By continuing to use this site, you agree to the Terms of Service of this website, including usage of cookies.

OK, Don't show this again

Extra Auth Functionality By Aliuly
version 2.0.8
Direct Download How to install?
Switch version
5027 Downloads / 8881 Total
Plugin Description §


  • Summary: Simplifies the way people authenticate to servers
  • PocketMine-MP version: 1.7dev (3.0.0-ALPHA7/8/9)


A plugin that simplifies the login process. Instead of
asking for commands, users simply chat away.

It also provides a number of tweaks that can improve the usability of SimpleAuth.

Register process

Player connects for the first time. They are prompted to enter a
NEW password. They enter their password directly, without having to
enter /register.

They are asked for the password again to confirm. They re-enter their
password (again without /register).

Login process

Player connects again. They are prompted to enter their login
password. They type their login password directly (without
/login). And they are in.


  • chpwd <old-pwd>
    • Used by players to change their passwords.
  • resetpwd <player>
    • Used by ops to reset a players password. This actually unregisters
      the password.
  • preregister <player> <passwd>
    • Used by ops to pre-register players.
  • logout
    • De-authenticates a player.


  • simpleauthhelper.command.chpwd: Allow users to change passwords
  • simpleauthhelper.command.logout: Allow users to logout
  • simpleauthhelper.command.resetpwd (op): Allow ops to reset other's passwords
  • simpleauthhelper.command.prereg (op): Allow ops to pre-register users


Configuration is through the config.yml file.


  • max-attemps: kick player after this many login attempts. NOTE: This conflicts with SimpleAuth's blockAfterFail setting
  • login-timeout: must authenticate within this number of seconds
  • leet-mode: lets players use also /login and /register
  • chat-protect: prevent player to display their password in chat
  • hide-unauth: EXPERIMENTAL, hide unauthenticated players
  • event-fixer: EXPERIMENTAL, cancels additional events for unauthenticated players
  • hack-login-perms: EXPERIMENTAL, overrides login permisions to make sure players can login
  • hack-register-perms: EXPERIMENTAL, overrides register permisions to make sure players can register
  • db-monitor: EXPERIMENTAL, enable database server monitoring
  • monitor-settings: Configure database monitor settings


  • canary-account: account to query this account is tested to check database proper operations
  • check-interval: how to often to check database (seconds)


This plugin will honour the server language configuration. The
languages currently available are:

  • English
  • German
  • Spanish
  • 中文

You can provide your own message file by creating a file called
messages.ini in the plugin config directory.
Check github
for sample files.
Alternatively, if you have
installed, you can create an empty messages.ini using the command:

 pm dumpmsgs SimpleAuthHelper [lang]


Player pre-registration

It is possible to implement a web based pre-registration system with this

  1. rcon must be enabled on the PocketMine server.
  2. web server must be able to send rcon commands to PocketMine.
  3. Enable the whitelist functionality in PocketMine.
  4. Install SimpleAuth and SimpleAuthHelper.
  5. Optionally install PurePerms and disable
    simpleauthhelper.command.chpwd permission. You probably want
    users to change passwords from the web site.
  6. Whenever a user registers in web site, the web site script uses rcon
    to send the follwoing:
    • whitelist add player
    • preregister player passwd
  7. Whenever a user changes password in web site, we use rcon with:
    • resetpwd player
    • preregister player passwd

Database Monitor

This module is responsible for monitoring the SimpleAuth data provider
to make sure that it is up and running and disable logins if it is not

It kicks off a background task that will poll the SimpleAuth data provider
by trying to retrieve the data from the "canary-account". It is important
that you have configured and have working SimpleAuth provider the first
time you enable the database monitor. This is because the "canary-account"
needs to be created (if it doesn't exist already).

On a regular interval, the SimpleAuth
data provider is checked. If it is not running, all unauthenticated players
are kicked and any new joins are not allowed.


  • 2.0.4: event-fixer
    • Disabled the craftItem event in event-fixer.
  • 2.0.3: Password disclosure work-around
    • Works around bugs in SimleAuth that makes users' passwords visible.
  • 2.0.2: Added translation
    • Added a zho.ini (中文) message file. (Contributed by @edwinyoo44, closes #23)
    • Added a deu.ini (German) message file. (Contributed by @thebigsmileXD)
    • Documentation and library updates.
  • 2.0.1: language defaults
    • make sure that languages default to English (reported by @minebuilder0110)
  • 2.0.0: Major upgrade
    • uses now a common translation library
    • Removed little used feature: nest-egg
    • leet-mode also works for /register.
    • Removed auto-ban. It is now done in SimpleAuth.
    • Added support for hiding unauthenticated players (Suggested by @CaptainKenji17)
    • Added pre-register and logout command
    • forces permissions to be set
    • Added a task to monitor database server status
    • Thanks @rvachvg for helping debug this.
  • 1.2.3: Security improvements
    • prevent user from chatting away their password
    • add option so that players can also use "/login" to login.
  • 1.2.2: Auto-Ban
    • Too many login attempts will cause the player to be banned.
  • 1.2.1: CallbackTask deprecation
    • Removed CallbackTask deprecation warnings
  • 1.2.0: max-logins
    • Suggestion from @MCPEPIG
      • kick user out after max-attempts.
      • Added a chpwd command.
    • Kick user out if not authenticated after timeout seconds.
    • Added resetpwd command for ops
  • 1.1.0: Small update
    • Added nest-egg
    • Messages can be configured.
  • 1.0.0: First release


Copyright (C) 2015 Alejandro Liu
All Rights Reserved.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <>.

What's new §
  • Untested updates for Scheduler nuke #2213 (9644766df3c69)
  • Updated for PMMP PocketMine 3.0.0
  • API version bump, untested
  • Bumped version
  • Updated for 3.0.0-ALPHA11, version bump
  • API version Bump
  • Added options for password resets, default to protect passwords in chat
  • Bumped version
  • Version bump for 3.0.0-ALPHA9
  • Updated for API changes, compatible with all versions of SimpleAuth
  • tested with 3.0.0-ALPHA8
  • Cleaned up read me, removed dead links
  • Updated for API version 3.0.0-ALPHA7. Breaks BC
  • Version bump because semver

Bumped API to 3.0.0-ALPHA6

Bumped API to 3.0.0-ALPHA5

Initial version
Supported API versions
SimpleAuth 2.1.3
View Plugin
Producers §
  • Collaborators:
    • @Awzaw
    • @alejandroliu
License §
Admin Tools

You can leave one review per plugin release, and delete or update your review at any time