Comments (5)
I used to think UUID generated by offline servers are using md5("OfflinePlayer:<player name>") automatically. I will look into this case.
I'm currently on vacation though :(
from lockettepro.
I have just done some research regarding your situation, please confirm the following first:
- You have a mixed-mode server that allows both online-mode players and offline-mode players...
- ...by using a helper plugin "FastLogin". Similar plugin I can think of could be "AutoIn" etc..
- FastLogin requires your server to be set in "
online-mode: false
" - Your player with legitimate Mojang login cannot open their locked chests once they changed their name. Players logged in offline are not affected since their name will always stays the same.
There are some issue:
- If you set your server to "
online-mode: false
", all UUID generated by the server will be something like "md5("OfflinePlayer:") ". Which means this UUID is non-reversible. If a player have changed their name, it is impossible for them to open their chest again because their chest lock has bound to their old name. - "
online-mode: false
" servers will not attempt to grab the correct UUID for Mojang login players, and it is hard for LockettePro to know which player has logged in via Mojang.
My current proposed solution will be incompatible with all currently owned signs for Mojang login users, as well as probably not able to support all "mixed-mode server" plugins. TBH I don't really think it will worth the effort, but pull requests are welcomed.
from lockettepro.
Confirm:
4. This happened when enable-uuid-support: false
is set on LockettePro config.yml. However, if I set this option to true
, then only the legitimate player could access their chests.
About issues:
2. It is only true to cracked players. With FastLogin (or AuthIn you mentioned) integrated, legitimate players can still have their online-type UUID associated with even if online-mode: false
. At least on my server, all of my legit players has their own legit UUID and all the data are stored in this type of UUID as well with no problems. That also means they can definitely change their name through Mojang without losing any saved data. So that is why I'm guessing you could just read the player's UUIDs directly from Spigot.
I don't know how does LockettePro store UUID or how it verify player's UUID because I'm sucked with Java programming. But if simply read from the Spigot does not work for you, I suggest you to try to generate the offline-UUID manually (through md5 as you said) and compare it again after LockettePro failed to verify the legit one in the first place. It is also a safe way to do because the chance of md5 collision is extremely low. Btw this feature should only be enabled at when enabled-uuid-support: true
of course.
In the case of "what if a mixed-mode server decided to use cracked UUID for its own legit players", idk man what's wrong with those servers. If they choose to stick with cracked UUIDs anyway then they should also expect and disallow players change their name as well.
Please tell me if you have any thoughts. I will share my ideas as well.
p.s. Just a reminder: you forgot to fix #30 in the last comments.
from lockettepro.
I just came up with an idea, but I need to verify it first.
For #30, sorry :(
from lockettepro.
Sorry, but this idea will be longer considered.
from lockettepro.
Related Issues (20)
- Can't lock anything with signs
- Problem with lockette on doors with GriefPrevention
- Add SimpleClans support
- [17:36:24 ERROR]: Could not pass event InventoryMoveItemEvent to LockettePro v2.10.4
- LockettePro v2.10.8 doesn't work 1.16.4 tuinity
- Lockette Pro Error
- Players able to lock blocks in other towny claims.
- Error in console, what can i do ?
- Error in console, what can i do ?
- Can't load LockettePro
- Sign.getFacing(Sing) return null
- Players can open chests HOT 2
- SimpleClans support
- Iron door does not work properly with bare hands [1.16.5]
- Hello I would like to discuss business HOT 3
- Lockette Pro with double doors
- Could not pass event SignChangeEvent to LockettePro v2.4.1
- Error HOT 1
- Error HOT 1
- Anyone into 1.14 ? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lockettepro.