Password complexity, force register and ip verification options, xauth.exclude permissions node to exclude a group/player from having to register, option to block players with blank names from joining the server, players are no longer kicked if someone with the same name joins the server, unregistering a player now notifies them and hides their inventory, registration.pw-min-length -> password.min-length, security.filter.* -> filter.*

src/com/cypherx/xauth/CommandHandler.java

@@ -27,8 +27,8 @@ public class CommandHandler
 				player.sendMessage(xAuth.strings.getString("register.err.disabled"));
 			else if (plugin.isRegistered(player.getName()))
 				player.sendMessage(xAuth.strings.getString("register.err.registered"));
-			else if (args[0].length() < xAuth.settings.getInt("security.password.min-length"))
+			else if (!plugin.isValidPass(args[0]))
-				player.sendMessage(xAuth.strings.getString("register.err.password", xAuth.settings.getInt("security.password.min-length")));
+				player.sendMessage(xAuth.strings.getString("password.invalid", xAuth.settings.getInt("password.min-length")));
 			else
 			{
 				plugin.addAuth(player.getName(), args[0]);
@@ -88,8 +88,8 @@ public class CommandHandler
 						player.sendMessage(xAuth.strings.getString("changepw.err.login"));
 					else if (!xAuth.settings.getBool("misc.allow-changepw"))
 						player.sendMessage(xAuth.strings.getString("changepw.err.disabled"));
-					else if (args[0].length() < xAuth.settings.getInt("security.password.min-length"))
+					else if (!plugin.isValidPass(args[0]))
-						player.sendMessage(xAuth.strings.getString("register.err.password", xAuth.settings.getInt("security.password.min-length")));
+						player.sendMessage(xAuth.strings.getString("password.invalid", xAuth.settings.getInt("password.min-length")));
 					else
 					{
 						plugin.changePass(player.getName(), args[0]);
@@ -119,8 +119,8 @@ public class CommandHandler
 					player.sendMessage(xAuth.strings.getString("changepw.err.login"));
 				else if (!xAuth.settings.getBool("misc.allow-changepw"))
 					player.sendMessage(xAuth.strings.getString("changepw.err.disabled"));
-				else if (args[0].length() < xAuth.settings.getInt("security.password.min-length"))
+				else if (!plugin.isValidPass(args[0]))
-					player.sendMessage(xAuth.strings.getString("register.err.password", xAuth.settings.getInt("security.password.min-length")));
+					player.sendMessage(xAuth.strings.getString("password.invalid", xAuth.settings.getInt("password.min-length")));
 				else
 				{
 					plugin.changePass(player.getName(), args[0]);
@@ -144,7 +144,7 @@ public class CommandHandler
 
 					if (target != null)
 					{
-						if (xAuth.settings.getBool("registration.forced"))
+						if (xAuth.settings.getBool("registration.forced") && !xAuth.Permissions.has(target, "xauth.exclude"))
 							plugin.saveInventory(target);
 						target.sendMessage(xAuth.strings.getString("unregister.target"));
 					}
@@ -181,9 +181,9 @@ public class CommandHandler
 				else if (args[0].equalsIgnoreCase("autosave"))
 					node = "misc.autosave";
 				else if (args[0].equalsIgnoreCase("filter"))
-					node = "security.filter.enabled";
+					node = "filter.enabled";
 				else if (args[0].equalsIgnoreCase("blankname"))
-					node = "security.filter.blankname";
+					node = "filter.blankname";
 				else if (args[0].equalsIgnoreCase("verifyip"))
 					node = "session.verifyip";
 				else if (args[0].equalsIgnoreCase("strike"))
@@ -212,7 +212,7 @@ public class CommandHandler
 			{
 				if (plugin.canUseCommand(player, "xauth.admin.logout"))
 				{
-					String target = buildName(args);
+					String target = buildString(args);
 					if (!plugin.sessionExists(target))
 						player.sendMessage(xAuth.strings.getString("logout.err.session"));
 					else
@@ -272,7 +272,7 @@ public class CommandHandler
 
 				if (target != null)
 				{
-					if (xAuth.settings.getBool("registration.forced"))
+					if (xAuth.settings.getBool("registration.forced") && !xAuth.Permissions.has(target, "xauth.exclude"))
 						plugin.saveInventory(target);
 					target.sendMessage(xAuth.strings.getString("unregister.target"));
 				}
@@ -299,9 +299,9 @@ public class CommandHandler
 			else if (args[0].equalsIgnoreCase("autosave"))
 				node = "misc.autosave";
 			else if (args[0].equalsIgnoreCase("filter"))
-				node = "security.filter.enabled";
+				node = "filter.enabled";
 			else if (args[0].equalsIgnoreCase("blankname"))
-				node = "security.filter.blankname";
+				node = "filter.blankname";
 			else if (args[0].equalsIgnoreCase("verifyip"))
 				node = "session.verifyip";
 			else if (args[0].equalsIgnoreCase("strike"))
@@ -324,27 +324,27 @@ public class CommandHandler
 				System.out.println("Correct Usage: /logout <player>");
 			else
 			{
-				String target = buildName(args);
+				String target = buildString(args);
 				if (!plugin.sessionExists(target))
 					System.out.println("[" + pdfFile.getName() + "] This player does not have an active session.");
 				else
 				{
 					Player pTarget = plugin.getServer().getPlayer(target);
 					plugin.removeSession(target);
-					
+
 					if (pTarget != null)
 					{
 						plugin.saveInventory(pTarget);
 						pTarget.sendMessage(xAuth.strings.getString("logout.success.ended"));
 					}
-					
+
 					System.out.println("[" + pdfFile.getName() + "] " + target + "'s session has been terminated");
 				}
 			}
 		}
 	}
 
-	private String buildName(String[] args)
+	private String buildString(String[] args)
 	{
 		String s = "";
 

src/com/cypherx/xauth/Settings.java

@@ -1,6 +1,7 @@
 package com.cypherx.xauth;
 
 import java.io.File;
+import java.util.Arrays;
 import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -20,31 +21,48 @@ public class Settings
 		"misc.allowed-cmds",
 		"login.strikes.enabled",
 		"login.strikes.amount",
-		"security.filter.enabled",
+		"filter.enabled",
-		"security.filter.allowed",
+		"filter.allowed",
-		"security.filter.blankname",
+		"filter.block-blankname",
-		"security.password.min-length"
+		"password.min-length",
+		"password.complexity.enabled",
+		"password.complexity.lowercase",
+		"password.complexity.uppercase",
+		"password.complexity.numbers",
+		"password.complexity.symbols"
 	};
 
 	private static final String[][] keyUpdates =
 	{
 		{"misc.allow-change-pw", "misc.allow-changepw"},
 		{"misc.save-on-change", "misc.autosave"},
-		{"registration.pw-min-length", "security.password.min-length"}
+		{"registration.pw-min-length", "password.min-length"},
+		{"security.filter.enabled", "filter.enabled"},
+		{"security.filter.allowed", "filter.allowed"}
 	};
 
+	private static final String[] keyRemovals =
+	{
+		"security"
+	};
+
+	private final File file;
 	private static Configuration config;
 	private static final ConcurrentHashMap<String, Object> defaults = new ConcurrentHashMap<String, Object>();
 	private static final ConcurrentHashMap<String, Object> settings = new ConcurrentHashMap<String, Object>();
 
-	public Settings(File file)
+	public Settings(File f)
 	{
+		file = f;
 		config = new Configuration(file);
 		config.load();
 		fillDefaults();
 		
-		if (file.exists() && keyUpdates.length > 0)		
+		if (file.exists())
+		{
 			updateKeys();
+			removeKeys();
+		}
 
 		load();
 		config.save();
@@ -58,14 +76,19 @@ public class Settings
 		defaults.put("session.verifyip", true);
 		defaults.put("notify.limit", 5);
 		defaults.put("misc.allow-changepw", true);
-		defaults.put("misc.allowed-cmds", new String[]{"/register", "/login"});
+		defaults.put("misc.allowed-cmds", Arrays.asList(new String[]{"/register", "/login"}));
 		defaults.put("misc.autosave", true);
 		defaults.put("login.strikes.enabled", true);
 		defaults.put("login.strikes.amount", 5);
-		defaults.put("security.filter.enabled", true);
+		defaults.put("filter.enabled", true);
-		defaults.put("security.filter.allowed", "abcdefghijklmnopqrstuvwxyz0123456789_- ()[]{}");
+		defaults.put("filter.allowed", "abcdefghijklmnopqrstuvwxyz0123456789_- ()[]{}");
-		defaults.put("security.filter.blankname", true);
+		defaults.put("filter.block-blankname", true);
-		defaults.put("security.password.min-length", 3);
+		defaults.put("password.min-length", 3);
+		defaults.put("password.complexity.enabled", false);
+		defaults.put("password.complexity.lowercase", false);
+		defaults.put("password.complexity.uppercase", false);
+		defaults.put("password.complexity.numbers", false);
+		defaults.put("password.complexity.symbols", false);
 	}
 
 	public void updateKeys()
@@ -85,6 +108,15 @@ public class Settings
 		}
 	}
 
+	private void removeKeys()
+	{
+		for (String key : keyRemovals)
+		{
+			if (config.getProperty(key) != null)
+				config.removeProperty(key);
+		}
+	}
+
 	public void load()
 	{
 		for (String key : keys)
@@ -107,6 +139,11 @@ public class Settings
 
 	public Boolean getBool(String key)
 	{
+		Object value = settings.get(key);
+
+		if (value instanceof String)
+			return Boolean.parseBoolean((String)value);
+		
 		return (Boolean)settings.get(key);
 	}
 
@@ -123,6 +160,26 @@ public class Settings
 	@SuppressWarnings("unchecked")
 	public List<String> getStrList(String key)
 	{
+		//COMMAND_PREPROCESS error debugging
+		if (!(settings.get(key) instanceof List))
+		{
+			System.out.println("[xAuth] COMMAND_PREPROCESS Error: Report this in the xAuth thread.");
+			System.out.println("[xAuth] Value:" + settings.get(key));
+			System.out.println("[xAuth] Attempting to autocorrect..");
+			xAuth.settings = new Settings(file);
+		}
+
+		/*Object value = settings.get(key);
+
+		if (value instanceof String[])
+			System.out.println("string array");
+		else if (value instanceof String)
+			System.out.println("string");
+		else if (value instanceof List)
+			System.out.println("list");
+
+		System.out.println(value);*/
+
 		return (List<String>)settings.get(key);
 	}
 }

src/com/cypherx/xauth/Strings.java

@@ -9,16 +9,19 @@ public class Strings
 {
 	private static String[] keys = 
 	{
-		"register.login", "register.usage",	"register.err.disabled", "register.err.registered",	"register.err.password",
+		"register.login", "register.usage",	"register.err.disabled", "register.err.registered",	"register.success1",
-		"register.success1", "register.success2", "login.login", "login.usage",	"login.err.registered",	"login.err.logged",
+		"register.success2", "login.login", "login.usage",	"login.err.registered",	"login.err.logged",
 		"login.err.password", "login.err.kick", "login.success", "changepw.usage1", "changepw.usage2", "changepw.err.login", 
 		"changepw.err.disabled", "changepw.err.registered", "changepw.success.self", "changepw.success.other",
 		"unregister.usage", "unregister.target", "unregister.success", "reload.success", "toggle.usage", "toggle.success",
-		"logout.err.session", "logout.success.ended", "logout.success.other", "misc.illegal", "misc.reloaded",
+		"logout.err.session", "logout.success.ended", "logout.success.other", "password.invalid", "misc.illegal", "misc.reloaded",
 		"misc.enabled",	"misc.disabled", "misc.filterkickmsg", "misc.blankkickmsg"
 	};
 
-	private static final String[][] keyUpdates = {};
+	private static final String[][] keyUpdates =
+	{
+		{"register.err.password", "password.invalid"}
+	};
 
 	private static final String[] keyRemovals =
 	{
@@ -52,7 +55,7 @@ public class Strings
 		defaults.put("register.usage", "&cCorrect Usage: /register <password>");
 		defaults.put("register.err.disabled", "&cRegistrations are currently disabled.");
 		defaults.put("register.err.registered", "&cYou are already registered.");
-		defaults.put("register.err.password", "&cYour password must contain %1 or more characters.");
+		//defaults.put("register.err.password", "&cYour password must contain %1 or more characters.");
 		defaults.put("register.success1", "&aYou have successfully registered!");
 		defaults.put("register.success2", "&aYour password is: &f%1");
 
@@ -85,6 +88,8 @@ public class Strings
 		defaults.put("logout.success.ended", "&cYour session has been terminated. You must log in again.");
 		defaults.put("logout.success.other", "&a%1's session has been terminated.");
 
+		defaults.put("password.invalid", "&cYour password must contain %1 or more characters.");
+
 		defaults.put("misc.illegal", "&7You must be logged in to do that!");
 		defaults.put("misc.reloaded", "&cServer reloaded! You must log in again.");
 		defaults.put("misc.enabled", "enabled");
@@ -93,15 +98,6 @@ public class Strings
 		defaults.put("misc.blankkickmsg", "Blank names are not allowed.");
 	}
 
-	private void removeKeys()
-	{
-		for (String key : keyRemovals)
-		{
-			if (config.getProperty(key) != null)
-				config.removeProperty(key);
-		}
-	}
-
 	private void updateKeys()
 	{
 		String fromKey, toKey, holder;
@@ -119,6 +115,15 @@ public class Strings
 		}
 	}
 
+	private void removeKeys()
+	{
+		for (String key : keyRemovals)
+		{
+			if (config.getProperty(key) != null)
+				config.removeProperty(key);
+		}
+	}
+
 	private void load()
 	{
 		for (String key : keys)

src/com/cypherx/xauth/xAuth.java

@@ -1,5 +1,5 @@
 //xAuth 1.2
-//Built against Bukkit #493 and CraftBukkit #617
+//Built against Bukkit #652 and CraftBukkit #670
 
 package com.cypherx.xauth;
 
@@ -10,6 +10,8 @@ import java.util.concurrent.ConcurrentHashMap;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 import net.minecraft.server.PropertyManager;
 import org.bukkit.command.Command;
@@ -69,13 +71,6 @@ public class xAuth extends JavaPlugin
 		fullyEnabled = false;
 		pdfFile = this.getDescription();
 
-		/*Whirlpool w = new Whirlpool();
-		byte[] digest = new byte[Whirlpool.DIGESTBYTES];
-		w.NESSIEinit();
-		w.NESSIEadd("The quick brown fox jumps over the lazy dog");
-		w.NESSIEfinalize(digest);
-		System.out.println(Whirlpool.display(digest));*/
-
 		PropertyManager props = new PropertyManager(new File("server.properties"));
 		if (props.a("online-mode", true))
 		{
@@ -127,19 +122,15 @@ public class xAuth extends JavaPlugin
 		pm.registerEvent(Event.Type.PLAYER_DROP_ITEM, playerListener, Event.Priority.Highest, this);
 		pm.registerEvent(Event.Type.PLAYER_PICKUP_ITEM, playerListener, Event.Priority.Highest, this);
 		pm.registerEvent(Event.Type.PLAYER_INTERACT, playerListener, Event.Priority.Highest, this);
-		//pm.registerEvent(Event.Type.PLAYER_ITEM, playerListener, Event.Priority.Highest, this);
 		pm.registerEvent(Event.Type.PLAYER_JOIN, playerListener, Event.Priority.Highest, this);
 		pm.registerEvent(Event.Type.PLAYER_LOGIN, playerListener, Event.Priority.Highest, this);
 		pm.registerEvent(Event.Type.PLAYER_MOVE, playerListener, Event.Priority.Highest, this);
 		pm.registerEvent(Event.Type.PLAYER_QUIT, playerListener, Event.Priority.Lowest, this);
 
 		pm.registerEvent(Event.Type.BLOCK_BREAK, blockListener, Priority.Highest, this);
-		//pm.registerEvent(Event.Type.BLOCK_INTERACT, blockListener, Priority.Highest, this);
 		pm.registerEvent(Event.Type.BLOCK_PLACE, blockListener, Priority.Highest, this);
-		//pm.registerEvent(Event.Type.BLOCK_PLACED, blockListener, Priority.Highest, this);
 
 		pm.registerEvent(Event.Type.ENTITY_DAMAGE, entityListener, Priority.Highest, this);
-		//pm.registerEvent(Event.Type.ENTITY_DAMAGED, entityListener, Priority.Highest, this);
 		pm.registerEvent(Event.Type.ENTITY_TARGET, entityListener, Priority.Highest, this);
 
 		System.out.println("[" + pdfFile.getName() + "]" + " v" + pdfFile.getVersion() + " Enabled!");
@@ -261,6 +252,38 @@ public class xAuth extends JavaPlugin
 			System.out.println(e.getMessage());
 		}
 	}
+
+	public Boolean isValidPass(String pass)
+	{
+		if (!settings.getBool("password.complexity.enabled"))
+		{
+			if (pass.length() < settings.getInt("password.min-length"))
+				return false;
+
+			return true;
+		}
+
+		String pattern = "(";
+
+		if (settings.getBool("password.complexity.numbers"))
+			pattern += "(?=.*\\d)";
+
+		if (settings.getBool("password.complexity.lowercase"))
+			pattern += "(?=.*[a-z])";
+
+		if (settings.getBool("password.complexity.uppercase"))
+			pattern += "(?=.*[A-Z])";
+
+		if (settings.getBool("password.complexity.symbols"))
+			pattern += "(?=.*\\W)";
+
+		pattern += ".{" + settings.getInt("password.min-length") + ",})";
+
+		//String pattern = "((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\\W).{3,})";
+		Pattern p = Pattern.compile(pattern);
+		Matcher matcher = p.matcher(pass);
+		return matcher.matches();
+	}
 	
 	//LOGIN / LOGOUT FUNCTIONS
 	public void login(Player player)
@@ -339,7 +362,7 @@ public class xAuth extends JavaPlugin
 	//NOTIFY FUNCTIONS
 	public void handleEvent(Player player, Cancellable event)
 	{
-		if (!settings.getBool("registration.forced") && !isRegistered(player.getName()))
+		if ((!settings.getBool("registration.forced") || xAuth.Permissions.has(player, "xauth.exclude")) && !isRegistered(player.getName()))
 			return;
 
 		if (!sessionExists(player.getName()))
@@ -414,10 +437,10 @@ public class xAuth extends JavaPlugin
 			playerInv.setHelmet(armor.get(player)[3].getTypeId() == 0 ? null : armor.get(player)[3]);
 			armor.remove(player);
 		}
-	
+
+		//change to player.saveData()
 		CraftWorld cWorld = (CraftWorld)player.getWorld();
 		CraftPlayer cPlayer = (CraftPlayer)player;
-		//cWorld.getHandle().m().d().a(cPlayer.getHandle());
 		cWorld.getHandle().o().d().a(cPlayer.getHandle());
 	}
 	
@@ -547,7 +570,7 @@ public class xAuth extends JavaPlugin
 		if (illegalNames.contains(pName))
 			return false;
 
-		String allowed = settings.getStr("security.filter.allowed");
+		String allowed = settings.getStr("filter.allowed");
 
 		for(int i = 0; i < pName.length(); i++)
 			if (allowed.indexOf(pName.charAt(i)) == -1)

src/com/cypherx/xauth/xAuthBlockListener.java

@@ -26,19 +26,6 @@ public class xAuthBlockListener extends BlockListener
     	plugin.handleEvent(player, event);
     }
 
-	//Prevents player from using switches, buttons, etc.
-    /*public void onBlockInteract(BlockInteractEvent event)
-    {
-    	if (event.isCancelled())
-			return;
-
-		if (event.isPlayer())
-		{
-			Player player = (Player)event.getEntity();
-			plugin.handleEvent(player, event);
-		}
-    }*/
-
 	//Prevents player from placing blocks
 	public void onBlockPlace(BlockPlaceEvent event)
 	{

src/com/cypherx/xauth/xAuthPlayerListener.java

@@ -21,10 +21,13 @@ public class xAuthPlayerListener extends PlayerListener
     {
     	Player player = event.getPlayer();
 
-    	if (xAuth.settings.getBool("security.filter.enabled") && !plugin.isNameLegal(player.getName()))
+    	if (player.isOnline())
+    		event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "A player with this name is already online.");
+
+    	if (xAuth.settings.getBool("filter.enabled") && !plugin.isNameLegal(player.getName()))
     		event.disallow(PlayerLoginEvent.Result.KICK_OTHER, xAuth.strings.getString("misc.filterkickmsg"));
 
-    	if (xAuth.settings.getBool("security.filter.blankname") && player.getName().trim().equals(""))
+    	if (xAuth.settings.getBool("filter.block-blankname") && player.getName().trim().equals(""))
     		event.disallow(PlayerLoginEvent.Result.KICK_OTHER, xAuth.strings.getString("misc.blankkickmsg"));
     }
 
@@ -36,10 +39,14 @@ public class xAuthPlayerListener extends PlayerListener
     	{
     		if (!plugin.isRegistered(player.getName()))
     		{
-    			if (xAuth.settings.getBool("registration.forced"))
+    			if (!xAuth.settings.getBool("registration.forced"))
-    				plugin.saveInventory(player);
+    				return;
 
-    			player.sendMessage(xAuth.strings.getString("register.login"));
+    			if (xAuth.Permissions.has(player, "xauth.exclude"))
+	    			return;
+
+    			plugin.saveInventory(player);
+				player.sendMessage(xAuth.strings.getString("register.login"));
     		}
     		else
     		{
@@ -59,7 +66,7 @@ public class xAuthPlayerListener extends PlayerListener
 	{
 		if (event.isCancelled())
 			return;
-		
+
 		Player player = event.getPlayer();
 		String[] msg = event.getMessage().split(" ");
 
@@ -73,9 +80,6 @@ public class xAuthPlayerListener extends PlayerListener
 	//Prevents player from being able to chat
 	public void onPlayerChat(PlayerChatEvent event)
 	{
-		//if (!xAuth.settings.getBool("limit.chat"))
-			//return;
-
 		if (event.isCancelled())
 			return;
 
@@ -93,21 +97,8 @@ public class xAuthPlayerListener extends PlayerListener
 		plugin.handleEvent(player, event);
 	}
 
-	//Prevents player from using an item such as food
-	/*public void onPlayerItem(PlayerItemEvent event)
-	{
-		if (event.isCancelled())
-			return;
-
-		Player player = event.getPlayer();
-		plugin.handleEvent(player, event);
-	}*/
-
 	public void onPlayerInteract(PlayerInteractEvent event)
 	{
-		//if (!xAuth.settings.getBool("limit.interact"))
-			//return;
-
 		if (event.isCancelled())
 			return;
 
@@ -118,9 +109,6 @@ public class xAuthPlayerListener extends PlayerListener
 	//Prevents player from moving
 	public void onPlayerMove(PlayerMoveEvent event)
 	{
-		//if (!xAuth.settings.getBool("limit.movement"))
-			//return;
-
 		if (event.isCancelled())
 			return;
 
@@ -144,9 +132,6 @@ public class xAuthPlayerListener extends PlayerListener
 	//Prevents player from picking up items
 	public void onPlayerPickupItem(PlayerPickupItemEvent event)
 	{
-		//if (!xAuth.settings.getBool("limit.pickup"))
-			//return;
-
 		if (event.isCancelled())
 			return;
 

src/plugin.yml

@@ -1,6 +1,9 @@
 name: xAuth
 main: com.cypherx.xauth.xAuth
 version: 1.2
+description: Allows players to register and maintain an account while the server is in offline-mode.
+authors:
+    - CypherX
 
 commands:
     register:
@@ -11,9 +14,7 @@ commands:
         usage: /login <password>
     changepw:
         description: Change your or another players password
-        usage: |
+        usage: /changepw [player] <password>
-                /changepw <password>
-                /changepw <player> <password>
     unregister:
         description: Remove a players registration
         usage: /unregister <player>
@@ -22,12 +23,7 @@ commands:
         usage: /authreload
     toggle:
         description: Toggle various commands on/off
-        usage: |
+        usage: /toggle <reg|changepw|autosave|filter|blankname|verifyip|strike|forcereg>
-                /toggle reg
-                /toggle changepw
-                /toggle autosave
     logout:
         description: End a players session and force them to re-authenticate
-        usage: |
+        usage: /logout [player]
-            /logout
-            /logout <player>