diff --git a/src/main/java/fr/xephi/authme/settings/custom/HooksSettings.java b/src/main/java/fr/xephi/authme/settings/custom/HooksSettings.java index d838c33ad..f13e66055 100644 --- a/src/main/java/fr/xephi/authme/settings/custom/HooksSettings.java +++ b/src/main/java/fr/xephi/authme/settings/custom/HooksSettings.java @@ -2,7 +2,6 @@ package fr.xephi.authme.settings.custom; import fr.xephi.authme.settings.domain.Comment; import fr.xephi.authme.settings.domain.Property; -import fr.xephi.authme.settings.domain.PropertyType; import fr.xephi.authme.settings.domain.SettingsClass; import static fr.xephi.authme.settings.domain.Property.newProperty; @@ -11,27 +10,31 @@ public class HooksSettings implements SettingsClass { @Comment("Do we need to hook with multiverse for spawn checking?") public static final Property MULTIVERSE = - newProperty(PropertyType.BOOLEAN, "Hooks.multiverse", true); + newProperty("Hooks.multiverse", true); @Comment("Do we need to hook with BungeeCord?") public static final Property BUNGEECORD = - newProperty(PropertyType.BOOLEAN, "Hooks.bungeecord", false); + newProperty("Hooks.bungeecord", false); @Comment("Send player to this BungeeCord server after register/login") public static final Property BUNGEECORD_SERVER = - newProperty(PropertyType.STRING, "Hooks.sendPlayerTo", ""); + newProperty("Hooks.sendPlayerTo", ""); @Comment("Do we need to disable Essentials SocialSpy on join?") public static final Property DISABLE_SOCIAL_SPY = - newProperty(PropertyType.BOOLEAN, "Hooks.disableSocialSpy", false); + newProperty("Hooks.disableSocialSpy", false); @Comment("Do we need to force /motd Essentials command on join?") public static final Property USE_ESSENTIALS_MOTD = - newProperty(PropertyType.BOOLEAN, "Hooks.useEssentialsMotd", false); + newProperty("Hooks.useEssentialsMotd", false); @Comment("Do we need to cache custom Attributes?") public static final Property CACHE_CUSTOM_ATTRIBUTES = - newProperty(PropertyType.BOOLEAN, "Hooks.customAttributes", false); + newProperty("Hooks.customAttributes", false); + + @Comment("These features are only available on VeryGames Server Provider") + public static final Property ENABLE_VERYGAMES_IP_CHECK = + newProperty("VeryGames.enableIpCheck", false); private HooksSettings() { } diff --git a/src/main/java/fr/xephi/authme/settings/custom/RestrictionSettings.java b/src/main/java/fr/xephi/authme/settings/custom/RestrictionSettings.java index f5fa9c061..e34a2c2fe 100644 --- a/src/main/java/fr/xephi/authme/settings/custom/RestrictionSettings.java +++ b/src/main/java/fr/xephi/authme/settings/custom/RestrictionSettings.java @@ -141,6 +141,31 @@ public class RestrictionSettings implements SettingsClass { public static final Property BAN_UNKNOWN_IP = newProperty("settings.restrictions.banUnsafedIP", false); + @Comment("Spawn priority; values: authme, essentials, multiverse, default") + public static final Property SPAWN_PRIORITY = + newProperty("settings.restrictions.spawnPriority", "authme,essentials,multiverse,default"); + + @Comment("Maximum Login authorized by IP") + public static final Property MAX_LOGIN_PER_IP = + newProperty("settings.restrictions.maxLoginPerIp", 0); + + @Comment("Maximum Join authorized by IP") + public static final Property MAX_JOIN_PER_IP = + newProperty("settings.restrictions.maxJoinPerIp", 0); + + @Comment("AuthMe will NEVER teleport players if set to true!") + public static final Property NO_TELEPORT = + newProperty("settings.restrictions.noTeleport", false); + + @Comment("Regex syntax for allowed chars in passwords") + public static final Property ALLOWED_PASSWORD_CHARS = + newProperty("settings.restrictions.allowedPasswordCharacters", "[\\x21-\\x7E]*"); + + @Comment("Force survival gamemode when player joins?") + public static final Property FORCE_SURVIVAL_MODE = + newProperty("settings.GameMode.ForceSurvivalMode", false); + + private RestrictionSettings() { } diff --git a/src/main/java/fr/xephi/authme/settings/custom/SecuritySettings.java b/src/main/java/fr/xephi/authme/settings/custom/SecuritySettings.java index 1605c166f..dcb44b73e 100644 --- a/src/main/java/fr/xephi/authme/settings/custom/SecuritySettings.java +++ b/src/main/java/fr/xephi/authme/settings/custom/SecuritySettings.java @@ -1,12 +1,14 @@ package fr.xephi.authme.settings.custom; +import fr.xephi.authme.security.HashAlgorithm; import fr.xephi.authme.settings.domain.Comment; import fr.xephi.authme.settings.domain.Property; import fr.xephi.authme.settings.domain.SettingsClass; +import java.util.List; + import static fr.xephi.authme.settings.domain.Property.newProperty; -import static fr.xephi.authme.settings.domain.PropertyType.BOOLEAN; -import static fr.xephi.authme.settings.domain.PropertyType.INTEGER; +import static fr.xephi.authme.settings.domain.PropertyType.STRING_LIST; public class SecuritySettings implements SettingsClass { @@ -14,36 +16,82 @@ public class SecuritySettings implements SettingsClass { "Take care with this, if you set this to false,", "AuthMe will automatically disable and the server won't be protected!"}) public static final Property STOP_SERVER_ON_PROBLEM = - newProperty(BOOLEAN, "Security.SQLProblem.stopServer", true); + newProperty("Security.SQLProblem.stopServer", true); @Comment("/reload support") public static final Property USE_RELOAD_COMMAND_SUPPORT = - newProperty(BOOLEAN, "Security.ReloadCommand.useReloadCommandSupport", true); + newProperty("Security.ReloadCommand.useReloadCommandSupport", true); @Comment("Remove spam from console?") public static final Property REMOVE_SPAM_FROM_CONSOLE = - newProperty(BOOLEAN, "Security.console.noConsoleSpam", false); + newProperty("Security.console.noConsoleSpam", false); @Comment("Remove passwords from console?") public static final Property REMOVE_PASSWORD_FROM_CONSOLE = - newProperty(BOOLEAN, "Security.console.removePassword", true); + newProperty("Security.console.removePassword", true); @Comment("Player need to put a captcha when he fails too lot the password") public static final Property USE_CAPTCHA = - newProperty(BOOLEAN, "Security.captcha.useCaptcha", false); + newProperty("Security.captcha.useCaptcha", false); @Comment("Max allowed tries before request a captcha") public static final Property MAX_LOGIN_TRIES_BEFORE_CAPTCHA = - newProperty(INTEGER, "Security.captcha.maxLoginTry", 5); + newProperty("Security.captcha.maxLoginTry", 5); @Comment("Captcha length") public static final Property CAPTCHA_LENGTH = - newProperty(INTEGER, "Security.captcha.captchaLength", 5); + newProperty("Security.captcha.captchaLength", 5); @Comment({"Kick players before stopping the server, that allow us to save position of players", "and all needed information correctly without any corruption."}) public static final Property KICK_PLAYERS_BEFORE_STOPPING = - newProperty(BOOLEAN, "Security.stop.kickPlayersBeforeStopping", true); + newProperty("Security.stop.kickPlayersBeforeStopping", true); + + @Comment("Minimum length of password") + public static final Property MIN_PASSWORD_LENGTH = + newProperty("settings.security.minPasswordLength", 5); + + @Comment({ + "This is a very important option: every time a player joins the server,", + "if they are registered, AuthMe will switch him to unLoggedInGroup.", + "This should prevent all major exploits.", + "You can set up your permission plugin with this special group to have no permissions,", + "or only permission to chat (or permission to send private messages etc.).", + "The better way is to set up this group with few permissions, so if a player", + "tries to exploit an account they can do only what you've defined for the group.", + "After, a logged in player will be moved to his correct permissions group!", + "Please note that the group name is case-sensitive, so 'admin' is different from 'Admin'", + "Otherwise your group will be wiped and the player will join in the default group []!", + "Example unLoggedinGroup: NotLogged" + }) + public static final Property UNLOGGEDIN_GROUP = + newProperty("settings.security.unLoggedinGroup", "unLoggedinGroup"); + + @Comment({ + "Possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB,", + "MYBB, IPB3, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512,", + "DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM (for developers only)" + }) + public static final Property PASSWORD_HASH = + newProperty(HashAlgorithm.class, "settings.security.passwordHash", HashAlgorithm.SHA256); + + @Comment("Salt length for the SALTED2MD5 MD5(MD5(password)+salt)") + public static final Property DOUBLE_MD5_SALT_LENGTH = + newProperty("settings.security.doubleMD5SaltLength", 8); + + @Comment({"If password checking return false, do we need to check with all", + "other password algorithm to check an old password?", + "AuthMe will update the password to the new password hash"}) + public static final Property SUPPORT_OLD_PASSWORD_HASH = + newProperty("settings.security.supportOldPasswordHash", false); + + @Comment({"Prevent unsafe passwords from being used; put them in lowercase!", + "unsafePasswords:", + "- '123456'", + "- 'password'"}) + public static final Property> UNSAFE_PASSWORDS = + newProperty(STRING_LIST, "settings.security.unsafePasswords", + "123456", "password", "qwerty", "12345", "54321"); private SecuritySettings() { } diff --git a/src/main/java/fr/xephi/authme/settings/domain/Comment.java b/src/main/java/fr/xephi/authme/settings/domain/Comment.java index 92713aeec..07f20e257 100644 --- a/src/main/java/fr/xephi/authme/settings/domain/Comment.java +++ b/src/main/java/fr/xephi/authme/settings/domain/Comment.java @@ -12,6 +12,6 @@ import java.lang.annotation.Target; @Target(ElementType.FIELD) public @interface Comment { - String[] value() default ""; + String[] value(); }