strapi-plugin-magic-link-v5 4.0.17 → 4.2.0

package/COPYRIGHT_NOTICE.txt

@@ -0,0 +1,20 @@
+/**
+ * Magic Link - Passwordless Authentication for Strapi
+ * 
+ * Copyright (c) 2025 [Dein Name/Firma]
+ * All Rights Reserved.
+ * 
+ * PROPRIETARY AND CONFIDENTIAL
+ * 
+ * This file is part of Magic Link plugin for Strapi.
+ * 
+ * Unauthorized copying, modification, distribution, or use of this software
+ * via any medium is strictly prohibited without prior written permission.
+ * 
+ * This software is licensed under a proprietary commercial license.
+ * See LICENSE file for full terms.
+ * 
+ * For licensing inquiries: [Deine Email]
+ * Website: [Deine Website]
+ */
+

package/LICENSE

@@ -0,0 +1,48 @@
+PROPRIETARY LICENSE AGREEMENT
+
+Copyright (c) 2025 [Dein Name/Firma]
+
+This software and associated documentation files (the "Software") are proprietary 
+and confidential. All rights reserved.
+
+TERMS AND CONDITIONS:
+
+1. LICENSE GRANT
+   This Software is licensed, not sold. Subject to payment of applicable license 
+   fees and compliance with these terms, you are granted a limited, non-exclusive, 
+   non-transferable license to use the Software.
+
+2. RESTRICTIONS
+   You may NOT:
+   - Copy, modify, or distribute the Software
+   - Reverse engineer, decompile, or disassemble the Software
+   - Remove or modify any proprietary notices or labels
+   - Use the Software for any unlicensed purpose
+   - Share your license key with unauthorized parties
+   - Host the Software on multiple servers without appropriate licensing
+
+3. INTELLECTUAL PROPERTY
+   All title, ownership rights, and intellectual property rights in and to the 
+   Software remain with the copyright holder. The Software is protected by 
+   copyright laws and international treaty provisions.
+
+4. TERMINATION
+   This license is effective until terminated. Your rights under this license 
+   will terminate automatically without notice if you fail to comply with any 
+   term of this license.
+
+5. WARRANTY DISCLAIMER
+   THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+   IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS 
+   FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+
+6. LIMITATION OF LIABILITY
+   IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR 
+   OTHER LIABILITY ARISING FROM THE USE OF THE SOFTWARE.
+
+7. LICENSE PURCHASE
+   To obtain a valid license, visit: [Deine Website]
+   Each license is subject to separate terms and pricing.
+
+For licensing inquiries, contact: [Deine Email]
+

package/LICENSE-DUAL.md

@@ -0,0 +1,37 @@
+# DUAL LICENSE
+
+This software is available under a dual licensing model.
+
+## 1. GNU AFFERO GENERAL PUBLIC LICENSE (AGPL-3.0)
+
+If you are creating an open-source application under a license compatible with 
+the GNU AGPL-3.0, you may use this software under those terms.
+
+**Key Requirements:**
+- You MUST make your complete source code available
+- You MUST license your application under AGPL-3.0
+- Network use counts as distribution (you must share code even for SaaS)
+- You MUST provide prominent notice and attribution
+
+See: https://www.gnu.org/licenses/agpl-3.0.html
+
+## 2. COMMERCIAL LICENSE
+
+If you want to use this software in a proprietary/commercial application 
+WITHOUT the obligations of AGPL-3.0, you must purchase a commercial license.
+
+**Commercial License Benefits:**
+- No obligation to open-source your code
+- Can be used in proprietary/closed-source applications
+- Can be used in SaaS without sharing code
+- Priority support and updates
+- No copyleft requirements
+
+**Purchase:** [Deine Website]
+**Contact:** [Deine Email]
+
+---
+
+**Note:** Using this software without a valid license (either AGPL-3.0 compliance 
+or commercial license) is copyright infringement and will be prosecuted.
+

package/LICENSE_GUARD.md

@@ -0,0 +1,323 @@
+# Magic Link License Guard
+
+Der License Guard schützt und verwaltet das Magic Link Plugin über das bestehende License API System.
+
+## 🚀 Features
+
+- ✅ **Automatische Lizenz-Initialisierung** beim Plugin-Start
+- ✅ **Auto-Ping alle 15 Minuten** für Online-Tracking
+- ✅ **Geräteerkennung** (DeviceID, DeviceName, IP, UserAgent)
+- ✅ **Grace Period Support** (24h Offline-Nutzung)
+- ✅ **Admin-Endpoints** für Lizenzverwaltung
+- ✅ **Automatisches Cleanup** beim Plugin-Stop
+
+## 📋 Wie es funktioniert
+
+### 1. Beim Plugin-Start
+
+```
+Plugin startet → License Guard initialisiert
+                ↓
+Lizenzschlüssel im Store? 
+    ↓ JA                    ↓ NEIN
+Verifizieren             Demo-Mode
+    ↓                        ↓
+Gültig?                   Warnung anzeigen
+    ↓ JA      ↓ NEIN
+Ping starten   Demo-Mode
+```
+
+### 2. Automatisches Pinging
+
+Alle 15 Minuten sendet der Guard automatisch:
+```json
+POST /api/licenses/ping
+{
+  "licenseKey": "A1B2-C3D4-E5F6-G7H8"
+}
+```
+
+Dies aktualisiert:
+- `lastPingAt` - Aktueller Zeitstempel
+- `lastActiveAt` - Aktivitäts-Tracker
+- `isOnline` - Online-Status basierend auf Grace Period
+
+## 🎯 Verwendung
+
+### Option 1: Lizenz über API erstellen
+
+```bash
+curl -X POST http://localhost:1337/api/licenses/create \
+  -H "Content-Type: application/json" \
+  -d '{
+    "email": "admin@example.com",
+    "firstName": "Admin",
+    "lastName": "User",
+    "deviceName": "Server-01",
+    "deviceId": "device-abc-123",
+    "ipAddress": "192.168.1.100",
+    "userAgent": "Strapi/5.11.2"
+  }'
+```
+
+**Response:**
+```json
+{
+  "success": true,
+  "message": "License created successfully",
+  "data": {
+    "id": 1,
+    "licenseKey": "A1B2-C3D4-E5F6-G7H8",
+    "email": "admin@example.com",
+    "isActive": true,
+    ...
+  }
+}
+```
+
+Der License Guard erkennt automatisch die neue Lizenz beim nächsten Start!
+
+### Option 2: Auto-Create über Admin-Endpoint
+
+```bash
+curl -X POST http://localhost:1337/magic-link/license/auto-create
+```
+
+Erstellt automatisch eine Lizenz mit Standard-Daten und aktiviert sie sofort.
+
+### Option 3: Programmatisch erstellen
+
+```javascript
+// Im Strapi-Code oder Terminal
+await strapi
+  .plugin('magic-link')
+  .service('license-guard')
+  .autoCreateLicense('your@email.com', 'First', 'Last');
+```
+
+## 📡 Admin-Endpoints
+
+Alle Endpoints sind unter `/magic-link/...` verfügbar:
+
+| Endpoint | Methode | Beschreibung |
+|----------|---------|--------------|
+| `/license/status` | GET | Aktueller Lizenz-Status |
+| `/license/create` | POST | Lizenz erstellen & aktivieren |
+| `/license/auto-create` | POST | Auto-Lizenz mit Defaults |
+| `/license/ping` | POST | Manueller Ping |
+| `/license/stats` | GET | Online-Statistiken |
+| `/license/deactivate` | POST | Lizenz deaktivieren |
+
+### Beispiele
+
+**Status abfragen:**
+```bash
+curl http://localhost:1337/magic-link/license/status
+```
+
+**Response:**
+```json
+{
+  "success": true,
+  "valid": true,
+  "data": {
+    "licenseKey": "A1B2-C3D4-E5F6-G7H8",
+    "isActive": true,
+    "isExpired": false,
+    "isOnline": true,
+    "expiresAt": "2026-10-13T10:00:00.000Z",
+    "lastPingAt": "2025-10-13T21:00:00.000Z",
+    "deviceName": "MacBook-Pro.local",
+    "features": {
+      "premium": true,
+      "advanced": false,
+      "enterprise": false,
+      "custom": false
+    },
+    "maxDevices": 1,
+    "currentDevices": 1
+  }
+}
+```
+
+**Manuelle Ping:**
+```bash
+curl -X POST http://localhost:1337/magic-link/license/ping
+```
+
+**Online-Statistiken:**
+```bash
+curl http://localhost:1337/magic-link/license/stats
+```
+
+## 🔧 Gesammelte Daten
+
+Der License Guard sammelt automatisch:
+
+### Device Information
+- **DeviceID**: SHA256-Hash von MAC-Adressen + Hostname
+- **DeviceName**: System-Hostname (z.B. "MacBook-Pro.local")
+- **IP Address**: Server-IP (erste nicht-interne IPv4)
+- **User Agent**: "Strapi/{version} Node/{version} {platform}/{release}"
+
+### Beispiel gesammelte Daten:
+```javascript
+{
+  deviceId: "a3f8e92c1d4b5e6f7a8b9c0d1e2f3a4b",
+  deviceName: "MacBook-Pro.local",
+  ipAddress: "192.168.1.100",
+  userAgent: "Strapi/5.11.2 Node/v20.11.0 darwin/23.0.0"
+}
+```
+
+## 📊 Console Output
+
+Beim Plugin-Start siehst du eine dieser Meldungen:
+
+### ✅ Lizenz aktiv:
+```
+╔════════════════════════════════════════════════════════════════╗
+║  ✅ MAGIC LINK PLUGIN LICENSE ACTIVE                           ║
+║                                                                ║
+║  License: A1B2-C3D4-E5F6-G7H8                                  ║
+║  User: Max Mustermann                                          ║
+║  Email: max@example.com                                        ║
+║                                                                ║
+║  🔄 Auto-pinging every 15 minutes                              ║
+╚════════════════════════════════════════════════════════════════╝
+```
+
+### ⚠️ Demo-Mode:
+```
+╔════════════════════════════════════════════════════════════════╗
+║  ⚠️  MAGIC LINK PLUGIN RUNNING IN DEMO MODE                   ║
+║                                                                ║
+║  To activate, create a license:                                ║
+║  POST http://localhost:1337/api/licenses/create                ║
+║                                                                ║
+║  Or auto-create with:                                          ║
+║  strapi.plugin("magic-link").service("license-guard")          ║
+║         .autoCreateLicense("your@email.com", "First", "Last")  ║
+╚════════════════════════════════════════════════════════════════╝
+```
+
+## 🔄 Lifecycle
+
+### Bootstrap (Plugin Start)
+1. License Guard Service wird geladen
+2. Nach 3 Sekunden: Initialize()
+3. Prüfe auf gespeicherten Lizenzschlüssel
+4. Verifiziere Lizenz
+5. Starte Auto-Ping (alle 15 Min)
+
+### Destroy (Plugin Stop)
+1. Stoppe Ping-Interval
+2. Cleanup-Log
+
+## 💻 Integration in dein Plugin
+
+### Lizenz-Status im Admin-Panel anzeigen
+
+Erstelle eine Settings-Seite mit Lizenz-Info:
+
+```javascript
+// In deiner Settings-Component
+const { data: licenseStatus } = await get('/magic-link/license/status');
+
+if (licenseStatus.valid) {
+  console.log('✅ License active:', licenseStatus.data.licenseKey);
+  console.log('Features:', licenseStatus.data.features);
+} else {
+  console.log('⚠️ Demo mode or invalid license');
+}
+```
+
+### Lizenz erstellen aus dem Admin-Panel
+
+```javascript
+const createLicense = async () => {
+  const response = await post('/magic-link/license/create', {
+    email: 'user@example.com',
+    firstName: 'John',
+    lastName: 'Doe',
+  });
+
+  if (response.data.success) {
+    console.log('License created:', response.data.data.licenseKey);
+  }
+};
+```
+
+## 🔐 Sicherheit
+
+- ✅ **DeviceID ist persistent** - Basiert auf Hardware
+- ✅ **Eindeutige Identifikation** - SHA256-Hash
+- ✅ **Keine Speicherung sensibler Daten** - Nur Hashes
+- ✅ **GDPR-konform** - User-Daten anonymisiert
+
+## 🛠 Troubleshooting
+
+### Plugin startet im Demo-Mode
+
+**Ursache:** Keine Lizenz gefunden oder Lizenz ungültig
+
+**Lösung:**
+```bash
+# Option 1: Auto-Create
+curl -X POST http://localhost:1337/magic-link/license/auto-create
+
+# Option 2: Manuell über License API
+curl -X POST http://localhost:1337/api/licenses/create \
+  -H "Content-Type: application/json" \
+  -d '{"email":"admin@localhost","firstName":"Admin","lastName":"User"}'
+
+# Option 3: Im Strapi Terminal
+await strapi.plugin('magic-link').service('license-guard')
+  .autoCreateLicense('admin@example.com', 'Admin', 'User');
+```
+
+### Pinging funktioniert nicht
+
+**Prüfen:**
+```bash
+# Manueller Ping
+curl -X POST http://localhost:1337/magic-link/license/ping
+
+# Status prüfen
+curl http://localhost:1337/magic-link/license/status
+```
+
+### Lizenz als "offline" markiert
+
+- Grace Period ist abgelaufen (>24h kein Ping)
+- Pinging wurde gestoppt
+- Netzwerk-Probleme
+
+**Lösung:** Einmal pingen → `isOnline` wird wieder auf `true` gesetzt
+
+## 📚 Logs
+
+Der License Guard loggt:
+
+```
+[INFO] 🔐 Initializing License Guard...
+[INFO] 📄 Found existing license key: A1B2-C3D4-E5F6-G7H8
+[INFO] ✅ License is valid and active
+[INFO] 📡 Started pinging license every 15 minutes
+[DEBUG] 📡 License ping successful: A1B2-C3D4-E5F6-G7H8
+[INFO] 🛑 License pinging stopped
+```
+
+## 🎉 Fertig!
+
+Der License Guard läuft nun automatisch im Hintergrund:
+- ✅ Verifiziert beim Start
+- ✅ Pingt alle 15 Minuten
+- ✅ Tracked Online-Status
+- ✅ Bereit für Production
+
+Für weitere Informationen siehe:
+- `/src/api/license/README.md` - License API Dokumentation
+- `/src/api/license/TRACKING.md` - Tracking-Details
+- `/src/api/license/SUMMARY.md` - Zusammenfassung
+

package/README.md

@@ -2,6 +2,25 @@
 
 A secure passwordless authentication solution for Strapi, allowing users to log in via email links without requiring passwords.
 
+---
+
+## ⚠️ LICENSE & USAGE NOTICE
+
+**This is proprietary commercial software.** 
+
+- ❌ **NOT** open source or free to use
+- ❌ **NOT** licensed under MIT, Apache, or similar permissive licenses
+- ✅ Requires a **valid commercial license** for production use
+- ✅ Source code is visible for transparency and evaluation only
+
+**Using this software without a valid license is copyright infringement.**
+
+📄 See [LICENSE](./LICENSE) for full terms  
+💼 Purchase a license: [Your Website]  
+📧 Questions? Contact: [Your Email]
+
+---
+
 ![Magic Link Overview](pics/pic6.png)
 
 ## Core Features!
@@ -31,6 +50,29 @@ yarn add begservice/strapi-magic-link
 
 After installation, restart your Strapi server and the plugin will be available in the admin panel.
 
+## License Server
+
+This plugin uses a **centralized license server** for validation and activation.
+
+### How It Works
+
+- The plugin connects to a fixed license server URL for all license operations
+- License keys are validated against this server
+- The server URL is hardcoded for security (cannot be changed by end users)
+- Supports **24-hour grace period** for offline operation
+
+### For Developers (Development Mode)
+
+During development, you can override the license server URL:
+
+```bash
+# .env file
+LICENSE_SERVER_URL=http://localhost:1337
+NODE_ENV=development
+```
+
+**Note**: This override only works in development mode for testing purposes.
+
 ## How It Works
 
 ### Email User with Login Link

package/SECURITY.md

@@ -0,0 +1,79 @@
+# Security & License Protection
+
+## License Enforcement
+
+This software includes multiple layers of license protection:
+
+### 1. Backend License Check
+- API endpoints are protected by `license-check` policy
+- All requests are validated against active license
+- Invalid/expired licenses are rejected with 401 status
+
+### 2. Frontend License Guard
+- Admin UI displays activation modal without valid license
+- Prevents unauthorized UI access
+- Requires license activation before use
+
+### 3. License Verification
+- License keys are validated against central license database
+- Regular "ping" mechanism ensures license is active
+- Offline grace period for temporary network issues
+
+## Anti-Piracy Measures
+
+### Current Protection:
+1. **License Key Validation**: Server-side verification
+2. **Device Binding**: License tied to specific server instances
+3. **Online Checks**: Regular validation against license server
+4. **IP Tracking**: Monitor and limit license usage by IP
+5. **Audit Logging**: All license operations are logged
+
+### Additional Recommendations:
+
+#### Code Obfuscation (Optional)
+Consider obfuscating critical parts of the code:
+```bash
+npm install javascript-obfuscator --save-dev
+```
+
+#### API Key Protection
+Never commit license server API credentials to git:
+```bash
+# Add to .env
+LICENSE_SERVER_URL=https://your-license-server.com
+LICENSE_API_KEY=your-secret-key
+```
+
+#### Monitoring
+Set up monitoring for:
+- Unusual license activation patterns
+- Multiple IPs using same license
+- Attempts to bypass license checks
+
+## Reporting License Violations
+
+If you discover unauthorized use of this software:
+
+**Email:** [Your Email]
+**Subject:** License Violation Report
+
+Include:
+- URL or location where unauthorized use was found
+- Screenshots/evidence
+- Any relevant information
+
+We take license violations seriously and will pursue legal action when necessary.
+
+## Legal Notice
+
+Unauthorized use, copying, or distribution of this software constitutes:
+- Copyright infringement
+- Breach of software license agreement
+- Potential criminal violation under applicable laws
+
+Violators will be prosecuted to the fullest extent of the law.
+
+---
+
+**Last Updated:** 2025-01-13
+

package/admin/src/components/Initializer.jsx

@@ -1,6 +1,5 @@
 import { useEffect, useRef } from 'react';
-
-import { PLUGIN_ID } from '../pluginId';
+import pluginId from '../pluginId';
 
 /**
  * @type {import('react').FC<{ setPlugin: (id: string) => void }>}
@@ -9,10 +8,11 @@ const Initializer = ({ setPlugin }) => {
   const ref = useRef(setPlugin);
 
   useEffect(() => {
-    ref.current(PLUGIN_ID);
+    ref.current(pluginId);
   }, []);
 
   return null;
 };
 
 export { Initializer };
+export default Initializer;

package/admin/src/components/LanguageProvider.jsx

@@ -0,0 +1,54 @@
+import React, { createContext, useContext, useState, useEffect } from 'react';
+import { IntlProvider } from 'react-intl';
+import enTranslations from '../translations/en.json';
+import deTranslations from '../translations/de.json';
+
+const LanguageContext = createContext();
+
+export const usePluginLanguage = () => {
+  const context = useContext(LanguageContext);
+  if (!context) {
+    throw new Error('usePluginLanguage must be used within LanguageProvider');
+  }
+  return context;
+};
+
+const translations = {
+  en: enTranslations,
+  de: deTranslations,
+};
+
+export const LanguageProvider = ({ children }) => {
+  const [currentLanguage, setCurrentLanguage] = useState(() => {
+    return localStorage.getItem('magic-link-language') || 'en';
+  });
+
+  const changeLanguage = (newLang) => {
+    setCurrentLanguage(newLang);
+    localStorage.setItem('magic-link-language', newLang);
+  };
+
+  const value = {
+    language: currentLanguage,
+    changeLanguage,
+    t: (key) => {
+      const messages = translations[currentLanguage] || translations.en;
+      return messages[key] || key;
+    },
+  };
+
+  return (
+    <LanguageContext.Provider value={value}>
+      <IntlProvider
+        locale={currentLanguage}
+        messages={translations[currentLanguage]}
+        defaultLocale="en"
+      >
+        {children}
+      </IntlProvider>
+    </LanguageContext.Provider>
+  );
+};
+
+export default LanguageProvider;
+