IntelSight/Hetzner-Backup
3
0
Fork 0
Code Issues Pull-Requests Actions Pakete Projekte Releases Wiki Aktivität
Dateien
1b5b7d0381a8e2e7f46498a3502851daf981afd8
Hetzner-Backup/v2_adminpanel/TODO_LIZENZSERVER_CONFIG.md
UserIsMH b420452551 lizenzserver API gedöns
2025-06-22 00:53:05 +02:00

6.8 KiB
Originalformat Blame Verlauf

Lizenzserver Konfiguration Implementation

Overview

COMPLETED: Implemented client configuration management and single-session enforcement for Account Forger software.

Implementation Status (2025-06-21)

License activation works (consumes device slots) Basic verification exists at /api/license/verify Heartbeat system implemented (30-second intervals) Single-session enforcement implemented Admin panel has full UI and backend for "Lizenzserver Konfiguration" Session management and monitoring Automatic cleanup of expired sessions

Requirements

  1. Single Session Enforcement: Only one device can run the software at a time (even if activated on multiple devices)
  2. Heartbeat System: 30-second heartbeats to track active sessions
  3. Version Management: Control minimum supported version and update notifications
  4. Client Configuration: Manage Account Forger settings from admin panel

Completed Features

1. Database Schema

Admin Panel Database

-- Client configuration (one row for Account Forger)
CREATE TABLE client_configs (
    id SERIAL PRIMARY KEY,
    client_name VARCHAR(100) NOT NULL DEFAULT 'Account Forger',
    api_key VARCHAR(255) NOT NULL,
    heartbeat_interval INTEGER DEFAULT 30, -- seconds
    session_timeout INTEGER DEFAULT 60, -- seconds (2x heartbeat)
    current_version VARCHAR(20) NOT NULL,
    minimum_version VARCHAR(20) NOT NULL,
    download_url TEXT,
    whats_new TEXT,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

-- Active sessions tracking
CREATE TABLE active_sessions (
    id SERIAL PRIMARY KEY,
    license_id INTEGER REFERENCES licenses(id) ON DELETE CASCADE,
    hardware_id VARCHAR(255) NOT NULL,
    ip_address INET,
    client_version VARCHAR(20),
    session_token VARCHAR(255) UNIQUE NOT NULL,
    started_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    last_heartbeat TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    UNIQUE(license_id) -- Only one active session per license
);

-- Session history for debugging
CREATE TABLE session_history (
    id SERIAL PRIMARY KEY,
    license_id INTEGER REFERENCES licenses(id) ON DELETE CASCADE,
    hardware_id VARCHAR(255) NOT NULL,
    ip_address INET,
    client_version VARCHAR(20),
    started_at TIMESTAMP,
    ended_at TIMESTAMP,
    end_reason VARCHAR(50) -- 'normal', 'timeout', 'forced', 'replaced'
);

2. License Server Endpoints

Implemented endpoints in /v2_lizenzserver/app/api/license.py:

  1. POST /api/license/session/start

    • Input: license_key, machine_id, hardware_hash, version
    • Check: License valid? Already active session?
    • If active session exists: Return error "Es ist nur eine Sitzung erlaubt, stelle sicher, dass nirgendwo sonst das Programm läuft"
    • If no session: Create session, return session_token and version info
    • Response includes: session_token, whats_new (if newer version), download_url

  2. POST /api/license/session/heartbeat

    • Input: session_token, license_key
    • Update last_heartbeat timestamp
    • Return: success status

  3. POST /api/license/session/end

    • Input: session_token
    • Mark session as ended
    • Log to session_history

  4. Background job: Clean up sessions older than 60 seconds without heartbeat

3. Admin Panel Implementation

Implemented routes in /v2_adminpanel/routes/admin_routes.py:

  1. GET /lizenzserver/config

    • Show current client configuration
    • Display active sessions count

  2. POST /lizenzserver/config/update

    • Update version, download URL, what's new
    • Update minimum supported version

  3. GET /lizenzserver/sessions

    • List all active sessions
    • Show: License key, Customer name, Hardware ID, IP, Started at, Last heartbeat

  4. POST /lizenzserver/sessions/{session_id}/terminate

    • Force close a session (admin only: rac00n, w@rh@mm3r)

  5. GET /lizenzserver/config/client/new

    • Shows client configuration page
    • Handles initial client config and updates

4. Security

  • API key required for all client requests
  • License key validates ownership
  • Hardware ID ensures device authenticity
  • Session tokens prevent replay attacks

5. Client Flow

  1. Startup:

    POST /api/license/session/start
-> Get session_token or error
-> Show version update if available

  2. Running (every 30 seconds):

    POST /api/license/session/heartbeat
-> Keep session alive

  3. Shutdown:

    POST /api/license/session/end
-> Clean session exit

6. Error Handling

  • Network interruption: Session expires after 60s
  • Software crash: Session expires after 60s
  • Multiple launch attempts: Show error message
  • Version too old: Block with message to update

7. Admin Features

  • View active sessions
  • Force terminate sessions
  • Update version requirements
  • View session history (last 24h)
  • Manage client configuration

Implementation Completed

  1. Created database tables (client_configs, license_sessions, session_history)
  2. Implemented session management in license server
  3. Added heartbeat endpoint
  4. Created admin panel routes for configuration
  5. Implemented session viewing/management with terminate capability
  6. Added background cleanup job (runs every 60 seconds)
  7. Ready for testing with Account Forger client

Implementation Notes

  • YAGNI: One global config for all Account Forger instances
  • No per-customer settings
  • No grace period for session reclaim
  • Generic error messages (no "who's using it" info)
  • Version format: 1.0.0
  • Session tokens: UUID format
  • Background cleanup: Every 60 seconds
  • API Key: Single global key stored in client_configs

UI Improvements (2025-06-21)

Single-Page Administration

  • Merged all configuration into the main administration page
  • Removed separate "Account Forger Konfiguration" page
  • Removed "Neuer Client" button (not needed with single global config)

Account Forger Configuration Section

  • Inline version management (current and minimum version)
  • API key display with copy-to-clipboard functionality
  • Removed download_url and whats_new fields (handled elsewhere)
  • Direct save without page navigation

Live Session Monitor

  • Real-time session count with badge
  • Mini table showing last 5 active sessions
  • Auto-refresh every 30 seconds via AJAX
  • "Alle anzeigen" link to full session management page

Technical Settings

  • Feature flags in collapsible accordion
  • Rate limits in collapsible accordion
  • Clean separation between daily operations and technical settings

Database Schema Updates

  • Removed download_url column from client_configs
  • Removed whats_new column from client_configs
  • Simplified to only essential configuration fields
In neuem Issue referenzieren Git Blame ansehen Permalink kopieren