LoginSystem 2.0

Name: LoginSystem
SKU: /p/8628
Availability: InStock

LoginSystem » Advanced & Secure Auth [1.8 - 1.21+] | Multi-DB & API

Download 24 MB .jar

Overview Reviews Updates Discussion Materials

LoginSystem
Advanced, Secure, and Fully Customizable Authentication

LoginSystem is a modern, high-performance authentication plugin designed from the ground up to maximize your server's security. Tired of old and clunky plugins? LoginSystem will add a professional touch to your server with its multi-database support, advanced hashing options, and fully translatable structure.

All database operations run asynchronously, meaning your server will not experience any lag.

Highlights

Wide Database Support: SQLite, H2, MySQL, MariaDB, PostgreSQL, and even MongoDB!
Top-Tier Security: SHA256 hashing by default, automatic migration from legacy algorithms (SHA1, MD5, etc.), and unsafe password prevention.
100% Translatable: All messages are managed through language files. New languages can be downloaded automatically from GitHub.
Highly Customizable: Login timeout, registration limit per IP, movement/chat/command restrictions before login, and much more.
Admin Commands: Many useful commands like force-registering players, changing passwords, unregistering accounts, and reloading the plugin.
Developer API: A powerful API that allows other plugins to integrate with LoginSystem.
Automatic Update Checker: Checks for new versions on SpigotMC (Resource ID: 74894) and notifies admins.
GUI Support: The API allows for the creation of modern Anvil GUI login screens instead of using chat.

Player Commands


/login  - Allows you to log in to the server.
/register   - Allows you to register on the server.
/changepassword   - Changes your password.
/unregister  - Deletes your registration from the server.
/logout - Allows you to log out securely.
/email add  - Adds or changes the email address for your account.
/email remove - Removes the email address from your account.

Admin Commands (/ls)

/ls help - Lists all admin commands.
/ls reload - Reloads the plugin's configuration and language files.
/ls lang  - Changes the plugin's language and reloads it.
/ls register   - Forcibly registers a player.
/ls unregister  - Deletes a player's registration.
/ls changepass   - Changes a player's password.
/ls forcelogin  - Forces an online player to log in.

Permissions

loginsystem.admin - Grants access to all admin commands. (Default: OP)
loginsystem.admin.help - Permission for /ls help.
loginsystem.admin.reload - Permission for /ls reload.
loginsystem.admin.lang - Permission for /ls lang.
loginsystem.admin.register - Permission for /ls register.
loginsystem.admin.unregister - Permission for /ls unregister.
loginsystem.admin.changepass - Permission for /ls changepass.
loginsystem.admin.forcelogin - Permission for /ls forcelogin.
loginsystem.admin.update - Receive update notifications upon joining.

Configuration
The plugin is almost entirely customizable through the `config.yml` file.


# LoginSystem Plugin Configuration

# Specify which method to use for data storage.
# Available options: sqlite, h2, mysql, mariadb, postgresql, mongodb
storage:
  type: sqlite

# H2 settings (used if type is set to h2)
h2:
  # The name of the database file to be created in the plugin's folder (without extension).
  # For example: 'loginsystem_data' -> creates plugins/LoginSystem/loginsystem_data.mv.db
  filename: "loginsystem_data"

# MySQL/MariaDB settings
database:
  host: "localhost"
  port: 3306
  dbname: "loginsystem"
  user: "root"
  password: "password"

# PostgreSQL settings
postgresql:
  host: "localhost"
  port: 5432
  dbname: "loginsystem"
  user: "postgres"
  password: "password"

# MongoDB settings
mongodb:
  # Example connection URI. Edit according to your own server information.
  # Simple structure: "mongodb://host:port"
  # With authentication: "mongodb://user:password@host:port/?authSource=admin"
  connection-uri: "mongodb://localhost:27017"
  database: "loginsystem"

settings:

  # Check for new updates on SpigotMC when the server starts.
  update_checker:
    enabled: true

  # Specifies the language file to be used.
  # Example: en, tr, az, de
  # A list of all available languages can be found at: https://github.com/BartuAbiHD/LoginSystem/tree/main/messages
  messagesLanguage: "en"

  security:
    # Minimum password length.
    minPasswordLength: 6
    # Maximum password length.
    passwordMaxLength: 32
    # The hashing algorithm to be used.
    # Options: SHA256, BCRYPT, MD5
    # WARNING: Avoid using old and insecure algorithms like MD5.
    passwordHash: "SHA256"
    # If a password check fails, LoginSystem will also try to check with the following algorithms.
    # This setting is useful when migrating from one hashing method to another.
    # LoginSystem will automatically update the password to the new hash method if it matches a legacy one.
    # legacyHashes:
    # - 'SHA1'
    # - 'MD5'
    legacyHashes: []

    # Prevent unsafe (easily guessable) passwords from being used.
    # The list is case-insensitive.
    unsafePasswords:
      - '123456'
      - 'password'
      - 'qwerty'
      - '12345'
      - '54321'
      - '123456789'
      - 'help'
      - 'test'
      - 'deneme'

  restrictions:
    # Can unauthenticated players chat?
    # This setting also blocks all commands not listed below.
    allowChat: false
    # Should chat be hidden from unauthenticated players?
    hideChat: false

    # Allowed commands for unauthenticated players.
    allowCommands:
      - /login
      - /register
      - /l
      - /reg
      - /giris
      - /girisyap
      - /oturumac
      - /kayit
      - /kayitol
      - /kaydol

    # Maximum number of allowed registrations per IP.
    # A value of 0 means unlimited registrations!
    maxRegPerIp: 2

    # Minimum allowed username length.
    minNicknameLength: 3
    # Maximum allowed username length.
    maxNicknameLength: 16

    # When this setting is enabled, an already online player cannot be kicked due to "Logged in from another location".
    # This prevents potential security exploits.
    ForceSingleSession: true

    ForceSpawnLocOnJoin:
      # If enabled, every player that joins in one of the worlds listed below will be teleported
      # to the world's spawn point after successful authentication.
      # The player's quit location will be overwritten.
      enabled: false
      # World names where forcing the spawn location is required (Case-sensitive!)
      worlds:
        - world
        - world_nether

    # Should non-registered players be kicked immediately?
    kickNonRegistered: false
    # Should players be kicked on wrong password?
    kickOnWrongPassword: true

    # After how many seconds should players who fail to login or register be kicked?
    # Set to 0 to disable.
    timeout: 30

    # Regex pattern for allowed characters in player names.
    allowedNicknameCharacters: "[a-zA-Z0-9_]*"
    # Regex pattern for allowed characters in passwords.
    allowedPasswordCharacters: "[!-~]*"
    # Regex pattern for allowed characters in emails.
    allowedEmailCharacters: "^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z]{2,}$"

For Developers
LoginSystem provides a powerful v2 API to facilitate integration with other plugins.

API Example
Accessing the API:


LoginSystemAPI api = LoginSystem.getApi();

Checking if a player is logged in:


if (api.isLoggedIn(player)) {
    // ...
}

Listening for a successful login event:


import me.bartuabihd.loginsystem.api.v2.event.LoginEvent;

@EventHandler
public void onPlayerAuthLogin(LoginEvent event) {
    Player player = event.getPlayer();
    player.sendMessage("Welcome back via API!");
}

No ratings yet

Supported MC versions

1.21, 1.20, 1.19, 1.18, 1.17, 1.16, 1.15, 1.14, 1.13, 1.12, 1.11, 1.10, 1.9, 1.8

Supported server software

Spigot, Paper, Purpur

Supported languages

English, Turkish, Azerbaijani, Deutsch, Spanish, French, Russian

Links

Source code

Donate

BartuAbiHD