If you needed to do some kind of an authorization mechanism to an Electron application, what libraries/frameworks would you use for it?
Basic requirements would be that the user enters either a key or some identification information about himself and their right to use the application can be remotely allowed/blocked as necessary.
Kind of like a license key, but a bit more flexible in terms of defining when their right of use ends.
Your question is a little vague (and not really a programming question).
Are you talking about software licensing? I've researched this quite a bit and, while there are a bunch of turnkey solutions, they tend to be relatively expense (monthly subscription fees, etc).
I ended up settling on Easy Digital Downloads and their Software Licensing plugin. The latter enables setting a license expiration date if desired, update alerts and a bunch of other stuff. The tech support is also responsive. It is a WordPress system though – so you would need to set up a 'store' using WordPress.
The API is trivial to interface with through Javascript – to active a license, check license validity, and check for updates.
An open source project I found was Simple Licensing. That is free but is less well documented and there isn't any support.
It depends. I've detailed in this answer how to generate and verify cryptographically signed license keys without a license server. But cryptographic license keys like that are usually perpetual (though can have a fixed expiration inside of the key), and it sounds like you want something a bit more dynamic when it comes to a license's validity, since you mentioned that you want to be able to remotely block a license.
That's where a license server would come in.
At its core, most licensing servers are CRUD apps, meaning they're the typical server allowing you to create, read, update, and delete resources. In this case, that resource would be a license. You would want to create a server endpoint that takes a license key parameter, performs a database lookup for the key, and if the key exists check if the key is expired among other requirements such as its blocked column.
Here's a basic Express app that does that, minus the pg database bits:
const express = require('express')
const app = express()
const { Client } = require('pg')
const db = new Client()
const {
PORT = 8080
} = process
app.get('/validate/:licenseKey', async (req, res) => {
const { licenseKey } = req.params
const { rows } = await db.query('select * from licenses where key = $1::text limit 1', [licenseKey])
const [license] = rows
if (license == null) {
return res.send({ valid: false, code: 'NOT_FOUND' })
}
if (license.blocked) {
return res.send({ valid: false, code: 'BLOCKED' })
}
if (license.expiry < Date.now()) {
return res.send({ valid: false, code: 'EXPIRED' })
}
return res.send({ valid: true, code: 'VALID' })
});
app.listen(PORT, async () => {
await db.connect()
console.log(`Server is running on port ${PORT}`)
})
But in case you aren't particularly keen on writing and maintaining your own in-house licensing system, I’m the founder of a software licensing API called Keygen which can help you get up and running quickly without having to write and host your own license server.
Keygen is a typical HTTP JSON API service (i.e. there’s no software that you need to package with your app). It can be used in any programming language and with frameworks like Electron. As per your main requirement here, it supports remotely suspending (blocking) licenses.
In its simplest form, validating a license key with Keygen is as easy as hitting a single JSON API endpoint (feel free to run this in a terminal):
curl -X POST https://api.keygen.sh/v1/accounts/demo/licenses/actions/validate-key \
-d '{
"meta": {
"key": "C1B6DE-39A6E3-DE1529-8559A0-4AF593-V3"
}
}'
I recently put together an example of adding license key validation, as well as device activation and management, to an Electron app. You can check out that repo on GitHub: https://github.com/keygen-sh/example-electron-license-activation.
