This is a bungeecord plugin. Depends on LuckPerms
This plugin aims to increase security by adding a custom luckperms context named lucksecure . A user with a group/permission in need of the lucksecure=authenticated context will have to authenticate himself with a time-based one-time password (Google Authenticator/Microsoft Authenticator & etc...).
-
Add a permission to a user with the
lucksecure=authenticatedcontext (ex:lpb user {your pseudo} permission set lsauth.cmd true lucksecure=authenticated) -
Test the command
lsauth-status-> You do not have permission to execute this command! -
As you have now a permission which needs the
lucksecure=authenticatedcontext to be active, you'll have to setup your TOTP. Use/lsauthto generate a TOTP key and QRCODE and import it in your favortie 2AF/TOTP app. -
Use
/lsauth {your 2af code}to have thelucksecure=authenticatedcontext and gained your permission. -
Test again the command
lsauth-status {your pseudo}-> {your pseudo} 2AF OK.
| Command name | Permission | Description |
|---|---|---|
| lsauth | none | On the first use, it will generate a totp key and qrcode |
| lsauth {code} | none | Use to authenticate yourself with your TOTP code whe you joined the server, set the lucksecure context to authenticated |
| lsauth-status {player} | lsauth.cmd | Display the authentication status |
| lsauth-reset {player/uuid} | none | Reset the totp key of a player (Usable in the bungeecord console only) |
| KEY | Value | Description |
|---|---|---|
| lucksecure | not-authenticated | By default |
| lucksecure | authenticated | After a valid authentication with lsauth |
git clone https://github.com/PumpMyKins/LuckSecure.git
cd LuckSecureauthenticated
mvn package