[Tutorial] #3 - AuthMe

1.  
2.  
3. DataSource:
4. # What type of database do you want to use?
5. # Valid values: sqlite, mysql
6. backend: 'SQLITE'
7. # Enable database caching, should improve database performance
8. caching: true
9. # Database host address
10. mySQLHost: '127.0.0.1'
11. # Database port
12. mySQLPort: '3306'
13. # Username about Database Connection Infos
14. mySQLUsername: 'authme'
15. # Password about Database Connection Infos
16. mySQLPassword: '12345'
17. # Database Name, use with converters or as SQLITE database name
18. mySQLDatabase: 'authme'
19. # Table of the database
20. mySQLTablename: 'authme'
21. # Column of IDs to sort data
22. mySQLColumnId: 'id'
23. # Column for storing or checking players nickname
24. mySQLColumnName: 'username'
25. # Column for storing or checking players RealName
26. mySQLRealName: 'realname'
27. # Column for storing players passwords
28. mySQLColumnPassword: 'password'
29. # Column for storing players emails
30. mySQLColumnEmail: 'email'
31. # Column for storing if a player is logged in or not
32. mySQLColumnLogged: 'isLogged'
33. # Column for storing players ips
34. mySQLColumnIp: 'ip'
35. # Column for storing players lastlogins
36. mySQLColumnLastLogin: 'lastlogin'
37. # Column for storing player LastLocation - X
38. mySQLlastlocX: 'x'
39. # Column for storing player LastLocation - Y
40. mySQLlastlocY: 'y'
41. # Column for storing player LastLocation - Z
42. mySQLlastlocZ: 'z'
43. # Column for storing player LastLocation - World Name
44. mySQLlastlocWorld: 'world'
45. # Enable this when you allow registration through a website
46. mySQLWebsite: false
47.  
48. ExternalBoardOptions:
49. # Column for storing players passwords salts
50. mySQLColumnSalt: ''
51. # Column for storing players groups
52. mySQLColumnGroup: ''
53. # -1 means disabled. If you want that only activated players
54. # can log into your server, you can set here the group number
55. # of unactivated users, needed for some forum/CMS support
56. nonActivedUserGroup: -1
57. # Other MySQL columns where we need to put the username (case-sensitive)
58. mySQLOtherUsernameColumns: []
59. # How much log2 rounds needed in BCrypt (do not change if you do not know what it does)
60. bCryptLog2Round: 10
61. # phpBB table prefix defined during the phpBB installation process
62. phpbbTablePrefix: 'phpbb_'
63. # phpBB activated group ID; 2 is the default registered group defined by phpBB
64. phpbbActivatedGroupId: 2
65. # Wordpress prefix defined during WordPress installation
66. wordpressTablePrefix: 'wp_'
67.  
68. Converter:
69. Rakamak:
70. # Rakamak file name
71. fileName: 'users.rak'
72. # Rakamak use IP?
73. useIP: false
74. # Rakamak IP file name
75. ipFileName: 'UsersIp.rak'
76. CrazyLogin:
77. # CrazyLogin database file name
78. fileName: 'accounts.db'
79.  
80. settings:
81. # The name shown in the help messages
82. helpHeader: 'AuthMeReloaded'
83. sessions:
84. # Do you want to enable the session feature?
85. # If enabled, when a player authenticates successfully,
86. # his IP and his nickname is saved.
87. # The next time the player joins the server, if his IP
88. # is the same as last time and the timeout hasn't
89. # expired, he will not need to authenticate.
90. enabled: true
91. # After how many minutes should a session expire?
92. # 0 for unlimited time (Very dangerous, use it at your own risk!)
93. # Remember that sessions will end only after the timeout, and
94. # if the player's IP has changed but the timeout hasn't expired,
95. # the player will be kicked from the server due to invalid session
96. timeout: 1440
97. # Should the session expire if the player tries to log in with
98. # another IP address?
99. sessionExpireOnIpChange: true
100. # Message language, available: en, de, br, cz, pl, fr, ru, hu, sk, es, zhtw, fi, zhcn, lt, it, ko, pt
101. messagesLanguage: 'en'
102. restrictions:
103. # Keeps collisions disabled for logged players
104. # Works only with MC 1.9
105. keepCollisionsDisabled: false
106. # Can not authenticated players chat?
107. # Keep in mind that this feature also blocks all commands not
108. # listed in the list below.
109. allowChat: false
110. # Hide the chat log from players who are not authenticated?
111. hideChat: false
112. # Allowed commands for unauthenticated players
113. allowCommands:
114. - '/login'
115. - '/register'
116. - '/l'
117. - '/reg'
118. - '/email'
119. - '/captcha'
120. # Max number of allowed registrations per IP
121. # The value 0 means an unlimited number of registrations!
122. maxRegPerIp: 3
123. # Minimum allowed username length
124. minNicknameLength: 4
125. # Maximum allowed username length
126. maxNicknameLength: 30
127. # When this setting is enabled, online players can't be kicked out
128. # due to "Logged in from another Location"
129. # This setting will prevent potential security exploits.
130. ForceSingleSession: true
131. ForceSpawnLocOnJoin:
132. # If enabled, every player will be teleported to the world spawnpoint
133. # after successful authentication.
134. # The quit location of the player will be overwritten.
135. # This is different from "teleportUnAuthedToSpawn" that teleport player
136. # back to his quit location after the authentication.
137. enabled: false
138. # WorldNames where we need to force the spawn location
139. # Case-sensitive!
140. worlds:
141. - 'world'
142. - 'world_nether'
143. - 'world_the_end'
144. # This option will save the quit location of the players.
145. SaveQuitLocation: false
146. # To activate the restricted user feature you need
147. # to enable this option and configure the AllowedRestrictedUser field.
148. AllowRestrictedUser: false
149. # The restricted user feature will kick players listed below
150. # if they don't match the defined IP address.
151. # Example:
152. # AllowedRestrictedUser:
153. # - playername;127.0.0.1
154. AllowedRestrictedUser: []
155. # Should unregistered players be kicked immediately?
156. kickNonRegistered: false
157. # Should players be kicked on wrong password?
158. kickOnWrongPassword: false
159. # Should not logged in players be teleported to the spawn?
160. # After the authentication they will be teleported back to
161. # their normal position.
162. teleportUnAuthedToSpawn: false
163. # Can unregistered players walk around?
164. allowMovement: false
165. # Should not authenticated players have speed = 0?
166. # This will reset the fly/walk speed to default value after the login.
167. removeSpeed: true
168. # After how many seconds should players who fail to login or register
169. # be kicked? Set to 0 to disable.
170. timeout: 30
171. # Regex syntax of allowed characters in the player name.
172. allowedNicknameCharacters: '[a-zA-Z0-9_]*'
173. # How far can unregistered players walk?
174. # Set to 0 for unlimited radius
175. allowedMovementRadius: 100
176. # Enable double check of password when you register
177. # when it's true, registration requires that kind of command:
178. # /register <password> <confirmPassword>
179. enablePasswordConfirmation: true
180. # Should we protect the player inventory before logging in? Requires ProtocolLib.
181. ProtectInventoryBeforeLogIn: false
182. # Should we deny the tabcomplete feature before logging in? Requires ProtocolLib.
183. DenyTabCompleteBeforeLogin: true
184. # Should we hide the tablist before logging in? Requires ProtocolLib.
185. HideTablistBeforeLogin: true
186. # Should we display all other accounts from a player when he joins?
187. # permission: /authme.admin.accounts
188. displayOtherAccounts: true
189. # Ban ip when the ip is not the ip registered in database
190. banUnsafedIP: false
191. # Spawn priority; values: authme, essentials, multiverse, default
192. spawnPriority: 'authme,essentials,multiverse,default'
193. # Maximum Login authorized by IP
194. maxLoginPerIp: 0
195. # Maximum Join authorized by IP
196. maxJoinPerIp: 0
197. # AuthMe will NEVER teleport players if set to true!
198. noTeleport: false
199. # Regex syntax for allowed chars in passwords
200. allowedPasswordCharacters: '[\x21-\x7E]*'
201. GameMode:
202. # Force survival gamemode when player joins?
203. ForceSurvivalMode: false
204. unrestrictions:
205. # Below you can list all account names that
206. # AuthMe will ignore for registration or login, configure it
207. # at your own risk!! Remember that if you are going to add
208. # nickname with [], you have to delimit name with ' '.
209. # this option add compatibility with BuildCraft and some
210. # other mods.
211. # It is case-sensitive!
212. UnrestrictedName: []
213. security:
214. # Minimum length of password
215. minPasswordLength: 5
216. # Maximum length of password
217. passwordMaxLength: 30
218. # This is a very important option: every time a player joins the server,
219. # if they are registered, AuthMe will switch him to unLoggedInGroup.
220. # This should prevent all major exploits.
221. # You can set up your permission plugin with this special group to have no permissions,
222. # or only permission to chat (or permission to send private messages etc.).
223. # The better way is to set up this group with few permissions, so if a player
224. # tries to exploit an account they can do only what you've defined for the group.
225. # After, a logged in player will be moved to his correct permissions group!
226. # Please note that the group name is case-sensitive, so 'admin' is different from 'Admin'
227. # Otherwise your group will be wiped and the player will join in the default group []!
228. # Example unLoggedinGroup: NotLogged
229. unLoggedinGroup: 'unLoggedinGroup'
230. # Possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB,
231. # MYBB, IPB3, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512,
232. # DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM (for developers only)
233. passwordHash: 'SHA256'
234. # Salt length for the SALTED2MD5 MD5(MD5(password)+salt)
235. doubleMD5SaltLength: 8
236. # If password checking return false, do we need to check with all
237. # other password algorithm to check an old password?
238. # AuthMe will update the password to the new password hash
239. supportOldPasswordHash: false
240. # Prevent unsafe passwords from being used; put them in lowercase!
241. # unsafePasswords:
242. # - '123456'
243. # - 'password'
244. unsafePasswords:
245. - '123456'
246. - 'password'
247. - 'qwerty'
248. - '12345'
249. - '54321'
250. registration:
251. # Enable registration on the server?
252. enabled: true
253. # Send every X seconds a message to a player to
254. # remind him that he has to login/register
255. messageInterval: 5
256. # Only registered and logged in players can play.
257. # See restrictions for exceptions
258. force: true
259. # Do we replace password registration by an email registration method?
260. enableEmailRegistrationSystem: false
261. # Enable double check of email when you register
262. # when it's true, registration requires that kind of command:
263. # /register <email> <confirmEmail>
264. doubleEmailCheck: false
265. # Do we force kick a player after a successful registration?
266. # Do not use with login feature below
267. forceKickAfterRegister: false
268. # Does AuthMe need to enforce a /login after a successful registration?
269. forceLoginAfterRegister: false
270. # Force these commands after /login, without any '/', use %p to replace with player name
271. forceCommands: []
272. # Force these commands after /login as service console, without any '/'. Use %p to replace with player name
273. forceCommandsAsConsole: []
274. # Force these commands after /register, without any '/', use %p to replace with player name
275. forceRegisterCommands: []
276. # Force these commands after /register as a server console, without any '/'. Use %p to replace with player name
277. forceRegisterCommandsAsConsole: []
278. # Enable to display the welcome message (welcome.txt) after a login
279. # You can use colors in this welcome.txt + some replaced strings:
280. # {PLAYER}: player name, {ONLINE}: display number of online players, {MAXPLAYERS}: display server slots,
281. # {IP}: player ip, {LOGINS}: number of players logged, {WORLD}: player current world, {SERVER}: server name
282. # {VERSION}: get current bukkit version, {COUNTRY}: player country
283. useWelcomeMessage: true
284. # Do we need to broadcast the welcome message to all server or only to the player? set true for server or false for player
285. broadcastWelcomeMessage: false
286. # Should we delay the join message and display it once the player has logged in?
287. delayJoinMessage: false
288. # Should we remove join messages altogether?
289. removeJoinMessage: false
290. # Should we remove leave messages?
291. removeLeaveMessage: false
292. # Do we need to add potion effect Blinding before login/reigster?
293. applyBlindEffect: false
294. # Do we need to prevent people to login with another case?
295. # If Xephi is registered, then Xephi can login, but not XEPHI/xephi/XePhI
296. preventOtherCase: false
297.  
298. permission:
299. # Take care with this option; if you don't want
300. # to use Vault and group switching of AuthMe
301. # for unloggedIn players, set this setting to true.
302. # Default is false.
303. EnablePermissionCheck: false
304.  
305. Email:
306. # Email SMTP server host
307. mailSMTP: 'smtp.gmail.com'
308. # Email SMTP server port
309. mailPort: 465
310. # Email account which sends the mails
311. mailAccount: ''
312. # Email account password
313. mailPassword: ''
314. # Custom sender name, replacing the mailAccount name in the email
315. mailSenderName: ''
316. # Recovery password length
317. RecoveryPasswordLength: 8
318. # Mail Subject
319. mailSubject: 'Your new AuthMe password'
320. # Like maxRegPerIP but with email
321. maxRegPerEmail: 1
322. # Recall players to add an email?
323. recallPlayers: false
324. # Delay in minute for the recall scheduler
325. delayRecall: 5
326. # Blacklist these domains for emails
327. emailBlacklisted:
328. - '10minutemail.com'
329. # Whitelist ONLY these domains for emails
330. emailWhitelisted: []
331. # Send the new password drawn in an image?
332. generateImage: false
333. # The OAuth2 token
334. emailOauth2Token: ''
335.  
336. Hooks:
337. # Do we need to hook with multiverse for spawn checking?
338. multiverse: true
339. # Do we need to hook with BungeeCord?
340. bungeecord: false
341. # Send player to this BungeeCord server after register/login
342. sendPlayerTo: ''
343. # Do we need to disable Essentials SocialSpy on join?
344. disableSocialSpy: true
345. # Do we need to force /motd Essentials command on join?
346. useEssentialsMotd: false
347. # Do we need to cache custom Attributes?
348. customAttributes: false
349.  
350. Protection:
351. # Enable some servers protection (country based login, antibot)
352. enableProtection: false
353. # Countries allowed to join the server and register, see http://dev.bukkit.org/bukkit-plugins/authme-reloaded/pages/countries-codes/ for countries' codes
354. # PLEASE USE QUOTES!
355. countries:
356. - 'US'
357. - 'GB'
358. # Countries not allowed to join the server and register
359. # PLEASE USE QUOTES!
360. countriesBlacklist:
361. - 'A1'
362. # Do we need to enable automatic antibot system?
363. enableAntiBot: true
364. # Max number of players allowed to login in 5 secs before the AntiBot system is enabled automatically
365. antiBotSensibility: 10
366. # Duration in minutes of the antibot automatic system
367. antiBotDuration: 1
368.  
369. Purge:
370. # If enabled, AuthMe automatically purges old, unused accounts
371. useAutoPurge: false
372. # Number of Days an account become Unused
373. daysBeforeRemovePlayer: 60
374. # Do we need to remove the player.dat file during purge process?
375. removePlayerDat: false
376. # Do we need to remove the Essentials/users/player.yml file during purge process?
377. removeEssentialsFile: false
378. # World where are players.dat stores
379. defaultWorld: 'world'
380. # Do we need to remove LimitedCreative/inventories/player.yml, player_creative.yml files during purge process ?
381. removeLimitedCreativesInventories: false
382. # Do we need to remove the AntiXRayData/PlayerData/player file during purge process?
383. removeAntiXRayFile: false
384. # Do we need to remove permissions?
385. removePermissions: false
386.  
387. Security:
388. SQLProblem:
389. # Stop the server if we can't contact the sql database
390. # Take care with this, if you set this to false,
391. # AuthMe will automatically disable and the server won't be protected!
392. stopServer: true
393. ReloadCommand:
394. # /reload support
395. useReloadCommandSupport: true
396. console:
397. # Remove spam from console?
398. noConsoleSpam: false
399. # Remove passwords from console?
400. removePassword: true
401. # Copy AuthMe log output in a separate file as well?
402. logConsole: true
403. captcha:
404. # Enable captcha when a player uses wrong password too many times
405. useCaptcha: false
406. # Max allowed tries before a captcha is required
407. maxLoginTry: 5
408. # Captcha length
409. captchaLength: 5
410. stop:
411. # Kick players before stopping the server, that allow us to save position of players
412. # and all needed information correctly without any corruption.
413. kickPlayersBeforeStopping: true
414. tempban:
415. # Tempban a user's IP address if they enter the wrong password too many times
416. enableTempban: false
417. # How many times a user can attempt to login before their IP being tempbanned
418. maxLoginTries: 10
419. # The length of time a IP address will be tempbanned in minutes
420. # Default: 480 minutes, or 8 hours
421. tempbanLength: 480
422.  
423. BackupSystem:
424. # Enable or disable automatic backup
425. ActivateBackup: false
426. # Set backup at every start of server
427. OnServerStart: false
428. # Set backup at every stop of server
429. OnServerStop: true
430. # Windows only mysql installation Path
431. MysqlWindowsPath: 'C:\Program Files\MySQL\MySQL Server 5.1\'