Lizenzserver (Backend) - Erstellt

lizenzserver/services/admin_api/__init__.py

@@ -0,0 +1 @@
+# Admin API Service

lizenzserver/services/admin_api/app.py

@@ -0,0 +1,666 @@
+import os
+import sys
+from flask import Flask, request, jsonify
+from flask_cors import CORS
+import logging
+from functools import wraps
+from marshmallow import Schema, fields, ValidationError
+from datetime import datetime, timedelta
+import secrets
+
+# Add parent directory to path for imports
+sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))))
+
+from config import get_config
+from repositories.license_repo import LicenseRepository
+from repositories.cache_repo import CacheRepository
+from events.event_bus import EventBus, Event, EventTypes
+from models import EventType, AnomalyType, Severity
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# Initialize Flask app
+app = Flask(__name__)
+config = get_config()
+app.config.from_object(config)
+CORS(app)
+
+# Initialize dependencies
+license_repo = LicenseRepository(config.DATABASE_URL)
+cache_repo = CacheRepository(config.REDIS_URL)
+event_bus = EventBus(config.RABBITMQ_URL)
+
+# Validation schemas
+class CreateLicenseSchema(Schema):
+    customer_id = fields.Str(required=True)
+    max_devices = fields.Int(missing=1, validate=lambda x: x > 0)
+    expires_in_days = fields.Int(allow_none=True)
+    features = fields.List(fields.Str(), missing=[])
+    is_test = fields.Bool(missing=False)
+    metadata = fields.Dict(missing={})
+
+class UpdateLicenseSchema(Schema):
+    max_devices = fields.Int(validate=lambda x: x > 0)
+    is_active = fields.Bool()
+    expires_at = fields.DateTime()
+    features = fields.List(fields.Str())
+    metadata = fields.Dict()
+
+class DeactivateDeviceSchema(Schema):
+    hardware_id = fields.Str(required=True)
+    reason = fields.Str()
+
+class TransferLicenseSchema(Schema):
+    from_hardware_id = fields.Str(required=True)
+    to_hardware_id = fields.Str(required=True)
+
+class SearchLicensesSchema(Schema):
+    customer_id = fields.Str()
+    is_active = fields.Bool()
+    is_test = fields.Bool()
+    created_after = fields.DateTime()
+    created_before = fields.DateTime()
+    expires_after = fields.DateTime()
+    expires_before = fields.DateTime()
+    page = fields.Int(missing=1, validate=lambda x: x > 0)
+    per_page = fields.Int(missing=50, validate=lambda x: 0 < x <= 100)
+
+def require_admin_auth(f):
+    """Decorator to require admin authentication"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        # Check for admin API key
+        api_key = request.headers.get('X-Admin-API-Key')
+        
+        if not api_key:
+            return jsonify({"error": "Missing admin API key"}), 401
+        
+        # In production, validate against database
+        # For now, check environment variable
+        if api_key != os.getenv('ADMIN_API_KEY', 'admin-key-change-in-production'):
+            return jsonify({"error": "Invalid admin API key"}), 401
+        
+        return f(*args, **kwargs)
+    
+    return decorated_function
+
+@app.route('/health', methods=['GET'])
+def health_check():
+    """Health check endpoint"""
+    return jsonify({
+        "status": "healthy",
+        "service": "admin-api",
+        "timestamp": datetime.utcnow().isoformat()
+    })
+
+@app.route('/api/v1/admin/licenses', methods=['POST'])
+@require_admin_auth
+def create_license():
+    """Create new license"""
+    schema = CreateLicenseSchema()
+    
+    try:
+        data = schema.load(request.get_json())
+    except ValidationError as e:
+        return jsonify({"error": "Invalid request", "details": e.messages}), 400
+    
+    # Generate license key
+    license_key = f"LIC-{secrets.token_urlsafe(16).upper()}"
+    
+    # Calculate expiration
+    expires_at = None
+    if data.get('expires_in_days'):
+        expires_at = datetime.utcnow() + timedelta(days=data['expires_in_days'])
+    
+    # Create license in database
+    query = """
+        INSERT INTO licenses 
+            (license_key, customer_id, max_devices, is_active, is_test, expires_at, features, metadata)
+        VALUES (%s, %s, %s, true, %s, %s, %s, %s)
+        RETURNING id
+    """
+    
+    import json
+    license_id = license_repo.execute_insert(query, (
+        license_key,
+        data['customer_id'],
+        data['max_devices'],
+        data['is_test'],
+        expires_at,
+        json.dumps(data['features']),
+        json.dumps(data['metadata'])
+    ))
+    
+    if not license_id:
+        return jsonify({"error": "Failed to create license"}), 500
+    
+    # Publish event
+    event_bus.publish(Event(
+        EventTypes.LICENSE_CREATED,
+        {
+            "license_id": license_id,
+            "customer_id": data['customer_id'],
+            "license_key": license_key
+        },
+        "admin-api"
+    ))
+    
+    return jsonify({
+        "id": license_id,
+        "license_key": license_key,
+        "customer_id": data['customer_id'],
+        "max_devices": data['max_devices'],
+        "is_test": data['is_test'],
+        "expires_at": expires_at.isoformat() if expires_at else None,
+        "features": data['features']
+    }), 201
+
+@app.route('/api/v1/admin/licenses/<license_id>', methods=['GET'])
+@require_admin_auth
+def get_license(license_id):
+    """Get license details"""
+    license = license_repo.get_license_by_id(license_id)
+    
+    if not license:
+        return jsonify({"error": "License not found"}), 404
+    
+    # Get additional statistics
+    active_devices = license_repo.get_active_devices(license_id)
+    usage_stats = license_repo.get_license_usage_stats(license_id)
+    recent_events = license_repo.get_recent_activations(license_id)
+    
+    # Format response
+    license['active_devices'] = active_devices
+    license['usage_stats'] = usage_stats
+    license['recent_events'] = recent_events
+    
+    return jsonify(license)
+
+@app.route('/api/v1/admin/licenses/<license_id>', methods=['PATCH'])
+@require_admin_auth
+def update_license(license_id):
+    """Update license"""
+    schema = UpdateLicenseSchema()
+    
+    try:
+        data = schema.load(request.get_json())
+    except ValidationError as e:
+        return jsonify({"error": "Invalid request", "details": e.messages}), 400
+    
+    # Build update query dynamically
+    updates = []
+    params = []
+    
+    if 'max_devices' in data:
+        updates.append("max_devices = %s")
+        params.append(data['max_devices'])
+    
+    if 'is_active' in data:
+        updates.append("is_active = %s")
+        params.append(data['is_active'])
+    
+    if 'expires_at' in data:
+        updates.append("expires_at = %s")
+        params.append(data['expires_at'])
+    
+    if 'features' in data:
+        updates.append("features = %s")
+        params.append(json.dumps(data['features']))
+    
+    if 'metadata' in data:
+        updates.append("metadata = %s")
+        params.append(json.dumps(data['metadata']))
+    
+    if not updates:
+        return jsonify({"error": "No fields to update"}), 400
+    
+    # Add updated_at
+    updates.append("updated_at = NOW()")
+    
+    # Add license_id to params
+    params.append(license_id)
+    
+    query = f"""
+        UPDATE licenses 
+        SET {', '.join(updates)}
+        WHERE id = %s
+        RETURNING *
+    """
+    
+    result = license_repo.execute_one(query, params)
+    
+    if not result:
+        return jsonify({"error": "License not found"}), 404
+    
+    # Invalidate cache
+    cache_repo.invalidate_license_cache(license_id)
+    
+    # Publish event
+    event_bus.publish(Event(
+        EventTypes.LICENSE_UPDATED,
+        {
+            "license_id": license_id,
+            "changes": list(data.keys())
+        },
+        "admin-api"
+    ))
+    
+    return jsonify(result)
+
+@app.route('/api/v1/admin/licenses/<license_id>', methods=['DELETE'])
+@require_admin_auth
+def delete_license(license_id):
+    """Soft delete license (deactivate)"""
+    query = """
+        UPDATE licenses 
+        SET is_active = false, updated_at = NOW()
+        WHERE id = %s
+        RETURNING id
+    """
+    
+    result = license_repo.execute_one(query, (license_id,))
+    
+    if not result:
+        return jsonify({"error": "License not found"}), 404
+    
+    # Invalidate cache
+    cache_repo.invalidate_license_cache(license_id)
+    
+    # Publish event
+    event_bus.publish(Event(
+        EventTypes.LICENSE_DEACTIVATED,
+        {"license_id": license_id},
+        "admin-api"
+    ))
+    
+    return jsonify({"success": True, "message": "License deactivated"})
+
+@app.route('/api/v1/admin/licenses/<license_id>/devices', methods=['GET'])
+@require_admin_auth
+def get_license_devices(license_id):
+    """Get all devices for a license"""
+    # Get active devices
+    active_devices = license_repo.get_active_devices(license_id)
+    
+    # Get all registered devices from activation events
+    query = """
+        SELECT DISTINCT ON (hardware_id)
+            hardware_id,
+            event_type,
+            ip_address,
+            user_agent,
+            created_at as registered_at,
+            metadata
+        FROM activation_events
+        WHERE license_id = %s
+            AND event_type IN ('activation', 'reactivation', 'transfer')
+            AND success = true
+        ORDER BY hardware_id, created_at DESC
+    """
+    
+    all_devices = license_repo.execute_query(query, (license_id,))
+    
+    # Mark active devices
+    active_hw_ids = {d['hardware_id'] for d in active_devices}
+    for device in all_devices:
+        device['is_active'] = device['hardware_id'] in active_hw_ids
+        if device['is_active']:
+            # Add last_seen from active_devices
+            active_device = next((d for d in active_devices if d['hardware_id'] == device['hardware_id']), None)
+            if active_device:
+                device['last_seen'] = active_device['last_seen']
+    
+    return jsonify({
+        "license_id": license_id,
+        "total_devices": len(all_devices),
+        "active_devices": len(active_devices),
+        "devices": all_devices
+    })
+
+@app.route('/api/v1/admin/licenses/<license_id>/devices/deactivate', methods=['POST'])
+@require_admin_auth
+def deactivate_device(license_id):
+    """Deactivate a device"""
+    schema = DeactivateDeviceSchema()
+    
+    try:
+        data = schema.load(request.get_json())
+    except ValidationError as e:
+        return jsonify({"error": "Invalid request", "details": e.messages}), 400
+    
+    success = license_repo.deactivate_device(license_id, data['hardware_id'])
+    
+    if not success:
+        return jsonify({"error": "Failed to deactivate device"}), 500
+    
+    # Invalidate cache
+    cache_repo.invalidate_license_cache(license_id)
+    
+    # Publish event
+    event_bus.publish(Event(
+        EventTypes.DEVICE_DEACTIVATED,
+        {
+            "license_id": license_id,
+            "hardware_id": data['hardware_id'],
+            "reason": data.get('reason', 'Admin action')
+        },
+        "admin-api"
+    ))
+    
+    return jsonify({"success": True, "message": "Device deactivated"})
+
+@app.route('/api/v1/admin/licenses/<license_id>/transfer', methods=['POST'])
+@require_admin_auth
+def transfer_license(license_id):
+    """Transfer license between devices"""
+    schema = TransferLicenseSchema()
+    
+    try:
+        data = schema.load(request.get_json())
+    except ValidationError as e:
+        return jsonify({"error": "Invalid request", "details": e.messages}), 400
+    
+    # Get client IP
+    ip_address = request.headers.get('X-Forwarded-For', request.remote_addr)
+    
+    success = license_repo.transfer_license(
+        license_id,
+        data['from_hardware_id'],
+        data['to_hardware_id'],
+        ip_address
+    )
+    
+    if not success:
+        return jsonify({"error": "Failed to transfer license"}), 500
+    
+    # Invalidate cache
+    cache_repo.invalidate_license_cache(license_id)
+    
+    # Publish event
+    event_bus.publish(Event(
+        EventTypes.LICENSE_TRANSFERRED,
+        {
+            "license_id": license_id,
+            "from_hardware_id": data['from_hardware_id'],
+            "to_hardware_id": data['to_hardware_id']
+        },
+        "admin-api"
+    ))
+    
+    return jsonify({"success": True, "message": "License transferred successfully"})
+
+@app.route('/api/v1/admin/licenses', methods=['GET'])
+@require_admin_auth
+def search_licenses():
+    """Search and list licenses"""
+    schema = SearchLicensesSchema()
+    
+    try:
+        filters = schema.load(request.args)
+    except ValidationError as e:
+        return jsonify({"error": "Invalid request", "details": e.messages}), 400
+    
+    # Build query
+    where_clauses = []
+    params = []
+    
+    if filters.get('customer_id'):
+        where_clauses.append("customer_id = %s")
+        params.append(filters['customer_id'])
+    
+    if 'is_active' in filters:
+        where_clauses.append("is_active = %s")
+        params.append(filters['is_active'])
+    
+    if 'is_test' in filters:
+        where_clauses.append("is_test = %s")
+        params.append(filters['is_test'])
+    
+    if filters.get('created_after'):
+        where_clauses.append("created_at >= %s")
+        params.append(filters['created_after'])
+    
+    if filters.get('created_before'):
+        where_clauses.append("created_at <= %s")
+        params.append(filters['created_before'])
+    
+    if filters.get('expires_after'):
+        where_clauses.append("expires_at >= %s")
+        params.append(filters['expires_after'])
+    
+    if filters.get('expires_before'):
+        where_clauses.append("expires_at <= %s")
+        params.append(filters['expires_before'])
+    
+    where_sql = " AND ".join(where_clauses) if where_clauses else "1=1"
+    
+    # Count total
+    count_query = f"SELECT COUNT(*) as total FROM licenses WHERE {where_sql}"
+    total_result = license_repo.execute_one(count_query, params)
+    total = total_result['total'] if total_result else 0
+    
+    # Get paginated results
+    page = filters['page']
+    per_page = filters['per_page']
+    offset = (page - 1) * per_page
+    
+    query = f"""
+        SELECT l.*, c.name as customer_name, c.email as customer_email
+        FROM licenses l
+        JOIN customers c ON l.customer_id = c.id
+        WHERE {where_sql}
+        ORDER BY l.created_at DESC
+        LIMIT %s OFFSET %s
+    """
+    
+    params.extend([per_page, offset])
+    licenses = license_repo.execute_query(query, params)
+    
+    return jsonify({
+        "licenses": licenses,
+        "pagination": {
+            "total": total,
+            "page": page,
+            "per_page": per_page,
+            "pages": (total + per_page - 1) // per_page
+        }
+    })
+
+@app.route('/api/v1/admin/licenses/<license_id>/events', methods=['GET'])
+@require_admin_auth
+def get_license_events(license_id):
+    """Get all events for a license"""
+    hours = request.args.get('hours', 24, type=int)
+    
+    events = license_repo.get_recent_activations(license_id, hours)
+    
+    return jsonify({
+        "license_id": license_id,
+        "hours": hours,
+        "total_events": len(events),
+        "events": events
+    })
+
+@app.route('/api/v1/admin/licenses/<license_id>/usage', methods=['GET'])
+@require_admin_auth
+def get_license_usage(license_id):
+    """Get usage statistics for a license"""
+    days = request.args.get('days', 30, type=int)
+    
+    stats = license_repo.get_license_usage_stats(license_id, days)
+    
+    # Get daily breakdown
+    query = """
+        SELECT 
+            DATE(timestamp) as date,
+            COUNT(*) as validations,
+            COUNT(DISTINCT hardware_id) as unique_devices,
+            COUNT(DISTINCT ip_address) as unique_ips
+        FROM license_heartbeats
+        WHERE license_id = %s
+            AND timestamp > NOW() - INTERVAL '%s days'
+        GROUP BY DATE(timestamp)
+        ORDER BY date DESC
+    """
+    
+    daily_stats = license_repo.execute_query(query, (license_id, days))
+    
+    return jsonify({
+        "license_id": license_id,
+        "days": days,
+        "summary": stats,
+        "daily": daily_stats
+    })
+
+@app.route('/api/v1/admin/licenses/<license_id>/anomalies', methods=['GET'])
+@require_admin_auth
+def get_license_anomalies(license_id):
+    """Get detected anomalies for a license"""
+    query = """
+        SELECT * FROM anomaly_detections
+        WHERE license_id = %s
+        ORDER BY detected_at DESC
+        LIMIT 100
+    """
+    
+    anomalies = license_repo.execute_query(query, (license_id,))
+    
+    return jsonify({
+        "license_id": license_id,
+        "total_anomalies": len(anomalies),
+        "anomalies": anomalies
+    })
+
+@app.route('/api/v1/admin/licenses/<license_id>/anomalies/<anomaly_id>/resolve', methods=['POST'])
+@require_admin_auth
+def resolve_anomaly(license_id, anomaly_id):
+    """Mark anomaly as resolved"""
+    data = request.get_json() or {}
+    action_taken = data.get('action_taken', 'Resolved by admin')
+    
+    query = """
+        UPDATE anomaly_detections
+        SET resolved = true, 
+            resolved_at = NOW(),
+            resolved_by = 'admin',
+            action_taken = %s
+        WHERE id = %s AND license_id = %s
+        RETURNING id
+    """
+    
+    result = license_repo.execute_one(query, (action_taken, anomaly_id, license_id))
+    
+    if not result:
+        return jsonify({"error": "Anomaly not found"}), 404
+    
+    return jsonify({"success": True, "message": "Anomaly resolved"})
+
+@app.route('/api/v1/admin/licenses/bulk-create', methods=['POST'])
+@require_admin_auth
+def bulk_create_licenses():
+    """Create multiple licenses at once"""
+    data = request.get_json()
+    
+    if not data or 'licenses' not in data:
+        return jsonify({"error": "Missing licenses array"}), 400
+    
+    schema = CreateLicenseSchema()
+    created_licenses = []
+    errors = []
+    
+    for idx, license_data in enumerate(data['licenses']):
+        try:
+            validated_data = schema.load(license_data)
+            
+            # Generate license key
+            license_key = f"LIC-{secrets.token_urlsafe(16).upper()}"
+            
+            # Calculate expiration
+            expires_at = None
+            if validated_data.get('expires_in_days'):
+                expires_at = datetime.utcnow() + timedelta(days=validated_data['expires_in_days'])
+            
+            # Create license
+            query = """
+                INSERT INTO licenses 
+                    (license_key, customer_id, max_devices, is_active, is_test, expires_at, features, metadata)
+                VALUES (%s, %s, %s, true, %s, %s, %s, %s)
+                RETURNING id
+            """
+            
+            import json
+            license_id = license_repo.execute_insert(query, (
+                license_key,
+                validated_data['customer_id'],
+                validated_data['max_devices'],
+                validated_data['is_test'],
+                expires_at,
+                json.dumps(validated_data['features']),
+                json.dumps(validated_data['metadata'])
+            ))
+            
+            if license_id:
+                created_licenses.append({
+                    "id": license_id,
+                    "license_key": license_key,
+                    "customer_id": validated_data['customer_id']
+                })
+        except Exception as e:
+            errors.append({
+                "index": idx,
+                "error": str(e)
+            })
+    
+    return jsonify({
+        "created": len(created_licenses),
+        "failed": len(errors),
+        "licenses": created_licenses,
+        "errors": errors
+    }), 201 if created_licenses else 400
+
+@app.route('/api/v1/admin/statistics', methods=['GET'])
+@require_admin_auth
+def get_statistics():
+    """Get overall license statistics"""
+    query = """
+        WITH stats AS (
+            SELECT 
+                COUNT(*) as total_licenses,
+                COUNT(*) FILTER (WHERE is_active = true) as active_licenses,
+                COUNT(*) FILTER (WHERE is_test = true) as test_licenses,
+                COUNT(*) FILTER (WHERE expires_at < NOW()) as expired_licenses,
+                COUNT(DISTINCT customer_id) as total_customers
+            FROM licenses
+        ),
+        device_stats AS (
+            SELECT COUNT(DISTINCT hardware_id) as total_devices
+            FROM license_heartbeats
+            WHERE timestamp > NOW() - INTERVAL '15 minutes'
+        ),
+        validation_stats AS (
+            SELECT 
+                COUNT(*) as validations_today,
+                COUNT(DISTINCT license_id) as licenses_used_today
+            FROM license_heartbeats
+            WHERE timestamp > CURRENT_DATE
+        )
+        SELECT * FROM stats, device_stats, validation_stats
+    """
+    
+    stats = license_repo.execute_one(query)
+    
+    return jsonify(stats or {})
+
+@app.errorhandler(404)
+def not_found(error):
+    return jsonify({"error": "Not found"}), 404
+
+@app.errorhandler(500)
+def internal_error(error):
+    logger.error(f"Internal error: {error}")
+    return jsonify({"error": "Internal server error"}), 500
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5004, debug=True)

lizenzserver/services/analytics/__init__.py

@@ -0,0 +1 @@
+# Analytics Service

lizenzserver/services/analytics/app.py

@@ -0,0 +1,478 @@
+import os
+import sys
+from flask import Flask, request, jsonify
+from flask_cors import CORS
+import logging
+from functools import wraps
+from datetime import datetime, timedelta
+import asyncio
+from concurrent.futures import ThreadPoolExecutor
+
+# Add parent directory to path for imports
+sys.path.append(os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))))
+
+from config import get_config
+from repositories.license_repo import LicenseRepository
+from repositories.cache_repo import CacheRepository
+from events.event_bus import EventBus, Event, EventTypes
+from models import AnomalyType, Severity
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# Initialize Flask app
+app = Flask(__name__)
+config = get_config()
+app.config.from_object(config)
+CORS(app)
+
+# Initialize dependencies
+license_repo = LicenseRepository(config.DATABASE_URL)
+cache_repo = CacheRepository(config.REDIS_URL)
+event_bus = EventBus(config.RABBITMQ_URL)
+
+# Thread pool for async operations
+executor = ThreadPoolExecutor(max_workers=10)
+
+def require_auth(f):
+    """Decorator to require authentication"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        api_key = request.headers.get('X-API-Key')
+        
+        if not api_key:
+            return jsonify({"error": "Missing API key"}), 401
+        
+        # Simple validation for now
+        if not api_key.startswith('sk_'):
+            return jsonify({"error": "Invalid API key"}), 401
+        
+        return f(*args, **kwargs)
+    
+    return decorated_function
+
+@app.route('/health', methods=['GET'])
+def health_check():
+    """Health check endpoint"""
+    return jsonify({
+        "status": "healthy",
+        "service": "analytics",
+        "timestamp": datetime.utcnow().isoformat()
+    })
+
+@app.route('/api/v1/analytics/licenses/<license_id>/patterns', methods=['GET'])
+@require_auth
+def analyze_license_patterns(license_id):
+    """Analyze usage patterns for a license"""
+    days = request.args.get('days', 30, type=int)
+    
+    # Get usage data
+    query = """
+        WITH hourly_usage AS (
+            SELECT 
+                DATE_TRUNC('hour', timestamp) as hour,
+                COUNT(*) as validations,
+                COUNT(DISTINCT hardware_id) as devices,
+                COUNT(DISTINCT ip_address) as ips
+            FROM license_heartbeats
+            WHERE license_id = %s
+                AND timestamp > NOW() - INTERVAL '%s days'
+            GROUP BY DATE_TRUNC('hour', timestamp)
+        ),
+        daily_patterns AS (
+            SELECT 
+                EXTRACT(DOW FROM hour) as day_of_week,
+                EXTRACT(HOUR FROM hour) as hour_of_day,
+                AVG(validations) as avg_validations,
+                MAX(devices) as max_devices
+            FROM hourly_usage
+            GROUP BY day_of_week, hour_of_day
+        )
+        SELECT * FROM daily_patterns
+        ORDER BY day_of_week, hour_of_day
+    """
+    
+    patterns = license_repo.execute_query(query, (license_id, days))
+    
+    # Detect anomalies
+    anomalies = detect_usage_anomalies(license_id, patterns)
+    
+    return jsonify({
+        "license_id": license_id,
+        "days_analyzed": days,
+        "patterns": patterns,
+        "anomalies": anomalies
+    })
+
+@app.route('/api/v1/analytics/licenses/<license_id>/anomalies/detect', methods=['POST'])
+@require_auth
+def detect_anomalies(license_id):
+    """Manually trigger anomaly detection for a license"""
+    
+    # Run multiple anomaly detection checks
+    anomalies = []
+    
+    # Check for multiple IPs
+    ip_anomalies = check_multiple_ips(license_id)
+    anomalies.extend(ip_anomalies)
+    
+    # Check for rapid hardware changes
+    hw_anomalies = check_rapid_hardware_changes(license_id)
+    anomalies.extend(hw_anomalies)
+    
+    # Check for concurrent usage
+    concurrent_anomalies = check_concurrent_usage(license_id)
+    anomalies.extend(concurrent_anomalies)
+    
+    # Check for geographic anomalies
+    geo_anomalies = check_geographic_anomalies(license_id)
+    anomalies.extend(geo_anomalies)
+    
+    # Store detected anomalies
+    for anomaly in anomalies:
+        store_anomaly(license_id, anomaly)
+    
+    return jsonify({
+        "license_id": license_id,
+        "anomalies_detected": len(anomalies),
+        "anomalies": anomalies
+    })
+
+@app.route('/api/v1/analytics/licenses/<license_id>/risk-score', methods=['GET'])
+@require_auth
+def get_risk_score(license_id):
+    """Calculate risk score for a license"""
+    
+    # Get recent anomalies
+    query = """
+        SELECT anomaly_type, severity, detected_at
+        FROM anomaly_detections
+        WHERE license_id = %s
+            AND detected_at > NOW() - INTERVAL '30 days'
+            AND resolved = false
+    """
+    
+    anomalies = license_repo.execute_query(query, (license_id,))
+    
+    # Calculate risk score
+    risk_score = 0
+    severity_weights = {
+        'low': 10,
+        'medium': 25,
+        'high': 50,
+        'critical': 100
+    }
+    
+    for anomaly in anomalies:
+        weight = severity_weights.get(anomaly['severity'], 0)
+        # Recent anomalies have higher weight
+        days_old = (datetime.utcnow() - anomaly['detected_at']).days
+        recency_factor = max(0.5, 1 - (days_old / 30))
+        risk_score += weight * recency_factor
+    
+    # Normalize to 0-100
+    risk_score = min(100, risk_score)
+    
+    # Determine risk level
+    if risk_score < 20:
+        risk_level = "low"
+    elif risk_score < 50:
+        risk_level = "medium"
+    elif risk_score < 80:
+        risk_level = "high"
+    else:
+        risk_level = "critical"
+    
+    return jsonify({
+        "license_id": license_id,
+        "risk_score": round(risk_score, 2),
+        "risk_level": risk_level,
+        "active_anomalies": len(anomalies),
+        "factors": anomalies
+    })
+
+@app.route('/api/v1/analytics/reports/usage', methods=['GET'])
+@require_auth
+def generate_usage_report():
+    """Generate usage report for all licenses"""
+    days = request.args.get('days', 30, type=int)
+    
+    query = """
+        WITH license_stats AS (
+            SELECT 
+                l.id,
+                l.license_key,
+                l.customer_id,
+                c.name as customer_name,
+                l.max_devices,
+                l.is_test,
+                l.expires_at,
+                COUNT(DISTINCT lh.hardware_id) as active_devices,
+                COUNT(lh.*) as total_validations,
+                MAX(lh.timestamp) as last_validation
+            FROM licenses l
+            LEFT JOIN customers c ON l.customer_id = c.id
+            LEFT JOIN license_heartbeats lh ON l.id = lh.license_id
+                AND lh.timestamp > NOW() - INTERVAL '%s days'
+            WHERE l.is_active = true
+            GROUP BY l.id, l.license_key, l.customer_id, c.name, l.max_devices, l.is_test, l.expires_at
+        )
+        SELECT 
+            *,
+            CASE 
+                WHEN total_validations = 0 THEN 'inactive'
+                WHEN active_devices > max_devices THEN 'over_limit'
+                WHEN expires_at < NOW() THEN 'expired'
+                ELSE 'active'
+            END as status,
+            ROUND((active_devices::numeric / NULLIF(max_devices, 0)) * 100, 2) as device_utilization
+        FROM license_stats
+        ORDER BY total_validations DESC
+    """
+    
+    report = license_repo.execute_query(query, (days,))
+    
+    # Summary statistics
+    summary = {
+        "total_licenses": len(report),
+        "active_licenses": len([r for r in report if r['status'] == 'active']),
+        "inactive_licenses": len([r for r in report if r['status'] == 'inactive']),
+        "over_limit_licenses": len([r for r in report if r['status'] == 'over_limit']),
+        "expired_licenses": len([r for r in report if r['status'] == 'expired']),
+        "total_validations": sum(r['total_validations'] for r in report),
+        "average_device_utilization": sum(r['device_utilization'] or 0 for r in report) / len(report) if report else 0
+    }
+    
+    return jsonify({
+        "period_days": days,
+        "generated_at": datetime.utcnow().isoformat(),
+        "summary": summary,
+        "licenses": report
+    })
+
+@app.route('/api/v1/analytics/reports/revenue', methods=['GET'])
+@require_auth
+def generate_revenue_report():
+    """Generate revenue analytics report"""
+    # This would need pricing information in the database
+    # For now, return a placeholder
+    return jsonify({
+        "message": "Revenue reporting requires pricing data integration",
+        "placeholder": True
+    })
+
+def detect_usage_anomalies(license_id, patterns):
+    """Detect anomalies in usage patterns"""
+    anomalies = []
+    
+    if not patterns:
+        return anomalies
+    
+    # Calculate statistics
+    validations = [p['avg_validations'] for p in patterns]
+    if validations:
+        avg_validations = sum(validations) / len(validations)
+        max_validations = max(validations)
+        
+        # Detect spikes
+        for pattern in patterns:
+            if pattern['avg_validations'] > avg_validations * 3:
+                anomalies.append({
+                    "type": AnomalyType.SUSPICIOUS_PATTERN.value,
+                    "severity": Severity.MEDIUM.value,
+                    "details": {
+                        "day": pattern['day_of_week'],
+                        "hour": pattern['hour_of_day'],
+                        "validations": pattern['avg_validations'],
+                        "average": avg_validations
+                    }
+                })
+    
+    return anomalies
+
+def check_multiple_ips(license_id):
+    """Check for multiple IP addresses"""
+    query = """
+        SELECT 
+            COUNT(DISTINCT ip_address) as ip_count,
+            array_agg(DISTINCT ip_address) as ips
+        FROM license_heartbeats
+        WHERE license_id = %s
+            AND timestamp > NOW() - INTERVAL '1 hour'
+    """
+    
+    result = license_repo.execute_one(query, (license_id,))
+    anomalies = []
+    
+    if result and result['ip_count'] > config.ANOMALY_MULTIPLE_IPS_THRESHOLD:
+        anomalies.append({
+            "type": AnomalyType.MULTIPLE_IPS.value,
+            "severity": Severity.HIGH.value,
+            "details": {
+                "ip_count": result['ip_count'],
+                "ips": result['ips'][:10],  # Limit to 10 IPs
+                "threshold": config.ANOMALY_MULTIPLE_IPS_THRESHOLD
+            }
+        })
+    
+    return anomalies
+
+def check_rapid_hardware_changes(license_id):
+    """Check for rapid hardware ID changes"""
+    query = """
+        SELECT 
+            hardware_id,
+            created_at
+        FROM activation_events
+        WHERE license_id = %s
+            AND event_type IN ('activation', 'transfer')
+            AND created_at > NOW() - INTERVAL '1 hour'
+            AND success = true
+        ORDER BY created_at DESC
+    """
+    
+    events = license_repo.execute_query(query, (license_id,))
+    anomalies = []
+    
+    if len(events) > 1:
+        # Check time between changes
+        for i in range(len(events) - 1):
+            time_diff = (events[i]['created_at'] - events[i+1]['created_at']).total_seconds() / 60
+            if time_diff < config.ANOMALY_RAPID_HARDWARE_CHANGE_MINUTES:
+                anomalies.append({
+                    "type": AnomalyType.RAPID_HARDWARE_CHANGE.value,
+                    "severity": Severity.HIGH.value,
+                    "details": {
+                        "hardware_ids": [events[i]['hardware_id'], events[i+1]['hardware_id']],
+                        "time_difference_minutes": round(time_diff, 2),
+                        "threshold_minutes": config.ANOMALY_RAPID_HARDWARE_CHANGE_MINUTES
+                    }
+                })
+    
+    return anomalies
+
+def check_concurrent_usage(license_id):
+    """Check for concurrent usage from different devices"""
+    query = """
+        WITH concurrent_sessions AS (
+            SELECT 
+                h1.hardware_id as hw1,
+                h2.hardware_id as hw2,
+                h1.timestamp as time1,
+                h2.timestamp as time2
+            FROM license_heartbeats h1
+            JOIN license_heartbeats h2 ON h1.license_id = h2.license_id
+            WHERE h1.license_id = %s
+                AND h2.license_id = %s
+                AND h1.hardware_id != h2.hardware_id
+                AND h1.timestamp > NOW() - INTERVAL '15 minutes'
+                AND h2.timestamp > NOW() - INTERVAL '15 minutes'
+                AND ABS(EXTRACT(EPOCH FROM h1.timestamp - h2.timestamp)) < 300
+        )
+        SELECT COUNT(*) as concurrent_count
+        FROM concurrent_sessions
+    """
+    
+    result = license_repo.execute_one(query, (license_id, license_id))
+    anomalies = []
+    
+    if result and result['concurrent_count'] > 0:
+        anomalies.append({
+            "type": AnomalyType.CONCURRENT_USE.value,
+            "severity": Severity.CRITICAL.value,
+            "details": {
+                "concurrent_sessions": result['concurrent_count'],
+                "timeframe_minutes": 5
+            }
+        })
+    
+    return anomalies
+
+def check_geographic_anomalies(license_id):
+    """Check for geographic anomalies (requires IP geolocation)"""
+    # This would require IP geolocation service integration
+    # For now, return empty list
+    return []
+
+def store_anomaly(license_id, anomaly):
+    """Store detected anomaly in database"""
+    query = """
+        INSERT INTO anomaly_detections 
+            (license_id, anomaly_type, severity, details)
+        VALUES (%s, %s, %s, %s)
+        ON CONFLICT (license_id, anomaly_type, details) DO NOTHING
+    """
+    
+    import json
+    license_repo.execute_insert(query, (
+        license_id,
+        anomaly['type'],
+        anomaly['severity'],
+        json.dumps(anomaly['details'])
+    ))
+    
+    # Publish event
+    event_bus.publish(Event(
+        EventTypes.ANOMALY_DETECTED,
+        {
+            "license_id": license_id,
+            "anomaly": anomaly
+        },
+        "analytics"
+    ))
+
+@app.route('/api/v1/analytics/dashboard', methods=['GET'])
+@require_auth
+def get_dashboard_data():
+    """Get analytics dashboard data"""
+    query = """
+        WITH current_stats AS (
+            SELECT 
+                COUNT(DISTINCT license_id) as active_licenses,
+                COUNT(DISTINCT hardware_id) as active_devices,
+                COUNT(*) as validations_today
+            FROM license_heartbeats
+            WHERE timestamp > CURRENT_DATE
+        ),
+        anomaly_stats AS (
+            SELECT 
+                COUNT(*) as total_anomalies,
+                COUNT(*) FILTER (WHERE severity = 'critical') as critical_anomalies,
+                COUNT(*) FILTER (WHERE resolved = false) as unresolved_anomalies
+            FROM anomaly_detections
+            WHERE detected_at > CURRENT_DATE - INTERVAL '7 days'
+        ),
+        trend_data AS (
+            SELECT 
+                DATE(timestamp) as date,
+                COUNT(*) as validations,
+                COUNT(DISTINCT license_id) as licenses,
+                COUNT(DISTINCT hardware_id) as devices
+            FROM license_heartbeats
+            WHERE timestamp > CURRENT_DATE - INTERVAL '7 days'
+            GROUP BY DATE(timestamp)
+            ORDER BY date
+        )
+        SELECT 
+            cs.*,
+            ans.*,
+            (SELECT json_agg(td.*) FROM trend_data td) as trends
+        FROM current_stats cs, anomaly_stats ans
+    """
+    
+    dashboard_data = license_repo.execute_one(query)
+    
+    return jsonify(dashboard_data or {})
+
+@app.errorhandler(404)
+def not_found(error):
+    return jsonify({"error": "Not found"}), 404
+
+@app.errorhandler(500)
+def internal_error(error):
+    logger.error(f"Internal error: {error}")
+    return jsonify({"error": "Internal server error"}), 500
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5003, debug=True)