require('dotenv').config(); const express = require('express'); const mongoose = require('mongoose'); const cors = require('cors'); const crypto = require('crypto'); const moment = require('moment'); const License = require('./models/License'); const LicenseKey = require('./models/LicenseKey'); const app = express(); // Middleware app.use(cors()); app.use(express.json()); // Encryption functions function getIV() { // 如果需要固定 IV(不推荐),可以从环境变量获取 if (process.env.ENCRYPTION_IV) { return Buffer.from(process.env.ENCRYPTION_IV, 'hex'); } // 否则生成随机 IV(更安全,但需要存储) return crypto.randomBytes(16); } function encryptLicenseKey(text) { const key = Buffer.from(process.env.ENCRYPTION_KEY, 'hex'); const iv = getIV(); const cipher = crypto.createCipheriv('aes-256-cbc', key, iv); let encrypted = cipher.update(text, 'utf8', 'hex'); encrypted += cipher.final('hex'); // 将 IV 附加到加密文本中,以便解密时使用 return iv.toString('hex') + ':' + encrypted; } function decryptLicenseKey(encrypted) { const [ivHex, encryptedText] = encrypted.split(':'); const key = Buffer.from(process.env.ENCRYPTION_KEY, 'hex'); const iv = Buffer.from(ivHex, 'hex'); const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv); let decrypted = decipher.update(encryptedText, 'hex', 'utf8'); decrypted += decipher.final('utf8'); return decrypted; } function generateLicenseKey() { const randomBytes = crypto.randomBytes(16); const timestamp = Date.now().toString(); const combined = randomBytes.toString('hex') + timestamp; const encrypted = encryptLicenseKey(combined); // 由于加密后的字符串现在包含 IV,我们需要使用完整的字符串 return encrypted; } // Connect to MongoDB mongoose.connect(process.env.MONGODB_URI, { useNewUrlParser: true, useUnifiedTopology: true, serverSelectionTimeoutMS: 5000, // 超时时间 socketTimeoutMS: 45000, // Socket 超时 family: 4, // 强制使用 IPv4 }) .then(() => console.log('Connected to MongoDB')) .catch(err => { console.error('MongoDB connection error:', err); process.exit(1); // 如果连接失败,终止程序 }); // 添加连接错误处理 mongoose.connection.on('error', err => { console.error('MongoDB connection error:', err); }); mongoose.connection.on('disconnected', () => { console.log('MongoDB disconnected'); }); // 定义一个复杂的路径,可以放在环境变量中 const GENERATE_PATH = process.env.GENERATE_PATH || 'xx-zz-yy-dd'; // 在应用启动时输出生成路径(仅在控制台显示一次) console.log('License generation path:', GENERATE_PATH); // Generate license key endpoint app.post(`/${GENERATE_PATH}`, async (req, res) => { try { const licenseKey = generateLicenseKey(); // 保存生成的许可证记录 await LicenseKey.create({ licenseKey: licenseKey, isUsed: false }); return res.json({ success: true, license_key: licenseKey }); } catch (error) { console.error('生成许可证错误:', error); return res.status(500).json({ success: false, message: '服务器错误' }); } }); // Activation endpoint app.post('/activate', async (req, res) => { try { const { license_key, machine_code, activation_date } = req.body; // Validate input if (!license_key || !machine_code) { return res.status(400).json({ success: false, message: '许可证密钥和机器码是必需的' }); } // Validate license key format try { decryptLicenseKey(license_key); } catch (error) { return res.status(400).json({ success: false, message: '无效的许可证密钥' }); } // 检查许可证是否存在于生成记录中 const licenseKeyRecord = await LicenseKey.findOne({ licenseKey: license_key }); if (!licenseKeyRecord) { return res.status(400).json({ success: false, message: '无效的许可证密钥' }); } // 检查许可证是否已被使用 if (licenseKeyRecord.isUsed) { return res.status(400).json({ success: false, message: '此许可证密钥已被使用,不能重复激活' }); } // 检查许可证激活状态 const existingLicense = await License.findOne({ licenseKey: license_key }); if (existingLicense) { return res.status(400).json({ success: false, message: '此许可证已被激活,不能重复使用' }); } // 创建新的许可证并标记许可证密钥为已使用 const expiryDate = moment().add(1, 'month').toDate(); await License.create([{ licenseKey: license_key, machineCode: machine_code, activationDate: activation_date || new Date(), expiryDate: expiryDate, isActive: true, maxUsageCount: process.env.MAX_USAGE_COUNT || 10, // 如果未指定,默认为100次 currentUsageCount: 0 }]); // 更新许可证密钥状态为已使用 licenseKeyRecord.isUsed = true; await licenseKeyRecord.save(); return res.json({ success: true, message: '激活成功', expiry_date: expiryDate.toISOString().split('T')[0] }); } catch (error) { console.error('激活错误:', error); return res.status(500).json({ success: false, message: '服务器错误' }); } }); // Verification endpoint app.post('/verify', async (req, res) => { try { const { license_key, machine_code } = req.body; // Validate input if (!license_key || !machine_code) { return res.status(400).json({ success: false, message: '许可证密钥和机器码是必需的' }); } // Validate license key format try { decryptLicenseKey(license_key); } catch (error) { return res.status(400).json({ success: false, message: '无效的许可证密钥' }); } // Find license const license = await License.findOne({ licenseKey: license_key }); if (!license) { return res.status(404).json({ success: false, message: '许可证不存在' }); } // Check machine code if (license.machineCode !== machine_code) { return res.status(400).json({ success: false, message: '硬件信息不匹配' }); } // Check if license is active if (!license.isActive) { return res.status(400).json({ success: false, message: '许可证已被禁用' }); } // Check expiry if (moment().isAfter(license.expiryDate)) { return res.status(400).json({ success: false, message: '许可证已过期' }); } // 检查使用次数 if (license.currentUsageCount >= license.maxUsageCount) { return res.status(400).json({ success: false, message: '许可证使用次数已达到上限' }); } // 更新使用次数 license.currentUsageCount += 1; await license.save(); return res.json({ success: true, message: '许可证有效', expiry_date: license.expiryDate.toISOString().split('T')[0], usage_count: { current: license.currentUsageCount, max: license.maxUsageCount } }); } catch (error) { console.error('验证错误:', error); return res.status(500).json({ success: false, message: '服务器错误' }); } }); const PORT = process.env.PORT || 3000; app.listen(PORT, () => { console.log(`Server is running on port ${PORT}`); });