[ci skip] Update docs/config.md

docs/commands.md

@@ -108,4 +108,4 @@ brackets; optional arguments are enclosed in square brackets (`[ ]`).
 
 ---
 
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sun Apr 04 21:31:42 CEST 2021
+This page was automatically generated on the [HaHaWTH/AuthMeReReloaded repository](https://github.com/HaHaWTH/AuthMeReReloaded/tree/master/docs/) on Sun Apr 04 21:31:42 CEST 2021

docs/config.md

@@ -1,5 +1,5 @@
 <!-- AUTO-GENERATED FILE! Do not edit this directly -->
-<!-- File auto-generated on Thu Jul 28 18:11:22 CEST 2022. See docs/config/config.tpl.md -->
+<!-- File auto-generated on Wed May 29 21:00:00 CST 2024. See docs/config/config.tpl.md -->
 
 ## AuthMe Configuration
 The first time you run AuthMe it will create a config.yml file in the plugins/AuthMe folder,
@@ -14,11 +14,21 @@ DataSource:
   # Enable the database caching system, should be disabled on bungeecord environments
   # or when a website integration is being used.
   caching: true
+  # Should we try to use VirtualThreads(Java 21+) for database cache loader?
+  useVirtualThreadsCache: false
   # Database host address
   mySQLHost: 127.0.0.1
   # Database port
   mySQLPort: '3306'
+  # Replacement of Mysql's useSsl (for MariaDB only).
+  # - disable: No SSL
+  # - trust: Trust blindly (no validation)
+  # - verify_ca:  Encryption, certificates validation, BUT no hostname verification
+  # - verify_full: Encryption, certificate validation and hostname validation
+  # Read more: https://bit.ly/mariadb-sslmode
+  MariaDbSslMode: disabled
   # Connect to MySQL database over SSL
+  # If you're using MariaDB, use sslMode instead
   mySQLUseSSL: true
   # Verification of server's certificate.
   # We would not recommend to set this option to false.
@@ -26,6 +36,7 @@ DataSource:
   mySQLCheckServerCertificate: true
   # Authorize client to retrieve RSA server public key.
   # Advanced option, ignore if you don't know what it means.
+  # If you are using MariaDB, use MariaDbSslMode instead.
   mySQLAllowPublicKeyRetrieval: true
   # Username to connect to the MySQL database
   mySQLUsername: authme
@@ -105,6 +116,64 @@ ExternalBoardOptions:
   XFActivatedGroupId: 2
   # Wordpress prefix defined during WordPress installation
   wordpressTablePrefix: wp_
+3rdPartyFeature:
+  compatibility:
+    # Should we execute /help command when unregistered players press Shift+F?
+    # This keeps compatibility with some menu plugins
+    # If you are using TrMenu, don't enable this because TrMenu already implemented this.
+    menuPlugins: false
+  features:
+    i18nMessages:
+      # Send i18n messages to player based on their client settings, this option will override `settings.messagesLanguage`
+      # This will not affect language of authme help command.
+      enabled: false
+      # Redirect locale code to certain AuthMe language code as you want
+      # Minecraft locale list: https://minecraft.wiki/w/Language
+      # AuthMe language code: https://github.com/HaHaWTH/AuthMeReReloaded/blob/master/docs/translations.md
+      # For example, if you want to show Russian messages to player using language Tatar(tt_ru),
+      # and show Chinese Simplified messages to player using language Classical Chinese(lzh), then:
+      # locale-code-redirect:
+      # - 'tt_ru:ru'
+      # - 'lzh:zhcn'
+      locale-code-redirect:
+        - tt_ru:ru
+        - lzh:zhcn
+    captcha:
+      # Should send GUI captcha by country code whitelist?
+      # If the country of the player is in this list, the captcha won't be sent.
+      whiteList: []
+      # Send a GUI captcha to unregistered players?(Requires ProtocolLib)
+      guiCaptcha: false
+      # Should we kick the players when they don't finish the GUI captcha in seconds?
+      # (less than or equals 0 is disabled)
+      timeOut: 0
+      # Should we ignore floodgate players when sending GUI captcha?
+      # (Requires floodgate and hookFloodgate: true)
+      ignoreBedrock: false
+    # Should we let Bedrock players login automatically?
+    # (Requires hookFloodgate to be true & floodgate loaded)
+    # (**THIS IS SAFE DO NOT WORRY**)
+    bedrockAutoLogin: false
+    purgeData:
+      # Should we purge data on non-registered players quit?
+      purgeOnQuit: false
+      # Which world's player data should be deleted?(Enter the world *FOLDER* name where your players first logged in)
+      purgeWorldFolderName: world
+  fixes:
+    # Enable the new feature to prevent ghost players?
+    antiGhostPlayer: false
+    # (MC1.13- only)
+    # Should we fix the shulker crash bug with advanced method?
+    advancedShulkerFix: false
+    loginLocationFix:
+      # Should we fix the location when players logged in the portal?
+      fixPortalStuck: false
+      # Should we fix the location when players logged underground?
+      fixGroundStuck: false
+  optimizes:
+    # Choose the best teleport method by server brand?
+    # (Enable this if you are using Paper/Folia)
+    smartAsyncTeleport: true
 settings:
   sessions:
     # Do you want to enable the session feature?
@@ -113,12 +182,13 @@ settings:
     # The next time the player joins the server, if his IP
     # is the same as last time and the timeout hasn't
     # expired, he will not need to authenticate.
-        enabled: false
+    enabled: true
     # After how many minutes should a session expire?
     # A player's session ends after the timeout or if his IP has changed
-        timeout: 10
+    timeout: 43200
   # Message language, available languages:
   # https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/translations.md
+  # Example: zhcn, en
   messagesLanguage: en
   # Forces authme to hook into Vault instead of a specific permission handler system.
   forceVaultHook: false
@@ -151,7 +221,7 @@ settings:
       - /totp
     # Max number of allowed registrations per IP
     # The value 0 means an unlimited number of registrations!
-        maxRegPerIp: 1
+    maxRegPerIp: 3
     # Minimum allowed username length
     minNicknameLength: 3
     # Maximum allowed username length
@@ -177,7 +247,7 @@ settings:
     SaveQuitLocation: false
     # To activate the restricted user feature you need
     # to enable this option and configure the AllowedRestrictedUser field.
-        AllowRestrictedUser: false
+    AllowRestrictedUser: true
     # The restricted user feature will kick players listed below
     # if they don't match the defined IP address. Names are case-insensitive.
     # You can use * as wildcard (127.0.0.*), or regex with a "regex:" prefix regex:127\.0\.0\..*
@@ -185,13 +255,31 @@ settings:
     #     AllowedRestrictedUser:
     #     - playername;127.0.0.1
     #     - playername;regex:127\.0\.0\..*
-        AllowedRestrictedUser: []
+    AllowedRestrictedUser:
+      - server_land;127.0.0.1
+      - server;127.0.0.1
+      - bukkit;127.0.0.1
+      - purpur;127.0.0.1
+      - system;127.0.0.1
+      - admin;127.0.0.1
+      - md_5;127.0.0.1
+      - administrator;127.0.0.1
+      - notch;127.0.0.1
+      - spigot;127.0.0.1
+      - bukkitcraft;127.0.0.1
+      - paperclip;127.0.0.1
+      - papermc;127.0.0.1
+      - spigotmc;127.0.0.1
+      - root;127.0.0.1
+      - console;127.0.0.1
+      - authme;127.0.0.1
+      - owner;127.0.0.1
     # Ban unknown IPs trying to log in with a restricted username?
     banUnsafedIP: false
     # Should unregistered players be kicked immediately?
     kickNonRegistered: false
     # Should players be kicked on wrong password?
-        kickOnWrongPassword: true
+    kickOnWrongPassword: false
     # Should not logged in players be teleported to the spawn?
     # After the authentication they will be teleported back to
     # their normal position.
@@ -200,31 +288,33 @@ settings:
     allowMovement: false
     # After how many seconds should players who fail to login or register
     # be kicked? Set to 0 to disable.
-        timeout: 30
+    timeout: 120
     # Regex pattern of allowed characters in the player name.
     allowedNicknameCharacters: '[a-zA-Z0-9_]*'
     # How far can unregistered players walk?
     # Set to 0 for unlimited radius
-        allowedMovementRadius: 100
+    allowedMovementRadius: 0
     # Should we protect the player inventory before logging in? Requires ProtocolLib.
-        ProtectInventoryBeforeLogIn: true
+    ProtectInventoryBeforeLogIn: false
     # Should we deny the tabcomplete feature before logging in? Requires ProtocolLib.
     DenyTabCompleteBeforeLogin: false
     # Should we display all other accounts from a player when he joins?
     # permission: /authme.admin.accounts
-        displayOtherAccounts: true
+    displayOtherAccounts: false
     # Spawn priority; values: authme, essentials, cmi, multiverse, default
     spawnPriority: authme,essentials,cmi,multiverse,default
     # Maximum Login authorized by IP
-        maxLoginPerIp: 0
+    maxLoginPerIp: 3
     # Maximum Join authorized by IP
-        maxJoinPerIp: 0
+    maxJoinPerIp: 3
     # AuthMe will NEVER teleport players if set to true!
     noTeleport: false
     # Regex syntax for allowed chars in passwords. The default [!-~] allows all visible ASCII
     # characters, which is what we recommend. See also http://asciitable.com
     # You can test your regex with https://regex101.com
     allowedPasswordCharacters: '[!-~]*'
+    # Regex syntax for allowed chars in email.
+    allowedEmailCharacters: ^[A-Za-z0-9_.]{3,20}@(qq|outlook|163|gmail|icloud)\.com$
   GameMode:
     # Force survival gamemode when player joins?
     ForceSurvivalMode: false
@@ -247,12 +337,12 @@ settings:
     UnrestrictedInventories: []
   security:
     # Minimum length of password
-        minPasswordLength: 5
+    minPasswordLength: 8
     # Maximum length of password
-        passwordMaxLength: 30
+    passwordMaxLength: 26
     # Possible values: SHA256, BCRYPT, BCRYPT2Y, PBKDF2, SALTEDSHA512,
     # MYBB, IPB3, PHPBB, PHPFUSION, SMF, XENFORO, XAUTH, JOOMLA, WBB3, WBB4, MD5VB,
-        # PBKDF2DJANGO, WORDPRESS, ROYALAUTH, ARGON2, CUSTOM (for developers only). See full list at
+    # PBKDF2DJANGO, WORDPRESS, ROYALAUTH, ARGON2, NOCRYPT, CUSTOM (for developers only). See full list at
     # https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/hash_algorithms.md
     # If you use ARGON2, check that you have the argon2 c library on your system
     passwordHash: SHA256
@@ -273,13 +363,19 @@ settings:
     # - 'password'
     # - 'help'
     unsafePasswords:
-        - '123456'
+      - '12345678'
       - password
-        - qwerty
+      - qwertyui
-        - '12345'
-        - '54321'
       - '123456789'
-        - help
+      - '87654321'
+      - '1234567890'
+      - asdfghjkl
+      - zxcvbnm,
+      - asdfghjk
+      - '12312312'
+      - '123123123'
+      - '32132132'
+      - '321321321'
   registration:
     # Enable registration on the server?
     enabled: true
@@ -294,21 +390,26 @@ settings:
     # EMAIL = password is generated and sent to the email provided by the user.
     # More info at https://github.com/AuthMe/AuthMeReloaded/wiki/Registration
     type: PASSWORD
-        # Second argument the /register command should take: NONE = no 2nd argument
+    # Second argument the /register command should take: 
+    # NONE = no 2nd argument
     # CONFIRMATION = must repeat first argument (pass or email)
     # EMAIL_OPTIONAL = for password register: 2nd argument can be empty or have email address
     # EMAIL_MANDATORY = for password register: 2nd argument MUST be an email address
     secondArg: CONFIRMATION
+    email:
+      # Should we unregister the player when he didn't verify the email?
+      # This only works if you enabled email registration.
+      unregisterOnEmailVerificationFailure: false
+      # How many minutes should we wait before unregister the player
+      # when he didn't verify the email?
+      unregisterAfterMinutes: 10
     # Do we force kick a player after a successful registration?
     # Do not use with login feature below
     forceKickAfterRegister: false
     # Does AuthMe need to enforce a /login after a successful registration?
     forceLoginAfterRegister: false
-    # Broadcast the welcome message to the server or only to the player?
-    # set true for server or false for player
-    broadcastWelcomeMessage: false
   # Should we delay the join message and display it once the player has logged in?
-    delayJoinMessage: false
+  delayJoinMessage: true
   # The custom join message that will be sent after a successful login,
   # keep empty to use the original one.
   # Available variables:
@@ -317,11 +418,11 @@ settings:
   # {DISPLAYNAMENOCOLOR}: the player display name (without colors)
   customJoinMessage: ''
   # Should we remove the leave messages of unlogged users?
-    removeUnloggedLeaveMessage: false
+  removeUnloggedLeaveMessage: true
   # Should we remove join messages altogether?
-    removeJoinMessage: false
+  removeJoinMessage: true
   # Should we remove leave messages altogether?
-    removeLeaveMessage: false
+  removeLeaveMessage: true
   # Do we need to add potion effect Blinding before login/register?
   applyBlindEffect: false
   # Do we need to prevent people to login with another case?
@@ -347,7 +448,7 @@ GroupOptions:
   unregisteredPlayerGroup: ''
 Email:
   # Email SMTP server host
-    mailSMTP: smtp.gmail.com
+  mailSMTP: smtp.163.com
   # Email SMTP server port
   mailPort: 465
   # Only affects port 25: enable TLS/STARTTLS?
@@ -361,7 +462,7 @@ Email:
   # Custom sender name, replacing the mailAccount name in the email
   mailSenderName: ''
   # Recovery password length
-    RecoveryPasswordLength: 8
+  RecoveryPasswordLength: 12
   # Mail Subject
   mailSubject: Your new AuthMe password
   # Like maxRegPerIP but with email
@@ -370,20 +471,30 @@ Email:
   recallPlayers: false
   # Delay in minute for the recall scheduler
   delayRecall: 5
-    # Blacklist these domains for emails
-    emailBlacklisted: 
-    - 10minutemail.com
-    # Whitelist ONLY these domains for emails
-    emailWhitelisted: []
   # Send the new password drawn in an image?
   generateImage: false
   # The OAuth2 token
   emailOauth2Token: ''
+  # Email notifications when the server shuts down
+  shutDownEmail: false
+  # Email notification address when the server is shut down
+  shutDownEmailAddress: your@mail.com
 Hooks:
   # Do we need to hook with multiverse for spawn checking?
   multiverse: true
   # Do we need to hook with BungeeCord?
   bungeecord: false
+  # Do we need to hook with Velocity?
+  velocity: false
+  # How many ticks should we wait before sending login info to proxy?
+  # Change this to higher if your player has high ping.
+  # See: https://www.spigotmc.org/wiki/bukkit-bungee-plugin-messaging-channel/
+  proxySendDelay: 10
+  # Hook into floodgate.
+  # This must be true if you want to use other bedrock features.
+  floodgate: false
+  # Allow bedrock players join without check isValidName?
+  ignoreBedrockNameCheck: true
   # Send player to this BungeeCord server after register/login
   sendPlayerTo: ''
   # Do we need to disable Essentials SocialSpy on join?
@@ -394,24 +505,12 @@ Protection:
   # Enable some servers protection (country based login, antibot)
   enableProtection: false
   # Apply the protection also to registered usernames
-    enableProtectionRegistered: true
+  enableProtectionRegistered: false
-    geoIpDatabase:
-        # Enable GeoIp database
-        enabled: true
-        # The MaxMind clientId used to download the GeoIp database,
-        # get one at https://www.maxmind.com/en/accounts/current/license-key
-        # The EssentialsX project has a very useful tutorial on how to generate
-        # the license key: https://github.com/EssentialsX/Wiki/blob/master/GeoIP.md
-        clientId: ''
-        # The MaxMind licenseKey used to download the GeoIp database.
-        licenseKey: ''
   # Countries allowed to join the server and register. For country codes, see
   # https://dev.maxmind.com/geoip/legacy/codes/iso3166/
   # Use "LOCALHOST" for local addresses.
   # PLEASE USE QUOTES!
   countries:
-    - US
-    - GB
     - LOCALHOST
   # Countries not allowed to join the server and register
   # PLEASE USE QUOTES!
@@ -430,7 +529,7 @@ Protection:
   antiBotDelay: 60
   quickCommands:
     # Kicks the player that issued a command before the defined time after the join process
-        denyCommandsBeforeMilliseconds: 1000
+    denyCommandsBeforeMilliseconds: 3000
 Purge:
   # If enabled, AuthMe automatically purges old, unused accounts
   useAutoPurge: false
@@ -453,26 +552,33 @@ Security:
     # Stop the server if we can't contact the sql database
     # Take care with this, if you set this to false,
     # AuthMe will automatically disable and the server won't be protected!
-        stopServer: true
+    stopServer: false
   console:
     # Copy AuthMe log output in a separate file as well?
     logConsole: true
+  account:
+    haveIBeenPwned:
+      # Query haveibeenpwned.com with a hashed version of the password.
+      # This is used to check whether it is safe.
+      check: false
+      # If the password is used more than this number of times, it is considered unsafe.
+      limit: 0
   captcha:
     # Enable captcha when a player uses wrong password too many times
     useCaptcha: false
     # Max allowed tries before a captcha is required
-        maxLoginTry: 5
+    maxLoginTry: 8
     # Captcha length
-        captchaLength: 5
+    captchaLength: 6
     # Minutes after which login attempts count is reset for a player
-        captchaCountReset: 60
+    captchaCountReset: 120
     # Require captcha before a player may register?
     requireForRegistration: false
   tempban:
     # Tempban a user's IP address if they enter the wrong password too many times
     enableTempban: false
     # How many times a user can attempt to login before their IP being tempbanned
-        maxLoginTries: 10
+    maxLoginTries: 8
     # The length of time a IP address will be tempbanned in minutes
     # Default: 480 minutes, or 8 hours
     tempbanLength: 480
@@ -486,13 +592,13 @@ Security:
     # Number of characters a recovery code should have (0 to disable)
     length: 8
     # How many hours is a recovery code valid for?
-        validForHours: 4
+    validForHours: 6
     # Max number of tries to enter recovery code
-        maxTries: 3
+    maxTries: 4
     # How long a player has after password recovery to change their password
     # without logging in. This is in minutes.
     # Default: 2 minutes
-        passwordChangeTimeout: 2
+    passwordChangeTimeout: 5
   emailRecovery:
     # Seconds a user has to wait for before a password recovery mail may be sent again
     # This prevents an attacker from abusing AuthMe's email feature.
@@ -505,6 +611,13 @@ Security:
     enableEmailMasking: false
     # Minutes after which a verification code will expire
     verificationCodeExpiration: 10
+Plugin:
+  updates:
+    # Check for updates on enabled from GitHub?
+    checkForUpdates: true
+  banners:
+    # Should we show the AuthMe banner on startup?
+    showBanners: true
 # Before a user logs in, various properties are temporarily removed from the player,
 # such as OP status, ability to fly, and walk/fly speed.
 # Once the user is logged in, we add back the properties we previously saved.
@@ -553,13 +666,6 @@ BackupSystem:
   MysqlWindowsPath: C:\Program Files\MySQL\MySQL Server 5.1\
 # Converter settings: see https://github.com/AuthMe/AuthMeReloaded/wiki/Converters
 Converter:
-    Rakamak:
-        # Rakamak file name
-        fileName: users.rak
-        # Rakamak use IP?
-        useIP: false
-        # Rakamak IP file name
-        ipFileName: UsersIp.rak
   CrazyLogin:
     # CrazyLogin database file name
     fileName: accounts.db
@@ -583,4 +689,4 @@ To change settings on a running server, save your changes to config.yml and use
 
 ---
 
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Thu Jul 28 18:11:22 CEST 2022
+This page was automatically generated on the [HaHaWTH/AuthMeReReloaded repository](https://github.com/HaHaWTH/AuthMeReReloaded/tree/master/docs/) on Wed May 29 21:00:00 CST 2024

docs/hash_algorithms.md

@@ -80,4 +80,4 @@ or bad.
 
 ---
 
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sun Apr 04 21:31:44 CEST 2021
+This page was automatically generated on the [HaHaWTH/AuthMeReReloaded repository](https://github.com/HaHaWTH/AuthMeReReloaded/tree/master/docs/) on Sun Apr 04 21:31:44 CEST 2021

docs/permission_nodes.md

@@ -73,4 +73,4 @@ The following are the permission nodes that are currently supported by the lates
 
 ---
 
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sun Apr 04 21:31:44 CEST 2021
+This page was automatically generated on the [HaHaWTH/AuthMeReReloaded repository](https://github.com/HaHaWTH/AuthMeReReloaded/tree/master/docs/) on Sun Apr 04 21:31:44 CEST 2021

docs/translations.md

@@ -44,4 +44,4 @@ Code | Language | Translated |  
 
 ---
 
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Wed Jun 21 12:14:29 CEST 2023
+This page was automatically generated on the [HaHaWTH/AuthMeReReloaded repository](https://github.com/HaHaWTH/AuthMeReReloaded/tree/master/docs/) on Wed Jun 21 12:14:29 CEST 2023