Fix expired license error handling #1895
Conversation
smrdotgg
changed the title
|
Thanks for the PR! Someone from Engineering will review it. |
|
For paying customers (non-trial license keys), we are super lenient on the expiration date. We don't want someone to lose access to all of the Enterprise features they rely on in production, just because they are a little late renewing. For trials, however, we want to be a lot stricter since it's just meant as a way to preview Enterprise features for a short time before deciding whether or not to pay. The current solution of throwing an Exception is bad since it stops the app from loading entirely. The change in this PR makes trials too lenient - basically allowing them to continue using Enterprise features forever without paying. We want to do something in between - downgrade the app to the Open Source version, but don't throw an Exception. This will likely require digging a bit deeper into the code and might make sense for our engineers to help out with the implementation. |
packages/enterprise/src/license.ts
Outdated
| // The `trial` field used to be optional, force it to always be defined | ||
| decodedLicense.trial = !!decodedLicense.trial; |
There was a problem hiding this comment.
Something else might still rely on this code. Better to leave it in.
There was a problem hiding this comment.
Good call, I'll leave that in.
packages/enterprise/src/license.ts
Outdated
| // Create a date object for the expiration date | ||
| const expirationDate = new Date(licenseData.exp); | ||
|
|
||
| // Add a buffer of 2 days to the expiration date | ||
| const expiresWithBuffer = new Date(expirationDate); | ||
| expiresWithBuffer.setDate(expirationDate.getDate() + 2); | ||
|
|
||
| // Check if the adjusted expiration date is in the past | ||
| if (expiresWithBuffer < new Date()) { | ||
| // The license is expired | ||
| return true; | ||
| } | ||
| } |
There was a problem hiding this comment.
From my understanding before if it was a .trial license and it expired we errored immediately with no buffer. It errored too harshly to the point that the app became unusable. This change would give them the two day buffer as well, but I think we only want to have the two day grace period with enterprise customers.
There was a problem hiding this comment.
Yeah, as it is, it adds the buffer for all users. I'll make sure it only does so for non-trial users.
I have tested the api endpoints with curl, and they only execute if the license key is valid. If its invalid, they throw appropriate errors with correct codes and proper messages. I've also added the changes you proposed. 😃 |
packages/enterprise/src/license.ts
Outdated
| const expirationDate = new Date(licenseData.exp); | ||
|
|
||
| // Add a buffer of 2 days to the expiration date for non-trial users | ||
| if (licenseData.trial) { |
There was a problem hiding this comment.
I think you are missing a !
smrdotgg
force-pushed
the
bug/1774-expired-license-error
branch
from
207a8d9
to
e34bfe6
Compare
Features and Changes
Fixes the issue where an expired license key causes an API error, preventing them from logging in and accessing the UI for license management. This issue was limited to API keys who's trials expired. Paying enterprise members who's license expired did not face this issue.
Fixes Expired License Keys Cause API Error State (#1774)
Dependencies
None
Tests
Test 1 - Login
Before this change, the login would fail.
After this change, the login succeeds and displays a banner on the top bar.
Test 2 - Unauthorized requests
/eventsroute of the frontend.disabledflag on the button in the EventsPage component (packages/front-end/components/Events/EventsPage/EventsPage.tsx) to false.Before this change, the backend would process the request and provide a valid json response eventhough the license has expired. The feature-blocking was only happening in the frontend logic. (This could have also been bypassed with
curl)After this change, the backend will do its own check to see if the license key has expired. If it has, it will not process the request for the premium feature. So in this case, it would not process the invalid request.
Screenshots (for Test 1)
Before
After