Java/Bukkit (Minecraft) - If file contains playername then check password which is stored in same line after a ":" and do something

Question

this is my first question and I hope you can help me. I'm coding a register/login plugin for Bukkit in Java. Now when the player joins my server I'd like that he log-ins. My plugin must check if the password which the player provided is right. This is the code which I have done so far.

The problem is, that I have no idea, how to do this. Can someone explain how to do this (maybe only in words)?

String currln;

br = new BufferedReader(new FileReader("/plugins/LobbyLogin/passwd.crypt"));

while ((currln = br.readLine()) != null) {
     password = currln;
}

String password = null;
String[] select = password.split(":");
String username = select[0];
String readed_pwd = select[1];
String alldata = username+readed_pwd;

P.S.: The password of the user is saved in a file called "passwd.crypt" which I have created. Here's a example string from it.

ExampleUser:cGFzc3dvcmQ=

The password is stored encrypted.

Answer 1

I suggest using the YAML built-in library provided by Bukkit to store passwords and associate them with a user. Then you can use a simple FileConfiguration#getString(String) to get the password associated with the user.

I don't know the exact implementation of SnakeYAML, but I assume it stores a line number table to reference the Node stored at the position to get the object, instead of a BufferedReader to read every line. This means a performance gain for large files.

And, two things: Unless you have hardware security issues, why encrypt passwords? And, I don't IO during runtime, hold reference to initial value at plugin startup in a collection, it's faster than disk read from file.