strapi-plugin-magic-sessionmanager 2.0.0 → 2.0.2

package/server/src/services/license-guard.js

@@ -0,0 +1,308 @@
+/**
+ * License Guard Service for Magic Session Manager
+ * Handles license creation, verification, and ping tracking
+ */
+
+const crypto = require('crypto');
+const os = require('os');
+
+// FIXED LICENSE SERVER URL
+const LICENSE_SERVER_URL = 'https://magicapi.fitlex.me';
+
+module.exports = ({ strapi }) => ({
+  /**
+   * Get license server URL
+   */
+  getLicenseServerUrl() {
+    return LICENSE_SERVER_URL;
+  },
+
+  /**
+   * Generate device ID
+   */
+  generateDeviceId() {
+    try {
+      const networkInterfaces = os.networkInterfaces();
+      const macAddresses = [];
+      
+      Object.values(networkInterfaces).forEach(interfaces => {
+        interfaces?.forEach(iface => {
+          if (iface.mac && iface.mac !== '00:00:00:00:00:00') {
+            macAddresses.push(iface.mac);
+          }
+        });
+      });
+      
+      const identifier = `${macAddresses.join('-')}-${os.hostname()}`;
+      return crypto.createHash('sha256').update(identifier).digest('hex').substring(0, 32);
+    } catch (error) {
+      return crypto.randomBytes(16).toString('hex');
+    }
+  },
+
+  getDeviceName() {
+    try {
+      return os.hostname() || 'Unknown Device';
+    } catch (error) {
+      return 'Unknown Device';
+    }
+  },
+
+  getIpAddress() {
+    try {
+      const networkInterfaces = os.networkInterfaces();
+      for (const name of Object.keys(networkInterfaces)) {
+        const interfaces = networkInterfaces[name];
+        if (interfaces) {
+          for (const iface of interfaces) {
+            if (iface.family === 'IPv4' && !iface.internal) {
+              return iface.address;
+            }
+          }
+        }
+      }
+      return '127.0.0.1';
+    } catch (error) {
+      return '127.0.0.1';
+    }
+  },
+
+  getUserAgent() {
+    return `Strapi/${strapi.config.get('info.strapi') || '5.0.0'} Node/${process.version} ${os.platform()}/${os.release()}`;
+  },
+
+  async createLicense({ email, firstName, lastName }) {
+    try {
+      const deviceId = this.generateDeviceId();
+      const deviceName = this.getDeviceName();
+      const ipAddress = this.getIpAddress();
+      const userAgent = this.getUserAgent();
+
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const response = await fetch(`${licenseServerUrl}/api/licenses/create`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          email,
+          firstName,
+          lastName,
+          deviceName,
+          deviceId,
+          ipAddress,
+          userAgent,
+          pluginName: 'magic-sessionmanager',
+          productName: 'Magic Session Manager - Premium Session Tracking',
+        }),
+      });
+
+      const data = await response.json();
+
+      if (data.success) {
+        strapi.log.info('[magic-sessionmanager] ✅ License created:', data.data.licenseKey);
+        return data.data;
+      } else {
+        strapi.log.error('[magic-sessionmanager] ❌ License creation failed:', data);
+        return null;
+      }
+    } catch (error) {
+      strapi.log.error('[magic-sessionmanager] ❌ Error creating license:', error);
+      return null;
+    }
+  },
+
+  async verifyLicense(licenseKey, allowGracePeriod = false) {
+    try {
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), 5000);
+      
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const response = await fetch(`${licenseServerUrl}/api/licenses/verify`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ 
+          licenseKey,
+          pluginName: 'magic-sessionmanager',
+          productName: 'Magic Session Manager - Premium Session Tracking',
+        }),
+        signal: controller.signal,
+      });
+      
+      clearTimeout(timeoutId);
+      const data = await response.json();
+
+      if (data.success && data.data) {
+        return { valid: true, data: data.data, gracePeriod: false };
+      } else {
+        return { valid: false, data: null };
+      }
+    } catch (error) {
+      if (allowGracePeriod) {
+        return { valid: true, data: null, gracePeriod: true };
+      }
+      return { valid: false, data: null };
+    }
+  },
+
+  async getLicenseByKey(licenseKey) {
+    try {
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const url = `${licenseServerUrl}/api/licenses/key/${licenseKey}`;
+      
+      strapi.log.debug(`[magic-sessionmanager/license-guard] Fetching license from: ${url}`);
+      
+      const response = await fetch(url, {
+        method: 'GET',
+        headers: { 'Content-Type': 'application/json' },
+      });
+
+      const data = await response.json();
+
+      if (data.success && data.data) {
+        strapi.log.debug(`[magic-sessionmanager/license-guard] License fetched: ${data.data.email}, featurePremium: ${data.data.featurePremium}`);
+        return data.data;
+      }
+      
+      strapi.log.warn(`[magic-sessionmanager/license-guard] License API returned no data`);
+      return null;
+    } catch (error) {
+      strapi.log.error('[magic-sessionmanager/license-guard] Error fetching license by key:', error);
+      return null;
+    }
+  },
+
+  async pingLicense(licenseKey) {
+    try {
+      const deviceId = this.generateDeviceId();
+      const deviceName = this.getDeviceName();
+      const ipAddress = this.getIpAddress();
+      const userAgent = this.getUserAgent();
+
+      const licenseServerUrl = this.getLicenseServerUrl();
+      const response = await fetch(`${licenseServerUrl}/api/licenses/ping`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          licenseKey,
+          deviceId,
+          deviceName,
+          ipAddress,
+          userAgent,
+          pluginName: 'magic-sessionmanager',
+        }),
+      });
+
+      const data = await response.json();
+      return data.success ? data.data : null;
+    } catch (error) {
+      return null;
+    }
+  },
+
+  async storeLicenseKey(licenseKey) {
+    const pluginStore = strapi.store({ 
+      type: 'plugin', 
+      name: 'magic-sessionmanager' 
+    });
+    await pluginStore.set({ key: 'licenseKey', value: licenseKey });
+    strapi.log.info(`[magic-sessionmanager] ✅ License key stored: ${licenseKey.substring(0, 8)}...`);
+  },
+
+  startPinging(licenseKey, intervalMinutes = 15) {
+    strapi.log.info(`[magic-sessionmanager] ⏰ Starting license pings every ${intervalMinutes} minutes`);
+    
+    // Immediate ping
+    this.pingLicense(licenseKey);
+    
+    const interval = setInterval(async () => {
+      try {
+        await this.pingLicense(licenseKey);
+      } catch (error) {
+        strapi.log.error('[magic-sessionmanager] Ping error:', error);
+      }
+    }, intervalMinutes * 60 * 1000);
+
+    return interval;
+  },
+
+  /**
+   * Initialize license guard
+   * Checks for existing license and starts pinging
+   */
+  async initialize() {
+    try {
+      strapi.log.info('[magic-sessionmanager] 🔐 Initializing License Guard...');
+
+      // Check if license key exists in plugin store
+      const pluginStore = strapi.store({ 
+        type: 'plugin', 
+        name: 'magic-sessionmanager' 
+      });
+      const licenseKey = await pluginStore.get({ key: 'licenseKey' });
+
+      if (!licenseKey) {
+        strapi.log.info('[magic-sessionmanager] ℹ️ No license found - Running in demo mode');
+        return {
+          valid: false,
+          demo: true,
+          data: null,
+        };
+      }
+
+      // Check last validation timestamp for grace period
+      const lastValidated = await pluginStore.get({ key: 'lastValidated' });
+      const now = new Date();
+      const gracePeriodHours = 24;
+      let withinGracePeriod = false;
+      
+      if (lastValidated) {
+        const lastValidatedDate = new Date(lastValidated);
+        const hoursSinceValidation = (now.getTime() - lastValidatedDate.getTime()) / (1000 * 60 * 60);
+        withinGracePeriod = hoursSinceValidation < gracePeriodHours;
+      }
+
+      // Verify license (allow grace period if we have a last validation)
+      const verification = await this.verifyLicense(licenseKey, withinGracePeriod);
+
+      if (verification.valid) {
+        // Update last validated timestamp
+        await pluginStore.set({ 
+          key: 'lastValidated', 
+          value: now.toISOString() 
+        });
+
+        // Start automatic pinging
+        const pingInterval = this.startPinging(licenseKey, 15);
+        
+        // Store interval globally so we can clean it up
+        strapi.licenseGuard = {
+          licenseKey,
+          pingInterval,
+          data: verification.data,
+        };
+
+        return {
+          valid: true,
+          demo: false,
+          data: verification.data,
+          gracePeriod: verification.gracePeriod || false,
+        };
+      } else {
+        strapi.log.error('[magic-sessionmanager] ❌ License validation failed');
+        return {
+          valid: false,
+          demo: true,
+          error: 'Invalid or expired license',
+          data: null,
+        };
+      }
+    } catch (error) {
+      strapi.log.error('[magic-sessionmanager] ❌ Error initializing License Guard:', error);
+      return {
+        valid: false,
+        demo: true,
+        error: error.message,
+        data: null,
+      };
+    }
+  },
+});

package/server/src/services/notifications.js

@@ -0,0 +1,319 @@
+/**
+ * Notifications Service (ADVANCED Feature)
+ * Send email alerts for session events
+ */
+
+module.exports = ({ strapi }) => ({
+  /**
+   * Get email templates from database settings
+   * Falls back to default hardcoded templates if not found
+   */
+  async getEmailTemplates() {
+    try {
+      // Try to load templates from database
+      const pluginStore = strapi.store({
+        type: 'plugin',
+        name: 'magic-sessionmanager',
+      });
+      
+      const settings = await pluginStore.get({ key: 'settings' });
+      
+      if (settings?.emailTemplates && Object.keys(settings.emailTemplates).length > 0) {
+        // Check if templates have content
+        const hasContent = Object.values(settings.emailTemplates).some(
+          template => template.html || template.text
+        );
+        
+        if (hasContent) {
+          strapi.log.debug('[magic-sessionmanager/notifications] Using templates from database');
+          return settings.emailTemplates;
+        }
+      }
+    } catch (err) {
+      strapi.log.warn('[magic-sessionmanager/notifications] Could not load templates from DB, using defaults:', err.message);
+    }
+    
+    // Default fallback templates
+    strapi.log.debug('[magic-sessionmanager/notifications] Using default fallback templates');
+    return {
+      suspiciousLogin: {
+        subject: '🚨 Suspicious Login Alert - Session Manager',
+        html: `
+<html>
+<body style="font-family: Arial, sans-serif; line-height: 1.6; color: #333;">
+  <div style="max-width: 600px; margin: 0 auto; padding: 20px; background-color: #f9fafb; border-radius: 10px;">
+    <h2 style="color: #dc2626;">🚨 Suspicious Login Detected</h2>
+    <p>A potentially suspicious login was detected for your account.</p>
+    
+    <div style="background: white; padding: 15px; border-radius: 8px; margin: 20px 0;">
+      <h3 style="margin-top: 0;">Account Information:</h3>
+      <ul>
+        <li><strong>Email:</strong> {{user.email}}</li>
+        <li><strong>Username:</strong> {{user.username}}</li>
+      </ul>
+      
+      <h3>Login Details:</h3>
+      <ul>
+        <li><strong>Time:</strong> {{session.loginTime}}</li>
+        <li><strong>IP Address:</strong> {{session.ipAddress}}</li>
+        <li><strong>Location:</strong> {{geo.city}}, {{geo.country}}</li>
+        <li><strong>Timezone:</strong> {{geo.timezone}}</li>
+        <li><strong>Device:</strong> {{session.userAgent}}</li>
+      </ul>
+      
+      <h3 style="color: #dc2626;">Security Alert:</h3>
+      <ul>
+        <li>VPN Detected: {{reason.isVpn}}</li>
+        <li>Proxy Detected: {{reason.isProxy}}</li>
+        <li>Threat Detected: {{reason.isThreat}}</li>
+        <li>Security Score: {{reason.securityScore}}/100</li>
+      </ul>
+    </div>
+    
+    <p>If this was you, you can safely ignore this email. If you don't recognize this activity, please secure your account immediately.</p>
+    
+    <hr style="border: none; border-top: 1px solid #e5e7eb; margin: 20px 0;"/>
+    <p style="color: #666; font-size: 12px;">This is an automated security notification from Magic Session Manager.</p>
+  </div>
+</body>
+</html>`,
+        text: `🚨 Suspicious Login Detected\n\nA potentially suspicious login was detected for your account.\n\nAccount: {{user.email}}\nUsername: {{user.username}}\n\nLogin Details:\n- Time: {{session.loginTime}}\n- IP: {{session.ipAddress}}\n- Location: {{geo.city}}, {{geo.country}}\n\nSecurity: VPN={{reason.isVpn}}, Proxy={{reason.isProxy}}, Threat={{reason.isThreat}}, Score={{reason.securityScore}}/100`,
+      },
+      newLocation: {
+        subject: '📍 New Location Login Detected',
+        html: `<h2>📍 New Location Login</h2><p>Account: {{user.email}}</p><p>Time: {{session.loginTime}}</p><p>Location: {{geo.city}}, {{geo.country}}</p><p>IP: {{session.ipAddress}}</p>`,
+        text: `📍 New Location Login\n\nAccount: {{user.email}}\nTime: {{session.loginTime}}\nLocation: {{geo.city}}, {{geo.country}}\nIP: {{session.ipAddress}}`,
+      },
+      vpnProxy: {
+        subject: '⚠️ VPN/Proxy Login Detected',
+        html: `<h2>⚠️ VPN/Proxy Detected</h2><p>Account: {{user.email}}</p><p>Time: {{session.loginTime}}</p><p>IP: {{session.ipAddress}}</p><p>VPN: {{reason.isVpn}}, Proxy: {{reason.isProxy}}</p>`,
+        text: `⚠️ VPN/Proxy Detected\n\nAccount: {{user.email}}\nTime: {{session.loginTime}}\nIP: {{session.ipAddress}}\nVPN: {{reason.isVpn}}, Proxy: {{reason.isProxy}}`,
+      },
+    };
+  },
+  
+  /**
+   * Replace template variables with actual values
+   */
+  replaceVariables(template, data) {
+    let result = template;
+    
+    // User variables
+    result = result.replace(/\{\{user\.email\}\}/g, data.user?.email || 'N/A');
+    result = result.replace(/\{\{user\.username\}\}/g, data.user?.username || 'N/A');
+    
+    // Session variables
+    result = result.replace(/\{\{session\.loginTime\}\}/g, 
+      data.session?.loginTime ? new Date(data.session.loginTime).toLocaleString() : 'N/A');
+    result = result.replace(/\{\{session\.ipAddress\}\}/g, data.session?.ipAddress || 'N/A');
+    result = result.replace(/\{\{session\.userAgent\}\}/g, data.session?.userAgent || 'N/A');
+    
+    // Geo variables
+    result = result.replace(/\{\{geo\.city\}\}/g, data.geoData?.city || 'Unknown');
+    result = result.replace(/\{\{geo\.country\}\}/g, data.geoData?.country || 'Unknown');
+    result = result.replace(/\{\{geo\.timezone\}\}/g, data.geoData?.timezone || 'Unknown');
+    
+    // Reason variables
+    result = result.replace(/\{\{reason\.isVpn\}\}/g, data.reason?.isVpn ? 'Yes' : 'No');
+    result = result.replace(/\{\{reason\.isProxy\}\}/g, data.reason?.isProxy ? 'Yes' : 'No');
+    result = result.replace(/\{\{reason\.isThreat\}\}/g, data.reason?.isThreat ? 'Yes' : 'No');
+    result = result.replace(/\{\{reason\.securityScore\}\}/g, data.reason?.securityScore || '0');
+    
+    return result;
+  },
+
+  /**
+   * Send suspicious login alert
+   * @param {Object} params - { user, session, reason, geoData }
+   */
+  async sendSuspiciousLoginAlert({ user, session, reason, geoData }) {
+    try {
+      // Get templates from database (or defaults)
+      const templates = await this.getEmailTemplates();
+      const template = templates.suspiciousLogin;
+      
+      // Prepare data for variable replacement
+      const data = { user, session, reason, geoData };
+      
+      // Replace variables in template
+      const htmlContent = this.replaceVariables(template.html, data);
+      const textContent = this.replaceVariables(template.text, data);
+
+      await strapi.plugins['email'].services.email.send({
+        to: user.email,
+        subject: template.subject,
+        html: htmlContent,
+        text: textContent,
+      });
+
+      strapi.log.info(`[magic-sessionmanager/notifications] Suspicious login alert sent to ${user.email}`);
+      return true;
+    } catch (err) {
+      strapi.log.error('[magic-sessionmanager/notifications] Error sending email:', err);
+      return false;
+    }
+  },
+
+  /**
+   * Send new location login alert
+   * @param {Object} params - { user, session, geoData }
+   */
+  async sendNewLocationAlert({ user, session, geoData }) {
+    try {
+      // Get templates from database (or defaults)
+      const templates = await this.getEmailTemplates();
+      const template = templates.newLocation;
+      
+      // Prepare data for variable replacement
+      const data = { user, session, geoData, reason: {} };
+      
+      // Replace variables in template
+      const htmlContent = this.replaceVariables(template.html, data);
+      const textContent = this.replaceVariables(template.text, data);
+
+      await strapi.plugins['email'].services.email.send({
+        to: user.email,
+        subject: template.subject,
+        html: htmlContent,
+        text: textContent,
+      });
+
+      strapi.log.info(`[magic-sessionmanager/notifications] New location alert sent to ${user.email}`);
+      return true;
+    } catch (err) {
+      strapi.log.error('[magic-sessionmanager/notifications] Error sending new location email:', err);
+      return false;
+    }
+  },
+  
+  /**
+   * Send VPN/Proxy login alert
+   * @param {Object} params - { user, session, reason, geoData }
+   */
+  async sendVpnProxyAlert({ user, session, reason, geoData }) {
+    try {
+      // Get templates from database (or defaults)
+      const templates = await this.getEmailTemplates();
+      const template = templates.vpnProxy;
+      
+      // Prepare data for variable replacement
+      const data = { user, session, reason, geoData };
+      
+      // Replace variables in template
+      const htmlContent = this.replaceVariables(template.html, data);
+      const textContent = this.replaceVariables(template.text, data);
+
+      await strapi.plugins['email'].services.email.send({
+        to: user.email,
+        subject: template.subject,
+        html: htmlContent,
+        text: textContent,
+      });
+
+      strapi.log.info(`[magic-sessionmanager/notifications] VPN/Proxy alert sent to ${user.email}`);
+      return true;
+    } catch (err) {
+      strapi.log.error('[magic-sessionmanager/notifications] Error sending VPN/Proxy email:', err);
+      return false;
+    }
+  },
+
+  /**
+   * Send webhook notification
+   * @param {Object} params - { event, data, webhookUrl }
+   */
+  async sendWebhook({ event, data, webhookUrl }) {
+    try {
+      const payload = {
+        event,
+        timestamp: new Date().toISOString(),
+        data,
+        source: 'magic-sessionmanager',
+      };
+
+      const response = await fetch(webhookUrl, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'User-Agent': 'Strapi-Magic-SessionManager-Webhook/1.0',
+        },
+        body: JSON.stringify(payload),
+      });
+
+      if (response.ok) {
+        strapi.log.info(`[magic-sessionmanager/notifications] Webhook sent: ${event}`);
+        return true;
+      } else {
+        strapi.log.warn(`[magic-sessionmanager/notifications] Webhook failed: ${response.status}`);
+        return false;
+      }
+    } catch (err) {
+      strapi.log.error('[magic-sessionmanager/notifications] Webhook error:', err);
+      return false;
+    }
+  },
+
+  /**
+   * Format webhook for Discord
+   * @param {Object} params - { event, session, user, geoData }
+   */
+  formatDiscordWebhook({ event, session, user, geoData }) {
+    const embed = {
+      title: this.getEventTitle(event),
+      color: this.getEventColor(event),
+      fields: [
+        { name: '👤 User', value: `${user.email}\n${user.username || 'N/A'}`, inline: true },
+        { name: '🌐 IP', value: session.ipAddress, inline: true },
+        { name: '📅 Time', value: new Date(session.loginTime).toLocaleString(), inline: false },
+      ],
+      timestamp: new Date().toISOString(),
+      footer: { text: 'Magic Session Manager' },
+    };
+
+    if (geoData) {
+      embed.fields.push({
+        name: '📍 Location',
+        value: `${geoData.country_flag} ${geoData.city}, ${geoData.country}`,
+        inline: true,
+      });
+      
+      if (geoData.isVpn || geoData.isProxy || geoData.isThreat) {
+        const warnings = [];
+        if (geoData.isVpn) warnings.push('VPN');
+        if (geoData.isProxy) warnings.push('Proxy');
+        if (geoData.isThreat) warnings.push('Threat');
+        
+        embed.fields.push({
+          name: '⚠️ Security',
+          value: `${warnings.join(', ')} detected\nScore: ${geoData.securityScore}/100`,
+          inline: true,
+        });
+      }
+    }
+
+    return { embeds: [embed] };
+  },
+
+  getEventTitle(event) {
+    const titles = {
+      'login.suspicious': '🚨 Suspicious Login',
+      'login.new_location': '📍 New Location Login',
+      'login.vpn': '🔴 VPN Login Detected',
+      'login.threat': '⛔ Threat IP Login',
+      'session.terminated': '🔴 Session Terminated',
+    };
+    return titles[event] || '📊 Session Event';
+  },
+
+  getEventColor(event) {
+    const colors = {
+      'login.suspicious': 0xFF0000, // Red
+      'login.new_location': 0xFFA500, // Orange
+      'login.vpn': 0xFF6B6B, // Light Red
+      'login.threat': 0x8B0000, // Dark Red
+      'session.terminated': 0x808080, // Gray
+    };
+    return colors[event] || 0x5865F2; // Discord Blue
+  },
+});
+

package/server/src/services/service.js

@@ -0,0 +1,7 @@
+const service = ({ strapi }) => ({
+  getWelcomeMessage() {
+    return 'Welcome to Strapi 🚀';
+  },
+});
+
+export default service;