@moontra/moonui-pro 2.32.33 → 2.32.35
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -1
- package/dist/index.global.js +1 -1
- package/dist/index.global.js.map +1 -1
- package/dist/index.mjs +123 -50
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -100,42 +100,26 @@ var init_cli_token_reader = __esm({
|
|
|
100
100
|
return this.instance;
|
|
101
101
|
}
|
|
102
102
|
/**
|
|
103
|
-
* Generate
|
|
104
|
-
*
|
|
103
|
+
* Generate TRULY secure browser-specific device fingerprint
|
|
104
|
+
* COMPLETELY INDEPENDENT from environment variables
|
|
105
|
+
* Format: browser-hostname-browser_user_hash-machine_hash
|
|
106
|
+
*
|
|
107
|
+
* SECURITY: Environment copying CANNOT bypass this!
|
|
105
108
|
*/
|
|
106
109
|
async getDeviceFingerprint() {
|
|
107
110
|
try {
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
platform2 = "win32";
|
|
115
|
-
} else if (userAgent.includes("linux") || userAgent.includes("x11")) {
|
|
116
|
-
platform2 = "linux";
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
let hostname = process.env.NEXT_PUBLIC_MOONUI_HOSTNAME || "localhost";
|
|
120
|
-
if (typeof window !== "undefined" && !process.env.NEXT_PUBLIC_MOONUI_HOSTNAME) {
|
|
121
|
-
if (window.location.hostname !== "localhost" && window.location.hostname !== "127.0.0.1") {
|
|
122
|
-
hostname = window.location.hostname;
|
|
123
|
-
}
|
|
124
|
-
}
|
|
125
|
-
const username = process.env.NEXT_PUBLIC_MOONUI_USERNAME || "dev-user";
|
|
126
|
-
const usernameHash = await this.sha256Hash(username);
|
|
127
|
-
const machineId = await this.generateBrowserMachineId();
|
|
128
|
-
const fingerprint = `${platform2}-${hostname}-${usernameHash}-${machineId}`;
|
|
129
|
-
console.log("[MoonUI Pro] Enhanced browser device fingerprint generated:", {
|
|
111
|
+
const platform2 = this.detectBrowserPlatform();
|
|
112
|
+
const hostname = typeof window !== "undefined" ? window.location.hostname : "unknown";
|
|
113
|
+
const browserUserHash = await this.generateBrowserSpecificUserHash();
|
|
114
|
+
const browserMachineId = await this.generateBrowserMachineId();
|
|
115
|
+
const fingerprint = `browser-${hostname}-${browserUserHash}-${browserMachineId}`;
|
|
116
|
+
console.log("[MoonUI Pro] Environment-independent browser fingerprint generated:", {
|
|
130
117
|
platform: platform2,
|
|
131
118
|
hostname,
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
// Partial logging for privacy
|
|
137
|
-
fingerprint: fingerprint.substring(0, 20) + "***"
|
|
138
|
-
// Partial logging for privacy
|
|
119
|
+
browserUserHash: browserUserHash.substring(0, 4) + "***",
|
|
120
|
+
browserMachineId: browserMachineId.substring(0, 4) + "***",
|
|
121
|
+
fingerprint: fingerprint.substring(0, 30) + "***",
|
|
122
|
+
security: "environment-independent"
|
|
139
123
|
});
|
|
140
124
|
return fingerprint;
|
|
141
125
|
} catch (error) {
|
|
@@ -143,6 +127,56 @@ var init_cli_token_reader = __esm({
|
|
|
143
127
|
return "browser-fallback-device";
|
|
144
128
|
}
|
|
145
129
|
}
|
|
130
|
+
/**
|
|
131
|
+
* Generate browser-specific user hash independent of environment
|
|
132
|
+
* Uses browser characteristics to create unique user identifier
|
|
133
|
+
*/
|
|
134
|
+
async generateBrowserSpecificUserHash() {
|
|
135
|
+
try {
|
|
136
|
+
const characteristics = [
|
|
137
|
+
// Browser identity
|
|
138
|
+
navigator.userAgent,
|
|
139
|
+
navigator.language,
|
|
140
|
+
navigator.languages?.join(",") || "",
|
|
141
|
+
// System characteristics
|
|
142
|
+
`${screen.width}x${screen.height}x${screen.colorDepth}`,
|
|
143
|
+
`${window.devicePixelRatio || 1}`,
|
|
144
|
+
// Hardware info
|
|
145
|
+
`${navigator.hardwareConcurrency || 0}`,
|
|
146
|
+
`${navigator.maxTouchPoints || 0}`,
|
|
147
|
+
// Timezone and locale
|
|
148
|
+
Intl.DateTimeFormat().resolvedOptions().timeZone,
|
|
149
|
+
Intl.DateTimeFormat().resolvedOptions().locale,
|
|
150
|
+
// Browser capabilities
|
|
151
|
+
typeof window.WebGL2RenderingContext !== "undefined" ? "webgl2" : "webgl1",
|
|
152
|
+
typeof window.AudioContext !== "undefined" ? "audio" : "no-audio",
|
|
153
|
+
typeof navigator.serviceWorker !== "undefined" ? "sw" : "no-sw"
|
|
154
|
+
];
|
|
155
|
+
const combined = characteristics.join("|");
|
|
156
|
+
const hash = await this.sha256Hash(combined);
|
|
157
|
+
return hash.substring(0, 8);
|
|
158
|
+
} catch (error) {
|
|
159
|
+
console.warn("[MoonUI Pro] Browser user hash generation failed, using fallback");
|
|
160
|
+
const fallback = `${navigator.userAgent.length}-${screen.width}-${Date.now() % 1e4}`;
|
|
161
|
+
return this.fallbackHash(fallback);
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
/**
|
|
165
|
+
* Detect platform in browser environment (CLI compatible)
|
|
166
|
+
*/
|
|
167
|
+
detectBrowserPlatform() {
|
|
168
|
+
if (typeof window === "undefined")
|
|
169
|
+
return "unknown";
|
|
170
|
+
const userAgent = navigator.userAgent.toLowerCase();
|
|
171
|
+
if (userAgent.includes("mac") || userAgent.includes("darwin")) {
|
|
172
|
+
return "darwin";
|
|
173
|
+
} else if (userAgent.includes("win") || userAgent.includes("windows")) {
|
|
174
|
+
return "win32";
|
|
175
|
+
} else if (userAgent.includes("linux") || userAgent.includes("x11")) {
|
|
176
|
+
return "linux";
|
|
177
|
+
}
|
|
178
|
+
return "unknown";
|
|
179
|
+
}
|
|
146
180
|
/**
|
|
147
181
|
* Generate browser-specific machine ID using multiple browser characteristics
|
|
148
182
|
* This prevents token sharing between different browsers/machines
|
|
@@ -250,6 +284,32 @@ var init_cli_token_reader = __esm({
|
|
|
250
284
|
return "audio-error";
|
|
251
285
|
}
|
|
252
286
|
}
|
|
287
|
+
/**
|
|
288
|
+
* Validate device compatibility (CLI vs Browser)
|
|
289
|
+
* CLI: platform-hostname-userHash-macHash
|
|
290
|
+
* Browser: platform-hostname-userHash-browserHash
|
|
291
|
+
* Compatible if first 3 parts match
|
|
292
|
+
*/
|
|
293
|
+
validateDeviceCompatibility(tokenDeviceId, currentDeviceId) {
|
|
294
|
+
const tokenParts = tokenDeviceId.split("-");
|
|
295
|
+
const currentParts = currentDeviceId.split("-");
|
|
296
|
+
if (tokenParts.length < 3 || currentParts.length < 3) {
|
|
297
|
+
return { compatible: false, reason: "Invalid device ID format" };
|
|
298
|
+
}
|
|
299
|
+
const platformMatch = tokenParts[0] === currentParts[0];
|
|
300
|
+
const hostnameMatch = tokenParts[1] === currentParts[1];
|
|
301
|
+
const userHashMatch = tokenParts[2] === currentParts[2];
|
|
302
|
+
if (!platformMatch) {
|
|
303
|
+
return { compatible: false, reason: "Platform mismatch (different OS)" };
|
|
304
|
+
}
|
|
305
|
+
if (!hostnameMatch) {
|
|
306
|
+
return { compatible: false, reason: "Hostname mismatch (different machine)" };
|
|
307
|
+
}
|
|
308
|
+
if (!userHashMatch) {
|
|
309
|
+
return { compatible: false, reason: "User account mismatch" };
|
|
310
|
+
}
|
|
311
|
+
return { compatible: true };
|
|
312
|
+
}
|
|
253
313
|
/**
|
|
254
314
|
* SHA256 hash function for consistency with CLI
|
|
255
315
|
* Returns first 8 characters of SHA256 hex digest
|
|
@@ -296,9 +356,9 @@ var init_cli_token_reader = __esm({
|
|
|
296
356
|
}
|
|
297
357
|
}
|
|
298
358
|
/**
|
|
299
|
-
* Validate token with backend API
|
|
359
|
+
* Validate token with backend API using strict dual device validation
|
|
300
360
|
*/
|
|
301
|
-
async validateWithAPI(token,
|
|
361
|
+
async validateWithAPI(token, tokenDeviceId, browserDeviceId) {
|
|
302
362
|
try {
|
|
303
363
|
const response = await fetch("https://moonui.dev/api/cli/validate-session", {
|
|
304
364
|
method: "POST",
|
|
@@ -307,8 +367,13 @@ var init_cli_token_reader = __esm({
|
|
|
307
367
|
"Content-Type": "application/json"
|
|
308
368
|
},
|
|
309
369
|
body: JSON.stringify({
|
|
310
|
-
deviceId,
|
|
311
|
-
|
|
370
|
+
deviceId: tokenDeviceId,
|
|
371
|
+
// CLI device ID from token
|
|
372
|
+
browserDeviceId,
|
|
373
|
+
// Current browser device ID
|
|
374
|
+
timestamp: Date.now(),
|
|
375
|
+
validationType: "hybrid-strict"
|
|
376
|
+
// New validation type
|
|
312
377
|
})
|
|
313
378
|
});
|
|
314
379
|
if (!response.ok) {
|
|
@@ -342,23 +407,29 @@ var init_cli_token_reader = __esm({
|
|
|
342
407
|
}
|
|
343
408
|
const currentDeviceId = await this.getDeviceFingerprint();
|
|
344
409
|
const tokenDeviceId = tokenData.deviceId;
|
|
345
|
-
console.log("[MoonUI Pro]
|
|
346
|
-
currentDevice: currentDeviceId,
|
|
347
|
-
tokenDevice: tokenDeviceId,
|
|
348
|
-
matches: currentDeviceId === tokenDeviceId
|
|
410
|
+
console.log("[MoonUI Pro] Hybrid device compatibility check:", {
|
|
411
|
+
currentDevice: currentDeviceId.substring(0, 25) + "***",
|
|
412
|
+
tokenDevice: tokenDeviceId.substring(0, 25) + "***"
|
|
349
413
|
});
|
|
350
|
-
if (tokenDeviceId
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
414
|
+
if (tokenDeviceId) {
|
|
415
|
+
const compatibility = this.validateDeviceCompatibility(tokenDeviceId, currentDeviceId);
|
|
416
|
+
if (!compatibility.compatible) {
|
|
417
|
+
console.error("[MoonUI Pro] Device compatibility check failed!");
|
|
418
|
+
console.error("[MoonUI Pro] Reason:", compatibility.reason);
|
|
419
|
+
console.error("[MoonUI Pro] This indicates:");
|
|
420
|
+
console.log(" \u2022 Token was created on a different machine or user account");
|
|
421
|
+
console.log(" \u2022 .env.local file may have been copied from another device");
|
|
422
|
+
console.log(" \u2022 Different hostname or user profile detected");
|
|
423
|
+
console.log("[MoonUI Pro] Solutions:");
|
|
424
|
+
console.log(' \u2022 Run "moonui login" on this device to create a new session');
|
|
425
|
+
console.log(" \u2022 Ensure you are using the correct user account");
|
|
426
|
+
console.log(" \u2022 Verify hostname matches the original login device");
|
|
427
|
+
console.log(" \u2022 Contact support for multi-device licensing options");
|
|
428
|
+
return null;
|
|
429
|
+
}
|
|
430
|
+
console.log("[MoonUI Pro] Device compatibility validated successfully");
|
|
360
431
|
}
|
|
361
|
-
const isValid2 = await this.validateWithAPI(tokenData.token, tokenDeviceId
|
|
432
|
+
const isValid2 = await this.validateWithAPI(tokenData.token, tokenDeviceId, currentDeviceId);
|
|
362
433
|
if (!isValid2) {
|
|
363
434
|
console.error("[MoonUI Pro] Device session validation failed");
|
|
364
435
|
console.log("[MoonUI Pro] This may happen if:");
|
|
@@ -366,6 +437,8 @@ var init_cli_token_reader = __esm({
|
|
|
366
437
|
console.log(" \u2022 Device limit exceeded");
|
|
367
438
|
console.log(" \u2022 Session expired");
|
|
368
439
|
console.log(" \u2022 Device was revoked from dashboard");
|
|
440
|
+
console.log(" \u2022 Token was copied from another device (strict security)");
|
|
441
|
+
console.log(" \u2022 Browser fingerprint doesn't match session");
|
|
369
442
|
console.log(' \u2022 Run "moonui login" to create a new session');
|
|
370
443
|
return null;
|
|
371
444
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@moontra/moonui-pro",
|
|
3
|
-
"version": "2.32.
|
|
3
|
+
"version": "2.32.35",
|
|
4
4
|
"description": "Premium React components for MoonUI - Advanced UI library with 50+ pro components including performance, interactive, and gesture components",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.mjs",
|