Jettas Login icon

Jettas Login -----

Better Registration and Login Method for Users - Better Database Engineering

Download Now
Via external site


JETTAS LOGIN - TECHNICAL DOCUMENTATION
Version 1.2.0

TABLE OF CONTENTS

  1. Introduction
  2. Authentication System
  3. CAPTCHA System
  4. Chat System
  5. Security Architecture
  6. Configuration Guide
  7. Commands & Permissions
  8. Database Structure
  9. BungeeCord Setup
  10. Multi-Language System

1. INTRODUCTION

JettasLogin is an advanced authentication plugin for Minecraft servers that provides secure player registration and login with CAPTCHA verification, individual void worlds, chat management, and BungeeCord network support.

Core Technologies:
  • SHA-256 password encryption with salt
  • MySQL database with HikariCP connection pooling
  • Token-based BungeeCord authentication
  • BufferedImage rendering for CAPTCHA generation
  • MapView API for in-game CAPTCHA display

2. AUTHENTICATION SYSTEM

Registration Process:
  1. Player joins server without account
  2. Teleported to individual void world (auth_<UUID>)
  3. CAPTCHA map placed in hand (2-second delay)
  4. Player types 5-character code in chat
  5. On success, prompted to enter password
  6. Password confirmation required
  7. 30-second timer with boss bar countdown
  8. Success: token created, teleported to main world

Login Process:
  1. Player joins server with existing account
  2. Teleported to individual void world
  3. Prompted to enter password
  4. 60-second timer with boss bar countdown
  5. 3 maximum attempts allowed
  6. Success: token created, teleported to main world
  7. Failure: kicked and cooldown applied

Cooldown System:
  • Tracks consecutive timeouts per player
  • 3 timeouts = 1-minute ban from authentication
  • Resets on successful login
  • Admin bypass permission available

3. CAPTCHA SYSTEM

Generation:
  • 5-character alphanumeric codes
  • Character pool: ABCDEFGHJKLMNPQRSTUVWXYZ23456789
  • Excludes confusing characters (I, O, 0, 1)
  • Random selection ensures uniqueness

Visual Rendering:
  • 128x128 BufferedImage canvas
  • Gradient background (light to dark gray)
  • 8 random noise lines in various colors
  • 100 random noise dots
  • Per-character effects:
    - Random font size (28-36 pixels)
    - Random color from palette
    - Random rotation (-20 to +20 degrees)
    - Random vertical offset
  • Anti-aliasing enabled
  • Converted to Minecraft map colors

Validation:
  • Case-insensitive comparison
  • Incorrect input regenerates new CAPTCHA
  • Success advances to password step
  • Automatic cleanup on completion/timeout
  • Admin debug mode shows code in console

4. CHAT SYSTEM

Chat Channels:
  • GLOBAL - Server-wide communication
  • LOCAL - World-specific communication (default)

Channel Commands:
Code (Text):
/global [message] - Switch to global or send single message
  Aliases: /gb, /g
 
/local [message] - Switch to local or send single message
  Aliases: /lc, /l
 
/msg <player> <message> - Send private message
  Aliases: /message, /tell, /whisper, /w, /m
Filtering Rules:
  • Auth world players cannot send/receive chat
  • Unauthenticated players cannot use chat
  • GLOBAL channel: all authenticated players except auth worlds
  • LOCAL channel: only players in same world
  • Private messages: direct player-to-player

Message Formatting:
Code (Text):
GLOBAL: [GLOBAL] PlayerName: message (green prefix)
LOCAL: [LOCAL] PlayerName: message (gray prefix)
Private: [You → Player] message / [Player → You] message
Permissions:
Code (Text):
jettaslogin.chat.global - Send global messages
jettaslogin.chat.local - Send local messages
jettaslogin.chat.msg - Send private messages
jettaslogin.chat.global.receive - Receive global messages
jettaslogin.chat.local.receive - Receive local messages
5. SECURITY ARCHITECTURE

Token-Based Authentication:
  • UUID-based token generation using SHA-256
  • 30-minute token expiry (configurable)
  • IP address validation
  • MySQL synchronization across network
  • Automatic cleanup of expired tokens

BungeeCord Protection:
  • Auth server creates tokens on successful login
  • Verification server validates tokens on join
  • Prevents direct connection to sub-servers
  • Kicks unauthorized players immediately
  • Firewall rules recommended (see BUNGEECORD_SETUP.md)

Password Security:
  • SHA-256 hashing algorithm
  • Random salt generation per password
  • Salt stored separately in database
  • No plaintext password storage
  • Admin password recovery system

6. CONFIGURATION GUIDE

config.yml Structure:
Code (Text):
server-mode: "auth"  # Options: auth, verification, local
language: "en"  # Options: en, pt, es, it, ru, zh
debug-mode: false

timers:
  registration: 30  # seconds
  login: 60  # seconds
  token-expiry: 1800  # 30 minutes in seconds

cooldown:
  max-timeouts: 3
  ban-duration: 60  # seconds

bungeecord:
  enabled: true
  target-server: "lobby"
 
database:
  type: "mysql"  # Options: mysql, json
  mysql:
    host: "localhost"
    port: 3306
    database: "jettaslogin"
    username: "root"
    password: "password"
    pool-size: 10

worlds:
  spawn-world: "world"
  spawn-location:
    x: 0.0
    y: 64.0
    z: 0.0

discord:
  invite-link: "https://discord.gg/yourserver"
Server Modes:
  • auth - Registration/login server with CAPTCHA
  • verification - Token validation server
  • local - Standalone server (no BungeeCord)

7. COMMANDS & PERMISSIONS

Admin Commands:
Code (Text):
/resetpassword <player> - Reset player password
  Permission: jettaslogin.resetpassword
 
/jettaslogin reload - Reload configuration
  Permission: jettaslogin.reload
 
/jettaslogin version - Show plugin version
  Permission: jettaslogin.admin
 
/jettaslogin help - Display command help
  Permission: jettaslogin.admin
Player Commands:
Code (Text):
/global [message] - Global chat (aliases: /gb, /g)
/local [message] - Local chat (aliases: /lc, /l)
/msg <player> <message> - Private message (aliases: /message, /tell, /whisper, /w, /m)
Permission Nodes:
Code (Text):
jettaslogin.admin - Full administrative access
jettaslogin.resetpassword - Reset passwords
jettaslogin.reload - Reload configuration
jettaslogin.bypass.cooldown - Bypass login cooldown
jettaslogin.flight - Allow flight in auth world
jettaslogin.chat.global - Use global chat (default: true)
jettaslogin.chat.local - Use local chat (default: true)
jettaslogin.chat.msg - Send private messages (default: true)
jettaslogin.chat.global.receive - Receive global messages (default: true)
jettaslogin.chat.local.receive - Receive local messages (default: true)
8. DATABASE STRUCTURE

players Table:
Code (Text):
CREATE TABLE players (
    uuid VARCHAR(36) PRIMARY KEY,
    username VARCHAR(16) NOT NULL,
    password_hash VARCHAR(64) NOT NULL,
    salt VARCHAR(32) NOT NULL,
    last_login BIGINT,
    ip_address VARCHAR(45),
    registered_at BIGINT
);
auth_tokens Table:
Code (Text):
CREATE TABLE auth_tokens (
    uuid VARCHAR(36) PRIMARY KEY,
    token VARCHAR(64) NOT NULL,
    created_at BIGINT NOT NULL,
    expires_at BIGINT NOT NULL,
    ip_address VARCHAR(45)
);
recovery_codes Table:
Code (Text):
CREATE TABLE recovery_codes (
    uuid VARCHAR(36) PRIMARY KEY,
    code VARCHAR(6) NOT NULL,
    created_at BIGINT NOT NULL,
    expires_at BIGINT NOT NULL
);
9. BUNGEECORD SETUP

Network Architecture:
Code (Text):
Internet → BungeeCord Proxy (public IP)
    ↓
    ├── Auth Server (localhost, port 25565)
    │   - Mode: "auth"
    │   - Handles registration/login with CAPTCHA
    │   - Creates authentication tokens
    │   - Transfers to main server
    │
    └── Main Server (localhost, port 25566)
        - Mode: "verification"
        - Validates authentication tokens
        - Kicks unauthorized players
        - Normal gameplay
Security Steps:
  1. Configure MySQL database (shared between servers)
  2. Set auth server firewall to block direct connections
  3. Configure BungeeCord server list
  4. Set server-mode in each server's config
  5. Enable BungeeCord in spigot.yml
  6. Test token synchronization

Firewall Rules (Example):
Code (Text):
# Allow only localhost and BungeeCord IP
iptables -A INPUT -p tcp --dport 25565 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 25565 -s <bungeecord-ip> -j ACCEPT
iptables -A INPUT -p tcp --dport 25565 -j DROP
10. MULTI-LANGUAGE SYSTEM

Supported Languages:
  • English (en) - Default
  • Portuguese (pt) - Brazilian Portuguese
  • Spanish (es) - Español
  • Italian (it) - Italiano
  • Russian (ru) - Русский
  • Chinese (zh) - 简体中文

Message Categories:
  • Registration messages (7 keys)
  • Login messages (8 keys)
  • Password recovery messages (7 keys)
  • CAPTCHA messages (3 keys)
  • Chat system messages (12 keys)
  • Error messages (10 keys)
  • Timer messages (4 keys)
  • Admin messages (5 keys)

Configuration:
Code (Text):
# In config.yml
language: "en"

# Available options: en, pt, es, it, ru, zh
# Files generated in: plugins/JettasLogin/lang/
Custom Messages:
Language files can be edited in
Code (Text):
plugins/JettasLogin/lang/messages_<lang>.yml
SUPPORT & RESOURCES

For additional help, security guides, and troubleshooting:
  • GitHub Repository (full source code)
  • BUNGEECORD_SETUP.md (detailed network setup)
  • Issue Tracker (bug reports and feature requests)

JettasLogin v1.2.0 - Secure Authentication for Minecraft
View on SpigotMC
Resource Information
Author:
----------
Total Downloads: 69
First Release: Oct 25, 2025
Last Update: Oct 25, 2025
Category: ---------------
All-Time Rating:
0 ratings
Version -----
Released: --------------------
Downloads: ------
Version Rating:
----------------------
-- ratings