Skip to content

PythonSmall-Q/LicenseEye

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
admin
admin
Β 
Β 
examples
examples
Β 
Β 
sdk
sdk
Β 
Β 
workers
workers
Β 
Β 
.gitattributes
.gitattributes
Β 
Β 
.gitignore
.gitignore
Β 
Β 
CONTRIBUTING.md
CONTRIBUTING.md
Β 
Β 
LICENSE
LICENSE
Β 
Β 
QUICKSTART.md
QUICKSTART.md
Β 
Β 
README.md
README.md
Β 
Β 
README.zh.md
README.zh.md
Β 
Β 
SECURITY.md
SECURITY.md
Β 
Β 
package.json
package.json
Β 
Β 

Repository files navigation

LicenseEye β€” Repo Overview

This repository implements an enterprise-grade license management platform with a Cloudflare Workers backend, a React admin UI, and a TypeScript client SDK.

This top-level README documents the purpose and contents of each folder, common development commands, deployment, and links to security and publishing guides.

πŸš€ Quick Start

Repository layout

  • admin/ β€” React-based Admin UI (Vite + React + Ant Design)
    • Purpose: product/feature schema editing, policy management, license creation, CSV bulk imports, session management and manual kicks.
    • Key files:
      • admin/src/modules/App.tsx β€” main admin application UI
      • admin/package.json β€” dev/build scripts and dependencies
      • admin/vite.config.ts, admin/tsconfig.json β€” build config
    • Typical dev commands:
cd admin
npm install
npm run dev      # start dev server (Vite)
npm run build    # produce production build
  • workers/ β€” Cloudflare Workers backend (TypeScript)
    • Purpose: core license logic: Admin API, public license endpoints, policy engine, Ed25519 signing, ephemeral & feature tokens, floating seats via Durable Objects, D1 storage, KV config.
    • Key files & folders:
      • workers/src/index.ts β€” main request handler and API routes
      • workers/src/do/LicenseDO.ts β€” Durable Object for seat/heartbeat management
      • workers/migrations/0001_init.sql β€” D1 schema definitions (products, licenses, sessions, policies, fingerprints, tokens)
      • workers/wrangler.toml β€” Cloudflare configuration (D1, KV, Durable Objects bindings, env vars)
      • workers/README.md β€” (worker-specific quickstart)
    • Important environment/secrets:
      • SERVER_TIME_SECRET (secret) β€” HMAC secret used for server-time signing
      • ADMIN_JWT_PUBLIC_JWK (secret) β€” admin JWT verification public JWK
      • FEATURE_SCHEMA_STRICT (var) β€” optional strict feature schema enforcement
    • D1/KV/DO setup (example):
# create D1 database and KV namespace
wrangler d1 create licenseeye-db
wrangler kv:namespace create licenseeye

# apply migration (local or remote)
wrangler d1 migrations apply licenseeye-db --local
# or for production
wrangler d1 migrations apply licenseeye-db --remote

# deploy
cd workers
wrangler deploy
  • sdk/ β€” TypeScript client SDK
    • Purpose: client-side helpers for heartbeats, validate/consume feature tokens, ephemeral token validation, storage adapter for quotas and last-seen server time, and policy handling.
    • Key files:
      • sdk/src/index.ts β€” SDK implementation (Ed25519 verification, consume logic)
      • sdk/package.json β€” build script
      • sdk/README.md β€” SDK usage examples (already included)
    • Build commands:
cd sdk
npm install
npm run build
  • LICENSE β€” repository license text.
  • .gitattributes β€” VCS attributes.

High-level concepts

  • Products: contain a feature_schema (JSON schema-like) and per-product Ed25519 keypairs used for signing feature tokens.
  • Licenses: associated with a product; can be perpetual, subscription, or floating (concurrent seats). Features on licenses are validated against product feature_schema (optionally strict).
  • Sessions & Heartbeats: clients call a heartbeat endpoint that records session_id, machine_id, IP, and Cloudflare request.cf.country. Durable Objects enforce seat limits for floating licenses.
  • Fingerprints & Risk Scoring: server aggregates machines_seen, country_changes, debug_hits, time_anomaly and avg_session_time to compute risk and transition license states (active β†’ grace β†’ restricted β†’ revoked).
  • Policies: hierarchical (global + product), merged at fetch time. Policies control soft-check probabilities, offline tolerance, delayed validation windows, and debug tolerances.
  • Tokens:
    • Feature tokens: Ed25519-signed JSON granting feature access and quotas.
    • Ephemeral tokens: short-lived machine-bound tokens with TTL.
    • User tokens: client-signed tokens accepted by the license creation API.

Recommended local development flow

  1. Start by creating D1 and KV, copy IDs into workers/wrangler.toml.
  2. Set secrets locally (for dev you may put fallback keys in KV but prefer secrets):
wrangler secret put SERVER_TIME_SECRET
wrangler secret put ADMIN_JWT_PUBLIC_JWK
  1. Apply DB migration locally:
wrangler d1 migrations apply licenseeye-db --local
  1. Run the Workers dev server while developing:
cd workers
wrangler dev --local --persist
  1. Run the Admin UI:
cd admin
npm install
npm run dev
# open browser at http://localhost:5173 (default Vite port)
  1. Build SDK when you need to publish/use it in other projects:
cd sdk
npm install
npm run build

πŸ—οΈ Deployment Guide

1. Prepare Cloudflare Resources

# Login to Cloudflare
wrangler login

# Create D1 database and KV namespace
wrangler d1 create licenseeye-db
wrangler kv:namespace create licenseeye

# Copy the database_id and KV id into workers/wrangler.toml

2. Set Secrets

wrangler secret put SERVER_TIME_SECRET
wrangler secret put ADMIN_JWT_PUBLIC_JWK

3. Apply Database Migrations

cd workers
wrangler d1 migrations apply licenseeye-db --remote

4. Deploy Workers Backend

cd workers
wrangler deploy

5. Build and Deploy Admin UI

cd ../admin
npm install
npm run build
# Upload admin/dist/ to your static hosting (Cloudflare Pages, Vercel, etc.)

6. (Optional) Publish SDK to npm

See PUBLISHING.md for SDK publishing steps.

πŸ› οΈ Useful Commands

Dev server for Workers:

cd workers
wrangler dev --local --persist

Start admin UI:

cd admin
npm install
npm run dev

Build everything for release:

# workers deploy
cd workers
wrangler deploy

# admin production build
cd ../admin
npm run build

# sdk build
cd ../sdk
npm run build

Where to look for specific features

  • Floating license/seat enforcement: workers/src/do/LicenseDO.ts
  • DB schema and migrations: workers/migrations/0001_init.sql
  • Feature token signing and verify flows: workers/src/index.ts (signing endpoints) and sdk/src/index.ts (verification/consume)
  • Admin UI feature schema editing and CSV bulk: admin/src/modules/App.tsx
  • Policy publishing and history: workers/src/index.ts (admin policy endpoints) and admin UI policy history components in admin/src/modules/App.tsx

Next Steps and Optional Improvements

  • Add automated tests (unit/integration) for heartbeat, token verification, and DO seat management.
  • Add CI to run TypeScript builds and linting for admin, workers, and sdk.
  • Add a simple analytics dashboard for session/risk trends.
  • Implement JWK rotation for admin JWTs and store JWK sets in KV.

πŸ“š Additional Documentation

For questions or support, open an issue on GitHub.

  • Add automated tests (unit/integration) for heartbeat, token verification, and DO seat management.
  • Add CI to run TypeScript builds and linting for admin, workers, and sdk.
  • Add a simple analytics dashboard for session/risk trends.
  • Implement JWK rotation for admin JWTs and store JWK sets in KV.

About

LicenseEye, an industrial licensing system

Resources

Readme

License

Apache-2.0 license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages