strapi-plugin-magic-link-v5 4.3.1 → 4.4.0

package/COPYRIGHT_NOTICE.txt

@@ -1,20 +1,19 @@
 /**
  * Magic Link - Passwordless Authentication for Strapi
  * 
- * Copyright (c) 2025 [Dein Name/Firma]
- * All Rights Reserved.
+ * Copyright (c) 2025 Schero A. (begservice)
  * 
- * PROPRIETARY AND CONFIDENTIAL
+ * Licensed under the MIT License
  * 
- * This file is part of Magic Link plugin for Strapi.
+ * This plugin is free to use for personal and commercial projects.
  * 
- * Unauthorized copying, modification, distribution, or use of this software
- * via any medium is strictly prohibited without prior written permission.
+ * IMPORTANT RESTRICTION:
+ * The license validation system (license-guard.js and related components)
+ * must remain intact and functional. Removing or bypassing this system
+ * is strictly prohibited.
  * 
- * This software is licensed under a proprietary commercial license.
  * See LICENSE file for full terms.
  * 
- * For licensing inquiries: [Deine Email]
- * Website: [Deine Website]
+ * Repository: https://github.com/begservice/strapi-plugin-magic-link-v5
+ * Issues: https://github.com/begservice/strapi-plugin-magic-link-v5/issues
  */
-

package/LICENSE

@@ -1,48 +1,27 @@
-PROPRIETARY LICENSE AGREEMENT
-
-Copyright (c) 2025 [Dein Name/Firma]
-
-This software and associated documentation files (the "Software") are proprietary 
-and confidential. All rights reserved.
-
-TERMS AND CONDITIONS:
-
-1. LICENSE GRANT
-   This Software is licensed, not sold. Subject to payment of applicable license 
-   fees and compliance with these terms, you are granted a limited, non-exclusive, 
-   non-transferable license to use the Software.
-
-2. RESTRICTIONS
-   You may NOT:
-   - Copy, modify, or distribute the Software
-   - Reverse engineer, decompile, or disassemble the Software
-   - Remove or modify any proprietary notices or labels
-   - Use the Software for any unlicensed purpose
-   - Share your license key with unauthorized parties
-   - Host the Software on multiple servers without appropriate licensing
-
-3. INTELLECTUAL PROPERTY
-   All title, ownership rights, and intellectual property rights in and to the 
-   Software remain with the copyright holder. The Software is protected by 
-   copyright laws and international treaty provisions.
-
-4. TERMINATION
-   This license is effective until terminated. Your rights under this license 
-   will terminate automatically without notice if you fail to comply with any 
-   term of this license.
-
-5. WARRANTY DISCLAIMER
-   THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
-   IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS 
-   FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-
-6. LIMITATION OF LIABILITY
-   IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR 
-   OTHER LIABILITY ARISING FROM THE USE OF THE SOFTWARE.
-
-7. LICENSE PURCHASE
-   To obtain a valid license, visit: [Deine Website]
-   Each license is subject to separate terms and pricing.
-
-For licensing inquiries, contact: [Deine Email]
-
+MIT License
+
+Copyright (c) 2025 Schero A. (begservice)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+**ADDITIONAL CONDITION:**
+The license validation system (including but not limited to license-guard.js, 
+license controller, and related API endpoints) must remain intact and functional. 
+Removing, bypassing, or disabling the license validation system is strictly 
+prohibited.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -4,20 +4,25 @@ A secure passwordless authentication solution for Strapi, allowing users to log
 
 ---
 
-## ⚠️ LICENSE & USAGE NOTICE
+## 📜 License
 
-**This is proprietary commercial software.** 
+This plugin is licensed under the **MIT License** - free for everyone to use!
 
-- ❌ **NOT** open source or free to use
-- ❌ **NOT** licensed under MIT, Apache, or similar permissive licenses
-- ✅ Requires a **valid commercial license** for production use
-- ✅ Source code is visible for transparency and evaluation only
+### What you CAN do:
+- ✅ Use the plugin freely (personal & commercial)
+- ✅ View and study the source code
+- ✅ Report issues and contribute improvements
+- ✅ Deploy in production without fees
+- ✅ Integrate in your commercial projects
 
-**Using this software without a valid license is copyright infringement.**
+### What you CANNOT do:
+- ❌ Remove or bypass the license validation system
+- ❌ Modify `license-guard.js` or license-related endpoints
+- ❌ Disable license activation requirements
 
-📄 See [LICENSE](./LICENSE) for full terms  
-💼 Purchase a license: [Your Website]  
-📧 Questions? Contact: [Your Email]
+**Important:** The license validation system must remain intact and functional. This ensures quality, support, and continued development. Users must activate the plugin (free) through the admin interface.
+
+📄 See [LICENSE](./LICENSE) for full terms
 
 ---
 
@@ -50,29 +55,6 @@ yarn add begservice/strapi-magic-link
 
 After installation, restart your Strapi server and the plugin will be available in the admin panel.
 
-## License Server
-
-This plugin uses a **centralized license server** for validation and activation.
-
-### How It Works
-
-- The plugin connects to a fixed license server URL for all license operations
-- License keys are validated against this server
-- The server URL is hardcoded for security (cannot be changed by end users)
-- Supports **24-hour grace period** for offline operation
-
-### For Developers (Development Mode)
-
-During development, you can override the license server URL:
-
-```bash
-# .env file
-LICENSE_SERVER_URL=http://localhost:1337
-NODE_ENV=development
-```
-
-**Note**: This override only works in development mode for testing purposes.
-
 ## How It Works
 
 ### Email User with Login Link
@@ -275,7 +257,9 @@ await axios.post("/api/magic-link/send", {
 
 ## License
 
-[MIT](LICENSE)
+This project is licensed under the **MIT License** - see the [LICENSE](LICENSE) file for details.
+
+**Important:** While the code is open source, the license validation system must remain intact. This ensures quality, security, and continued development of the plugin.
 
 ## Development & Contributing
 

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "4.3.1",
+  "version": "4.4.0",
   "keywords": [],
   "type": "commonjs",
   "exports": {
@@ -60,7 +60,7 @@
   },
   "name": "strapi-plugin-magic-link-v5",
   "description": "This plugin provides passwordless authentication via magic links sent to email",
-  "license": "SEE LICENSE IN LICENSE",
+  "license": "MIT",
   "private": false,
   "author": "Schero A. <124470865+begservice@users.noreply.github.com>",
   "repository": {

package/LICENSE-DUAL.md

@@ -1,37 +0,0 @@
-# DUAL LICENSE
-
-This software is available under a dual licensing model.
-
-## 1. GNU AFFERO GENERAL PUBLIC LICENSE (AGPL-3.0)
-
-If you are creating an open-source application under a license compatible with 
-the GNU AGPL-3.0, you may use this software under those terms.
-
-**Key Requirements:**
-- You MUST make your complete source code available
-- You MUST license your application under AGPL-3.0
-- Network use counts as distribution (you must share code even for SaaS)
-- You MUST provide prominent notice and attribution
-
-See: https://www.gnu.org/licenses/agpl-3.0.html
-
-## 2. COMMERCIAL LICENSE
-
-If you want to use this software in a proprietary/commercial application 
-WITHOUT the obligations of AGPL-3.0, you must purchase a commercial license.
-
-**Commercial License Benefits:**
-- No obligation to open-source your code
-- Can be used in proprietary/closed-source applications
-- Can be used in SaaS without sharing code
-- Priority support and updates
-- No copyleft requirements
-
-**Purchase:** [Deine Website]
-**Contact:** [Deine Email]
-
----
-
-**Note:** Using this software without a valid license (either AGPL-3.0 compliance 
-or commercial license) is copyright infringement and will be prosecuted.
-

package/LICENSE_GUARD.md

@@ -1,323 +0,0 @@
-# Magic Link License Guard
-
-Der License Guard schützt und verwaltet das Magic Link Plugin über das bestehende License API System.
-
-## 🚀 Features
-
-- ✅ **Automatische Lizenz-Initialisierung** beim Plugin-Start
-- ✅ **Auto-Ping alle 15 Minuten** für Online-Tracking
-- ✅ **Geräteerkennung** (DeviceID, DeviceName, IP, UserAgent)
-- ✅ **Grace Period Support** (24h Offline-Nutzung)
-- ✅ **Admin-Endpoints** für Lizenzverwaltung
-- ✅ **Automatisches Cleanup** beim Plugin-Stop
-
-## 📋 Wie es funktioniert
-
-### 1. Beim Plugin-Start
-
-```
-Plugin startet → License Guard initialisiert
-                ↓
-Lizenzschlüssel im Store? 
-    ↓ JA                    ↓ NEIN
-Verifizieren             Demo-Mode
-    ↓                        ↓
-Gültig?                   Warnung anzeigen
-    ↓ JA      ↓ NEIN
-Ping starten   Demo-Mode
-```
-
-### 2. Automatisches Pinging
-
-Alle 15 Minuten sendet der Guard automatisch:
-```json
-POST /api/licenses/ping
-{
-  "licenseKey": "A1B2-C3D4-E5F6-G7H8"
-}
-```
-
-Dies aktualisiert:
-- `lastPingAt` - Aktueller Zeitstempel
-- `lastActiveAt` - Aktivitäts-Tracker
-- `isOnline` - Online-Status basierend auf Grace Period
-
-## 🎯 Verwendung
-
-### Option 1: Lizenz über API erstellen
-
-```bash
-curl -X POST http://localhost:1337/api/licenses/create \
-  -H "Content-Type: application/json" \
-  -d '{
-    "email": "admin@example.com",
-    "firstName": "Admin",
-    "lastName": "User",
-    "deviceName": "Server-01",
-    "deviceId": "device-abc-123",
-    "ipAddress": "192.168.1.100",
-    "userAgent": "Strapi/5.11.2"
-  }'
-```
-
-**Response:**
-```json
-{
-  "success": true,
-  "message": "License created successfully",
-  "data": {
-    "id": 1,
-    "licenseKey": "A1B2-C3D4-E5F6-G7H8",
-    "email": "admin@example.com",
-    "isActive": true,
-    ...
-  }
-}
-```
-
-Der License Guard erkennt automatisch die neue Lizenz beim nächsten Start!
-
-### Option 2: Auto-Create über Admin-Endpoint
-
-```bash
-curl -X POST http://localhost:1337/magic-link/license/auto-create
-```
-
-Erstellt automatisch eine Lizenz mit Standard-Daten und aktiviert sie sofort.
-
-### Option 3: Programmatisch erstellen
-
-```javascript
-// Im Strapi-Code oder Terminal
-await strapi
-  .plugin('magic-link')
-  .service('license-guard')
-  .autoCreateLicense('your@email.com', 'First', 'Last');
-```
-
-## 📡 Admin-Endpoints
-
-Alle Endpoints sind unter `/magic-link/...` verfügbar:
-
-| Endpoint | Methode | Beschreibung |
-|----------|---------|--------------|
-| `/license/status` | GET | Aktueller Lizenz-Status |
-| `/license/create` | POST | Lizenz erstellen & aktivieren |
-| `/license/auto-create` | POST | Auto-Lizenz mit Defaults |
-| `/license/ping` | POST | Manueller Ping |
-| `/license/stats` | GET | Online-Statistiken |
-| `/license/deactivate` | POST | Lizenz deaktivieren |
-
-### Beispiele
-
-**Status abfragen:**
-```bash
-curl http://localhost:1337/magic-link/license/status
-```
-
-**Response:**
-```json
-{
-  "success": true,
-  "valid": true,
-  "data": {
-    "licenseKey": "A1B2-C3D4-E5F6-G7H8",
-    "isActive": true,
-    "isExpired": false,
-    "isOnline": true,
-    "expiresAt": "2026-10-13T10:00:00.000Z",
-    "lastPingAt": "2025-10-13T21:00:00.000Z",
-    "deviceName": "MacBook-Pro.local",
-    "features": {
-      "premium": true,
-      "advanced": false,
-      "enterprise": false,
-      "custom": false
-    },
-    "maxDevices": 1,
-    "currentDevices": 1
-  }
-}
-```
-
-**Manuelle Ping:**
-```bash
-curl -X POST http://localhost:1337/magic-link/license/ping
-```
-
-**Online-Statistiken:**
-```bash
-curl http://localhost:1337/magic-link/license/stats
-```
-
-## 🔧 Gesammelte Daten
-
-Der License Guard sammelt automatisch:
-
-### Device Information
-- **DeviceID**: SHA256-Hash von MAC-Adressen + Hostname
-- **DeviceName**: System-Hostname (z.B. "MacBook-Pro.local")
-- **IP Address**: Server-IP (erste nicht-interne IPv4)
-- **User Agent**: "Strapi/{version} Node/{version} {platform}/{release}"
-
-### Beispiel gesammelte Daten:
-```javascript
-{
-  deviceId: "a3f8e92c1d4b5e6f7a8b9c0d1e2f3a4b",
-  deviceName: "MacBook-Pro.local",
-  ipAddress: "192.168.1.100",
-  userAgent: "Strapi/5.11.2 Node/v20.11.0 darwin/23.0.0"
-}
-```
-
-## 📊 Console Output
-
-Beim Plugin-Start siehst du eine dieser Meldungen:
-
-### ✅ Lizenz aktiv:
-```
-╔════════════════════════════════════════════════════════════════╗
-║  ✅ MAGIC LINK PLUGIN LICENSE ACTIVE                           ║
-║                                                                ║
-║  License: A1B2-C3D4-E5F6-G7H8                                  ║
-║  User: Max Mustermann                                          ║
-║  Email: max@example.com                                        ║
-║                                                                ║
-║  🔄 Auto-pinging every 15 minutes                              ║
-╚════════════════════════════════════════════════════════════════╝
-```
-
-### ⚠️ Demo-Mode:
-```
-╔════════════════════════════════════════════════════════════════╗
-║  ⚠️  MAGIC LINK PLUGIN RUNNING IN DEMO MODE                   ║
-║                                                                ║
-║  To activate, create a license:                                ║
-║  POST http://localhost:1337/api/licenses/create                ║
-║                                                                ║
-║  Or auto-create with:                                          ║
-║  strapi.plugin("magic-link").service("license-guard")          ║
-║         .autoCreateLicense("your@email.com", "First", "Last")  ║
-╚════════════════════════════════════════════════════════════════╝
-```
-
-## 🔄 Lifecycle
-
-### Bootstrap (Plugin Start)
-1. License Guard Service wird geladen
-2. Nach 3 Sekunden: Initialize()
-3. Prüfe auf gespeicherten Lizenzschlüssel
-4. Verifiziere Lizenz
-5. Starte Auto-Ping (alle 15 Min)
-
-### Destroy (Plugin Stop)
-1. Stoppe Ping-Interval
-2. Cleanup-Log
-
-## 💻 Integration in dein Plugin
-
-### Lizenz-Status im Admin-Panel anzeigen
-
-Erstelle eine Settings-Seite mit Lizenz-Info:
-
-```javascript
-// In deiner Settings-Component
-const { data: licenseStatus } = await get('/magic-link/license/status');
-
-if (licenseStatus.valid) {
-  console.log('✅ License active:', licenseStatus.data.licenseKey);
-  console.log('Features:', licenseStatus.data.features);
-} else {
-  console.log('⚠️ Demo mode or invalid license');
-}
-```
-
-### Lizenz erstellen aus dem Admin-Panel
-
-```javascript
-const createLicense = async () => {
-  const response = await post('/magic-link/license/create', {
-    email: 'user@example.com',
-    firstName: 'John',
-    lastName: 'Doe',
-  });
-
-  if (response.data.success) {
-    console.log('License created:', response.data.data.licenseKey);
-  }
-};
-```
-
-## 🔐 Sicherheit
-
-- ✅ **DeviceID ist persistent** - Basiert auf Hardware
-- ✅ **Eindeutige Identifikation** - SHA256-Hash
-- ✅ **Keine Speicherung sensibler Daten** - Nur Hashes
-- ✅ **GDPR-konform** - User-Daten anonymisiert
-
-## 🛠 Troubleshooting
-
-### Plugin startet im Demo-Mode
-
-**Ursache:** Keine Lizenz gefunden oder Lizenz ungültig
-
-**Lösung:**
-```bash
-# Option 1: Auto-Create
-curl -X POST http://localhost:1337/magic-link/license/auto-create
-
-# Option 2: Manuell über License API
-curl -X POST http://localhost:1337/api/licenses/create \
-  -H "Content-Type: application/json" \
-  -d '{"email":"admin@localhost","firstName":"Admin","lastName":"User"}'
-
-# Option 3: Im Strapi Terminal
-await strapi.plugin('magic-link').service('license-guard')
-  .autoCreateLicense('admin@example.com', 'Admin', 'User');
-```
-
-### Pinging funktioniert nicht
-
-**Prüfen:**
-```bash
-# Manueller Ping
-curl -X POST http://localhost:1337/magic-link/license/ping
-
-# Status prüfen
-curl http://localhost:1337/magic-link/license/status
-```
-
-### Lizenz als "offline" markiert
-
-- Grace Period ist abgelaufen (>24h kein Ping)
-- Pinging wurde gestoppt
-- Netzwerk-Probleme
-
-**Lösung:** Einmal pingen → `isOnline` wird wieder auf `true` gesetzt
-
-## 📚 Logs
-
-Der License Guard loggt:
-
-```
-[INFO] 🔐 Initializing License Guard...
-[INFO] 📄 Found existing license key: A1B2-C3D4-E5F6-G7H8
-[INFO] ✅ License is valid and active
-[INFO] 📡 Started pinging license every 15 minutes
-[DEBUG] 📡 License ping successful: A1B2-C3D4-E5F6-G7H8
-[INFO] 🛑 License pinging stopped
-```
-
-## 🎉 Fertig!
-
-Der License Guard läuft nun automatisch im Hintergrund:
-- ✅ Verifiziert beim Start
-- ✅ Pingt alle 15 Minuten
-- ✅ Tracked Online-Status
-- ✅ Bereit für Production
-
-Für weitere Informationen siehe:
-- `/src/api/license/README.md` - License API Dokumentation
-- `/src/api/license/TRACKING.md` - Tracking-Details
-- `/src/api/license/SUMMARY.md` - Zusammenfassung
-

package/SECURITY.md

@@ -1,79 +0,0 @@
-# Security & License Protection
-
-## License Enforcement
-
-This software includes multiple layers of license protection:
-
-### 1. Backend License Check
-- API endpoints are protected by `license-check` policy
-- All requests are validated against active license
-- Invalid/expired licenses are rejected with 401 status
-
-### 2. Frontend License Guard
-- Admin UI displays activation modal without valid license
-- Prevents unauthorized UI access
-- Requires license activation before use
-
-### 3. License Verification
-- License keys are validated against central license database
-- Regular "ping" mechanism ensures license is active
-- Offline grace period for temporary network issues
-
-## Anti-Piracy Measures
-
-### Current Protection:
-1. **License Key Validation**: Server-side verification
-2. **Device Binding**: License tied to specific server instances
-3. **Online Checks**: Regular validation against license server
-4. **IP Tracking**: Monitor and limit license usage by IP
-5. **Audit Logging**: All license operations are logged
-
-### Additional Recommendations:
-
-#### Code Obfuscation (Optional)
-Consider obfuscating critical parts of the code:
-```bash
-npm install javascript-obfuscator --save-dev
-```
-
-#### API Key Protection
-Never commit license server API credentials to git:
-```bash
-# Add to .env
-LICENSE_SERVER_URL=https://your-license-server.com
-LICENSE_API_KEY=your-secret-key
-```
-
-#### Monitoring
-Set up monitoring for:
-- Unusual license activation patterns
-- Multiple IPs using same license
-- Attempts to bypass license checks
-
-## Reporting License Violations
-
-If you discover unauthorized use of this software:
-
-**Email:** [Your Email]
-**Subject:** License Violation Report
-
-Include:
-- URL or location where unauthorized use was found
-- Screenshots/evidence
-- Any relevant information
-
-We take license violations seriously and will pursue legal action when necessary.
-
-## Legal Notice
-
-Unauthorized use, copying, or distribution of this software constitutes:
-- Copyright infringement
-- Breach of software license agreement
-- Potential criminal violation under applicable laws
-
-Violators will be prosecuted to the fullest extent of the law.
-
----
-
-**Last Updated:** 2025-01-13
-