This is a Velocity and Paper plugin. Depends on LuckPerms
LuckSecure V1 for bungeecord here
This plugin aims to increase security by adding a custom luckperms context named lucksecure . A user with a group/permission in need of the lucksecure=authenticated context will have to authenticate himself with a time-based one-time password (Google Authenticator/Microsoft Authenticator & etc...).
-
Add permission to a user with the
lucksecure=authenticatedcontext (ex:lpb user {your pseudo} permission set lsauth.cmd true lucksecure=authenticated) -
Test the command
lsauth-status-> You do not have permission to execute this command! -
As you have now a permission which needs the
lucksecure=authenticatedcontext to be active, you'll have to setup your TOTP. Use/lsauthto generate a TOTP secret/QRCODE and import it in your favortie 2AF/TOTP app. -
Use
/lsauth {your TOTP code}to have thelucksecure=authenticatedcontext and gained your permission. -
Test again the command
lsauth-status {your pseudo}-> {your pseudo} TOTP OK. You will have thelucksecure=authenticatedcontext until disconnection.
| Command name | Permission | Description |
|---|---|---|
| lsauth | lsauth.cmd | On the first use, it will generate a totp key and qrcode |
| lsauth {code} | lsauth.cmd | Use to authenticate yourself with your TOTP code whe you joined the server, set the lucksecure context to authenticated |
| lsauth-status {player} | lsauth.cmd | Display the authentication status |
| lsauth-reset {player} | none | Reset the totp key of a player (Usable in the bungeecord console only) |
| KEY | Value | Description |
|---|---|---|
| lucksecure | not-authenticated | By default |
| lucksecure | authenticated | After a valid authentication with lsauth |
git clone https://github.com/PumpMyKins/LuckSecure.git
cd LuckSecure
mvn package