Logowanie premium

DataSource:
    # What type of database do you want to use?
    # Valid values: SQLITE, MYSQL
    backend: 'SQLITE'
    # Enable the database caching system, should be disabled on bungeecord environments
    # or when a website integration is being used.
    caching: true
    # Database host address
    mySQLHost: ''
    # Database port
    mySQLPort: ''
    # Connect to MySQL database over SSL
    mySQLUseSSL: true
    # Username to connect to the MySQL database
    mySQLUsername: ''
    # Password to connect to the MySQL database
    mySQLPassword: ''
    # Database Name, use with converters or as SQLITE database name
    mySQLDatabase: ''
    # Table of the database
    mySQLTablename: ''
    # Column of IDs to sort data
    mySQLColumnId: 'id'
    # Column for storing or checking players nickname
    mySQLColumnName: 'username'
    # Column for storing or checking players RealName
    mySQLRealName: 'realname'
    # Column for storing players passwords
    mySQLColumnPassword: 'password'
    # Column for storing players emails
    mySQLColumnEmail: 'email'
    # Column for storing if a player is logged in or not
    mySQLColumnLogged: 'isLogged'
    # Column for storing if a player has a valid session or not
    mySQLColumnHasSession: 'hasSession'
    # Column for storing the player's last IP
    mySQLColumnIp: 'ip'
    # Column for storing players lastlogins
    mySQLColumnLastLogin: 'lastlogin'
    # Column storing the registration date
    mySQLColumnRegisterDate: 'regdate'
    # Column for storing the IP address at the time of registration
    mySQLColumnRegisterIp: 'regip'
    # Column for storing player LastLocation - X
    mySQLlastlocX: 'x'
    # Column for storing player LastLocation - Y
    mySQLlastlocY: 'y'
    # Column for storing player LastLocation - Z
    mySQLlastlocZ: 'z'
    # Column for storing player LastLocation - World Name
    mySQLlastlocWorld: 'world'
    # Column for storing player LastLocation - Yaw
    mySQLlastlocYaw: 'yaw'
    # Column for storing player LastLocation - Pitch
    mySQLlastlocPitch: 'pitch'
    # Overrides the size of the DB Connection Pool, -1 = Auto
    poolSize: -1
    # The maximum lifetime of a connection in the pool, default = 1800 seconds
    # You should set this at least 30 seconds less than mysql server wait_timeout
    maxLifetime: 1800
ExternalBoardOptions:
    # Column for storing players passwords salts
    mySQLColumnSalt: ''
    # Column for storing players groups
    mySQLColumnGroup: ''
    # -1 means disabled. If you want that only activated players
    # can log into your server, you can set here the group number
    # of unactivated users, needed for some forum/CMS support
    nonActivedUserGroup: -1
    # Other MySQL columns where we need to put the username (case-sensitive)
    mySQLOtherUsernameColumns: []
    # How much log2 rounds needed in BCrypt (do not change if you do not know what it does)
    bCryptLog2Round: 10
    # phpBB table prefix defined during the phpBB installation process
    phpbbTablePrefix: 'phpbb_'
    # phpBB activated group ID; 2 is the default registered group defined by phpBB
    phpbbActivatedGroupId: 2
    # IP Board table prefix defined during the IP Board installation process
    IPBTablePrefix: 'ipb_'
    # IP Board default group ID; 3 is the default registered group defined by IP Board
    IPBActivatedGroupId: 3
    # Xenforo table prefix defined during the Xenforo installation process
    XFTablePrefix: 'xf_'
    # XenForo default group ID; 2 is the default registered group defined by Xenforo
    XFActivatedGroupId: 2
    # Wordpress prefix defined during WordPress installation
    wordpressTablePrefix: 'wp_'
settings:
    sessions:
        # Do you want to enable the session feature?
        # If enabled, when a player authenticates successfully,
        # his IP and his nickname is saved.
        # The next time the player joins the server, if his IP
        # is the same as last time and the timeout hasn't
        # expired, he will not need to authenticate.
        enabled: false
        # After how many minutes should a session expire?
        # A player's session ends after the timeout or if his IP has changed
        timeout: 10
    # Message language, available languages:
    # https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/translations.md
    messagesLanguage: 'en'
    # Forces authme to hook into Vault instead of a specific permission handler system.
    forceVaultHook: false
    # Log level: INFO, FINE, DEBUG. Use INFO for general messages,
    # FINE for some additional detailed ones (like password failed),
    # and DEBUG for debugging
    logLevel: 'FINE'
    # By default we schedule async tasks when talking to the database. If you want
    # typical communication with the database to happen synchronously, set this to false
    useAsyncTasks: true
    # By default we handle the AsyncPlayerPreLoginEvent which makes the plugin faster
    # but it is incompatible with any permission plugin not included in our compatibility list.
    # If you have issues with permission checks on player join please disable this option.
    useAsyncPreLoginEvent: true
    restrictions:
        # Can not authenticated players chat?
        # Keep in mind that this feature also blocks all commands not
        # listed in the list below.
        allowChat: false
        # Hide the chat log from players who are not authenticated?
        hideChat: false
        # Allowed commands for unauthenticated players
        allowCommands: 
        - '/login'
        - '/register'
        - '/l'
        - '/reg'
        - '/email'
        - '/captcha'
        # Max number of allowed registrations per IP
        # The value 0 means an unlimited number of registrations!
        maxRegPerIp: 0
        # Minimum allowed username length
        minNicknameLength: 3
        # Maximum allowed username length
        maxNicknameLength: 16
        # When this setting is enabled, online players can't be kicked out
        # due to "Logged in from another Location"
        # This setting will prevent potential security exploits.
        ForceSingleSession: true
        ForceSpawnLocOnJoin:
            # If enabled, every player that spawn in one of the world listed in
            # "ForceSpawnLocOnJoin.worlds" will be teleported to the spawnpoint after successful
            # authentication. The quit location of the player will be overwritten.
            # This is different from "teleportUnAuthedToSpawn" that teleport player
            # to the spawnpoint on join.
            enabled: false
            # WorldNames where we need to force the spawn location
            # Case-sensitive!
            worlds: 
            - 'world'
            - 'world_nether'
            - 'world_the_end'
        # This option will save the quit location of the players.
        SaveQuitLocation: false
        # To activate the restricted user feature you need
        # to enable this option and configure the AllowedRestrictedUser field.
        AllowRestrictedUser: false
        # The restricted user feature will kick players listed below
        # if they don't match the defined IP address. Names are case-insensitive.
        # You can use * as wildcard (127.0.0.*), or regex with a "regex:" prefix regex:127\.0\.0\..*
        # Example:
        #     AllowedRestrictedUser:
        #     - playername;127.0.0.1
        #     - playername;regex:127\.0\.0\..*
        AllowedRestrictedUser: []
        # Ban unknown IPs trying to log in with a restricted username?
        banUnsafedIP: false
        # Should unregistered players be kicked immediately?
        kickNonRegistered: false
        # Should players be kicked on wrong password?
        kickOnWrongPassword: true
        # Should not logged in players be teleported to the spawn?
        # After the authentication they will be teleported back to
        # their normal position.
        teleportUnAuthedToSpawn: false
        # Can unregistered players walk around?
        allowMovement: false
        # After how many seconds should players who fail to login or register
        # be kicked? Set to 0 to disable.
        timeout: 120
        # Regex pattern of allowed characters in the player name.
        allowedNicknameCharacters: '[a-zA-Z0-9_]*'
        # How far can unregistered players walk?
        # Set to 0 for unlimited radius
        allowedMovementRadius: 100
        # Should we protect the player inventory before logging in? Requires ProtocolLib.
        ProtectInventoryBeforeLogIn: true
        # Should we deny the tabcomplete feature before logging in? Requires ProtocolLib.
        DenyTabCompleteBeforeLogin: false
        # Should we display all other accounts from a player when he joins?
        # permission: /authme.admin.accounts
        displayOtherAccounts: false
        # Spawn priority; values: authme, essentials, multiverse, default
        spawnPriority: 'authme,essentials,multiverse,default'
        # Maximum Login authorized by IP
        maxLoginPerIp: 0
        # Maximum Join authorized by IP
        maxJoinPerIp: 0
        # AuthMe will NEVER teleport players if set to true!
        noTeleport: false
        # Regex syntax for allowed chars in passwords. The default [!-~] allows all visible ASCII
        # characters, which is what we recommend. See also http://asciitable.com
        # You can test your regex with https://regex101.com
        allowedPasswordCharacters: '[!-~]*'
        # Threshold of the other ounts command, a value less than 2 means disabled.
        otherAccountsCmdThreshold: 0
        # Command to run when a user has more accounts than the configured threshold.
        # Available variables: %playername%, %playerip%
        otherAccountsCmd: 'say The player %playername% with ip %playerip% has multiple accounts!'
    GameMode:
        # Force survival gamemode when player joins?
        ForceSurvivalMode: false
    unrestrictions:
        # Below you can list all account names that AuthMe will ignore
        # for registration or login. Configure it at your own risk!!
        # This option adds compatibility with BuildCraft and some other mods.
        # It is case-insensitive! Example:
        # UnrestrictedName:
        # - 'npcPlayer'
        # - 'npcPlayer2'
        UnrestrictedName: []
    security:
        # Minimum length of password
        minPasswordLength: 5
        # Maximum length of password
        passwordMaxLength: 30
        # Possible values: SHA256, BCRYPT, BCRYPT2Y, PBKDF2, SALTEDSHA512,
        # MYBB, IPB3, PHPBB, PHPFUSION, SMF, XENFORO, XAUTH, JOOMLA, WBB3, WBB4, MD5VB,
        # PBKDF2DJANGO, WORDPRESS, ROYALAUTH, ARGON2, CUSTOM (for developers only). See full list at
        # https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/hash_algorithms.md
        # If you use ARGON2, check that you have the argon2 c library on your system
        passwordHash: 'SHA256'
        # If a password check fails, AuthMe will also try to check with the following hash methods.
        # Use this setting when you change from one hash method to another.
        # AuthMe will update the password to the new hash. Example:
        # legacyHashes:
        # - 'SHA1'
        legacyHashes: []
        # Salt length for the SALTED2MD5 MD5(MD5(password)+salt)
        doubleMD5SaltLength: 8
        # Number of rounds to use if passwordHash is set to PBKDF2. Default is 10000
        pbkdf2Rounds: 10000
        # Prevent unsafe passwords from being used; put them in lowercase!
        # You should always set 'help' as unsafePassword due to possible conflicts.
        # unsafePasswords:
        # - '123456'
        # - 'password'
        # - 'help'
        unsafePasswords: 
        - '123456'
        - 'password'
        - 'qwerty'
        - '12345'
        - '54321'
        - '123456789'
        - 'help'
    registration:
        # Enable registration on the server?
        enabled: true
        # Send every X seconds a message to a player to
        # remind him that he has to login/register
        messageInterval: 5
        # Only registered and logged in players can play.
        # See restrictions for exceptions
        force: true
        # Type of registration: PASSWORD or EMAIL
        # PASSWORD = account is registered with a password supplied by the user;
        # EMAIL = password is generated and sent to the email provided by the user.
        # More info at https://github.com/AuthMe/AuthMeReloaded/wiki/Registration
        type: 'PASSWORD'
        # Second argument the /register command should take: NONE = no 2nd argument
        # CONFIRMATION = must repeat first argument (pass or email)
        # EMAIL_OPTIONAL = for password register: 2nd argument can be empty or have email address
        # EMAIL_MANDATORY = for password register: 2nd argument MUST be an email address
        secondArg: 'CONFIRMATION'
        # Do we force kick a player after a successful registration?
        # Do not use with login feature below
        forceKickAfterRegister: false
        # Does AuthMe need to enforce a /login after a successful registration?
        forceLoginAfterRegister: false
    # Enable to display the welcome message (welcome.txt) after a login
    # You can use colors in this welcome.txt + some replaced strings:
    # {PLAYER}: player name, {ONLINE}: display number of online players,
    # {MAXPLAYERS}: display server slots, {IP}: player ip, {LOGINS}: number of players logged,
    # {WORLD}: player current world, {SERVER}: server name
    # {VERSION}: get current bukkit version, {COUNTRY}: player country
    useWelcomeMessage: true
    # Broadcast the welcome message to the server or only to the player?
    # set true for server or false for player
    broadcastWelcomeMessage: false
    # Should we delay the join message and display it once the player has logged in?
    delayJoinMessage: false
    # The custom join message that will be sent after a successful login,
    # keep empty to use the original one.
    # Available variables:
    # {PLAYERNAME}: the player name (no colors)
    # {DISPLAYNAME}: the player display name (with colors)
    # {DISPLAYNAMENOCOLOR}: the player display name (without colors)
    customJoinMessage: ''
    # Should we remove the leave messages of unlogged users?
    removeUnloggedLeaveMessage: false
    # Should we remove join messages altogether?
    removeJoinMessage: false
    # Should we remove leave messages altogether?
    removeLeaveMessage: false
    # Do we need to add potion effect Blinding before login/reigster?
    applyBlindEffect: false
    # Do we need to prevent people to login with another case?
    # If Xephi is registered, then Xephi can login, but not XEPHI/xephi/XePhI
    preventOtherCase: true
GroupOptions:
    # Enables switching a player to defined permission groups before they log in.
    # See below for a detailed explanation.
    enablePermissionCheck: false
    # This is a very important option: if a registered player joins the server
    # AuthMe will switch him to unLoggedInGroup. This should prevent all major exploits.
    # You can set up your permission plugin with this special group to have no permissions,
    # or only permission to chat (or permission to send private messages etc.).
    # The better way is to set up this group with few permissions, so if a player
    # tries to exploit an account they can do only what you've defined for the group.
    # After login, the player will be moved to his correct permissions group!
    # Please note that the group name is case-sensitive, so 'admin' is different from 'Admin'
    # Otherwise your group will be wiped and the player will join in the default group []!
    # Example: registeredPlayerGroup: 'NotLogged'
    registeredPlayerGroup: ''
    # Similar to above, unregistered players can be set to the following
    # permissions group
    unregisteredPlayerGroup: ''
Email:
    # Email SMTP server host
    mailSMTP: 'smtp.gmail.com'
    # Email SMTP server port
    mailPort: 465
    # Only affects port 25: enable TLS/STARTTLS?
    useTls: true
    # Email account which sends the mails
    mailAccount: ''
    # Email account password
    mailPassword: ''
    # Email address, fill when mailAccount is not the email address of the account
    mailAddress: ''
    # Custom sender name, replacing the mailAccount name in the email
    mailSenderName: ''
    # Recovery password length
    RecoveryPasswordLength: 8
    # Mail Subject
    mailSubject: 'Your new AuthMe password'
    # Like maxRegPerIP but with email
    maxRegPerEmail: 1
    # Recall players to add an email?
    recallPlayers: false
    # Delay in minute for the recall scheduler
    delayRecall: 5
    # Blacklist these domains for emails
    emailBlacklisted: 
    - '10minutemail.com'
    # Whitelist ONLY these domains for emails
    emailWhitelisted: []
    # Send the new password drawn in an image?
    generateImage: false
    # The OAuth2 token
    emailOauth2Token: ''
Hooks:
    # Do we need to hook with multiverse for spawn checking?
    multiverse: true
    # Do we need to hook with BungeeCord?
    bungeecord: false
    # Send player to this BungeeCord server after register/login
    sendPlayerTo: ''
    # Do we need to disable Essentials SocialSpy on join?
    disableSocialSpy: false
    # Do we need to force /motd Essentials command on join?
    useEssentialsMotd: false
Protection:
    # Enable some servers protection (country based login, antibot)
    enableProtection: false
    # Apply the protection also to registered usernames
    enableProtectionRegistered: true
    # Countries allowed to join the server and register. For country codes, see
    # http://dev.maxmind.com/geoip/legacy/codes/iso3166/
    # PLEASE USE QUOTES!
    countries: 
    - 'US'
    - 'GB'
    # Countries not allowed to join the server and register
    # PLEASE USE QUOTES!
    countriesBlacklist: 
    - 'A1'
    # Do we need to enable automatic antibot system?
    enableAntiBot: true
    # The interval in seconds
    antiBotInterval: 5
    # Max number of players allowed to login in the interval
    # before the AntiBot system is enabled automatically
    antiBotSensibility: 10
    # Duration in minutes of the antibot automatic system
    antiBotDuration: 10
    # Delay in seconds before the antibot activation
    antiBotDelay: 60
Purge:
    # If enabled, AuthMe automatically purges old, unused accounts
    useAutoPurge: false
    # Number of days after which an account should be purged
    daysBeforeRemovePlayer: 60
    # Do we need to remove the player.dat file during purge process?
    removePlayerDat: false
    # Do we need to remove the Essentials/userdata/player.yml file during purge process?
    removeEssentialsFile: false
    # World in which the players.dat are stored
    defaultWorld: 'world'
    # Remove LimitedCreative/inventories/player.yml, player_creative.yml files during purge?
    removeLimitedCreativesInventories: false
    # Do we need to remove the AntiXRayData/PlayerData/player file during purge process?
    removeAntiXRayFile: false
    # Do we need to remove permissions?
    removePermissions: false
Security:
    SQLProblem:
        # Stop the server if we can't contact the sql database
        # Take care with this, if you set this to false,
        # AuthMe will automatically disable and the server won't be protected!
        stopServer: true
    console:
        # Remove passwords from console?
        removePassword: true
        # Copy AuthMe log output in a separate file as well?
        logConsole: true
    captcha:
        # Enable captcha when a player uses wrong password too many times
        useCaptcha: false
        # Max allowed tries before a captcha is required
        maxLoginTry: 5
        # Captcha length
        captchaLength: 5
        # Minutes after which login attempts count is reset for a player
        captchaCountReset: 60
    tempban:
        # Tempban a user's IP address if they enter the wrong password too many times
        enableTempban: false
        # How many times a user can attempt to login before their IP being tempbanned
        maxLoginTries: 10
        # The length of time a IP address will be tempbanned in minutes
        # Default: 480 minutes, or 8 hours
        tempbanLength: 480
        # How many minutes before resetting the count for failed logins by IP and username
        # Default: 480 minutes (8 hours)
        minutesBeforeCounterReset: 480
        # The command to execute instead of using the internal ban system, empty if disabled.
        # Available placeholders: %player%, %ip%
        customCommand: ''
    recoveryCode:
        # Number of characters a recovery code should have (0 to disable)
        length: 8
        # How many hours is a recovery code valid for?
        validForHours: 4
        # Max number of tries to enter recovery code
        maxTries: 3
        # How long a player has after password recovery to change their password
        # without logging in. This is in minutes.
        # Default: 2 minutes
        passwordChangeTimeout: 2
    emailRecovery:
        # Seconds a user has to wait for before a password recovery mail may be sent again
        # This prevents an attacker from abusing AuthMe's email feature.
        cooldown: 60
    privacy:
        # The mail shown using /email show will be partially hidden
        # E.g. (if enabled)
        #  original email: [email protected]
        #  hidden email: my.***@***mple.com
        enableEmailMasking: false
        # Minutes after which a verification code will expire
        verificationCodeExpiration: 10
# Before a user logs in, various properties are temporarily removed from the player,
# such as OP status, ability to fly, and walk/fly speed.
# Once the user is logged in, we add back the properties we previously saved.
# In this section, you may define how these properties should be handled.
# Read more at https://github.com/AuthMe/AuthMeReloaded/wiki/Limbo-players
limbo:
    persistence:
        # Besides storing the data in memory, you can define if/how the data should be persisted
        # on disk. This is useful in case of a server crash, so next time the server starts we can
        # properly restore things like OP status, ability to fly, and walk/fly speed.
        # DISABLED: no disk storage,
        # INDIVIDUAL_FILES: each player data in its own file,
        # DISTRIBUTED_FILES: distributes players into different files based on their UUID, see below
        type: 'INDIVIDUAL_FILES'
        # This setting only affects DISTRIBUTED_FILES persistence. The distributed file
        # persistence attempts to reduce the number of files by distributing players into various
        # buckets based on their UUID. This setting defines into how many files the players should
        # be distributed. Possible values: ONE, FOUR, EIGHT, SIXTEEN, THIRTY_TWO, SIXTY_FOUR,
        # ONE_TWENTY for 128, TWO_FIFTY for 256.
        # For example, if you expect 100 non-logged in players, setting to SIXTEEN will average
        # 6.25 players per file (100 / 16).
        # Note: if you change this setting all data will be migrated. If you have a lot of data,
        # change this setting only on server restart, not with /authme reload.
        distributionSize: 'SIXTEEN'
    # Whether the player is allowed to fly: RESTORE, ENABLE, DISABLE, NOTHING.
    # RESTORE sets back the old property from the player. NOTHING will prevent AuthMe
    # from modifying the 'allow flight' property on the player.
    restoreAllowFlight: 'RESTORE'
    # Restore fly speed: RESTORE, DEFAULT, MAX_RESTORE, RESTORE_NO_ZERO.
    # RESTORE: restore the speed the player had;
    # DEFAULT: always set to default speed;
    # MAX_RESTORE: take the maximum of the player's current speed and the previous one
    # RESTORE_NO_ZERO: Like 'restore' but sets speed to default if the player's speed was 0
    restoreFlySpeed: 'RESTORE_NO_ZERO'
    # Restore walk speed: RESTORE, DEFAULT, MAX_RESTORE, RESTORE_NO_ZERO.
    # See above for a description of the values.
    restoreWalkSpeed: 'RESTORE_NO_ZERO'
BackupSystem:
    # General configuration for backups: if false, no backups are possible
    ActivateBackup: true
    # Create backup at every start of server
    OnServerStart: true
    # Create backup at every stop of server
    OnServerStop: true
    # Windows only: MySQL installation path
    MysqlWindowsPath: 'C:\Program Files\MySQL\MySQL Server 5.1\'
# Converter settings: see https://github.com/AuthMe/AuthMeReloaded/wiki/Converters
Converter:
    Rakamak:
        # Rakamak file name
        fileName: 'users.rak'
        # Rakamak use IP?
        useIP: false
        # Rakamak IP file name
        ipFileName: 'UsersIp.rak'
    CrazyLogin:
        # CrazyLogin database file name
        fileName: 'accounts.db'
    loginSecurity:
        # LoginSecurity: convert from SQLite; if false we use MySQL
        useSqlite: true
        mySql:
            # LoginSecurity MySQL: database host
            host: ''
            # LoginSecurity MySQL: database name
            database: ''
            # LoginSecurity MySQL: database user
            user: ''
            # LoginSecurity MySQL: password for database user
            password: ''

# FastLogin config
# Project site: https://www.spigotmc.org/resources/fastlogin.14153
# Source code: https://github.com/games647/FastLogin
#
# You can access the newest config here:
# https://github.com/games647/FastLogin/blob/master/core/src/main/resources/config.yml

# Request a premium login without forcing the player to type a command
#
# If you activate autoRegister, this plugin will check/do these points on login:
# 1. An existing cracked account shouldn't exist
# -> paid accounts cannot steal the existing account of cracked players
# - (Already registered players could still use the /premium command to activate premium checks)
# 2. Automatically registers an account with a strong random generated password
# -> cracked player cannot register an account for the premium player and so cannot the steal the account
#
# Furthermore the premium player check have to be made based on the player name
# This means if a cracked player connects to the server and we request a paid account login from this player
# the player just disconnect and sees the message: 'bad login' or 'invalid session'
# There is no way to change this message
# For more information: https://github.com/games647/FastLogin#why-do-players-have-to-invoke-a-command
autoRegister: true

# This is extra configuration option to the feature above. If we request a premium authentication from a player who
# isn't actual premium but used a premium username, the player will disconnect with the reason "invalid session" or
# "bad login".
#
# If you activate this, we are remembering this player and do not force another premium authentication if the player
# tries to join again, so the player could join as cracked player.
secondAttemptCracked: true

# New cracked players will be kicked from server. Good if you want switch from offline-mode to online-mode without
# losing players!
#
# Existing cracked and premium players could still join your server. Moreover you could add playernames to a whitelist.
# So that these cracked players could join too although they are new players.
switchMode: false

# If this plugin detected that a player has a premium, it can also set the associated
# uuid from that account. So if the player changes the username, they will still have
# the same player data (inventory, permissions, ...)
#
# Warning: This also means that the UUID will be different if the player is connecting
# through a offline mode connection. This **could** cause plugin compatibility issues.
#
# This is a example and doesn't apply for every plugin.
# Example: If you want to ban players who aren't online at the moment, the ban plugin will look
# after a offline uuid associated to the player, because the server is in offline mode. Then the premium
# players could still join the server, because they have different UUID.
#
# Moreover you may want to convert the offline UUID to a premium UUID. This will ensure that the player
# will have the same inventory, permissions, ... if they switched to premium authentication from offline/cracked
# authentication.
#
# This feature requires Cauldron, Spigot or a fork of Spigot (Paper)
premiumUuid: true

# This will make an additional check (only for player names which are not in the database) against the mojang servers
# in order to get the premium UUID. If that premium UUID is in the database, we can assume on successful login that the
# player changed it's  username and we just update the name in the database.
# Examples:
# #### Case 1
# nameChangeCheck = false ----- autoRegister = false
#
# Player logins as cracked until the player invoked the command /premium. Then we could override the existing database
# record.
#
# #### Case 2
#
# nameChangeCheck = true ----- autoRegister = false
#
# Connect the Mojang API and check what UUID the player has (UUID exists => Paid Minecraft account). If that UUID is in
# the database it's an **existing player** and FastLogin can **assume** the player is premium and changed the username.
# If it's not in the database, it's a new player and **could be a cracked player**. So we just use a offline mode
# authentication for this player.
#
# **Limitation**: Cracked players who uses the new username of a paid account cannot join the server if the database
# contains the old name. (Example: The owner of the paid account no longer plays on the server, but changed the username
# in the meanwhile).
#
# #### Case 3
#
# nameChangeCheck = false ----- autoRegister = true
#
# We will always request a premium authentication if the username is unknown to us, but is in use by a paid minecraft
# account. This means it's kind of a more aggressive check like nameChangeCheck = true and autoRegister = false, because
# it request a premium authentication which are completely new to us, that even the premium UUID is not in our database.
#
# **Limitation**: see below
#
# #### Case 4
#
# nameChangeCheck = true ----- autoRegister = true
#
# Based on autoRegister it checks if the player name is premium and login using a premium authentication. After that
# fastlogin receives the premium UUID and can update the database record.
#
# **Limitation from autoRegister**: New offline players who uses the username of an existing minecraft cannot join the
# server.
nameChangeCheck: true

# If your players have a premium account and a skin associated to their account, this plugin
# can download the data and set it to the online player.
#
# Keep in mind that this will only works if the player:
# * is the owner of the premium account
# * the server connection is established through a premium connection (paid account authentication)
# * has a skin
#
# This means this plugin doesn't need to create a new connection to the Mojang servers, because
# the skin data is included in the Auth-Verification-Response sent by Mojang. If you want to use for other
# players like cracked player, you have to use other plugins.
#
# If you want to use skins for your cracked player, you need an additional plugin like
# ChangeSkin, SkinRestorer, ...
forwardSkin: false

# Displays a warning message that this message SHOULD only be invoked by
# users who actually are the owner of this account. So not by cracked players
#
# If they still want to invoke the command, they have to invoke /premium again
premium-warning: false

# If you have autoRegister or nameChangeCheck enabled, you could be rate-limited by Mojang.
# The requests of the both options will be only made by FastLogin if the username is unknown to the server
# You are allowed to make 600 requests per 10-minutes (60 per minute)
# If you own a big server this value could be too low
# Once the limit is reached, new players are always logged in as cracked until the rate-limit is expired.
# (to the next ten minutes)
#
# The limit is IP-wide. If you have multiple IPv4-addresses you specify them here. FastLogin will then use it in rotating
# order --> 5 different IP-addresses 5 * 600 per 10 minutes
# If this list is empty only the default one will be used
#
# Lists are created like this:
#ip-addresses:
#    - 192-168-0-2
ip-addresses: []

# How many requests should be established to the Mojang API for Name -> UUID requests. Some other plugins as well
# as the head minecraft block make such requests as well. Using this option you can limit the amount requests this
# plugin should make.
#
# If you lower this value, other plugins could still make requests while FastLogin cannot.
# Mojang limits the amount of request to 600 per 10 minutes per IPv4-address.
mojang-request-limit: 600

# This option automatically registers players which are in the FastLogin database, but not in the auth plugin database.
# This can happen if you switch your auth plugin or cleared the database of the auth plugin.
# https://github.com/games647/FastLogin/issues/85
auto-register-unknown: false

# This disables the auto login from fastlogin. So a premium (like a paid account) authentication is requested, but
# the player won't be auto logged into the account.
#
# This can be used as 2Factor authentication for better security of your accounts. A hacker then needs both passwords.
# The password of your minecraft and the password to login in with your auth plugin
autoLogin: true

# Database configuration
# Recommended is the use of MariaDB (a better version of MySQL)

# Single file SQLite database
driver: org.sqlite.JDBC
# File location
database: '{pluginDir}/FastLogin.db'

# MySQL/MariaDB
#driver: com.mysql.jdbc.Driver
#host: localhost
#port: 3306
#database: fastlogin
#username: myUser
#password: myPassword

# It's strongly recommended to enable SSL and setup a SSL certificate if the MySQL server isn't running on the same
# machine
#useSSL: false

# HTTP proxies for connecting to the Mojang servers in order to check if the username of a player is premium.
# This is a workaround to prevent rate-limiting by Mojang. These proxies will only be used once your server hit
# the rate-limit or the custom value above.
# Please make sure you use reliable proxies.
proxies:
  # 'IP:Port' or 'Domain:Port'
  # - 'xyz.com:1337'
  # - 'test.com:5131'