An educational MVP demonstrating content licensing and access control for AI bots, with comprehensive telemetry analytics and modern publisher dashboard.
This system demonstrates six core flows:
- Human Access β Unaffected, direct access to content
- Unlicensed Bot β 302 redirect to licensing/paywall
- Licensed Bot β Short-lived token β Metered content access
- AI-to-AI Negotiation β Autonomous license negotiation between publisher agents and AI companies
- License Management β Password-protected publisher dashboard for managing licenses, URLs, policies
- Telemetry & Analytics β Real-time ingestion, aggregation, and visualization of access logs with anomaly detection
The publisher dashboard is password-protected and served under the /demo path:
- Password:
PCM2025!(configurable) - Access URL:
http://localhost/demo/(local) orhttps://your-domain.com/demo/(production) - Root path (
/) returns 404 for security - All product branding removed for generic white-label usage
ββββββββββββββββββββββββ
β Publisher Dashboard β (React/Vite :5173)
β β’ License Manager β
β β’ Negotiations UI β
β β’ Usage Analytics β
β β’ URL Library β
β β’ Policy Tester β
ββββββββββββ¬ββββββββββββ
β
ββββββββββββββββββββββββββββββ
β Mock CDN / Edge Gateway β (Nginx + Edge Worker)
Request -->β β’ Bot detect (UA/IP/Rate) ββββ
β β’ Policy lookup cache β β If AI/bot:
β β’ 302 redirect or proxy β β 302 β /authorize
βββββββββββββ¬βββββββββββββββββ β
β β
Humans βββββββββββ βΌ
ββββββββββββββββββββββββββββ
β Licensing API β (Node/Express :3000)
β β’ Token issuance (JWT) β
β β’ License management β
β β’ Usage metering β
β β’ Content parsing β
β β’ Policy enforcement β
ββββββββββββββ¬ββββββββββββββ
β
ββββββββββββββ΄βββββββββββββββ
β β
ββββββββββββΌβββββββββββ ββββββββββββΌβββββββββββ
β Negotiation Agent β β URL Parser β
β (AI-to-AI) :3003 β β (Markdown) :4000 β
β β’ Auto-negotiation β β β’ URLβMarkdown β
β β’ Strategy engine β β β’ Content extract β
β β’ License creation β βββββββββββββββββββββββ
βββββββββββββββββββββββ
β
βββββββββββ΄βββββββββ
β β
ββββββββββΌβββββββββ βββββββΌβββββββββββ
β Publisher A β β Publisher B β
β (Mock) :8081 β β (Mock) :8082 β
ββββββββββββββββββββ ββββββββββββββββββ
- Docker & Docker Compose
- 8GB RAM recommended
- Ports 80, 3000, 3001, 3003, 4000, 5173, 5432, 6379, 8081, 8082 available
# Clone repository
cd MonetizePlus
# Start all services
docker-compose up -d
# Wait for initialization (~10 seconds)
# Check status
docker-compose psAll services should show as "Up" and healthy.
- π Documentation: http://localhost/docs (β¨ NEW - no password required!)
- Comprehensive browsable documentation
- All markdown files rendered as clean web pages
- Organized by category with navigation
- Publicly accessible (no authentication)
- Publisher Dashboard: http://localhost/demo/ (password:
PCM2025!)- Modern React SPA with password protection
- White-label design with no product branding
- Comprehensive analytics and telemetry dashboard
- Edge Worker: http://localhost:3001 (entry point for bot requests)
- Licensing API: http://localhost:3000 (REST API backend)
- Negotiation Agent: http://localhost:3003 (AI-to-AI negotiation)
- URL Parser: http://localhost:4000 (content extraction service)
- PostgreSQL: localhost:5432 (user:
monetizeplus, db:monetizeplus) - Redis: localhost:6379 (caching and rate limiting)
- Password Gate: Enter
PCM2025!to access the application - Account Selection: Choose Publisher ID (1 or 2 for demo)
- Dashboard Access: Full analytics, licensing, and management interface
The dashboard features a modern, professional design built with:
- Tailwind CSS v3.4.0: Reliable utility-first CSS framework with proper content detection
- React 18: Modern component-based UI with hooks and context
- Heroicons: Beautiful SVG icons with proper sizing and colors
- Recharts: Interactive charts and data visualization
- Responsive Design: Mobile-friendly layout with grid systems
- White-label Interface: No product branding, fully customizable
Frontend:
- React 18 + Vite (fast development and building)
- Tailwind CSS v3 (utility-first styling)
- React Router v7 (client-side routing)
- Axios (HTTP client)
- Vitest + Testing Library (unit testing)
Backend:
- Node.js + Express (REST API)
- PostgreSQL 16 (primary database)
- Redis 7 (caching and rate limiting)
- JWT (stateless authentication)
- Jest + Supertest (API testing)
Infrastructure:
- Docker Compose (local development)
- Nginx (reverse proxy and static serving)
- Azure App Service (production deployment)
- Docker Hub (container registry)
- Log Ingestion API:
POST http://localhost:3000/api/logs/ingest- Authenticate with
X-MAI-Monetize-Key. For local sample data the raw key ispublisher-{id}-ingest(the API persists the SHA-256 hash). - Accepts NDJSON or JSON arrays from platforms such as Fastly, Cloudflare, and Akamai.
- Authenticate with
- Aggregated Metrics:
/api/logs/summaryexposes hourly/daily rollups (aggregated_metricstable). - Ingestion Sources:
/api/logs/sourcesfor managing CDN integrations. - Alerts API:
/api/logs/alertsfor webhook-based anomaly detection (bot ratio, error rate, latency spikes, traffic drops).
The project includes automated testing across all layers:
bash tests/run-automation.shThis single command runs:
- Backend Unit Tests (Jest) - API routes, models, services
- Frontend Unit Tests (Vitest + Testing Library) - React components
- Integration Tests (Bash) - End-to-end flow testing
Backend (Jest):
- β
Telemetry ingestion (
/api/logs/ingest) - β
Analytics endpoints (
/api/logs/summary,/api/logs/sources,/api/logs/alerts) - β Authentication flows with mocked dependencies
- β Data validation and error handling
Frontend (Vitest + Testing Library):
- β Analytics dashboard rendering and data fetching
- β Form submissions (log sources, alerts)
- β Component interactions with mocked API calls
- β ResizeObserver polyfill for chart components
Integration (Bash):
- β Human access (no restrictions)
- β Unlicensed bot redirection (302 to authorization)
- β Licensed bot flow (token issuance β content access)
- β Token verification and URL validation
- β Admin endpoints (publishers, clients, plans)
- β Policy enforcement testing
# Backend only (licensing-api directory)
cd licensing-api && npm test
# Frontend only (publisher-dashboard directory)
cd publisher-dashboard && npm test
# Integration only
bash tests/run-tests.sh- Backend: 8/8 tests passing
- Frontend: 2/2 tests passing
- Integration: 16/16 tests passing
- Total Coverage: All critical paths tested
cd tests
.\run-automation.ps1See tests/MANUAL_TESTS.md for detailed manual test cases and edge case scenarios.
One-Command Deploy:
curl -sS https://raw.githubusercontent.com/drpaulfarrow/MAI-Monetize/main/azure-deploy.sh | bashThis automated script:
- β Creates Azure resources (resource group, app service plan)
- β Generates secure JWT secret
- β Deploys all containers from Docker Hub
- β Configures environment variables
- β Initializes database with sample data
- β Verifies deployment and provides access URL
Result: Your app will be live at https://your-app.azurewebsites.net/demo/ (password: PCM2025!)
If you prefer manual control:
-
Push latest changes to GitHub:
git add . && git commit -m "Update with latest features" && git push origin main
-
Build and push Docker images (if needed):
# Only needed if you modified the dashboard docker build -f publisher-dashboard/Dockerfile.azure -t paulandrewfarrow/monetizeplus-publisher-dashboard:azure-$(date +%Y%m%d) ./publisher-dashboard docker push paulandrewfarrow/monetizeplus-publisher-dashboard:azure-$(date +%Y%m%d)
-
Deploy via Azure CLI:
az webapp config container set \ --name monetizeplusapp \ --resource-group MonetizePlusRG \ --multicontainer-config-type compose \ --multicontainer-config-file docker-compose.azure.yml az webapp restart --name monetizeplusapp --resource-group MonetizePlusRG
The system supports both local development and production deployment:
docker-compose.yml: Local development with all servicesdocker-compose.azure.yml: Production Azure deployment- Environment variables: Configured via
.env(local) or Azure App Settings (production)
- β Password Protection: Secure access with configurable password
- β White-label Design: No product branding, fully customizable
- β Modern Styling: Tailwind CSS v3 with proper utility class generation
- β Asset Optimization: Nginx-served static assets with proper caching
- β Database Migrations: Automatic schema updates and data seeding
- β Health Monitoring: Container health checks and service monitoring
curl -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)" \
-H "Host: site-a.local" \
http://localhost:3001/news/foo.htmlResult: HTTP 200, content returned immediately
curl -i -H "User-Agent: GPTBot/1.0" \
-H "Host: site-a.local" \
http://localhost:3001/news/foo.htmlResult: HTTP 302 redirect to authorization page
curl -X POST http://localhost:3000/token \
-H 'Content-Type: application/json' \
-d '{
"url": "http://site-a.local/news/foo.html",
"ua": "GPTBot/1.0",
"purpose": "inference"
}'Response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_at": "2025-10-27T12:10:00.000Z",
"expires_in": 600,
"publisher": "site-a.local",
"purpose": "inference",
"cost_per_fetch": 0.002
}curl -H "User-Agent: GPTBot/1.0" \
-H "Host: site-a.local" \
"http://localhost:3001/news/foo.html?token=YOUR_TOKEN_HERE"Result: HTTP 200, content returned, usage metered
The Publisher Dashboard is a modern React-based UI for managing all aspects of content licensing:
Navigate to http://localhost:5173 and log in with any publisher ID (e.g., 1 for Publisher A).
- Usage Analytics: View request volumes, revenue trends, and top clients
- Real-time Metrics: Total requests, revenue, unique clients, and average transaction values
- Charts: Request volume over time, revenue trends, client distribution
- Create License Templates: Define reusable license configurations with names
- License types: Training+Display, RAG Unrestricted, RAG Max Words, RAG Attribution, RAG No Display
- Pricing: Set price per fetch and currency (USD/EUR/GBP)
- Terms: Specify term length and revenue share percentage
- Special conditions: Max word counts, attribution requirements
- Edit Licenses: Modify existing license templates
- Clone Licenses: Duplicate licenses for quick creation
- License Naming: All licenses require descriptive names (negotiation-created licenses auto-named as
partner_usecase_price)
- Manage URLs: Add, view, and organize your content URLs
- Assign Licenses: Link licenses to specific URLs
- Content Parsing: Parse URLs to extract markdown content
- Access Endpoints: Configure API, RSS, HTML, MCP, and NLWeb access methods
- Search & Sort: Find URLs by title, description, or URL pattern
- View Negotiations: See all incoming negotiation requests from AI companies
- Accept/Reject: Review and respond to proposed terms
- Auto-License Creation: Accepting a negotiation automatically creates a named license
- Negotiation History: Track all rounds and final terms
- Strategy Management: Configure your negotiation strategy (pricing, thresholds, deal-breakers)
- Detailed Access Logs: View every request with timestamp, client, URL, cost, and purpose
- Filter & Search: Find specific usage events
- Cost Tracking: Monitor per-request costs and cumulative totals
- Real-time Alerts: Get notified of negotiation events, license creation, and system updates
- Unread Counter: Badge showing unread notification count in sidebar
- Filter by Type: View all, unread, license, or negotiation notifications
- Mark as Read/Delete: Manage notification states
- Test Bot Detection: Simulate requests with different user agents
- Policy Validation: Verify your policies work correctly
- Response Preview: See what bots will receive (redirect, allow, block)
The negotiation agent enables autonomous license negotiation between publishers and AI companies.
- AI Company Initiates: Sends a negotiation request with proposed terms
- Publisher Agent Evaluates: Uses configured strategy to assess proposal
- Multi-Round Negotiation: Agents counter-propose until agreement or rejection
- Auto-Accept: If proposal meets threshold, automatically accepts
- License Creation: Successful negotiation creates a named license (format:
partner_usecase_price)
Configure via Dashboard β Negotiations β Strategies:
- Min/Preferred/Max Price: Price boundaries for negotiation
- Auto-Accept Threshold: Automatically accept proposals β₯X% of preferred terms
- Negotiation Style: Aggressive, balanced, flexible, or cooperative
- Max Rounds: Limit negotiation length
- Deal Breakers: Conditions that trigger auto-rejection
Start a new negotiation (called by AI companies).
List all negotiations for a publisher.
Get detailed negotiation history with all rounds.
Accept negotiation terms and create license.
Reject negotiation with optional reason.
Display authorization page with instructions.
Query Parameters:
url(required): Target content URLua(optional): User agent string
Issue an access token.
Request Body:
{
"url": "http://site-a.local/news/foo.html",
"ua": "GPTBot/1.0",
"purpose": "inference",
"client_id": "optional-client-id"
}Response:
{
"token": "JWT_TOKEN",
"expires_at": "ISO8601_TIMESTAMP",
"expires_in": 600,
"publisher": "site-a.local",
"cost_per_fetch": 0.002
}Verify a token's validity.
Query Parameters:
token(required): JWT token to verifyurl(optional): URL to validate against
Response:
{
"valid": true,
"publisher_id": 1,
"client_id": "anonymous",
"purpose": "inference",
"jti": "token-id",
"expires_at": "ISO8601_TIMESTAMP"
}List all licenses for a publisher.
Response:
{
"success": true,
"licenses": [
{
"id": 1,
"name": "openai_training_display_0_0100",
"license_type": 0,
"price": 0.0100,
"currency": "USD",
"term_months": 12,
"status": "active",
"created_ts": "2025-10-29T12:00:00Z"
}
]
}Create a new license template.
Request Body:
{
"publisher_id": 1,
"name": "anthropic_rag_unrestricted_0_0085",
"license_type": 1,
"price": 0.0085,
"currency": "USD",
"term_months": 12,
"status": "active"
}Update an existing license.
Delete a license template.
Clone an existing license.
List parsed URLs for a publisher.
Create content entry from URL and assign license.
Request Body:
{
"url": "https://example.com/article",
"publisherId": 1,
"licenseId": 5,
"title": "Article Title",
"description": "Article description"
}Parse a URL to extract markdown content.
Request Body:
{
"url": "https://example.com/article"
}List all publishers.
List all registered AI clients.
Create a new client.
Revoke a specific token.
Retrieve recent access logs.
Query Parameters:
limit(optional): Number of logs (default: 50)
Get policy for a publisher.
Response:
{
"publisher_id": 1,
"publisher_name": "Publisher A News",
"hostname": "site-a.local",
"version": "1.0",
"policy": {
"version": "1.0",
"default": { "allow": false },
"rules": [...]
}
}Update publisher policy.
Query usage events.
Query Parameters:
publisherId: Filter by publisherclientId: Filter by clientfrom: Start date (ISO8601)to: End date (ISO8601)limit: Results limit (default: 100)
Response:
{
"events": [...],
"summary": {
"total_requests": 150,
"total_cost_micro": 300000,
"total_cost_usd": "0.3000"
}
}Record usage event (internal, called by edge-worker).
id, name, hostname, created_atid, license_id, name, content_id, publisher_id, license_type,
price, currency, term_months, revshare_pct, max_word_count,
attribution_required, attribution_text, attribution_url,
derivative_allowed, status, ext, created_ts, updated_tsLicense Types:
0: Training + Display1: RAG Display (Unrestricted)2: RAG Display (Max Words)3: RAG Display (Attribution)4: RAG No Display
id (UUID), publisher_id, client_id, client_name, strategy_id,
status, current_round, initial_proposal, current_terms, final_terms,
license_id, initiated_by, initiated_at, completed_at, last_activity_at,
context, created_at, updated_atStatuses: initiated, negotiating, accepted, rejected, timeout, error
id, publisher_id, strategy_name, negotiation_style,
min_price_per_fetch_micro, preferred_price_per_fetch_micro, max_price_per_fetch_micro,
min_token_ttl_seconds, preferred_token_ttl_seconds, max_token_ttl_seconds,
min_burst_rps, preferred_burst_rps, max_burst_rps,
allowed_purposes, preferred_purposes, deal_breakers,
max_rounds, auto_accept_threshold, timeout_seconds,
llm_provider, llm_model, llm_temperature, system_prompt,
is_active, created_at, updated_atid, negotiation_id, round_number, actor, action,
proposed_terms, reasoning, llm_model, llm_tokens_used,
llm_response_time_ms, analysis, created_atid, publisher_id, url, content, title, description,
fetch_count, last_fetched, created_at, updated_atid, publisher_id, url, content_origin, title, summary,
license_id, created_ts, updated_tsid, publisher_id, type, title, message, metadata,
category, entity_id, is_read, created_atNotification Types: negotiation_initiated, negotiation_accepted, negotiation_rejected, license_created, system
id, publisher_id, policy_json, version, created_atPolicy JSON Structure:
{
"version": "1.0",
"publisher": "site-a.local",
"default": { "allow": false, "action": "redirect" },
"rules": [
{
"agent": "GPTBot",
"allow": true,
"purpose": ["inference"],
"price_per_fetch": 0.002,
"token_ttl_seconds": 600,
"max_rps": 2
}
],
"redirect_url": "http://licensing-api:3000/authorize"
}{
"iss": "gatehouse-licensing",
"aud": "gatehouse-edge",
"sub": "client:openai",
"publisher_id": 1,
"publisher": "site-a.local",
"url": "http://site-a.local/news/foo.html",
"purpose": "inference",
"jti": "unique-token-id",
"iat": 1730012345,
"exp": 1730012945
}id, ts, publisher_id, client_id, url, agent_ua,
cost_micro, token_id, bytes_sent, purpose, license_idNODE_ENV=development
LICENSING_API_URL=http://licensing-api:3000
PUBLISHER_A_URL=http://publisher-a:8081
PUBLISHER_B_URL=http://publisher-b:8082
REDIS_URL=redis://redis:6379NODE_ENV=development
PORT=3000
DATABASE_URL=postgresql://monetizeplus:monetizeplus123@postgres:5432/monetizeplus
REDIS_URL=redis://redis:6379
JWT_SECRET=your-secret-key-change-in-production
JWT_ISSUER=gatehouse-licensing
JWT_AUDIENCE=gatehouse-edgeConfigured in edge-worker/src/detector.js:
const BOT_PATTERNS = [
/GPTBot/i,
/ClaudeBot/i,
/Perplexity/i,
/CCBot/i,
/Google-Extended/i,
/bingbot/i
];- Window: 60 seconds
- Max Requests: 10 per window per IP+UA combination
- Storage: Redis
- JWT with HS256 signature
- Short TTL: 10 minutes (default)
- URL Binding: Token tied to specific URL
- Revocation: Redis allowlist for instant revocation
- Expiry: Automatic expiration enforced
- Bot Detection: User-Agent pattern matching
- Rate Limiting: Redis-backed sliding window
- Policy Enforcement: Publisher-specific rules
- Audit Trail: All access logged to database
- JWT secret in environment variables
- Database credentials not hardcoded
- CORS disabled on sensitive endpoints
- Input validation on all API endpoints
- Prepared SQL statements (parameterized queries)
docker-compose logs -f edge-workerdocker-compose logs -f licensing-api-- Recent usage events
SELECT * FROM usage_events ORDER BY ts DESC LIMIT 10;
-- Total cost per publisher
SELECT publisher_id, SUM(cost_micro)/1000000.0 as total_usd
FROM usage_events
GROUP BY publisher_id;
-- Active tokens
SELECT COUNT(*) FROM tokens WHERE expires_at > NOW() AND revoked = false;# Connect to Redis
docker exec -it tollbit-redis redis-cli
# Check rate limit keys
KEYS ratelimit:*
# Check token allowlist
KEYS token:*.
βββ docker-compose.yml # Service orchestration
βββ edge/
β βββ nginx.conf # Nginx configuration
βββ edge-worker/
β βββ Dockerfile
β βββ package.json
β βββ src/
β βββ app.js # Main application
β βββ detector.js # Bot detection logic
β βββ router.js # Origin routing
βββ licensing-api/
β βββ Dockerfile
β βββ package.json
β βββ src/
β βββ server.js # Express server
β βββ db.js # Database connection
β βββ redis.js # Redis client
β βββ models/
β β βββ LicenseOption.js # License CRUD operations
β β βββ Content.js # Content management
β βββ routes/
β βββ auth.js # Token endpoints
β βββ policies.js # Policy management
β βββ usage.js # Usage tracking
β βββ admin.js # Admin endpoints
β βββ licenses.js # License management
β βββ content.js # Content & URL management
β βββ access.js # Access endpoint config
β βββ notifications.js # Notification system
βββ negotiation-agent/
β βββ Dockerfile
β βββ package.json
β βββ src/
β βββ server.js # Express server & Socket.IO
β βββ negotiation-engine.js # AI negotiation logic
β βββ notifications.js # Notification helpers
β βββ logger.js # Winston logging
βββ publisher-dashboard/
β βββ Dockerfile
β βββ nginx.conf # Nginx reverse proxy config
β βββ package.json
β βββ vite.config.js
β βββ tailwind.config.js
β βββ src/
β βββ App.jsx # Main React app
β βββ components/
β β βββ Layout.jsx # Main layout with nav
β βββ pages/
β βββ Login.jsx # Publisher login
β βββ Dashboard.jsx # Analytics & metrics
β βββ LicenseWizard.jsx # License management
β βββ UrlLibrary.jsx # URL & content management
β βββ Negotiations.jsx # Negotiation UI
β βββ UsageLogs.jsx # Access logs
β βββ Notifications.jsx # Notification center
β βββ PolicyTester.jsx # Policy testing tool
βββ Simple Parser/
β βββ url-to-markdown/ # URL parsing service
β βββ Dockerfile
β βββ package.json
β βββ src/
β βββ server.js # Express server
βββ publisher-a/ # Mock publisher site
β βββ Dockerfile
β βββ nginx.conf
β βββ html/
βββ publisher-b/ # Mock publisher site
β βββ Dockerfile
β βββ nginx.conf
β βββ html/
βββ database/
β βββ init.sql # Initial schema & seed data
β βββ migrations/ # Database migrations
β βββ 009_negotiation_system.sql
β βββ 010_partner_strategies.sql
β βββ 019_add_license_name.sql
β βββ ...
βββ tests/
βββ run-tests.sh # Automated tests (Bash)
βββ run-tests.ps1 # Automated tests (PowerShell)
βββ MANUAL_TESTS.md # Manual test guide
- Create publisher service:
# docker-compose.yml
publisher-c:
build: ./publisher-c
container_name: monetizeplus-publisher-c
networks:
- monetizeplus-network- Add to database:
INSERT INTO publishers (name, hostname) VALUES
('Publisher C', 'site-c.local');- Create policy:
INSERT INTO policies (publisher_id, policy_json, version) VALUES
(3, '{"version": "1.0", ...}', '1.0');- Update edge worker router:
// edge-worker/src/router.js
const HOST_MAP = {
'site-a.local': PUBLISHER_A_URL,
'site-b.local': PUBLISHER_B_URL,
'site-c.local': 'http://publisher-c:8083'
};Edit edge-worker/src/detector.js:
const BOT_PATTERNS = [
/GPTBot/i,
/YourCustomBot/i,
// Add more patterns
];# Check logs
docker-compose logs
# Rebuild images
docker-compose down
docker-compose build --no-cache
docker-compose up -d# Verify PostgreSQL is running
docker-compose ps postgres
# Check database logs
docker-compose logs postgres
# Recreate database
docker-compose down -v
docker-compose up -d# Check Redis is running
docker exec -it tollbit-redis redis-cli PING
# Verify JWT secret matches in both services
docker-compose config | grep JWT_SECRET# Check Redis connection
docker exec -it monetizeplus-redis redis-cli
> KEYS ratelimit:*- Edge Computing: Processing at the gateway before origin
- JWT Authentication: Stateless token-based auth
- Rate Limiting: Redis sliding window algorithm
- Policy-Based Access Control: Flexible, per-publisher rules
- Usage Metering: Event-based billing data
- Microservices Architecture: Independent, composable services
- Reverse Proxy: Nginx as traffic router
- API Design: RESTful endpoints with clear contracts
- AI-to-AI Negotiation: Autonomous license negotiation using LLMs
- Real-time Communication: WebSockets (Socket.IO) for live updates
- Modern Frontend: React + Vite + Tailwind CSS
- Database Migrations: Versioned schema evolution
- Content Parsing: URL-to-Markdown extraction
- Named Licenses: Human-readable license identifiers with auto-generation
- Node.js/Express: Backend API framework
- PostgreSQL: Relational database for structured data
- Redis: In-memory cache for rate limiting & sessions
- Nginx: High-performance reverse proxy
- Docker: Containerization & orchestration
- JWT: JSON Web Tokens for stateless auth
- Edge Interception: Minimal latency, protects origin
- Stateless Tokens: Horizontal scaling, no session store
- Short TTLs: Security without complex revocation
- Redis Allowlist: Instant revocation when needed
- Policy-Driven: Flexible rules without code changes
- Usage Tracking: Foundation for billing/analytics
This is an educational MVP. For production:
-
Security:
- Rotate JWT secrets regularly
- Use HTTPS everywhere
- Implement proper API key management
- Add input sanitization
- Enable SQL injection protection
- Add DDoS protection
-
Scalability:
- Multi-region edge workers
- Database read replicas
- Redis cluster for HA
- CDN integration
- Load balancing
-
Monitoring:
- Prometheus metrics
- Grafana dashboards
- Alert management
- Error tracking (Sentry)
- APM (Application Performance Monitoring)
-
Legal/Compliance:
- Terms of service
- Privacy policy
- GDPR compliance
- Data retention policies
- Audit logging
This is an educational project. Feel free to:
- Add new features
- Improve documentation
- Submit bug fixes
- Enhance test coverage
MIT License - This is educational software for learning purposes.
Created to demonstrate publisher-AI relationships and content licensing concepts.
For issues or questions:
- Check the troubleshooting section
- Review test cases in
tests/MANUAL_TESTS.md - Check Docker logs:
docker-compose logs
Note: This is an educational MVP to demonstrate content licensing concepts. It is not production-ready and should not be used for actual commercial licensing without significant enhancements to security, scalability, and legal compliance.