Lapis Login 1.1.4

A simple way to secure your players accounts

  1. dart2112
    Tested Minecraft Versions:
    • 1.12
    Source Code:
    https://github.com/LapisPlugins/LapisLogin
    [​IMG]


    [​IMG]
    • Password Security
    Uses hashing and salting to secure passwords in such a way that even I can't tell you what they are

    • Limited Login Attempts
    Limited login attempts allow you to run a custom command when a player gets their password wrong too many times. By default, the limit is 3 attempts and then the player is kicked. both the limit and the command that is run can be changed.

    • Simple and Fast
    Because I haven't put in a lot of fancy features the plugin is lite and easy to run making it perfect for small and massive servers

    • MySQL and SQLite Database Support
    If you have a MySQL database for your Minecraft server, LapisLogin can use this to store our player data so that it's not stored on disk. This allows you to thereticly push passwords out over multiple servers in a network. You can also use SQLite if you wish

    • Optional Registration
    If you don't want all players to be required to register then you only need to give the permission lapislogin.optional to the players you want to be able to register and lapislogin.required to people who must register. Other players can still register if they wish but it won't be a requirement. This might be handy if you want to force staff to secure their account but don't want to force players too.

    • Inventory Hiding
    Inventory Hiding allows the server to temporarily store a players inventory while they aren't logged in. This stops a player from getting information about the items you have in your inventory that might allow special permissions or access to areas of the server.

    • Player Locking
    This only applies to players who are registered but not logged in or players who are required to register but haven't. These players will not be able to move, chat, use commands other than /login and /register, access inventories like chests and alter their own inventory if inventory hiding is disabled

    • Customization for Messages
    All messages but command usage are editable and translatable should you wish to do so. This also allows you to theme the messages to match the theme of your server. The messages also have primary and secondary colours meaning you only have to change 2 values to change the colours of all the messages in an effortless way

    [​IMG]

    • /lapislogin (help, reload or update)
    without any arguments, this command displays plugin information
    Help: displays a list of all commands that you have permission to use and tells you what each does
    Reload(requires admin permissions): Reloads the config.yml and the Messages.yml from disk
    Update(requires admin permissions): Checks for an update, if an update is available it will be downloaded to be installed the next time the server starts

    • /login (Password)
    This command allows the player to login after this command is run the player will be allowed to move and be given back their inventory if inventory hiding is on
    The password entered must match the one used at registration for the command to be successful

    • /logout
    This command will lock players account so that they will need to log in again regardless of how long they are offline,
    this could be helpful if someone doesn't trust a friend or family member who has access to their computer.
    it will also hide the player's inventory if inventory hiding is enabled

    • /register (Password) (Password)
    This command registers the player's password to the server, this command must be run to secure an account and will be required by any player with the lapislogin.required permission before
    they are allowed to do anything(e.g. use chat, move, access inventory etc)
    both passwords must match for this command to be successful

    • /changepassword (OldPassword) (NewPassword) (NewPassword)
    This command allows a player to change their password. The player must be logged in to use the command
    the command fails if the old password is incorrect or if the new passwords don't match

    • /resetpassword (player)
    (This is an admin command)
    This command will de-register a player, forcing them to use the register command again. The main use of this command is for players who have forgotten their password.
    The command will also hide a players inventory and send them a message to re-register if they are online and have the lapislogin.required permission

    [​IMG]

    lapislogin.optional:

    Players with this permission or lapislogin.required will be allowed to login, any players without either of these permissions won't event know the plugin is there

    lapislogin.required:

    Players with this permission will be forced to register before they are allowed to interact with the server

    lapislogin.admin:
    allows the player to reset other players passwords with /resetpassword

    [​IMG]
    Information about how to use the API can be found on the JavaDocs
    Simply get an instance of the LapisLoginAPI class with your plugin class and call the LapisLoginAPIPlayer method with the UUID to get the player object.

    [​IMG]
    If you have made an add-on for LapisLogin and would like to see it featured here, just send me a private message with a download like. preferably a GitHub release page.

    LapisLoginStrength: This add-on allows you to specify a password strength that must be reached before a player can use that password. this means you can stop the player from using weak passwords. it makes use of zxcvbn4j which is a great API for password strength testing.

    [​IMG]

    The plugin will automatically check for updates and notify you when one is available. you can enable update downloading, this means that the plugin will automatically download and install updates the moment they come out. You can also force the server to check for and download available updates with /lapislogin update

    [​IMG]

    This plugin can collect data about how many players and servers are using it and what specifications they have.
    https://bstats.org/plugin/bukkit/LapisLogin

    [​IMG]

    The source code can be found HERE, If you want to contribute, please use pull requests or the issues system on GitHub.
    [​IMG]


    500 -

    1,000 -

    1,500 -

    2,000 -
    SanyaFox, Resoluciones and Gasha like this.

Recent Reviews

  1. Phunk
    Phunk
    3/5,
    Version: 1.1.4
    The plugin does what it's says it does. but there is a BIG problem with it, for example . it does not save some of the players current Inventories . and it reverts to some old backup file from it's "PlayerData" folder inside the LapisLogin Folder.
  2. Gobedojovo
    Gobedojovo
    5/5,
    Version: 1.1.4
    I think it is the best login plugin before it i have used login security but i changed to this because of duble password in registring.
  3. SanyaFox
    SanyaFox
    5/5,
    Version: 1.1.4
    A good plugin to replace Authme and at the same time convenient, simple and can be translated if necessary.
  4. REW01WER
    REW01WER
    5/5,
    Version: 1.1.4
    THE BEST!!! Hope FastlLogin plugin will support this.........................................
    1. dart2112
      Author's Response
      thank you
  5. inkdrak
    inkdrak
    5/5,
    Version: 1.1.1
    Great plugin, I like him very much

    I want to be able to add a function that uses title to display a login message?
    1. dart2112
      Author's Response
      Can you message me so I can work out exactly what is it that you are requesting?
      thanks
  6. Bas7
    Bas7
    5/5,
    Version: 1.0.9
    Awesome d keep this good project ..
    1. dart2112
      Author's Response
      Thank you
  7. novaldemar
    novaldemar
    5/5,
    Version: 1.0.6
    TL:DR This plugin is great and the developer is super responsive.

    There are several login plugins already on spigot that I have looked at over the last day or so. What makes this one stand out is that it allows for far greater customisation about exactly who is required to log in and who has the option to log in.

    Our server is online so we did not want to force all our users to use a password. We didn't want to deal with the issues of lost passwords. What we wanted was to secure our staff accounts. This plugin lets us require login from Mods and Admins and gives us the option to allow long time players the option to protect their accounts via an additional password.

    Doesn't matter if your server is online or offline this is a plugin that is useful to have in your arsenal.

    Further more since it is a new plugin support is great. We reported a bug we found and requested a permission node to be added for optional registration and both were fixed in a few hours.
    1. dart2112
      Author's Response
      Thank you very much