Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FeatureReq] Restrict certain usernames to specific IP addresses #128

Open
mapokapo opened this issue Feb 22, 2024 · 1 comment
Open

[FeatureReq] Restrict certain usernames to specific IP addresses #128

mapokapo opened this issue Feb 22, 2024 · 1 comment
Assignees
@NikitaCartes

Comments

@mapokapo
Copy link

Is your feature request related to a problem? Please describe.
The problem is that there is currently no way to restrict players by their IP, which is important especially for private servers where only a few people will regularly join. Although bad actors still have to go through a password in order to do any damage to the server, there should be a way to prevent anyone other than a select few IPs from connecting to the server.

Describe the solution you'd like
A section in the config which allows you to make mappings between IP addresses and player usernames. For example:

{
  // ...
  restrictUsernames: {
    "localhost": "admin_username",
    "213.23.54.13": "user_1",
    "192.168.0.1": "OP_user"
  }
  // ...
}

This list functions like a "deny list", so IPs/usernames not listed can join no matter their IP/username.

Another potential config option for extra security is to allow a single IP address to join using multiple usernames, something like multiIpUsernames: (true | false).
For eg. if we take the restrictUsernames list defined above, there could be multiple scenarios:

  • multiIpUsernames is true - a user with the IP 213.23.54.13 can join as user_1, but they can also use other usernames (provided they aren't present in restrictUsernames). If someone with a different IP tries to join as user_1, they get kicked out of the server, but if they choose a username which isn't present in restrictUsernames, then they can join.
  • multiIpUsernames is false - a user with the IP 213.23.54.13 can ONLY join as user_1, and if said user tries to connect as some other username, they will get kicked out of the server. If someone with a different IP tries to join as user_1, they get kicked out of the server, but if they choose a username which isn't present in restrictUsernames, then they can join.

Describe alternatives you've considered
There are no alternative solutions to this problem, although another authentication plugin (AuthMe) has had this feature for a long time.
@NikitaCartes
Copy link
Owner

Thank you for such a well-written issue!

I think that feature is out of scope for EasyAuth.

But maybe I'll make a separate mod, like I did with EasyWhitelist.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NikitaCartes NikitaCartes

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@NikitaCartes @mapokapo