AlwaysAuth v0.4.5

v0.4.5 - 1.21.11 Support

Happy (late) New Year! I hope everyone had a good one, this update is simply to add support for 1.21.11, nothing should be broken but if it is please let me know in my discord!

Edit (2/20/26 @ 7pm EST)

v0.4.5 - NeoForge Update

Hello! This is a patch for the NeoForge version of v0.4.5, it was including the SL4J logger which was causing issues with the server, this update should also be about ~11MB and not the 47KB that it was previously.

Note I only tested booting as the Proxy Server should be agnostic from server type to server type, if there are any more issues, please let me know!

AlwaysAuth v0.4.4

v0.4.4 - Yet Another Fix for Velocity

So sorry that this update took so long, I was celebrating Thanksgiving with family and was unable to work on the project!

This update fixes the issue of the plugin disabling itself on Velocity,
while copying events around I accidentally copied the disable method into the
player join method so whenever a player joined the plugin got disabled. So it has been fixed!

AlwaysAuth v0.4.3

v0.4.3 - Fix for Velocity

This update patches 2 issues with velocity:

1. The mysql library wasn't being downloaded properly
2. Users wouldn't be authed due to the fact that Velocity hard bakes their url with /session/minecraft/hasJoined into it and it was messing with the authentication.

AlwaysAuth v0.4.2

v0.4.2 - Fixed Update Checker

There was a small oversight with the update checker where it only checked for the newest version, which works great, until I release a patch for a specific loader. So I updated it to check the latest version and loader to ensure that you get update notifications for your server only!

AlwaysAuth v0.4.1

v0.4.1 - Patch for NeoForge and Fabric

This is a small and quick patch to fix the loading of the mod to ensure it is loaded before mixins make their changes.

AlwaysAuth v0.4.0

v0.4.0 - Update Checker

Update Checker

I have added a simple update checker so that you can always be notified when there is
a new release! It will notify the staff with the permission alwaysauth.admin and notify
console when the server is started.

This feature can be disabled within the config by disabling check-updates

---

Other Things

I aso removed some annoying debug messages that were left over from me testing the
config system. As well as some other non-necessary messages

Standalone Release 0.3.0

0.3.0 - Authentication & New Versioning Scheme

Authentication

Firsts things first, Authentication! I've added a simple secret key that is required
to access the AlwaysAuth auth server instance, this will stop people from creating fake
authentication requests.

On top of this the database will now have the ip address
encrypted with the same secret key, this will ensure any database leaks do not leak
people's ip's (unless someone got a hold of your secret key as well).

New Config Options

The config is setup to auto update, so you shouldn't have to regenerate it or anything.
But just so you know there are two new values:

authentication-enabled=true
secret-key=GENERATED ON STARTUP

Standalone Servers

If you are using a standalone instance for multiple servers, simply all the servers
need to match the standalone instance's secret key, and then they will be able to
connect to the standalone server.

Disabling Authentication

If you so choose you can disable authentication which can leave you open to possible
false authentication attacks on your server, this is highly not recommended but left
as an option if you so choose too for whatever reason.

Note this will not disable the database IP encryption.

---

New Version Scheme

I will be implementing (properly) the SemVer format which follows the
Major.Minor.Patch format, so right now we are on Major version 0, Minor version 3,
and Patch version 0.

Standalone Release

This is the first release for the standalone jar, this jar is able to run anywhere java can and can be used to connect multiple servers to one AlwaysAuth connection! More on the wiki to come soon

Beta Release - 1.21.10

This is a beta release for AlwaysAuth, it includes most of the planned features and works, however there are a few things that I want to add in the future that will make the plugin/mod more plug and play, but as of right now there a few steps to follow before it can actually work.

Step 1.
You need to change the session host value inside of your java startup command, which isn't as hard as it sounds, you need to simply add the following part to it:

-Dminecraft.api.auth.host=https://authserver.mojang.com/ -Dminecraft.api.profiles.host=https://api.mojang.com/ -Dminecraft.api.services.host=https://api.minecraftservices.com/ -Dminecraft.api.session.host=http://127.0.0.1:8765

so this

java -jar paper.jar

becomes

java -jar -Dminecraft.api.auth.host=https://authserver.mojang.com/ -Dminecraft.api.profiles.host=https://api.mojang.com/ -Dminecraft.api.services.host=https://api.minecraftservices.com/ -Dminecraft.api.session.host=http://127.0.0.1:8765 paper.jar

Eventually this will be automated, and I want to replace the auth host, profiles host and services host so that it can be fully offline and everything works! but thats a later issue, currently I want to make sure it at all lol

Step 2.
You also need to change a setting in your server.properties file so that way the client's ip is forwarded to the session host as by default it isn't as it is optional

prevent-proxy-connections=false

needs to become

prevent-proxy-connections=true

this will pass the users ip into the auth server so that way the auth server can handle authentication without needing mojang services

Step 3.
It should work! As of right now there is quite a few logs when joining, I will add a debug option in the config later to change this.
Also do note that fabric's formatting in console is a bit weird as I used a generic Logger class for logging and fabric by default doesn't use it and so anything logged with it is a bit of a different format