A simple Auth plugin for offline (online-mode=false in the server.properties file) servers. Commands would be like:
/login
/register
/changepw
And probably a lot more commands to add more features to it, like email confirmations and admin commands to change passwords and delete accounts.
not sure about that. moreso offline mode won’t be supported as backing for a feature in Sponge; I doubt they’ll get rid of the online-mode=false option.
as for the topic, yes; its possible. the current API is more than enough to let someone make that, that someone just needs to make it.
Yes, it would be awesome to have a plugin like this, since I’m trying to play with a few people I just met and want to have a bit of security on the server. Sounds great that it’s simple!
Well back when I was very addicted to minecraft. A friend me me hosted a small server on his laptop. But when we are in school there wasn’t wifi or anything to connect us up. We used an ad-hoc network + loginsecurity and played in the pauses that way. For these reasons I totally think such plugin is valid .
Or if you want to make a friend “try” minecraft. You can temporary set your server in offline mode without worrying about dudes changing there perms or stuff.
Because honestly? Did everyone here just bought the game straight out without trying?
I have a server that has no auth, however I only use it to build stuff and mess around with world edit, and to host the occasional friend who’s on the LAN…
Offline Mode is still going to be a huge security risk. Having a private server being offline is alright but you can never know what’s going to happen in public since a lot of security layer protection will be disabled.
It isn’t really a huge security risk. Literally the only thing changed is connection to the authentication servers, which can easily be fixed with an authentication plugin like this.
There was hack client that allows you to force op yourself and having none of that extra security layer, it’s more potential to that. Since a client can join and before they login, they can use force op. I saw it happening on a lot of public cracked servers back in 1.6.4. Not sure if there is still that security risk.