MCAuthAll – A new project
Monday, February 27, 2012
I run a private Minecraft server for me and my friends. The only problem is, only half of my friends own Minecraft. (Leave piracy debates out of this.) This causes issues with securing the server to prevent account stealing. I initially only intended to make a quick server mod, but it turned into a full fledged project. The source is on GitHub. In summary, the server uses a host file mod to redirect auth traffic. The selling point of this system is that legit/premium users who bought minecraft do not have to do anything extra. The default launcher works fine for them. Cracked/non-premium users, however, must use a custom launcher. This custom launcher downloads a modded copy of minecraft in addition to several other checks to prevent account stealing. In effect, you can run a mixed server in online mode, supplying authentication (with official servers) to premium users, preventing non-premium users from logging in as premium users, while also allowing non-premium users to still play.
It's a mouthful; I know, but it works great for servers with a mixed community. I consider the project nearly done. The only thing I have left to add is a password database for non-premium users, which would prevent non-premium users from logging in as other non-premium users.