Invalid authentication & Cooldowns

When we are talking about user security we can not go out there and just act like everything's peachy. There will always be malicious people who want to guess a password or a user who forgot to turn off caps.

Invalid Authentication event

Taking the example from the previous section, we will indicate to Centauri that the user did not enter the magic word to access: "Tomato rules".

public void onUserAsyncChat(AsyncPlayerChatEvent event) {
        String message = event.getMessage();
        if (event.getMessage().equalsIgnoreCase("Tomato rules")) {
            Bukkit.getPluginManager().callEvent(new AuthenticationSuccessEvent(tomatoGateway, event.getPlayer()));   
        } else {
            Bukkit.getPluginManager().callEvent(new AuthenticationInvalidEvent(player));
        }
        event.setCancelled(true);
    }

Cooldowns

Seems simple, right?. Actually, it is... But knowing that the authentication was invalid serves more than just sending a message and telling the user that he isn't cool enough to join the server.

Centauri currently generates a 5 minute lockout for those whose attempt to authenticate was invalidated three times in a row. At the moment, you don't have to worry about that, we take care of doing it like this to maintain consistency and security in every gateway.

Backend Interaction

Server Authentication

Game Control

Introduction
Matchmaking
Server Pairing
Match Scheduling
Lobby Functionality
Stats
Match Event Handling

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Invalid authentication & Cooldowns

Invalid Authentication event

Cooldowns

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Backend Interaction

Server Authentication

Game Control

Clone this wiki locally