inventory, etc...

ISSUE

Have multiple players, and multiple PCs, players randomly use different PCs.

For a LAN where everyone logs into the game from the same PCs every time this mod works great as is. But when you have a cyber cafe, or in my case a house with a bunch of PCs with players not always using the same PC, it makes it real difficult to delete the login files, or unregistered the player from the server.

REQUEST

It would be nice to have a config option in the server and client that doesn't store the login persistently, but store the password / player name only on the server encrypted and requires login username and password every time from the client side that would allow multiple different players to login at different times from the same PC or the same player name to log into the server from different PCs. Both options would need to be implemented for this to work.

[Yesterday17]

There’re two possible solutions.

A. Extend the configuration file to store UUID-password entries instead of single password string. It’s a transparent upgrade since different username have different password then, and they would be all stored to make login transparent as it was. The side effect is that if a player is intended to login as another user, he just need to change his username(since this mod works with online-mode: false, which madeUUID generated locally).

B. Ask player to login manually when password stored in config file is empty. This might be a quick fix, but may make login not so ‘simple’ as it was(login manually is annoying).

@SeraphJACK

[SeraphJACK]

Yeah.. actually it's not what this mod aims for.

However, you can ask them to copy their minecraft_folder/config/simplelogin.cfg file generated in the client-side all the time, which holds the password.

I'm considering whether to change the storage structure. After all, it must be a breaking change. @Yesterday17

[SeraphJACK]

But sure, we can use the current API to develop a plugin like auth mod, which uses commands to login. It should be quite easy since most of the codes are reusable.

[SeraphJACK]

But actually you can do it just with the current version. Seems that you misunderstood how simple-login works. Basically, the client stores it's password in the configuration file and sends it to the server when joining to authenticate. Therefore, if you want to continue login after the swap to another PC(or say another client), just copy your old simple login.cfg to the new client. If you want that the old PC(or client) no longer able to log in to your account, just delete the configuration file after you copy it. @0xebjc

[Yesterday17]

We can just add another config entry, make the current password deprecated and migrate to new structure.

[0xebjc]

manually copying or deleting files like the "minecraft_folder/config/simplelogin.cfg" seems very tedious. I think a real quick fix would be in the config to have an option (boolean T/F) for non-persistent password storing on the clients.
So every time the player goes to connect to server, the user is asked to login with username and password which is then generated on the fly and not saved to disk. Or like Yersterday17 recommended, if you don't want to enter your password more then once, but you want to be able to have more then one player login from the same PC, then store multiple user UUID's password & hashes when the user switches.

Either way, Thanks for listening and developing a good mod. -jc

[SeraphJACK]

Considering.. Actually we can make a server-side only mod, to let users use a command to log in, just like bukkit plugins.

[SeraphJACK]

So here are my thoughts. Honestly, SimpleLogin is not designed for this purpose, but the demand exists, so maybe we can add a new mode to make SimpleLogin looks like some bukkit/spigot based login plugin, which are asking players to register and login via a command.

For security issues, I don't want to use the vanilla command system as the login interface, for someone intended to capture the password could succeed (especially for off-line mode servers, which do not have network io encryption).

The point is that I'm not sure where the mode should go: the server, or the client. If we let this mode implemented at the client-side, it's pretty simple but has some small issues:

• The player will be kicked immediately if they inputted the wrong password
• Every client needs to change this configuration to switch the mode in this case
• No new register indicator(or say, register hint, like Use /register <password> to register, since we can't check whether the player is a newcomer via the current protocol)

So maybe the best solution is that we design a new protocol and let the server-side configuration to choose which protocol to use, and let the client-side switch behavior depending on which protocol the server uses.

---

By the way, I'm currently occupied by real-life affairs, so I may not be able to implement this feature recently. Not to mention that we are supporting 3 Minecraft versions now, which means that we need to implement the new feature in each branch.

@Yesterday17

[SeraphJACK]

@0xebjc Can you please test the build in GitHub Actions? (Put the simplelogin-0.3.5-beta.jar into mods folder and change CommandLoginMode to true in the generated configuration file). If there's no problems, I'm planning the release the new version with the new feature on CurseForge.

[SeraphJACK]

You can download the build from the Actions page in Artifacts.