Overview
AuthManager is built to protect offline-mode authentication flows with strong pre-auth restrictions, premium identity verification, anti-bruteforce systems, and modern database support.

Main Features

• Secure `/register` and `/login` flow
• Blocks movement/actions/chat/commands before authentication
• Premium verification modes: `strict` and `compatibility`
• Rate limiting for pre-login, login, and register
• Account lock after repeated failures
• Optional remembered sessions
• IP intelligence checks (proxy/hosting/mobile/unknown)
• Multi-database support: SQLite / MySQL / PostgreSQL
• Runtime DB health, pool metrics, and migration status
• Guided SQLite import into MySQL/PostgreSQL
• Detailed admin diagnostics with `/authadmin status` and `/authadmin db`

Commands

• `/login <password>`
• `/register <password> <confirmation>`
• `/premium`
• `/unpremium`
• `/changepassword <old> <new> <confirmation>`
• `/logout`
• `/authstatus`
• `/authadmin <subcommand>`

Admin Tools

• `/authadmin status`
• `/authadmin stats [days]`
• `/authadmin db <status|health|migrations|import>`
• `/authadmin lookup <player|ip>`
• `/authadmin ratelimit <status|clear>`
• `/authadmin sessions`
• `/authadmin unlock <player>`
• `/authadmin setpassword <player> <newPassword>`
• `/authadmin forceauth <player>`
• `/authadmin forceunauth <player>`
• `/authadmin kickunauth [message]`
• `/authadmin packet clear <player>`
• `/authadmin player <name>`

Permissions

• `authmanager.admin` (required for `/authadmin` subcommands)

Requirements

• Java 21
• Paper/Purpur 1.21+
• PacketEvents installed on the server

Why AuthManager

• Security-first design
• Production-ready admin observability
• Flexible database architecture for scaling
• Clean migration path from SQLite to external DBs