- Split TotpService further into GenerateTotpService and TotpAuthenticator, which wraps the GoogleAuthenticator impl
- Add missing tests for the services
- Change GenerateTotpService's interface to behave like a collection for more intuitive method behavior
- Within CaptchaStorage#checkCode, a player's captcha code is overridden with a new one on failure or cleared on success
- Fixes inconsistencies in the retrieval / regeneration of codes
- Remove abstract captcha manager in favor of a primitive captcha code storage (composition over inheritance)
- Supply player when checking captcha code for further usage (fixes open point from previous commit)
- Introduce registration captcha manager, rename login captcha manager accordingly
- Integrate reg. captcha manager into /register command
Open points:
- Refactor common captcha functionality into abstract superclass
- If captcha before /register necessary, show appropriate message to player immediately
- Unit tests
* Implement AuthMeBungee autologin
There is a failing test due to cyclic dependency injection, @ljacqu could you take a quick look at this?
* Try to fix recursive dependency injection
* Fix codestyle
* Fix the subchannel name, again...
* Split BungeeService into BungeeSender and BungeeReceiver
- Check not only for NOT NULL constraint but also if a column has a default value
- Use suffixes instead of colors only so the command is usable via console
- Old SQLite setups have the last IP column as NOT NULL but without a default value. With the new concept (where we don't set a last IP on player registration) it fails.
- Create an /authme debug child that allows to migrate SQLite (tricky because SQLite does not support dropping or modifying columns)
- Allow last IP column to be NOT NULL in MySQL as well (extend MySQL /authme debug child)
- Add TODO comments with follow-up issue to extend our commands with new registration IP field
* Introduce hasSession field in datasource
That makes isLogged more consistent as it will be '1' only when the player is online.
* Fixes
* Fix unit testing
* Update config doc
* Create SessionService
* Create test for SessionService, avoid DB operations if sessions are disabled
* Cleanup: remove outdated warning for session timeout = 0
- Remove outdated warning
- Encapsulate session enabled check in SessionService
* Fix failing SessionServiceTest, add data source integration tests for session methods
- Take MAX(reg_date, login_date) as timestamp to compare against
- Remove the second "all" parameter to include entries with 0 registration date -> we expect registration date to always be set to the current date, so the parameter becomes obsolete
- Create command under /authme debug that allows to change the 'nullable' status of MySQL columns (currently last date and email only)
- We need to offer a default value for forum integrations that have a NOT NULL email column. Offering a command avoids us from force-migrating existing databases while still offering migrations in both directions
- Change in default value handling: lack of values are not handled by setting default values to the PlayerAuth anymore, and reading a default value from the database into a PlayerAuth will be translated into null by the PlayerAuth builder
- When a new database is created, email and lastlogin are now nullable and lack a default a value
Open points:
- Finish MySqlDefaultChangerTest
- Revise purging logic (#792)
- Allow to have more columns nullable (#814)
- Reported via #1238, the primary group of a player should not be queried if the permissions plugin does not have group support
- Use the reverse order for showing player / limbo / disk limbo info
- Create method to check if email is empty or the default AuthMe email (avoids repetition)
- Check that input email has '@' inside text (relates to #1105)
