⚙
Config.yml
####################################################################################################
# +----------------------------------------------------------------------------------------------+ #
# | __ _ | #
# | _ __ / / ___ __ _(_)_ __ | #
# | | '_ \ / / / _ \ / _` | | '_ \ | #
# | | | | / /__| (_) | (_| | | | | | | #
# | |_| |_\____/\___/ \__, |_|_| |_| | #
# | |___/ | #
# | | #
# | A practical, secure and friendly authentication plugin | #
# | | #
# | © 2022 - Powered by nickuc.com | #
# | | #
# | | #
# | For a better understanding of this file see our documentation: | #
# | ==> https://docs.nickuc.com/nlogin | #
# | | #
# | New options are not automatically added in this file. Default values are used | #
# | if an option is not found. | #
# +----------------------------------------------------------------------------------------------+ #
####################################################################################################
# Set the version of the file.
file-version: 2
# Sets the debugging mode.
# - This option is used to find problems in the plugin.
debug: false
# Set the language of the plugin
#
# - Available translations:
#
# |=> Chinese: messages_cn.yml
# |=> Chinese: messages_cn.yml
# |=> Czech: messages_cz.yml
# |=> German: messages_de.yml
# |=> English: messages_en.yml
# |=> Spanish: messages_es.yml
# |=> French: messages_fr.yml
# |=> Hungarian: messages_hu.yml
# |=> Lithuanian: messages_lt.yml
# |=> Polish: messages_pl.yml
# |=> Portuguese: messages_br.yml
# |=> Romanian: messages_ro.yml
# |=> Russian: messages_ru.yml
# |=> Turkish: messages_tr.yml
# |=> Other languages: https://github.com/nickuc/OpeNLogin/blob/master/docs/lang.md
#
# - When changing the language, the current file can be reset.
languageFile: "messages_en.yml"
# ___ _ _
# / \__ _| |_ __ _| |__ __ _ ___ ___
# / /\ / _` | __/ _` | '_ \ / _` / __|/ _ \
# / /_// (_| | || (_| | |_) | (_| \__ \ __/
# /___,' \__,_|\__\__,_|_.__/ \__,_|___/\___|
# Database settings.
database:
# Sets the type of database used.
#
# - Options available:
# |=> MySQL
# |=> SQLite
type: SQLite
remote:
# Defines MySQL information.
# - Tutorial for installation: https://docs.nickuc.com/nlogin-mysql
address: "localhost:3306"
database: "nLogin"
user: "root"
password: ""
# Set the connection properties.
# - Don't change this information if you don't know what you are doing!
properties:
#useSSL: false
#verifyServerCertificate: false
useUnicode: true
characterEncoding: "utf8"
# Defines the connection pool settings.
# - Don't change this information if you don't know what you are doing!
pool-settings:
maximum-pool-size: 10
minimum-idle: 10
maximum-lifetime: 1800000 # 30 minutes
connection-timeout: 5000 # 5 seconds
table:
account:
# Sets the name of the nLogin accounts table.
# - Don't change this information if you don't know what you are doing!
table-name: "nlogin"
# Sets the name of the nLogin columns.
# - Don't change this information if you don't know what you are doing!
columns:
id: "id"
name: "name"
real_name: "realname"
unique_id: "uniqueId"
premium_id: "premiumId"
password: "password"
premium: "premium"
address: "address"
reg_date: "regdate"
last_login: "lastlogin"
email: "email"
twitter: "twitter"
discord: "discord"
settings: "settings"
data:
# Sets the name of the nLogin data table.
# - Don't change this information if you don't know what you are doing!
table-name: "nlogin_data"
# Sets the name of the nLogin columns.
# - Don't change this information if you don't know what you are doing!
columns:
id: "id"
key: "key"
value: "value"
# _____ _ __
# /\ /\ ___ ___ _ __ \_ \_ __ | |_ ___ _ __ / _| __ _ ___ ___
# / / \ \/ __|/ _ \ '__| / /\/ '_ \| __/ _ \ '__| |_ / _` |/ __/ _ \
# \ \_/ /\__ \ __/ | /\/ /_ | | | | || __/ | | _| (_| | (_| __/
# \___/ |___/\___|_| \____/ |_| |_|\__\___|_| |_| \__,_|\___\___|
# User Interface settings.
ui:
# Sets whether on-screen messages will be sent.
use-title-bar: true
# Sets whether messages in actionbars will be sent.
use-action-bar: true
# Sets whether the time remaining message will be sent.
actionbar-counter: true
# Sets whether sound effects will be sent.
use-sounds: true
# Sets whether interactive messages will be sent.
use-chat-component: true
# __ _
# \ \ ___ (_)_ __
# \ \/ _ \| | '_ \
# /\_/ / (_) | | | | |
# \___/ \___/|_|_| |_|
# Join configuration.
join:
# Sets whether the chat should be cleaned upon joining the server.
clean-chat-on-join: true
# Sets whether the input message will be removed.
remove-join-message: true
# _____ _ _
# /__ \___| | ___ _ __ ___ _ __| |_
# / /\/ _ \ |/ _ \ '_ \ / _ \| '__| __|
# / / | __/ | __/ |_) | (_) | | | |_
# \/ \___|_|\___| .__/ \___/|_| \__|
# |_|
# Teleport settings.
teleport:
# Sets whether the player will be teleported to a safe position upon entering.
# - It is recommended to activate the option if no spawn has been set.
safe-location: false
# Defines if the player will be teleported to the last location upon exit.
last-location: true
# Defines if the player will be teleported to the spawn upon death.
teleport-on-death: true
# __ _ _
# / /(_)_ __ ___ | |__ ___
# / / | | '_ ` _ \| '_ \ / _ \
# / /__| | | | | | | |_) | (_) |
# \____/_|_| |_| |_|_.__/ \___/
# Limbo settings.
# - Limbo is the player information protection system.
# - In case of an abrupt shutdown (e.g. power failure), the
# limbo files will go into action.
limbo:
# Defines whether the limbo should hide the players' information.
#
# => Player info list:
# - speed and flight mode;
# - speed when walking;
# - life;
# - satiety;
# - [...]
#
# - It is recommended to disable this option in case of conflicts with other
# plugins that handle these options (e.g. lobby plugins).
hide-player-stats: true
# Sets the time to wait for player information to be hidden.
#
# => The value provided must be in ticks. To calculate the required ticks,
# multiply the value (in seconds) by 20.
#
# - Example:
# 2 seconds X 20 ticks = 40 ticks
#
hide-player-stats-delay: 0
inventory:
# Sets whether items should be hidden before logging in.
hide-inventory: true
# Defines whether acceleration should be used.
# - This option hides items more optimally, but requires
# the installation of ProtocolLib and may cause problems with plugins
# that require the inventory to be empty before login (e.g. nAntiBot)
fast-hide-inventory: true
# Sets whether other players should be hidden before logging in.
# - This option can prevent spamming of bots in the server's player list.
hide-players-before-login: true
# Defines whether the movement should be locked before authenticating.
block-player-walk: true
# ___ _
# / _ \_ __ ___ _ __ ___ (_)_ _ _ __ ___ __/\__
# / /_)/ '__/ _ \ '_ ` _ \| | | | | '_ ` _ \ \ /
# / ___/| | | __/ | | | | | | |_| | | | | | | /_ _\
# \/ |_| \___|_| |_| |_|_|\__,_|_| |_| |_| \/
# Paid features of the plugin (premium version).
premium:
# Defines the type of unique id for users.
#
# - Options available:
# |=> REAL [recommended]
# |=> RANDOM
# |=> OFFLINE
#
# - You can change this option freely: already registered users
# will NOT be affected by this change. Consequently, your users will
# continue to have the items and achievements after the change.
#
# - For more information, access the documentation:
# * https://docs.nickuc.com/nlogin-uuid
unique-id-type: REAL
autologin:
bedrock:
# Defines whether Bedrock players should authenticate automatically.
# - You can change this setting freely: already registered users
# will NOT be vulnerable by this change
enable: true
# Sets whether Bedrock players should skip registration.
# - It is recommended to disable this option if you use player passwords
# in a web integration (e.g. server site).
skip-register: true
premium:
# Defines whether premium players should authenticate automatically.
# - You can change this setting freely: already registered users
# will NOT be vulnerable by this change
enable: true
# Defines whether premium players should skip registration.
# - It is recommended to disable this option if you use player passwords
# in a web integration (e.g. server site).
skip-register: true
# Defines whether premium nicknames will receive a notification to mark their account as premium or not.
# - Changing this option will only be done if you use the UUID "RANDOM" or "OFFLINE".
# Otherwise premium players will be automatically marked as premium
# in order to keep the real UUID from Mojang.
ask-via-notification: true
# Sets whether cracked players can use premium player nicknames.
# - The option will only change if you use the "REAL" UUID.
# Otherwise, cracked players will be allowed by default.
allow-cracked-users: true
session:
# Defines whether login sessions will be used.
# - Authentication will be ignored if the player logs in at the timeout
# and continues using the same ip address.
enable: true
# Sets the length of login sessions.
# => Very long session times may open vulnerabilities if the player's IP
# is public (proxies, public VPNs, shared networks)
# or if it switches too quickly (on ISPs with dynamic ip).
# - To make a session permanent use the value 0. However, this is inadvisable.
duration: 5
# _ _ _
# /_\ __| |_ ____ _ _ __ ___ ___ __| |
# //_\\ / _` \ \ / / _` | '_ \ / __/ _ \/ _` |
# / _ \ (_| |\ V / (_| | | | | (_| __/ (_| |
# \_/ \_/\__,_| \_/ \__,_|_| |_|\___\___|\__,_|
# Advanced features of the plugin.
advanced:
unrestricted:
# Defines the nicknames that will skip the authentication process.
#
# - This option can be useful for MODS or plugins that spoof
# the behavior of a player.
#
# - Examples:
# - '[ThaumcraftTablet]'
# - '[BuildCraft]'
# - 'ComputerCraft'
#
# => Use this feature at your own risk.
unrestricted-names: []
# Sets the name of the inventories that will not be locked before login.
# - If you are a developer, it is best to use a higher priority for
# your inventory event (e.g. HIGH or HIGHEST), and then remove
# the nLogin cancel - "Event#setCancelled(false)"
unrestricted-inventories: []
# Client (player) related resources.
client:
# Define whether the nLogin language should be adapted to the Minecraft language.
language-by-client: false
# Defines whether advertisements should be sent in-game.
# - Advertisements are only sent to administrators.
# - Advertisements are sent out rarely and include
# new plugins or features from NickUC projects
advertising: true
# Defines the list of commands to be executed after registering.
#
# - Options available:
# |=> @console: executes the command on the console.
# |=> @delay <time in seconds>: adds a delay to the command.
# |=> @proxy: runs the command on the proxy server (only if you are using one).
# |=> @server <servers divided by ",">: executes the command only if the player is connected to a
# list of specific servers (only if using a proxy server).
#
# Example: @server lobby1,lobby2
#
commands-after-register:
#- "@console tell @player Welcome to the server!" # run in console
#- "@delay 40 /kit starter" # wait for 40 ticks (2s)
# Defines the list of commands to be executed after authenticating.
#
# - Options available:
# |=> @console: executes the command on the console.
# |=> @delay <time in seconds>: adds a delay to the command.
# |=> @proxy: runs the command on the proxy server (only if you are using one).
# |=> @server <servers divided by ",">: executes the command only if the player is connected to a
# list of specific servers (only if using a proxy server).
#
# Example: @server lobby1,lobby2
#
commands-after-login:
#- "@console @proxy send @player lobby" # run in proxy console (bungee, velocity, etc.)
# Define a lista de comandos permitidos antes de autenticar-se.
allowed-commands:
- "/loginstaff"
# ___ _
# / _ \__ _ ___ _____ _____ _ __ __| |___
# / /_)/ _` / __/ __\ \ /\ / / _ \| '__/ _` / __|
# / ___/ (_| \__ \__ \\ V V / (_) | | | (_| \__ \
# \/ \__,_|___/___/ \_/\_/ \___/|_| \__,_|___/
# Password settings.
passwords:
# Sets the minimum password size.
small: 5
# Sets maximum password size.
large: 15
bruteforce:
# Sets the maximum number of incorrect attempts a player can make.
# - When using the value "1" the player will be disconnected immediately when he makes a mistake.
max-login-tries: 1
# Defines whether brute-force attacks will be punished automatically.
# - After too many incorrect attempts, the suspect IP address will be blocked.
auto-punish: true
# Sets the punishment time for a suspected brute force attack (in minutes).
punishment-duration: 15
insecure-passwords:
# Defines whether the player will be warned when using an insecure password.
warn: true
# Sets the weak password detection level:
#
# - Available levels:
# |=> 1: checks if it contains letters [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ]
# |=> 2: checks if it contains numbers [0123456789]
# |=> 3: checks if it contains symbols [[email protected]#$%&*()-_]
#
# - Using the value "123" will perform all three checks.
level: "123"
hashing:
# Defines the hashing algorithm used.
#
# - Options available:
#
# | The computational cost of hashings should increase (but not necessarily) from the bottom up.
# |=> MD5
# |=> SHA256
# |=> SHA512
# |=> BCRYPT2Y
# |=> BCRYPT2A
# |=> PBKDF2
# |=> ARGON2ID
# |=> ARGON2I
# |=> ARGON2D
#
algorithm: "SHA512"
bcrypt:
rounds: 10
argon2:
iterations: 10
memory: 64
parallelism: 1
# __ _ _
# / _\ ___ ___ _ _ _ __(_) |_ _ _
# \ \ / _ \/ __| | | | '__| | __| | | |
# _\ \ __/ (__| |_| | | | | |_| |_| |
# \__/\___|\___|\__,_|_| |_|\__|\__, |
# |___/
# General security settings.
security:
address-limiter:
# Sets whether the per-IP account limiter should be used.
# - This option can prevent fake accounts.
enable: true
# Sets the maximum number of records per ip address.
limit: 1
# Defines the list of IPs that ignore the limitation.
bypass:
- '127.0.0.1'
- 'localhost'
# Sets the time for a player to authenticate (in seconds).
time-to-login: 45
# Sets whether high-risk nLogin commands will be disabled in-game.
# - This option can prevent hacking attacks that remove admin registration.
disable-high-risk-commands: true
# Set the regex for nickname validation.
nickname-regex: '([a-zA-Z0-9_]{3,16})'
# ___ _
# / __\___ _ __ ___ _ __ ___ __ _ _ __ __| |___
# / / / _ \| '_ ` _ \| '_ ` _ \ / _` | '_ \ / _` / __|
# / /__| (_) | | | | | | | | | | | (_| | | | | (_| \__ \
# \____/\___/|_| |_| |_|_| |_| |_|\__,_|_| |_|\__,_|___/
# Command settings.
commands:
2fa:
enabled: true
commands: [2fa]
description: Command to configure 2fa.
changepassword:
enabled: true
commands: [changepassword, changepass]
description: Command to change the password.
cracked:
enabled: true
commands: [cracked]
description: Command to mark your account as cracked.
login:
enabled: true
commands: [login, l, log]
description: Command to login on the server.
premium:
enabled: true
commands: [premium]
description: Command to mark your account as premium.
register:
enabled: true
commands: [register, reg]
description: Command to register an account.
unregister:
enabled: false
commands: [unregister]
description: Command to unregister.
Last modified 8mo ago