kyngs / LibreLogin

Open-source, multiplatform, and highly customizable authentication plugin with outstanding features and API.
Mozilla Public License 2.0
172 stars 57 forks source link

LibreLogin don't use Mojang UUID for Premium Players #143

Closed ilgrandeanonimo closed 1 year ago

ilgrandeanonimo commented 1 year ago

I have configured librelogin to use MOJANG UUIDs when abvaiable but it still use CRACKED UUIDs Config:

# !!THIS FILE IS WRITTEN IN THE HOCON FORMAT!!
# The hocon format is very similar to JSON, but it has some extra features.
# You can find more information about the format on the sponge wiki:
# https://docs.spongepowered.org/stable/en/server/getting-started/configuration/hocon.html
# ----------------------------------------------------------------------------------------
# LibreLogin Configuration
# ----------------------------------------------------------------------------------------
# This is the configuration file for LibreLogin.
# You can find more information about LibreLogin on the github page:
# https://github.com/kyngs/LibreLogin

# !!!THIS ONLY AFFECTS PAPER!!!
# Verifies whether the IP the players had used when authenticating to Mojang matches the IP they are connecting from. Disabling this may break LibreLogin if the server is running under a reverse proxy/VPN.
allow-proxy-connections=true
# Commands that are allowed while the user is not authorized.
allowed-commands-while-unauthorized=[
    login,
    register,
    "2fa",
    "2faconfirm",
    l,
    log,
    reg,
    resetpassword,
    confirmpasswordreset
]
# Should we automatically register all players with a premium nickname?
# !!CRACKED PLAYERS WILL NOT BE ABLE TO REGISTER PREMIUM USERNAMES!!
auto-register=false
# This section is used for MySQL database configuration.
######## DATABSE INFOS REMOVED FOR SECUTIRY ISSUES ##############
# Should we enable debug mode? This will print out debug messages to the console.
debug=false
# The default crypto provider. This is used for hashing passwords. Available Providers:
# SHA-256 - Older, not recommended. Kept for compatibility reasons.
# SHA-512 - More safer than SHA-256, but still not recommended. Kept for compatibility reasons.
# BCrypt-2A - Newer, more safe, recommended
# Argon-2ID - Newest, should be safer than BCrypt-2A, however, it can slow down the server.
default-crypto-provider=BCrypt-2A
# !!THIS OPTION IS IRRELEVANT WHEN USING PAPER!! Should we fallback players to lobby servers if the server they are on shutdowns? If set to false, they will be kicked.
fallback=true
# Sets the maximum amount of accounts that can be registered from the same IP address.
# Set to zero or less to disable.
# !!THIS IS NOT RECOMMENDED!! Due to the lack of IPv4 addresses, sometimes even entire villages share the same IP address.
ip-limit=-1
# Kick the player, if the password is wrong.
kick-on-wrong-password=false
# The authentication servers/worlds, players should be sent to, when not authenticated. On Paper, players will be spawned on the world spawn. THIS SERVERS MUST BE REGISTERED IN THE PROXY CONFIG. IN CASE OF PAPER, THE WORLDS MUST EXIST.
limbo=[
    limbo
]
# !!THIS OPTION IS IRRELEVANT WHEN USING PAPER!! Defines port(s) that limbo server can be bounded to.
limbo-port-range="30000-40000"
# !!WHEN USING PAPER, PUT ALL WORLDS UNDER "root"!!
# On Paper, players will be spawned on the world spawn.
# 
# The servers/worlds player should be sent to when they are authenticated. THE SERVERS MUST BE REGISTERED IN THE PROXY CONFIG. IN CASE OF PAPER, THE WORLDS MUST EXIST.
# The configuration allows configuring forced hosts; the servers/worlds in "root" are used when players do not connect from a forced host. Use § instead of dots.
# See: https://github.com/kyngs/LibrePremium/wiki/Configuring-Servers
lobby {
    root=[
        lobby
    ]
}
mail {
    # Should we enable the email password recovery feature?
    enabled=false
    # The host of the SMTP server.
    host="smtp.gmail.com"
    # The password used to login to the SMTP server. We highly recommend you use a unique one-time password for this.
    password=password
    # The port of the SMTP server.
    port=587
    # The sender of the email.
    sender="LibreLogin Network"
    # The username used to login to the SMTP server.
    username=username
}
# This is used for migrating the database from other plugins.
# Please see the wiki for further information: https://github.com/kyngs/LibreLogin/wiki/Database-Migration
migration {
    old-database {
        mysql {
            # The name of the database.
            database=librelogin
            # The host of the database.
            host=localhost
            # The JDBC URL of the database. Don't touch this if you don't know what you're doing. (Using jdbc:mariadb also works for pure mysql)
            jdbc-url="jdbc:mariadb://%host%:%port%/%database%?autoReconnect=true&zeroDateTimeBehavior=convertToNull"
            # The maximum lifetime of a database connection in milliseconds. Don't touch this if you don't know what you're doing.
            max-life-time=600000
            # The password of the database.
            password=""
            # The port of the database.
            port=3306
            # The table of the old database.
            table=user-data
            # The user of the database.
            user=root
        }
        postgresql {
            # The name of the database.
            database=librelogin
            # The host of the database.
            host=localhost
            # The maximum lifetime of a database connection in milliseconds. Don't touch this if you don't know what you're doing.
            max-life-time=600000
            # The password of the database.
            password=""
            # The port of the database.
            port=5432
            # The user of the database.
            user=root
        }
        sqlite {
            # Path to SQLite database file. Relative to plugin datafolder.
            path="user-data.db"
        }
    }
    # Migrate the database on the next startup.
    on-next-startup=false
    # The type of the migration. Available Types:
    # jpremium-mysql - Can convert from MySQL JPremium SHA256 and BCrypt
    # authme-mysql - Can convert from MySQL AuthMe BCrypt and SHA256
    # authme-sqlite - Can convert from SQLite AuthMe BCrypt and SHA256
    # aegis-mysql - Can convert from MySQL Aegis BCrypt
    # dba-mysql - Can convert from MySQL DynamicBungeeAuth, which was configured to use SHA-512
    # nlogin-sqlite - Can convert from SQLite NLogin SHA512
    # nlogin-mysql - Can convert from MySQL NLogin SHA512
    # loginsecurity-mysql - Can convert from MySQL LoginSecurity BCrypt
    # loginsecurity-sqlite - Can convert from SQLite LoginSecurity BCrypt
    # fastlogin-sqlite - Can convert from SQLite FastLogin, !!YOU MUST RUN CONVERSION FROM AUTHME FIRST!!
    # fastlogin-mysql - Can convert from MySQL FastLogin, !!YOU MUST RUN CONVERSION FROM AUTHME FIRST!!
    # limboauth-mysql - Can convert from MySQL LimboAuth BCrypt and SHA256
    # librelogin-mysql - Can convert from MySQL LibreLogin, useful for migrating to a different database
    # librelogin-sqlite - Can convert from SQLite LibreLogin, useful for migrating to a different database
    type=authme-sqlite
}
# This specifies how often players should be notified when not authenticated. Set to negative to disable.
# This includes (but is not limited to):
# - Message in chat
# - Title
milliseconds-to-refresh-notification=10000
# The minimum length of a password. Set to negative to disable.
minimum-password-length=-1
# The minimum length the player's name can have. Only applies to new players, set to 0 or lower to disable.
minimum-username-length=-1
# Sets which method should be used for creating fixed UUID when a new player is created.
# See the wiki for further information: https://github.com/kyngs/LibreLogin/wiki/UUID-Creators
# Available Creators:
# RANDOM - Generates a random UUID
# CRACKED - Generates a UUID based on the player's name, the same method as if the server was in offline mode
# MOJANG - If the player exists in the Mojang's database, it will be used. Otherwise, CRACKED will be used.
new-uuid-creator=MOJANG
# !!THIS OPTION IS IRRELEVANT WHEN USING PAPER!! Should we ping servers to check if they are online, and get their player count? If you disable this, the pinging servers message will still appear in the console, even though the servers will not be pinged.
ping-servers=false
# Sets the strategy for resolving profile conflicts. Available strategies:
# BLOCK - Kick both players with the message key "kick-name-mismatch". An admin must resolve the conflict manually.
# USE_OFFLINE - Use the offline profile. When both of the players attempt to join, they will be provided with a login screen and will be able to login with the offline player's password. The online player will have to change their nickname to a available one in order to recover their account. Beware, that there's a 30 days cool down for changing nicknames.
# OVERWRITE - Overwrite the offline profile's data with the online profile's data. This will irreversibly delete the offline player's data. !!USE WITH CAUTION; PLAYERS CAN AND WILL ABUSE THIS!!
profile-conflict-resolution-strategy=BLOCK
# Should we remember the last server/world a player was on? This is not recommended for large networks.
remember-last-server=false
# The config revision number. !!DO NOT TOUCH THIS!!
revision=6
# Sets the login/register time limit in seconds. Set to negative to disable.
seconds-to-authorize=-1
# Defines a time in seconds after a player's session expires. Default value is one week (604800 seconds). Set to zero or less to disable sessions.
session-timeout=604800
# This section is used for 2FA configuration.
# !! YOU MUST HAVE PROTOCOLIZE INSTALLED FOR THIS TO WORK !!
# 
# You can find more information on the wiki: https://github.com/kyngs/LibreLogin/wiki/2FA
totp {
    # The delay in milliseconds until player is given a map to scan the QR code. Increase this value if the map disappears too quickly.
    delay=1000
    # Should we enable TOTP-Based Two-Factor Authentication? If you don't know what this is, this is the 2FA used in applications like Google Authenticator etc.
    # I heavily suggest you to read this wiki page: https://github.com/kyngs/LibreLogin/wiki/2FA
    enabled=true
    # The label to be displayed in the 2FA app. Change this to your network name.
    label="AlpineMC"
}
# Whether or not to use action bar when player is awaiting authentication.
use-action-bar=false
# Whether or not to use titles when player is awaiting authentication.
use-titles=true
kyngs commented 1 year ago

It only affects new players.

ilgrandeanonimo commented 1 year ago

So i have to delete my user infos?

kyngs commented 1 year ago

So i have to delete my user infos?

If you want their UUID to change, you must run /librelogin user delete <nickname> Naturally, if you do this and their UUID changes, they will lose all their data on the server.

ilgrandeanonimo commented 1 year ago

Everythings or just registration?

kyngs commented 1 year ago

Everything. All data on your server is tied to the UUID (player inventories, plugin data etc.). If the UUID were to change, your player would be playing as if they just joined the server for the first time.