FlexibleLogin [v0.17] for Sponge 7+ - Auth plugin - 2FA


#62

This BUG still exist!
Sponge: ver 808
Forge: ver 1561
Java: ver 8u65 x64
System: Windows 10

Log in console: http://pastebin.com/yp4hPnFn
The config file was as default.


#63

This is a different bug. Your Sponge version is outdated. Please update it.


#64

Oh, it works well after I update my Sponge. Thank you!


#65

# Algorithms for hashing user passwords. You can also choose totp
hashAlgo=bcrypt

How do you use bcrypt for hashing passwords in PHP?


#66

Sorry for the late response.

Which PHP version do you use? In PHP >=5.5 Bcrypt is already implemented and is set as default hashing algorithm. It's very easy just invoke this method.

password_hash(userPassword, PASSWORD_DEFAULT)

userPassword is the password of your user in plain text

If you use an older version, you can checkout this stackoverflow post.


#67

The server will be crash when i use this plugin. So is it really support the sponge ver 800+ ?


#68

I guess you use the newest Sponge version?

Recently (2 dadys ago) there was an update in the Sponge API, which is possible the reason for the crash. I uploaded a update which should fix this issue.


#69

fantastic, it is not crash anymore when i used FL V0.2.8


#70

Thank You
.............


#71

Seems like the plugin uses some kind of salt before encrypting the password. Your command does not (or at least not the same salt), and therefore the hash generated by the plugin isn't the same as the one generated by you.

You could try to use /register again to change the password. If that doesn't work, I'm sure games647 can add password reset/change functionality :smile:


#72

Which php version do you use?


#73

i use php v. 5.6


#74

BCrypt saves the salt into the same column. So it should extract it from there.

I found the source of this issue. The prefixes of the generated strings are different.

PHP
$2y...

Java
$2a...

You could fix it by replacing the 'y' in the prefix ($2a is the prefix) with an 'a'. Interesting is that PHP accepts the string generated by the Java implementation, but it doesn't work if Java checks the string generated by PHP. So you could be sure that your PHP code will still work if you change the prefix.

Sorry I didn't noticed this issue earlier. I will work on fix for it.


#75

I uploaded a new version where it's fixed.

Furthermore this update includes a config section where you can customize the text sent by FlexibleLogin. Thanks to @frogocomics for this feature.


#76

For my text configuration, I forgot to cover some parts, might want to take a look.


#77

Is this plugin still active and updated?


#78

Yes it is. Why do you ask?


#79

Just haven't seen anything on here for updates in 23 days. So I'm not sure if it would work on the new sponge beta or not ^.^


#80

The last commit (and update) is 11 days ago and it should already work with the new Sponge beta.


#81

New Update!
(v0.3.2)

  • TextConfiguration is now covers every single aspect of Flexible Login!
  • Some tweaks here and there