diff --git a/src/main/java/fr/xephi/authme/AuthMe.java b/src/main/java/fr/xephi/authme/AuthMe.java index 347a77f08..32188d235 100644 --- a/src/main/java/fr/xephi/authme/AuthMe.java +++ b/src/main/java/fr/xephi/authme/AuthMe.java @@ -40,6 +40,8 @@ import fr.xephi.authme.output.Messages; import fr.xephi.authme.permission.PermissionsManager; import fr.xephi.authme.permission.PlayerPermission; import fr.xephi.authme.process.Management; +import fr.xephi.authme.security.HashAlgorithm; +import fr.xephi.authme.security.PasswordSecurity; import fr.xephi.authme.settings.OtherAccounts; import fr.xephi.authme.settings.Settings; import fr.xephi.authme.settings.Spawn; @@ -585,6 +587,19 @@ public class AuthMe extends JavaPlugin { } } + // TODO: Move this to another place maybe ? + if (Settings.getPasswordHash == HashAlgorithm.PLAINTEXT) + { + ConsoleLogger.showError("Your HashAlgorithm has been detected has plaintext and is now deprecrated, it will be changed and hashed now to AuthMe default hashing method"); + for (PlayerAuth auth : database.getAllAuths()) + { + auth.setHash(PasswordSecurity.getHash(HashAlgorithm.SHA256, auth.getHash(), auth.getNickname())); + database.updatePassword(auth); + } + Settings.setValue("settings.security.passwordHash", "SHA256"); + Settings.reload(); + } + if (Settings.isCachingEnabled) { database = new CacheDataSource(database); } diff --git a/src/main/java/fr/xephi/authme/security/HashAlgorithm.java b/src/main/java/fr/xephi/authme/security/HashAlgorithm.java index bef417057..315fa9fde 100644 --- a/src/main/java/fr/xephi/authme/security/HashAlgorithm.java +++ b/src/main/java/fr/xephi/authme/security/HashAlgorithm.java @@ -13,6 +13,7 @@ public enum HashAlgorithm { XAUTH(fr.xephi.authme.security.crypts.XAUTH.class), MD5VB(fr.xephi.authme.security.crypts.MD5VB.class), PHPBB(fr.xephi.authme.security.crypts.PHPBB.class), + @Deprecated PLAINTEXT(fr.xephi.authme.security.crypts.PLAINTEXT.class), MYBB(fr.xephi.authme.security.crypts.MYBB.class), IPB3(fr.xephi.authme.security.crypts.IPB3.class), diff --git a/src/main/resources/config.yml b/src/main/resources/config.yml index 435bd1e4d..7f151c495 100644 --- a/src/main/resources/config.yml +++ b/src/main/resources/config.yml @@ -181,7 +181,6 @@ settings: # Example unLoggedinGroup: NotLogged unLoggedinGroup: unLoggedinGroup # possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB, - # PLAINTEXT ( unhashed password), # MYBB, IPB3, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512, # DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM(for developpers only) passwordHash: SHA256