FlexibleLogin [v0.17] for Sponge 7+ - Auth plugin - 2FA

jiangming1399 · November 30, 2015, 3:59pm

This BUG still exist!
Sponge: ver 808
Forge: ver 1561
Java: ver 8u65 x64
System: Windows 10

Log in console: http://pastebin.com/yp4hPnFn
The config file was as default.

games647 · November 30, 2015, 7:06pm

This is a different bug. Your Sponge version is outdated. Please update it.

jiangming1399 · December 1, 2015, 1:41am

Oh, it works well after I update my Sponge. Thank you!

Masaru_Sink · December 4, 2015, 6:51am

hashAlgo=bcrypt```

How do you use bcrypt for hashing passwords in PHP?

games647 · December 6, 2015, 7:33pm

Sorry for the late response.

Which PHP version do you use? In PHP >=5.5 Bcrypt is already implemented and is set as default hashing algorithm. It’s very easy just invoke this method.

password_hash(userPassword, PASSWORD_DEFAULT)

userPassword is the password of your user in plain text

If you use an older version, you can checkout this stackoverflow post.

noodles · December 9, 2015, 8:21am

The server will be crash when i use this plugin. So is it really support the sponge ver 800+ ?

games647 · December 9, 2015, 3:06pm

I guess you use the newest Sponge version?

Recently (2 dadys ago) there was an update in the Sponge API, which is possible the reason for the crash. I uploaded a update which should fix this issue.

noodles · December 10, 2015, 1:46am

fantastic, it is not crash anymore when i used FL V0.2.8

naynop · December 16, 2015, 1:55am

Thank You
…

Lemonous · December 16, 2015, 7:02am

Seems like the plugin uses some kind of salt before encrypting the password. Your command does not (or at least not the same salt), and therefore the hash generated by the plugin isn’t the same as the one generated by you.

You could try to use /register again to change the password. If that doesn’t work, I’m sure games647 can add password reset/change functionality

games647 · December 16, 2015, 12:54pm

Which php version do you use?

naynop · December 16, 2015, 4:40pm

i use php v. 5.6

games647 · December 16, 2015, 6:35pm

BCrypt saves the salt into the same column. So it should extract it from there.

I found the source of this issue. The prefixes of the generated strings are different.

PHP
$2y…

Java
$2a…

You could fix it by replacing the ‘y’ in the prefix ($2a is the prefix) with an ‘a’. Interesting is that PHP accepts the string generated by the Java implementation, but it doesn’t work if Java checks the string generated by PHP. So you could be sure that your PHP code will still work if you change the prefix.

Sorry I didn’t noticed this issue earlier. I will work on fix for it.

games647 · December 19, 2015, 2:30pm

I uploaded a new version where it’s fixed.

Furthermore this update includes a config section where you can customize the text sent by FlexibleLogin. Thanks to @frogocomics for this feature.

frogocomics · December 26, 2015, 4:07am

For my text configuration, I forgot to cover some parts, might want to take a look.

Txk · January 11, 2016, 5:22am

Is this plugin still active and updated?

games647 · January 11, 2016, 1:32pm

Yes it is. Why do you ask?

Darktilldawn · January 11, 2016, 4:48pm

Just haven’t seen anything on here for updates in 23 days. So I’m not sure if it would work on the new sponge beta or not ^.^

games647 · January 11, 2016, 5:30pm

The last commit (and update) is 11 days ago and it should already work with the new Sponge beta.

frogocomics · January 18, 2016, 1:17am

New Update!
(v0.3.2)

TextConfiguration is now covers every single aspect of Flexible Login!
Some tweaks here and there