diff --git a/README.md b/README.md
index c8204d90..bdaacf90 100644
--- a/README.md
+++ b/README.md
@@ -75,7 +75,7 @@ AuthMe Reloaded prevents players who aren't logged in from actions like placing
Possible to use without a Permissions plugin
Spoutcraft Login GUI
Automatic backup system of all your user password data
-Default Language Style: en, de, br, cz, pl, fr, ru, hu, sk, es, zhtw, fi, zhcn, nl ( feel free to send new translations )
+Default Language Style: en, de, br, cz, pl, fr, it, ru, hu, sk, es, zhtw, fi, zhcn, nl ( feel free to send new translations )
Convert the FlatFile auths.db to an usefull authme.sql that you can use on a MySQL database !
Import your database from Rakamak, xAuth, CrazyLogin, RoyalAuth, vAuth !
diff --git a/pom.xml b/pom.xml
index dcae685f..c6f2877a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -79,6 +79,29 @@
+
+ org.apache.maven.plugins
+ maven-shade-plugin
+ 2.3
+
+
+
+ com.maxmind.geoip:*
+ com.sun.mail:*
+ javax.mail:*
+ com.comphenix.attribute:*
+
+
+
+
+
+ package
+
+ shade
+
+
+
+
@@ -169,12 +192,7 @@
com.sun.mail
javax.mail
- 1.5.3
-
-
- javax.mail
- mail
- 1.5.0-b01
+ 1.5.4
@@ -192,7 +210,7 @@
${bukkitVersion}
-
+
com.comphenix.attribute
AttributeStorage
@@ -206,7 +224,7 @@
org.bukkit
craftbukkit
-
+
@@ -223,7 +241,7 @@
org.bukkit
craftbukkit
-
+
@@ -240,7 +258,7 @@
org.bukkit
craftbukkit
-
+
@@ -259,7 +277,7 @@
org.bukkit
craftbukkit
-
+
@@ -276,7 +294,7 @@
org.bukkit
craftbukkit
-
+
@@ -293,7 +311,7 @@
org.bukkit
craftbukkit
-
+
@@ -310,7 +328,7 @@
org.bukkit
craftbukkit
-
+
@@ -327,7 +345,7 @@
org.bukkit
craftbukkit
-
+
@@ -344,11 +362,11 @@
org.bukkit
craftbukkit
-
+
-
+
com.Acrobot
diff --git a/src/main/java/fr/xephi/authme/Utils.java b/src/main/java/fr/xephi/authme/Utils.java
index c2011c8c..b545dda4 100644
--- a/src/main/java/fr/xephi/authme/Utils.java
+++ b/src/main/java/fr/xephi/authme/Utils.java
@@ -1,10 +1,8 @@
package fr.xephi.authme;
-import java.io.File;
-import java.io.FileWriter;
+import java.util.ArrayList;
import java.util.Iterator;
-import java.util.Random;
-import java.util.Scanner;
+import java.util.List;
import org.bukkit.Bukkit;
import org.bukkit.GameMode;
@@ -12,10 +10,10 @@ import org.bukkit.Location;
import org.bukkit.World;
import org.bukkit.entity.Player;
-import fr.xephi.authme.api.API;
import fr.xephi.authme.cache.limbo.LimboCache;
import fr.xephi.authme.cache.limbo.LimboPlayer;
import fr.xephi.authme.events.AuthMeTeleportEvent;
+import fr.xephi.authme.security.RandomString;
import fr.xephi.authme.settings.Settings;
public class Utils {
@@ -24,6 +22,7 @@ public class Utils {
private static Utils singleton;
int id;
public AuthMe plugin;
+ private static List tokens = new ArrayList();
public Utils(AuthMe plugin) {
this.plugin = plugin;
@@ -167,19 +166,18 @@ public class Utils {
* Random Token for passpartu
*/
public boolean obtainToken() {
- File file = new File("plugins" + File.separator + "AuthMe" + File.separator + "passpartu.token");
- if (file.exists())
- file.delete();
-
- FileWriter writer = null;
try {
- file.createNewFile();
- writer = new FileWriter(file);
- String token = generateToken();
- writer.write(token + ":" + System.currentTimeMillis() / 1000 + API.newline);
- writer.flush();
+ final String token = new RandomString(10).nextString();
+ tokens.add(token);
ConsoleLogger.info("[AuthMe] Security passpartu token: " + token);
- writer.close();
+ Bukkit.getScheduler().runTaskLaterAsynchronously(plugin, new Runnable() {
+
+ @Override
+ public void run() {
+ tokens.remove(token);
+ }
+
+ }, 600);
return true;
} catch (Exception e) {
e.printStackTrace();
@@ -191,46 +189,11 @@ public class Utils {
* Read Token
*/
public boolean readToken(String inputToken) {
- File file = new File("plugins" + File.separator + "AuthMe" + File.separator + "passpartu.token");
-
- if (!file.exists())
- return false;
-
- if (inputToken.isEmpty())
- return false;
- Scanner reader = null;
- try {
- reader = new Scanner(file);
- while (reader.hasNextLine()) {
- final String line = reader.nextLine();
- if (line.contains(":")) {
- String[] tokenInfo = line.split(":");
- if (tokenInfo[0].equals(inputToken) && System.currentTimeMillis() / 1000 - 30 <= Integer.parseInt(tokenInfo[1])) {
- file.delete();
- reader.close();
- return true;
- }
- }
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- reader.close();
- return false;
- }
-
- /*
- * Generate Random Token
- */
- private String generateToken() {
- // obtain new random token
- Random rnd = new Random();
- char[] arr = new char[5];
- for (int i = 0; i < 5; i++) {
- int n = rnd.nextInt(36);
- arr[i] = (char) (n < 10 ? '0' + n : 'a' + n - 10);
- }
- return new String(arr);
+ boolean ret = false;
+ if (tokens.contains(inputToken))
+ ret = true;
+ tokens.remove(inputToken);
+ return (ret);
}
/*
diff --git a/src/main/java/fr/xephi/authme/commands/AdminCommand.java b/src/main/java/fr/xephi/authme/commands/AdminCommand.java
index 052b405a..2d2467eb 100644
--- a/src/main/java/fr/xephi/authme/commands/AdminCommand.java
+++ b/src/main/java/fr/xephi/authme/commands/AdminCommand.java
@@ -73,6 +73,7 @@ public class AdminCommand implements CommandExecutor {
sender.sendMessage("/authme getemail - Get player email");
sender.sendMessage("/authme purgelastpos - Purge last position for a player");
sender.sendMessage("/authme switchantibot on/off - Enable/Disable antibot method");
+ sender.sendMessage("/authme forcelogin ");
return true;
}
@@ -552,6 +553,26 @@ public class AdminCommand implements CommandExecutor {
database.updateQuitLoc(auth);
sender.sendMessage("[AuthMe] Successfully reset position for " + auth.getNickname());
return true;
+ } else if (args[0].equalsIgnoreCase("forcelogin")) {
+ if (args.length < 2) {
+ sender.sendMessage("Usage : /authme forcelogin ");
+ return true;
+ }
+ try {
+ Player player = Bukkit.getPlayer(args[1]);
+ if (player == null || !player.isOnline()) {
+ sender.sendMessage("Online player only !");
+ return true;
+ }
+ if (!plugin.authmePermissible(player, "authme.canbeforced")) {
+ sender.sendMessage("You cannot force login for this player!");
+ return true;
+ }
+ plugin.management.performLogin(player, "dontneed", true);
+ sender.sendMessage("Force Login performed !");
+ } catch (Exception e) {
+ sender.sendMessage("An error occured while trying to get that player!");
+ }
} else {
sender.sendMessage("Usage: /authme reload|register playername password|changepassword playername password|unregister playername");
}
diff --git a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
index 92e40755..921e7001 100644
--- a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
+++ b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
@@ -54,14 +54,20 @@ public class ChangePasswordCommand implements CommandExecutor {
}
String lowpass = args[1].toLowerCase();
- if ((lowpass.contains("delete") || lowpass.contains("where") || lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from") || lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null")) || !lowpass.matches(Settings.getPassRegex)) {
+ if ((lowpass.contains("delete") || lowpass.contains("where") || lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from") || lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null")) || !lowpass.matches(Settings.getPassRegex) || lowpass.equalsIgnoreCase(name)) {
m.send(player, "password_error");
return true;
}
- if (lowpass.equalsIgnoreCase(name)) {
- m.send(player, "password_error");
+ if (lowpass.length() < Settings.getPasswordMinLen || lowpass.length() > Settings.passwordMaxLength) {
+ m.send(player, "pass_len");
return true;
}
+ if (!Settings.unsafePasswords.isEmpty()) {
+ if (Settings.unsafePasswords.contains(lowpass)) {
+ m.send(player, "password_error");
+ return true;
+ }
+ }
try {
String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, args[1], name);
diff --git a/src/main/java/fr/xephi/authme/process/join/AsyncronousJoin.java b/src/main/java/fr/xephi/authme/process/join/AsyncronousJoin.java
index 7efe92a9..2396704f 100644
--- a/src/main/java/fr/xephi/authme/process/join/AsyncronousJoin.java
+++ b/src/main/java/fr/xephi/authme/process/join/AsyncronousJoin.java
@@ -100,7 +100,7 @@ public class AsyncronousJoin {
long timeout = Settings.getSessionTimeout * 60000;
long lastLogin = auth.getLastLogin();
long cur = new Date().getTime();
- if ((cur - lastLogin < timeout || timeout == 0) && !auth.getIp().equals("198.18.0.1")) {
+ if ((cur - lastLogin < timeout || timeout == 0) && !auth.getIp().matches("198.168.(0|1).1")) {
if (auth.getNickname().equalsIgnoreCase(name) && auth.getIp().equals(ip)) {
if (PlayerCache.getInstance().getAuth(name) != null) {
PlayerCache.getInstance().updatePlayer(auth);
diff --git a/src/main/java/fr/xephi/authme/process/login/AsyncronousLogin.java b/src/main/java/fr/xephi/authme/process/login/AsyncronousLogin.java
index 7ff1a4a0..3ffd7b76 100644
--- a/src/main/java/fr/xephi/authme/process/login/AsyncronousLogin.java
+++ b/src/main/java/fr/xephi/authme/process/login/AsyncronousLogin.java
@@ -150,6 +150,12 @@ public class AsyncronousLogin {
m.send(player, "login");
displayOtherAccounts(auth, player);
+
+ if (Settings.recallEmail) {
+ if (email == null || email.isEmpty() || email.equalsIgnoreCase("your@email.com"))
+ m.send(player, "add_email");
+ }
+
if (!Settings.noConsoleSpam)
ConsoleLogger.info(player.getName() + " logged in!");
diff --git a/src/main/resources/plugin.yml b/src/main/resources/plugin.yml
index 560ac19b..d74b46c9 100644
--- a/src/main/resources/plugin.yml
+++ b/src/main/resources/plugin.yml
@@ -69,6 +69,7 @@ permissions:
authme.admin.getip: true
authme.admin.converter: true
authme.admin.resetposition: true
+ authme.admin.forcelogin: true
authme.register:
description: Register an account
default: true
@@ -165,3 +166,9 @@ permissions:
authme.admin.resetposition:
description: Reset last position for a player
default: op
+ authme.admin.forcelogin:
+ description: Force login for that player
+ default: op
+ authme.canbeforced:
+ description: Can this player be forced to login
+ default: true
\ No newline at end of file