Skip to content

Generates time-limited tokens for players to verify account ownership

Notifications You must be signed in to change notification settings

TheShireMinecraft/minecraft-player-verification

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Minecraft Player Verification

CI codecov

Overview

Generates time-limited signed tokens players may use to verify ownership of their Minecraft account. For example, to link their in-game account to a website account.

Usage

Players run /verify in-game which generates a time-limited token they can use to verify ownership of their Minecraft account. The plugin will generate the token, insert it into a URL, and present a button to the player that once clicked will take them to that URL. You will need to write something to handle receiving and parsing the token on your web server. The plugin will need to be configured with the same signing secret as the script on your web server.

Configuration

  • verificationBaseUrl - The base URL of the verification endpoint you want to link to, which should typically include a trailing slash.
  • tokenSigningKey - The 32 character key with which to sign the token.
  • tokenExpiryInMinutes - Token lifetime in minutes, remember to account for systems potentially being a minute or so out of sync.
  • replaceJwtDotsWithSlashes - Replace dots with slashes in the generated token, which might make it slightly easier to parse at the website end.
  • omitJwtHeaderFromUrl - Omit the JWT header in the URL, because it is the same for each request, resulting in shorter links. The server-side can prepend the header if the details are known at both ends.
  • omitJwtHeaderAndPayloadEyjPrefix - A minor optimisation to strip the first 3 characters from the header and payload, the server can add this back in.