npm - strapi-plugin-magic-sessionmanager - Versions diffs - 4.2.4 → 4.2.6 - Mend

strapi-plugin-magic-sessionmanager 4.2.4 → 4.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/README.md +0 -2
package/dist/server/index.js +1 -1
package/dist/server/index.mjs +1 -1
package/package.json +1 -3
package/admin/jsconfig.json +0 -10
package/admin/src/components/Initializer.jsx +0 -11
package/admin/src/components/LicenseGuard.jsx +0 -591
package/admin/src/components/OnlineUsersWidget.jsx +0 -212
package/admin/src/components/PluginIcon.jsx +0 -8
package/admin/src/components/SessionDetailModal.jsx +0 -449
package/admin/src/components/SessionInfoCard.jsx +0 -151
package/admin/src/components/SessionInfoPanel.jsx +0 -385
package/admin/src/components/index.jsx +0 -5
package/admin/src/hooks/useLicense.js +0 -103
package/admin/src/index.js +0 -149
package/admin/src/pages/ActiveSessions.jsx +0 -12
package/admin/src/pages/Analytics.jsx +0 -735
package/admin/src/pages/App.jsx +0 -12
package/admin/src/pages/HomePage.jsx +0 -1212
package/admin/src/pages/License.jsx +0 -603
package/admin/src/pages/Settings.jsx +0 -1646
package/admin/src/pages/SettingsNew.jsx +0 -1204
package/admin/src/pages/UpgradePage.jsx +0 -448
package/admin/src/pages/index.jsx +0 -3
package/admin/src/pluginId.js +0 -4
package/admin/src/translations/de.json +0 -299
package/admin/src/translations/en.json +0 -299
package/admin/src/translations/es.json +0 -287
package/admin/src/translations/fr.json +0 -287
package/admin/src/translations/pt.json +0 -287
package/admin/src/utils/getTranslation.js +0 -5
package/admin/src/utils/index.js +0 -2
package/admin/src/utils/parseUserAgent.js +0 -79
package/admin/src/utils/theme.js +0 -85
package/server/jsconfig.json +0 -10
package/server/src/bootstrap.js +0 -492
package/server/src/config/index.js +0 -23
package/server/src/content-types/index.js +0 -9
package/server/src/content-types/session/schema.json +0 -84
package/server/src/controllers/controller.js +0 -11
package/server/src/controllers/index.js +0 -11
package/server/src/controllers/license.js +0 -266
package/server/src/controllers/session.js +0 -433
package/server/src/controllers/settings.js +0 -122
package/server/src/destroy.js +0 -22
package/server/src/index.js +0 -23
package/server/src/middlewares/index.js +0 -5
package/server/src/middlewares/last-seen.js +0 -62
package/server/src/policies/index.js +0 -3
package/server/src/register.js +0 -36
package/server/src/routes/admin.js +0 -149
package/server/src/routes/content-api.js +0 -60
package/server/src/routes/index.js +0 -9
package/server/src/services/geolocation.js +0 -182
package/server/src/services/index.js +0 -13
package/server/src/services/license-guard.js +0 -316
package/server/src/services/notifications.js +0 -319
package/server/src/services/service.js +0 -7
package/server/src/services/session.js +0 -393
package/server/src/utils/encryption.js +0 -121
package/server/src/utils/getClientIp.js +0 -118
package/server/src/utils/logger.js +0 -84

package/server/src/controllers/license.js DELETED Viewed

@@ -1,266 +0,0 @@
-/**
- * License Controller for Magic Session Manager Plugin
- * Manages licenses directly from the Admin Panel
- */
-module.exports = ({ strapi }) => ({
-  /**
-   * Auto-create license with logged-in admin user data
-   */
-  async autoCreate(ctx) {
-    try {
-      // Get the logged-in admin user
-      const adminUser = ctx.state.user;
-      if (!adminUser) {
-        return ctx.unauthorized('No admin user logged in');
-      }
-      const licenseGuard = strapi.plugin('magic-sessionmanager').service('license-guard');
-      // Use admin user data for license creation
-      const license = await licenseGuard.createLicense({
-        email: adminUser.email,
-        firstName: adminUser.firstname || 'Admin',
-        lastName: adminUser.lastname || 'User',
-      });
-      if (!license) {
-        return ctx.badRequest('Failed to create license');
-      }
-      // Store the license key
-      await licenseGuard.storeLicenseKey(license.licenseKey);
-      // Start pinging
-      const pingInterval = licenseGuard.startPinging(license.licenseKey, 15);
-      // Update global license guard
-      strapi.licenseGuard = {
-        licenseKey: license.licenseKey,
-        pingInterval,
-        data: license,
-      };
-      return ctx.send({
-        success: true,
-        message: 'License automatically created and activated',
-        data: license,
-      });
-    } catch (error) {
-      strapi.log.error('[magic-sessionmanager] Error auto-creating license:', error);
-      return ctx.badRequest('Error creating license');
-    }
-  },
-  /**
-   * Get current license status
-   */
-  async getStatus(ctx) {
-    try {
-      const licenseGuard = strapi.plugin('magic-sessionmanager').service('license-guard');
-      const pluginStore = strapi.store({
-        type: 'plugin',
-        name: 'magic-sessionmanager'
-      });
-      const licenseKey = await pluginStore.get({ key: 'licenseKey' });
-      if (!licenseKey) {
-        strapi.log.debug('[magic-sessionmanager] No license key in store - demo mode');
-        return ctx.send({
-          success: false,
-          demo: true,
-          valid: false,
-          message: 'No license found. Running in demo mode.',
-        });
-      }
-      strapi.log.info(`[magic-sessionmanager/license-controller] Checking stored license: ${licenseKey}`);
-      const verification = await licenseGuard.verifyLicense(licenseKey);
-      const license = await licenseGuard.getLicenseByKey(licenseKey);
-      strapi.log.info('[magic-sessionmanager/license-controller] License data from MagicAPI:', {
-        licenseKey: license?.licenseKey,
-        email: license?.email,
-        featurePremium: license?.featurePremium,
-        isActive: license?.isActive,
-        pluginName: license?.pluginName,
-      });
-      return ctx.send({
-        success: true,
-        valid: verification.valid,
-        demo: false,
-        data: {
-          licenseKey,
-          email: license?.email || null,
-          firstName: license?.firstName || null,
-          lastName: license?.lastName || null,
-          isActive: license?.isActive || false,
-          isExpired: license?.isExpired || false,
-          isOnline: license?.isOnline || false,
-          expiresAt: license?.expiresAt,
-          lastPingAt: license?.lastPingAt,
-          deviceName: license?.deviceName,
-          deviceId: license?.deviceId,
-          ipAddress: license?.ipAddress,
-          features: {
-            premium: license?.featurePremium || false,
-            advanced: license?.featureAdvanced || false,
-            enterprise: license?.featureEnterprise || false,
-            custom: license?.featureCustom || false,
-          },
-          maxDevices: license?.maxDevices || 1,
-          currentDevices: license?.currentDevices || 0,
-        },
-      });
-    } catch (error) {
-      strapi.log.error('[magic-sessionmanager] Error getting license status:', error);
-      return ctx.badRequest('Error getting license status');
-    }
-  },
-  /**
-   * Create and activate a new license
-   */
-  async createAndActivate(ctx) {
-    try {
-      const { email, firstName, lastName } = ctx.request.body;
-      if (!email || !firstName || !lastName) {
-        return ctx.badRequest('Email, firstName, and lastName are required');
-      }
-      const licenseGuard = strapi.plugin('magic-sessionmanager').service('license-guard');
-      const license = await licenseGuard.createLicense({ email, firstName, lastName });
-      if (!license) {
-        return ctx.badRequest('Failed to create license');
-      }
-      // Store the license key
-      await licenseGuard.storeLicenseKey(license.licenseKey);
-      // Start pinging
-      const pingInterval = licenseGuard.startPinging(license.licenseKey, 15);
-      // Update global license guard
-      strapi.licenseGuard = {
-        licenseKey: license.licenseKey,
-        pingInterval,
-        data: license,
-      };
-      return ctx.send({
-        success: true,
-        message: 'License created and activated successfully',
-        data: license,
-      });
-    } catch (error) {
-      strapi.log.error('[magic-sessionmanager] Error creating license:', error);
-      return ctx.badRequest('Error creating license');
-    }
-  },
-  /**
-   * Manually ping the current license
-   */
-  async ping(ctx) {
-    try {
-      const pluginStore = strapi.store({
-        type: 'plugin',
-        name: 'magic-sessionmanager'
-      });
-      const licenseKey = await pluginStore.get({ key: 'licenseKey' });
-      if (!licenseKey) {
-        return ctx.badRequest('No license key found');
-      }
-      const licenseGuard = strapi.plugin('magic-sessionmanager').service('license-guard');
-      const pingResult = await licenseGuard.pingLicense(licenseKey);
-      if (!pingResult) {
-        return ctx.badRequest('Ping failed');
-      }
-      return ctx.send({
-        success: true,
-        message: 'License pinged successfully',
-        data: pingResult,
-      });
-    } catch (error) {
-      strapi.log.error('[magic-sessionmanager] Error pinging license:', error);
-      return ctx.badRequest('Error pinging license');
-    }
-  },
-  /**
-   * Store and validate an existing license key
-   */
-  async storeKey(ctx) {
-    try {
-      const { licenseKey, email } = ctx.request.body;
-      if (!licenseKey || !licenseKey.trim()) {
-        return ctx.badRequest('License key is required');
-      }
-      if (!email || !email.trim()) {
-        return ctx.badRequest('Email address is required');
-      }
-      const trimmedKey = licenseKey.trim();
-      const trimmedEmail = email.trim().toLowerCase();
-      const licenseGuard = strapi.plugin('magic-sessionmanager').service('license-guard');
-      // Verify the license key first
-      const verification = await licenseGuard.verifyLicense(trimmedKey);
-      if (!verification.valid) {
-        strapi.log.warn(`[magic-sessionmanager] [WARNING] Invalid license key attempted: ${trimmedKey.substring(0, 8)}...`);
-        return ctx.badRequest('Invalid or expired license key');
-      }
-      // Get license details to verify email
-      const license = await licenseGuard.getLicenseByKey(trimmedKey);
-      if (!license) {
-        strapi.log.warn(`[magic-sessionmanager] [WARNING] License not found in database: ${trimmedKey.substring(0, 8)}...`);
-        return ctx.badRequest('License not found');
-      }
-      // Verify email matches
-      if (license.email.toLowerCase() !== trimmedEmail) {
-        strapi.log.warn(`[magic-sessionmanager] [WARNING] Email mismatch for license key: ${trimmedKey.substring(0, 8)}... (Attempted: ${trimmedEmail})`);
-        return ctx.badRequest('Email address does not match this license key');
-      }
-      // Store the license key
-      await licenseGuard.storeLicenseKey(trimmedKey);
-      // Start pinging
-      const pingInterval = licenseGuard.startPinging(trimmedKey, 15);
-      // Update global license guard
-      strapi.licenseGuard = {
-        licenseKey: trimmedKey,
-        pingInterval,
-        data: verification.data,
-      };
-      strapi.log.info(`[magic-sessionmanager] [SUCCESS] Existing license key validated and stored: ${trimmedKey.substring(0, 8)}... (Email: ${trimmedEmail})`);
-      return ctx.send({
-        success: true,
-        message: 'License key validated and activated successfully',
-        data: verification.data,
-      });
-    } catch (error) {
-      strapi.log.error('[magic-sessionmanager] Error storing license key:', error);
-      return ctx.badRequest('Error validating license key');
-    }
-  },
-});

package/server/src/controllers/session.js DELETED Viewed

@@ -1,433 +0,0 @@
-'use strict';
-const { decryptToken } = require('../utils/encryption');
-const SESSION_UID = 'plugin::magic-sessionmanager.session';
-const USER_UID = 'plugin::users-permissions.user';
-/**
- * Session Controller
- * Handles HTTP requests for session management
- */
-module.exports = {
-  /**
-   * Get ALL sessions (active + inactive) - Admin only
-   * GET /magic-sessionmanager/sessions
-   */
-  async getAllSessionsAdmin(ctx) {
-    try {
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      const sessions = await sessionService.getAllSessions();
-      ctx.body = {
-        data: sessions,
-        meta: {
-          count: sessions.length,
-          active: sessions.filter(s => s.isTrulyActive).length,
-          inactive: sessions.filter(s => !s.isTrulyActive).length,
-        },
-      };
-    } catch (err) {
-      ctx.throw(500, 'Error fetching sessions');
-    }
-  },
-  /**
-   * Get active sessions only
-   * GET /magic-sessionmanager/sessions/active
-   */
-  async getActiveSessions(ctx) {
-    try {
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      const sessions = await sessionService.getActiveSessions();
-      ctx.body = {
-        data: sessions,
-        meta: {
-          count: sessions.length,
-        },
-      };
-    } catch (err) {
-      ctx.throw(500, 'Error fetching active sessions');
-    }
-  },
-  /**
-   * Get own sessions (authenticated user)
-   * GET /api/magic-sessionmanager/my-sessions
-   * Automatically uses the authenticated user's documentId
-   */
-  async getOwnSessions(ctx) {
-    try {
-      // Strapi v5: Use documentId from authenticated user
-      const userId = ctx.state.user?.documentId;
-      if (!userId) {
-        return ctx.throw(401, 'Unauthorized');
-      }
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      const sessions = await sessionService.getUserSessions(userId);
-      ctx.body = {
-        data: sessions,
-        meta: {
-          count: sessions.length,
-        },
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error fetching own sessions:', err);
-      ctx.throw(500, 'Error fetching sessions');
-    }
-  },
-  /**
-   * Get user's sessions
-   * GET /magic-sessionmanager/user/:userId/sessions (Admin API)
-   * GET /api/magic-sessionmanager/user/:userId/sessions (Content API)
-   * SECURITY: Admins can view any user, Content API users only their own
-   */
-  async getUserSessions(ctx) {
-    try {
-      const { userId } = ctx.params;
-      // Check if this is an admin request
-      const isAdminRequest = ctx.state.userAbility || ctx.state.admin;
-      // Strapi v5: Use documentId instead of numeric id
-      const requestingUserDocId = ctx.state.user?.documentId;
-      // SECURITY CHECK: Content API users can only see their own sessions
-      // Admins can see any user's sessions
-      if (!isAdminRequest && requestingUserDocId && String(requestingUserDocId) !== String(userId)) {
-        strapi.log.warn(`[magic-sessionmanager] Security: User ${requestingUserDocId} tried to access sessions of user ${userId}`);
-        return ctx.forbidden('You can only access your own sessions');
-      }
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      const sessions = await sessionService.getUserSessions(userId);
-      ctx.body = {
-        data: sessions,
-        meta: {
-          count: sessions.length,
-        },
-      };
-    } catch (err) {
-      ctx.throw(500, 'Error fetching user sessions');
-    }
-  },
-  /**
-   * Logout handler - terminates current session
-   * POST /api/magic-sessionmanager/logout
-   */
-  async logout(ctx) {
-    try {
-      // Strapi v5: Use documentId instead of numeric id
-      const userId = ctx.state.user?.documentId;
-      const token = ctx.request.headers.authorization?.replace('Bearer ', '');
-      if (!userId) {
-        return ctx.throw(401, 'Unauthorized');
-      }
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      // Find current session by decrypting and comparing tokens
-      const sessions = await strapi.documents(SESSION_UID).findMany({
-        filters: {
-          user: { documentId: userId },
-          isActive: true,
-        },
-      });
-      // Find matching session by decrypting tokens
-      const matchingSession = sessions.find(session => {
-        if (!session.token) return false;
-        try {
-          const decrypted = decryptToken(session.token);
-          return decrypted === token;
-        } catch (err) {
-          return false;
-        }
-      });
-      if (matchingSession) {
-        // Terminate only the current session
-        await sessionService.terminateSession({ sessionId: matchingSession.documentId });
-        strapi.log.info(`[magic-sessionmanager] User ${userId} logged out (session ${matchingSession.documentId})`);
-      }
-      ctx.body = {
-        message: 'Logged out successfully',
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Logout error:', err);
-      ctx.throw(500, 'Error during logout');
-    }
-  },
-  /**
-   * Logout from all devices - terminates all sessions for current user
-   * POST /api/magic-sessionmanager/logout-all
-   */
-  async logoutAll(ctx) {
-    try {
-      // Strapi v5: Use documentId instead of numeric id
-      const userId = ctx.state.user?.documentId;
-      if (!userId) {
-        return ctx.throw(401, 'Unauthorized');
-      }
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      // Terminate all sessions for this user
-      await sessionService.terminateSession({ userId });
-      strapi.log.info(`[magic-sessionmanager] User ${userId} logged out from all devices`);
-      ctx.body = {
-        message: 'Logged out from all devices successfully',
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Logout-all error:', err);
-      ctx.throw(500, 'Error during logout');
-    }
-  },
-  /**
-   * Terminate specific session
-   * DELETE /magic-sessionmanager/sessions/:sessionId
-   */
-  async terminateSession(ctx) {
-    try {
-      const { sessionId } = ctx.params;
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      await sessionService.terminateSession({ sessionId });
-      ctx.body = {
-        message: `Session ${sessionId} terminated`,
-      };
-    } catch (err) {
-      ctx.throw(500, 'Error terminating session');
-    }
-  },
-  /**
-   * Terminate a single session (Admin action)
-   * POST /magic-sessionmanager/sessions/:sessionId/terminate
-   */
-  async terminateSingleSession(ctx) {
-    try {
-      const { sessionId } = ctx.params;
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      await sessionService.terminateSession({ sessionId });
-      ctx.body = {
-        message: `Session ${sessionId} terminated`,
-        success: true,
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error terminating session:', err);
-      ctx.throw(500, 'Error terminating session');
-    }
-  },
-  /**
-   * Terminate ALL sessions for a specific user (Admin action)
-   * POST /magic-sessionmanager/user/:userId/terminate-all
-   */
-  async terminateAllUserSessions(ctx) {
-    try {
-      const { userId } = ctx.params;
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      await sessionService.terminateSession({ userId });
-      ctx.body = {
-        message: `All sessions terminated for user ${userId}`,
-        success: true,
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error terminating all user sessions:', err);
-      ctx.throw(500, 'Error terminating all user sessions');
-    }
-  },
-  /**
-   * Get IP Geolocation data (Premium feature)
-   * GET /magic-sessionmanager/geolocation/:ipAddress
-   */
-  async getIpGeolocation(ctx) {
-    try {
-      const { ipAddress } = ctx.params;
-      if (!ipAddress) {
-        return ctx.badRequest('IP address is required');
-      }
-      // Check if user has premium license
-      const licenseGuard = strapi.plugin('magic-sessionmanager').service('license-guard');
-      const pluginStore = strapi.store({
-        type: 'plugin',
-        name: 'magic-sessionmanager'
-      });
-      const licenseKey = await pluginStore.get({ key: 'licenseKey' });
-      if (!licenseKey) {
-        return ctx.forbidden('Premium license required for geolocation features');
-      }
-      const license = await licenseGuard.getLicenseByKey(licenseKey);
-      if (!license || !license.featurePremium) {
-        return ctx.forbidden('Premium license required for geolocation features');
-      }
-      // Get geolocation data
-      const geolocationService = strapi.plugin('magic-sessionmanager').service('geolocation');
-      const ipData = await geolocationService.getIpInfo(ipAddress);
-      ctx.body = {
-        success: true,
-        data: ipData,
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error getting IP geolocation:', err);
-      ctx.throw(500, 'Error fetching IP geolocation data');
-    }
-  },
-  /**
-   * Delete a single session permanently (Admin action)
-   * DELETE /magic-sessionmanager/sessions/:sessionId
-   */
-  async deleteSession(ctx) {
-    try {
-      const { sessionId } = ctx.params;
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      await sessionService.deleteSession(sessionId);
-      ctx.body = {
-        message: `Session ${sessionId} permanently deleted`,
-        success: true,
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error deleting session:', err);
-      ctx.throw(500, 'Error deleting session');
-    }
-  },
-  /**
-   * Delete all inactive sessions (Admin action)
-   * POST /magic-sessionmanager/sessions/clean-inactive
-   */
-  async cleanInactiveSessions(ctx) {
-    try {
-      const sessionService = strapi
-        .plugin('magic-sessionmanager')
-        .service('session');
-      const deletedCount = await sessionService.deleteInactiveSessions();
-      ctx.body = {
-        message: `Successfully deleted ${deletedCount} inactive sessions`,
-        success: true,
-        deletedCount,
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error cleaning inactive sessions:', err);
-      ctx.throw(500, 'Error deleting inactive sessions');
-    }
-  },
-  /**
-   * Toggle user blocked status
-   * POST /magic-sessionmanager/user/:userId/toggle-block
-   * Supports both numeric id (from Content Manager) and documentId
-   */
-  async toggleUserBlock(ctx) {
-    try {
-      const { userId } = ctx.params;
-      // Strapi v5: userId from params could be numeric id or documentId
-      // If numeric, look up the documentId first using entityService (fallback)
-      let userDocumentId = userId;
-      let user = null;
-      // Try to find by documentId first (preferred)
-      user = await strapi.documents(USER_UID).findOne({ documentId: userId });
-      // If not found, try numeric id lookup via entityService (fallback for Content Manager)
-      if (!user && !isNaN(userId)) {
-        const numericUser = await strapi.entityService.findOne(USER_UID, parseInt(userId, 10));
-        if (numericUser) {
-          userDocumentId = numericUser.documentId;
-          user = numericUser;
-        }
-      }
-      if (!user) {
-        return ctx.throw(404, 'User not found');
-      }
-      // Toggle blocked status
-      const newBlockedStatus = !user.blocked;
-      await strapi.documents(USER_UID).update({
-        documentId: userDocumentId,
-        data: {
-          blocked: newBlockedStatus,
-        },
-      });
-      // If blocking user, terminate all their sessions
-      if (newBlockedStatus) {
-        const sessionService = strapi
-          .plugin('magic-sessionmanager')
-          .service('session');
-        await sessionService.terminateSession({ userId: userDocumentId });
-      }
-      ctx.body = {
-        message: `User ${newBlockedStatus ? 'blocked' : 'unblocked'} successfully`,
-        blocked: newBlockedStatus,
-        success: true,
-      };
-    } catch (err) {
-      strapi.log.error('[magic-sessionmanager] Error toggling user block:', err);
-      ctx.throw(500, 'Error toggling user block status');
-    }
-  },
-};