mirror of
https://github.com/exzork/GCAuth.git
synced 2024-11-24 00:23:58 +00:00
3.6 KiB
3.6 KiB
GCAuth
Grasscutter Authentication System
Version Compatibility
GCAuth | Grasscutter Development | Grasscutter Stable |
---|---|---|
2.3.1+ | 1.1.2-dev ( 141b191 and after ) | - |
2.2.1 - 2.3.0 | 1.1.2-dev ( before 141b191 ) | - |
2.1.4 - 2.1.6 | 1.1.1-dev | - |
2.0.0 - 2.1.3 | 1.0.3-dev | 1.1.0 |
1.0.0 | 1.0.2-dev | - |
Usage :
- Place jar inside plugins folder of Grasscutter.
- To change hash algorithm change
Hash
in config.json inside plugins/GCAuth (Only Bcrypt and Scrypt is supported) - To use access control, you need set the
ACCESS_KEY
in config.json inside plugins/GCAuth. (Optional) - All payload must be send with
application/json
and Compact JSON format ( without unnecessary spaces ) - Auth endpoint is:
- Authentication Checking :
/authentication/type
(GET) , it'll returnGCAuthAuthenticationHandler
if GCAuth is loaded and enabled. - Register:
/authentication/register
(POST)
{"username":"username","password":"password","password_confirmation":"password_confirmation"}
- Login:
/authentication/login
(POST)
{"username":"username","password":"password"}
- Change password:
/authentication/change_password
(POST)
{"username":"username","new_password":"new_password","new_password_confirmation":"new_password_confirmation","old_password":"old_password"}
- Authentication Checking :
- If you set ACCESS_KEY you must add
access_key: ACCESS_KEY
in your payload. - Response is
JSON
with following keys:status
:success
orerror
message
:- AUTH_ENABLED : Plugin is enabled
- AUTH_DISABLED : Plugin is disabled
- EMPTY_BODY : No data was sent with the request
- USERNAME_TAKEN : Username is already taken
- PASSWORD_MISMATCH : Password does not match
- UNKNOWN : Unknown error
- INVALID_ACCOUNT : Username or password is invalid
- NO_PASSWORD : Password is not set, please set password first by resetting it (change password)
- ERROR_ACCESS_KEY : Access key is invalid (if access control is enabled)
jwt
: JWT token if success with body :token
: Token used for authentication, paste it in username field of client.username
: Username of the user.uid
: UID of the user.
Config :
- hash : Hash algorithm used for password hashing. (Only Bcrypt and Scrypt is supported)
- jwtSecret : Secret used for JWT token.
- jwtExpiration : Expiration time of JWT token.
- otpExpiration : Expiration time of OTP.
- defaultPermission : Default permission of user.
- accessKey : Access key used for access control. (Optional)
- rateLimit :
- maxRequests : Maximum requests per timeUnit.
- timeUnit : Time unit of rateLimit. (seconds, minutes, hours, days)
- endPoints[] : Endpoint to rate limit. (login, register, change_password)