* Update the GeoIp database download method [BREAKING]
Now GeoIp database updates require a ClientID and a LicenseKey, which can be obtained for free at https://www.maxmind.com/en/accounts/current/license-key
* Codestyle
* #1523 Create admin commands to handle players' 2FA data
- Create admin command to view if a player has enabled 2FA
- Create admin command to disable 2FA for a specified player
* #1627 Replace BCryptService with Maven dependency
- Remove BCryptService in favor of a better BCrypt implementation (Maven dependency)
- Introduce BCryptHasher wrapping the dependency with more suitable methods
- Fix inaccurate details about salt length in docu annotation: for BCrypt it's always 22 chars
- Change phpBB hash to produce 2y hashes instead of 2a
* #1627 Use UTF-8 encoding when (dis)assembling Strings
* #1627 Small test additions
- Revert back to SHA1 as HMAC hash function so that it works with Google authenticator
- Add message to user to tell him to run /2fa confirm to add a TOTP code
- Introduce new configuration (taken from @sgdc3)
- Create JoiningPlayer, based on a Player object or String name, determining how permissions will be checked
- Add argon2 implementation
- Extract argon2 library check to method on Argon 2
- Add link to Wiki page on errors
- Check within Argon2Test if the test cases should be run, not in the abstract parent
* Introduce hasSession field in datasource
That makes isLogged more consistent as it will be '1' only when the player is online.
* Fixes
* Fix unit testing
* Update config doc
* Create SessionService
* Create test for SessionService, avoid DB operations if sessions are disabled
* Cleanup: remove outdated warning for session timeout = 0
- Remove outdated warning
- Encapsulate session enabled check in SessionService
* Fix failing SessionServiceTest, add data source integration tests for session methods
- NewAPI class will be removed in 5.5, not 5.4
- Add entry for "Deprecated" recommendation in hash algorithms page
- Mention possibility of wildcards for restricted user rules