Cracked players with premium name cant login. about fastlogin HOT 7 CLOSED

Enabled plugins: LimitSpawns 1.2, ConsoleManager 1.0, BetterChairs 0.6.0, ReversCraft 1.0, JustInvSee 4.0, MultiWorld 5.2.6, SkinsRestorer 11.4, MyCraft 3.5, RandomTPItem 1.1, SkullTurret 0.41a4, logatacks 0.1, LightAPI 2.0.1, AsyncWorldEditInjector 2.2.0, craftinomicon 0.2.5.1, WorldEdit 6.1;no_git_id, Essentials TeamCity, PacketListenerApi 3.3.5, PluginManagerReloaded 1.0.2, AutoMessage 2.5.5, EntityWatch 2.7, MapManager 1.1.4, IronElevators 1.0, SilkSpawners 3.7.1, ProtocolLib 3.7.0-SNAPSHOT-b258, AsyncWorldEdit 2.2.1, EssentialsChat TeamCity, PermissionsEx 1.23.4, mcMMO 1.5.05-SNAPSHOT-b133, ServerListPlus 3.4.4, Vault 1.5.6-b49, GriefPrevention 14.5, Halp 0.1, UltraCosmetics 2.1.2, AnimatedFrames 3.1.2, Trading 3.2, HolographicDisplays 2.1.12, GPRealEstate 1.4.1, ProtectionLib 0.5.4, Prism 2.0.6-${env.BUILD_NUMBER}, EssentialsSpawn TeamCity, CompatNoCheatPlus 6.6.3-SNAPSHOT-sMD5NET-b84, ResourcePackDownloader 4.0, NoCheatPlus 3.14.0-SNAPSHOT-sMD5NET-b958, VanishNoPacket 3.20, RPGHealthPlus 1.2.4, CS-CoreLib 1.5.3, AuthMe 5.2-SNAPSHOT-b943, FurnitureLib 1.5.4, FurnitureMaker 0.9.1b, RankPrefixPlus 1.7.1, TitleManager 1.5.11, DiceFurniture 2.7.1, FastLogin 0.8

from fastlogin.

I used FastLogin #247, maybe it fixed in #250?

from fastlogin.

In short words: disable autoRegister in the config.

I used FastLogin #247, maybe it fixed in #250?

No there are no changes related to this issue.

As I already stated here: https://github.com/games647/FastLogin/blob/master/bukkit/src/main/resources/config.yml#L17

Furthermore the premium player check have to be made based on the player name
This means if a cracked player connects to the server and we request a paid account login from this player
the player just disconnect and sees the message: 'bad login'
There is no way to change this message

Solutions
There is no way to change this behavior while having this option enabled. Either your players have to choose an no existing name or create an account before this option is enabled, so that this plugin can be sure these players are cracked.

Why so?
It's nearly impossible to check if the player is cracked or premium (paid account). On login we only get the player name and the ip from the connecting player. Based on this name the plugin checks if that name exists and it's not already registered on the server. If both checks passes and the option autoRegister is enabled, the plugin assumes it's a premium player and requests a premium authentication.

The client then connects to the Mojang servers. If the client is not the owner of that account, the login attempt will be aborted (by the client). This means it requires client modifications to change this behavior.

Alternative ideas

1. Double-Logins
   One way could be to check if the first login attempt failed. On a second request we can remember the combination of the ip and name and will now use a cracked login. But there is still no way to change the disconnect message 'Invalid session...'
2. BungeeCord different server address
   Cracked and premium players connect to different server addresses and will be authenticated based on this name. Although they will be all redirected to the same server, they will get different authentication methods.

Because all these problems I created the command /premium. For the next version of FastLogin, the plugin will save the premium state of the players. This means that players only have to invoke this command once. After that the plugin will store it in a database and will remember it for the next logins.

Sorry for the long description. I want to make the situation as clear as possible. I hope you understand everything. If not, just ask.

from fastlogin.

"bad login" not "invalid session", because i not think about it. :P Beter if you fix that words in comments.

from fastlogin.

Anyway thanks for solution disable autreg. =)

from fastlogin.

"bad login" not "invalid session", because i not think about it. :P Beter if you fix that words in comments.

Of course.

from fastlogin.

Anyway thanks for solution disable autreg. =)

Sorry that there is no better solution for that.

from fastlogin.