ZyrenAuth

A modern, high-performance, and privacy-focused server-side authentication platform for Paper.

Overview

ZyrenAuth is a robust account security and cryptographic authentication lifecycle utility engineered explicitly for Paper and Spigot-compatible server environments. It intercepts player network connections to execute mandatory validation challenges, establishing a strict data barrier that protects player states, inventories, and profile configurations until verification parameters are successfully met.

Key Features

• Reverse Word Captcha Verification — Enforces a randomized reverse-string algorithmic challenge instantly upon connection, preventing automated credential stuffing and bot injection vectors.
• Graphical 2FA Initialization — Features an in-game GUI pipeline (/za 2fa setup) that generates and projects local 2FA secret key states and QR code URIs directly to authenticator applications.
• Isolated Space Teleportation — Seamlessly forces unauthenticated connections onto a locked, safe void coordinate context (0.5, 0.0, 0.5), completely suppressing network world interactions and movement events until verification succeeds.
• Persistent State Persistence — Automatically serializes and caches complete player data matrices—including inventories, vector positions, active status effects, food boundaries, and experience blocks—restoring them seamlessly upon successful lifecycle completion.
• Intelligent Network Profiling — Dual-mode operation handling:
  • Online-Mode Pipelines: Seamlessly authenticates valid Mojang verification hashes while managing dynamic username updates.
  • Offline-Mode Fallbacks: Automates session persistence for pre-registered users while enforcing strict registration protocols for unrecognized profiles.
• Asynchronous Release Auditing — Connects non-blockingly to Modrinth asset channels on startup to evaluate, verify, and notify console administrators of available optimization payloads.
• Enterprise Storage Ingestion — Supports relational MySQL and MariaDB database storage engines for multi-server synchronization, complete with a structured, encrypted file-based archive fallback.

Quick Start & Deployment

1. Deployment: Drop the compiled ZyrenAuth binary archive directly into the active server plugins/ directory.
2. Initialization: Run the server lifecycle to instantiate the primary configuration schema at plugins/config/zyrenauth/.
3. Configuration Extraction: Utilize the Online Configuration Generator to easily compile and modify variables within the local config.json payload.

Command Framework Syntax

User Interaction Group

• /register <password> <confirm> — Establishes a new cryptographically hashed profile record.
• /login <password> — Initiates a BCrypt validation challenge to unlock player interaction parameters.
• /captcha <answer> — Supplies the response payload to the active reverse-string challenge.
• /addemail <email> — Connects an SMTP-reachable tracking address to the profile context.
• /emailconfirm <token> — Validates email ownership tokens.
• /resetpassword & /resetconfirm — Handles remote recovery routines.

Administrative Controls (OP Only)

• /za help — Maps the entire executable subcommand tree.
• /za status — Evaluates localized storage engine metrics and performance health states.
• /za reload — flushes and hot-reloads configuration matrix parameters directly from disk memory.
• /za migrate <player> — Manages data profile migrations across active infrastructure contexts.
• /za delete <player> [confirm] — Completely purges targeted user authentication blocks.