JarsAuth

The description is generated by ChatGPT.
In case of any ambiguity, please refer to Chinese texts.

For detailed Chinese description, please go to 客户端管理 (JarsAuth) - MC百科|最大的Minecraft中文MOD百科

If you want to leave a comment, please go to GitHub Discussion

Important Notice

The mod has been updated to version 5.0. Due to significant changes, the configuration is not compatible with version 4.x, requiring the server-side to regenerate the configuration files. The client-side also needs to update the mod but does not require reconfiguration.

From version 5.0 onwards, all features can be enabled or disabled, and are disabled by default. Please read the instructions carefully and modify the configuration. If you do not modify the configuration, it will be as if the mod is not installed.

All features only take effect on dedicated servers (e.g., Forge, Fabric, Arclight, Mohist environments). They do not work for LAN or single-player games.

All prompt messages are included in the language file, specifically the "en_us.json" file. If you need to modify it, please extract and repackage the mod jar file before releasing.

Due to limited developer resources, only the final versions of 1.18.2 and above are supported. From version 1.20.6, the Forge version switches to supporting NeoForge.

Feature 1 - File Checksum

This was the initial feature of the mod.

Usage Scenario

Typically, the mod loader can detect if the client's mod list matches the server's, but it only checks for mods that both the server and client need to add, and does not check client-only mods (like minimaps, rendering optimizations, or even cheat mods). Some clients might even add X-ray texture packs, seriously affecting game fairness. Traditional countermeasures, such as fake ores, might damage chunk data or cause lag.

The "File Checksum" feature of this mod can check if the mod files in the client's modpack (including client-only ones) match the version created and released, and can detect if the client has added some server-prohibited client-only files.

For example: If the server does not allow it, the client adding a minimap mod will be rejected; if the server requires it, the client removing the minimap mod will be rejected.

Another scenario is server version management. For example, if the server updates some mod files, but some clients do not update in time, they might still pass the mod loader's match due to unchanged mod channels, but version differences could cause server data issues. This mod can conveniently "stop signing" old version clients, protecting the account data security of server players.

Operation Principle

The mod will check all files specified in the configuration file and calculate their hash values. All hash values are then combined to generate a hash signature for the entire client, which is used for client verification.

Whenever a client connects to the server, the server periodically sends a list of files to be verified to the client, which calculates the hash signature and sends it to the server. If this signature is not in the server's record, the client will be rejected.

Certain files might change during startup or operation (like i18nupdatemod or launcher skin texture files), and will be considered modified during the check, failing the file checksum. If these files can be persistently used after generation (like localized language texture packs), they can be retained and the above functions can be disabled to be compatible with this mod.

Usage Method

1. Plan your modpack and add all the mods and other files to the corresponding folders.
2. After preparation, run the test server and execute the server command /jarsauth record to open the recording mode. In this mode, the server will allow any client connection and record their details.
3. Connect to the server using the client.
4. When you see "Client details reloaded" in the server console, a file named [acc-x.json] will be generated in the save folder. Disconnect and run the server command /jarsauth record again to close the recording mode. You can rename this file for different versions as long as it starts with "acc-", like [acc-test.json].
5. The configuration file [setting-file-checksum.json] will be generated in the save folder. Read the [desc_en.txt] instructions carefully and modify the configuration.
6. After completion, run the server command /jarsauth reload to reload the configuration. Any future configuration changes must use this command to take effect.
7. The client can now connect to the server without further configuration on the client side.
8. To reject a client connection, delete the corresponding [acc-x.json] file.

Note: Network fluctuations might cause verification failures. Just reconnect if this happens.

Feature 2 - Client Authentication

This feature is similar to logging in.

Usage Scenario

For offline mode servers, since they cannot use the official verification service and only distinguish players by name, players can easily be impersonated. This feature adds a dedicated authentication service to the server, solving the problem of players being logged in with the same username by others.

Operation Principle

When a player logs in, the server checks if a UUID exists for the username. If not, it is considered the first login. If it does, the server requests the UUID from the client for verification. If the client does not have the corresponding information, it cannot return it, and will be rejected if it exceeds a certain time.

When a player logs in for the first time, the server generates a UUID bound to the username and saves it on the server, also sending it to the player. After saving the data, the player will automatically disconnect to re-login for verification.

Usage Method

1. The configuration file [setting-client-auth.json] will be generated in the save folder. Read the [desc_en.txt] instructions carefully and modify the configuration.
2. 【For the server】, after a player connects, a [uuid-files] folder will be generated in the save folder, containing the UUID information of all players.
3. To revoke a player, simply delete the corresponding UUID file. Since this file is read on each verification, it takes effect immediately without needing to reload.
4. 【For players】, a [uuid-files] folder will be generated in the client's root directory, containing UUID information for all usernames used by this client.
5. Players need to keep the UUID files safe. Losing them will result in being unable to log in to the corresponding server; leaking them might result in impersonation. To log in from different computers, copy the [uuid-files] folder to the client's root directory.

Feature 3 - Server License

This feature can be used as an anti-addiction measure.

Usage Scenario

Some servers might need to manage player connection time or require authorization from the server owner to log in. This feature adds a more refined allowlist system to the server. The server can issue licenses, and only players with valid licenses can connect. Licenses include parameters like validity period, type (by time or connection count), and allowance to help manage client connection authorization.

Operation Principle

When logging in, the server checks the corresponding player's server License. If any of the following occurs:

• No license
• License expired
• License allowance exhausted

the player will be rejected. This is rechecked periodically.

This feature is entirely server-side and does not require data exchange with the client.

Usage Method

1. The configuration file [setting-server-license.json] will be generated in the save folder. Read the [desc_en.txt] instructions carefully and modify the configuration.
2. Server licenses are placed in the [licenses] folder under the server save directory.
3. The server will automatically copy the mod file [JarsAuth-*.jar] to the save directory on startup.
4. This mod can run as an executable jar. Double-click or use the terminal command (java -jar JarsAuth-*.jar) to open the license manager.
5. License manager files will be generated in the [licenses] folder under the working directory. If files are generated elsewhere, move them to the [licenses] folder in the server save directory. Changes take effect immediately without needing to reload.

About Reloading Configuration

Configuration file changes and changes to Feature 1's client acc files require reloading. Other changes take effect immediately without needing to reload.

Mod Author's Words

This part has been moved to GitHub.