feat: 更新许可证管理功能，使用AES-256-CBC加密和解密，增加生成许可证密钥的API

2024-12-30 13:42:18 +08:00
parent dbf8690753
commit 7525b07d5b
2 changed files with 97 additions and 6 deletions
--- a/server/server.js
+++ b/server/server.js
@@ -12,11 +12,50 @@ const app = express();
 app.use(cors());
 app.use(express.json());

+// Encryption functions
+function encryptLicenseKey(text) {
+    const cipher = crypto.createCipher('aes-256-cbc', process.env.ENCRYPTION_KEY);
+    let encrypted = cipher.update(text, 'utf8', 'hex');
+    encrypted += cipher.final('hex');
+    return encrypted;
+}
+
+function decryptLicenseKey(encrypted) {
+    const decipher = crypto.createDecipher('aes-256-cbc', process.env.ENCRYPTION_KEY);
+    let decrypted = decipher.update(encrypted, 'hex', 'utf8');
+    decrypted += decipher.final('utf8');
+    return decrypted;
+}
+
+function generateLicenseKey() {
+    const randomBytes = crypto.randomBytes(16);
+    const timestamp = Date.now().toString();
+    const combined = randomBytes.toString('hex') + timestamp;
+    return encryptLicenseKey(combined).substring(0, 32); // 生成32位的许可证密钥
+}
+
 // Connect to MongoDB
 mongoose.connect(process.env.MONGODB_URI)
    .then(() => console.log('Connected to MongoDB'))
    .catch(err => console.error('MongoDB connection error:', err));

+// Generate license key endpoint
+app.post('/generate', async (req, res) => {
+    try {
+        const licenseKey = generateLicenseKey();
+        return res.json({
+            success: true,
+            license_key: licenseKey
+        });
+    } catch (error) {
+        console.error('生成许可证错误:', error);
+        return res.status(500).json({
+            success: false,
+            message: '服务器错误'
+        });
+    }
+});
+
 // Activation endpoint
 app.post('/activate', async (req, res) => {
    try {
@@ -30,6 +69,16 @@ app.post('/activate', async (req, res) => {
            });
        }

+        // Validate license key format
+        try {
+            decryptLicenseKey(license_key);
+        } catch (error) {
+            return res.status(400).json({
+                success: false,
+                message: '无效的许可证密钥'
+            });
+        }
+
        // Check if license already exists
        const existingLicense = await License.findOne({ licenseKey: license_key });
        if (existingLicense) {
@@ -90,6 +139,16 @@ app.post('/verify', async (req, res) => {
            });
        }

+        // Validate license key format
+        try {
+            decryptLicenseKey(license_key);
+        } catch (error) {
+            return res.status(400).json({
+                success: false,
+                message: '无效的许可证密钥'
+            });
+        }
+
        // Find license
        const license = await License.findOne({ licenseKey: license_key });