feat: 添加许可证密钥管理功能，更新许可证激活逻辑，支持环境变量配置，增加Docker支持

server/server.js

@@ -5,6 +5,7 @@ const cors = require('cors');
 const crypto = require('crypto');
 const moment = require('moment');
 const License = require('./models/License');
+const LicenseKey = require('./models/LicenseKey');
 
 const app = express();
 
@@ -13,16 +14,31 @@ app.use(cors());
 app.use(express.json());
 
 // Encryption functions
+function getIV() {
+    // 如果需要固定 IV（不推荐），可以从环境变量获取
+    if (process.env.ENCRYPTION_IV) {
+        return Buffer.from(process.env.ENCRYPTION_IV, 'hex');
+    }
+    // 否则生成随机 IV（更安全，但需要存储）
+    return crypto.randomBytes(16);
+}
+
 function encryptLicenseKey(text) {
-    const cipher = crypto.createCipher('aes-256-cbc', process.env.ENCRYPTION_KEY);
+    const key = Buffer.from(process.env.ENCRYPTION_KEY, 'hex');
+    const iv = getIV();
+    const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
     let encrypted = cipher.update(text, 'utf8', 'hex');
     encrypted += cipher.final('hex');
-    return encrypted;
+    // 将 IV 附加到加密文本中，以便解密时使用
+    return iv.toString('hex') + ':' + encrypted;
 }
 
 function decryptLicenseKey(encrypted) {
-    const decipher = crypto.createDecipher('aes-256-cbc', process.env.ENCRYPTION_KEY);
-    let decrypted = decipher.update(encrypted, 'hex', 'utf8');
+    const [ivHex, encryptedText] = encrypted.split(':');
+    const key = Buffer.from(process.env.ENCRYPTION_KEY, 'hex');
+    const iv = Buffer.from(ivHex, 'hex');
+    const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
+    let decrypted = decipher.update(encryptedText, 'hex', 'utf8');
     decrypted += decipher.final('utf8');
     return decrypted;
 }
@@ -31,18 +47,51 @@ function generateLicenseKey() {
     const randomBytes = crypto.randomBytes(16);
     const timestamp = Date.now().toString();
     const combined = randomBytes.toString('hex') + timestamp;
-    return encryptLicenseKey(combined).substring(0, 32); // 生成32位的许可证密钥
+    const encrypted = encryptLicenseKey(combined);
+    // 由于加密后的字符串现在包含 IV，我们需要使用完整的字符串
+    return encrypted;
 }
 
 // Connect to MongoDB
-mongoose.connect(process.env.MONGODB_URI)
-    .then(() => console.log('Connected to MongoDB'))
-    .catch(err => console.error('MongoDB connection error:', err));
+mongoose.connect(process.env.MONGODB_URI, {
+    useNewUrlParser: true,
+    useUnifiedTopology: true,
+    serverSelectionTimeoutMS: 5000, // 超时时间
+    socketTimeoutMS: 45000, // Socket 超时
+    family: 4, // 强制使用 IPv4
+})
+.then(() => console.log('Connected to MongoDB'))
+.catch(err => {
+    console.error('MongoDB connection error:', err);
+    process.exit(1); // 如果连接失败，终止程序
+});
+
+// 添加连接错误处理
+mongoose.connection.on('error', err => {
+    console.error('MongoDB connection error:', err);
+});
+
+mongoose.connection.on('disconnected', () => {
+    console.log('MongoDB disconnected');
+});
+
+// 定义一个复杂的路径，可以放在环境变量中
+const GENERATE_PATH = process.env.GENERATE_PATH || crypto.randomBytes(16).toString('hex');
+
+// 在应用启动时输出生成路径（仅在控制台显示一次）
+console.log('License generation path:', GENERATE_PATH);
 
 // Generate license key endpoint
-app.post('/generate', async (req, res) => {
+app.post(`/${GENERATE_PATH}`, async (req, res) => {
     try {
         const licenseKey = generateLicenseKey();
+        
+        // 保存生成的许可证记录
+        await LicenseKey.create({
+            licenseKey: licenseKey,
+            isUsed: false
+        });
+
         return res.json({
             success: true,
             license_key: licenseKey
@@ -79,38 +128,39 @@ app.post('/activate', async (req, res) => {
             });
         }
 
-        // Check if license already exists
+        // 检查许可证是否存在于生成记录中
+        const licenseKeyRecord = await LicenseKey.findOne({ licenseKey: license_key });
+        if (!licenseKeyRecord) {
+            return res.status(400).json({
+                success: false,
+                message: '无效的许可证密钥'
+            });
+        }
+
+        // 检查许可证是否已被使用
+        if (licenseKeyRecord.isUsed) {
+            return res.status(400).json({
+                success: false,
+                message: '此许可证密钥已被使用，不能重复激活'
+            });
+        }
+
+        // 检查许可证激活状态
         const existingLicense = await License.findOne({ licenseKey: license_key });
         if (existingLicense) {
-            if (existingLicense.machineCode !== machine_code) {
-                return res.status(400).json({
-                    success: false,
-                    message: '许可证已在其他设备上激活'
-                });
-            }
-            if (!existingLicense.isActive) {
-                return res.status(400).json({
-                    success: false,
-                    message: '许可证已被禁用'
-                });
-            }
+            return res.status(400).json({
+                success: false,
+                message: '此许可证已被激活，不能重复使用'
+            });
         }
 
-        // Create new license or update existing one
-        const expiryDate = moment().add(1, 'year').toDate(); // 设置一年有效期
-        const licenseData = {
-            licenseKey: license_key,
-            machineCode: machine_code,
-            activationDate: activation_date || new Date(),
-            expiryDate: expiryDate,
-            isActive: true
-        };
+        // 创建新的许可证并标记许可证密钥为已使用
+        const expiryDate = moment().add(1, 'month').toDate();
+       
 
-        if (existingLicense) {
-            await License.updateOne({ licenseKey: license_key }, licenseData);
-        } else {
-            await License.create(licenseData);
-        }
+        // 更新许可证密钥状态为已使用
+        licenseKeyRecord.isUsed = true;
+        await licenseKeyRecord.save();
 
         return res.json({
             success: true,