GCAuth/README.md

61 lines
3.6 KiB
Markdown
Raw Normal View History

2022-04-29 00:20:13 +00:00
# GCAuth
2022-05-13 08:49:46 +00:00
2022-04-29 00:19:26 +00:00
Grasscutter Authentication System
2022-05-13 08:49:46 +00:00
2022-05-14 09:52:44 +00:00
### Version Compatibility
| GCAuth | Grasscutter Development | Grasscutter Stable |
|---------------|--------------------------------------------------------------------------------------------------------------------------------|--------------------|
| 2.3.1+ | 1.1.2-dev ( [141b191](https://github.com/Grasscutters/Grasscutter/commit/ce07f56f9d10cc79c9b7104b66c2e4ff19cd4f53) and after ) | - |
| 2.2.1 - 2.3.0 | 1.1.2-dev ( before [141b191](https://github.com/Grasscutters/Grasscutter/commit/ce07f56f9d10cc79c9b7104b66c2e4ff19cd4f53) ) | - |
| 2.1.4 - 2.1.6 | 1.1.1-dev | - |
| 2.0.0 - 2.1.3 | 1.0.3-dev | 1.1.0 |
| 1.0.0 | 1.0.2-dev | - |
2022-05-14 09:52:44 +00:00
2022-04-29 00:20:13 +00:00
### Usage :
2022-04-29 00:19:26 +00:00
- Place jar inside plugins folder of Grasscutter.
- To change hash algorithm change `Hash` in config.json inside plugins/GCAuth (Only Bcrypt and Scrypt is supported)
2022-05-13 08:49:46 +00:00
- To use access control, you need set the `ACCESS_KEY` in config.json inside plugins/GCAuth. (Optional)
2022-04-29 00:38:54 +00:00
- All payload must be send with `application/json` and Compact JSON format ( without unnecessary spaces )
- Auth endpoint is:
2022-05-15 02:45:54 +00:00
- Authentication Checking : `/authentication/type` (GET) , it'll return `GCAuthAuthenticationHandler` if GCAuth is loaded and enabled.
2022-05-02 12:40:46 +00:00
- Register: `/authentication/register` (POST)
2022-04-29 00:50:15 +00:00
```
2022-05-14 09:52:44 +00:00
{"username":"username","password":"password","password_confirmation":"password_confirmation"}
2022-04-29 00:50:15 +00:00
```
2022-05-02 12:40:46 +00:00
- Login: `/authentication/login` (POST)
2022-04-29 00:50:15 +00:00
```
2022-05-14 09:52:44 +00:00
{"username":"username","password":"password"}
2022-04-29 00:50:15 +00:00
```
2022-05-02 12:40:46 +00:00
- Change password: `/authentication/change_password` (POST)
2022-04-29 00:50:15 +00:00
```
2022-05-14 09:52:44 +00:00
{"username":"username","new_password":"new_password","new_password_confirmation":"new_password_confirmation","old_password":"old_password"}
2022-04-29 00:50:15 +00:00
```
2022-05-14 09:52:44 +00:00
- If you set ACCESS_KEY you must add `access_key: ACCESS_KEY` in your payload.
2022-04-29 00:38:54 +00:00
- Response is `JSON` with following keys:
- `status` : `success` or `error`
2022-04-29 00:51:26 +00:00
- `message` :
2022-04-29 00:38:54 +00:00
- AUTH_ENABLED : Plugin is enabled
- AUTH_DISABLED : Plugin is disabled
- EMPTY_BODY : No data was sent with the request
- USERNAME_TAKEN : Username is already taken
- PASSWORD_MISMATCH : Password does not match
- UNKNOWN : Unknown error
- INVALID_ACCOUNT : Username or password is invalid
- NO_PASSWORD : Password is not set, please set password first by resetting it (change password)
2022-05-13 08:49:46 +00:00
- ERROR_ACCESS_KEY : Access key is invalid (if access control is enabled)
2022-04-29 00:38:54 +00:00
- `jwt` : JWT token if success with body :
- `token` : Token used for authentication, paste it in username field of client.
- `username` : Username of the user.
2022-06-01 03:40:05 +00:00
- `uid` : UID of the user.
## Config :
- hash : Hash algorithm used for password hashing. (Only Bcrypt and Scrypt is supported)
- jwtSecret : Secret used for JWT token.
- jwtExpiration : Expiration time of JWT token.
- otpExpiration : Expiration time of OTP.
- defaultPermission : Default permission of user.
- accessKey : Access key used for access control. (Optional)
- rateLimit :
- maxRequests : Maximum requests per timeUnit.
- timeUnit : Time unit of rateLimit. (seconds, minutes, hours, days)
- endPoints[] : Endpoint to rate limit. (login, register, change_password)