Implementing an auto updater/notifier?

Casey Kolb

@d-healey Can confirm the updater is possible with the current Server API!

Working Example

With WooCommerce you can set a product attribute that contains the current version of your product. Once you retrieve this in HISE, you can compare it to the current local version. If there's a newer version, you just download the file directly from the server.

However, the download API still needs some work. I posted about this elsewhere, but some things still need to be worked out before it can be used in production I think.

Lindon

@Lunacy-Audio so whats the URL string you are using to get the version number product attribute from woocommerce? I cant seem to get the REST API to work...

Casey Kolb

@Lindon My call looks something like this:

Server.setBaseURL("https://lunacy.audio");
const var woocommerceCallParameters = {
	"consumer_key": YOUR_KEY,
        "consumer_secret": YOUR_SECRET
};

// This gets all of the data for the product (ID #20)
Server.callWithGET("wp-json/wc/v3/products/20", woocommerceCallParameters, function(status, response) {});

The response will contain an object with a key called attributes, which is an array of attribute objects. In my case it looks like this:

orange

@Lunacy-Audio

Looks great. What about the security? Can R2R team or others hack the website with this? Is it secure? :)

Natan

@orange Right On Time

Not A Good Idea At All, If One Of Your Plugins Get Hijacked By Those Teams, They Will Get Life Time Access, And In Other Hand The Download Rate Can Break Your Aws Sever And Your Bank ️ Think Twice Guys.

Casey Kolb

@orange said in Implementing an auto updater/notifier?:

Looks great. What about the security? Can R2R team or others hack the website with this? Is it secure?

That's a good question. Everything is sent over https, so I think the only way it could be hacked is if someone gets a hold of your API keys. I'll need to do some more research though. This is no less secure than any other plugin that uses an external API, and it seems lots of companies are beginning to do this (see PercX :winking_face: )

@Natan There's always going to be a trade off between security and convenience, but you're right that there's a risk. However, the AWS Server is not a real concern. It's no different than someone going to your site to download the update, and you want your customers to always be on the most up to date version anyway.

Casey Kolb

Also, it's worth mentioning that if someone does get a hold of your API keys, you can immediately revoke the keys.

orange

@Lunacy-Audio There is a woocommerce plugin called License Manager.

It has an API key. So the connection between plugin and server should be done with that? Or do we need to modify woocommerce anyway?

Casey Kolb

There's a free and super robust Woocommerce License Manager with all 5-star reviews that I use. I'm still in alpha testing for my plugin, but the license API has been tested on probably 20 different machines with varied operating systems without any issues. You have to set up your API keys with that plugin and I'd strongly suggest you make your keys Read-Only. I don't think there's ever a reason to Write from the HISE plugin in this case.

For the actual server file downloads, that's a separate API. You interact directly with the Woocommerce REST API, so you need a different pair of keys, which you make through the Woocommerce Settings.

Lindon

@Lunacy-Audio said in Implementing an auto updater/notifier?:

wp-json/wc/v3/products/20

Thanks Casey, it turned out mine was a postman issue...so having sorted it to work there I will now try in HISE

Lindon

• hmm, I can get a lot of data back from this call.....very very useful....for expansions...

Casey Kolb

Definitely! And once the download function is improved, I think it would super easy to set up preset packs to be downloaded right from the plugin without the user ever needing to restart

Lindon

@Lunacy-Audio said in Implementing an auto updater/notifier?:

Definitely! And once the download function is improved, I think it would super easy to set up preset packs to be downloaded right from the plugin without the user ever needing to restart

Presets yes - and expansions, but ... I'm trying to work out a meaningful way to authorise/authenticate expansions when they install -without having to know (perhaps years) ahead what expansions I will be shipping...

ustk

@Lindon It's a big question that definitely needs to be addressed! ;)

d.healey

My plan is the user will purchase an expansion and will be sent a code. They enter the code into the plugin which will check on my server that it is valid and download/install the expansion.

ustk

@d-healey Yeah that's what I plan too, it seems rather simple to implement. Well, speaking only about the request side since I haven't dug into expansions yet but I'll need to for my current project.

Lindon

@ustk said in Implementing an auto updater/notifier?:

@d-healey Yeah that's what I plan too, it seems rather simple to implement. Well, speaking only about the request side since I haven't dug into expansions yet but I'll need to for my current project.

OK great, glad it's simple : can you demonstrate?

hisefilo

@d-healey this thread makes me think a Software Center can be done with actual HISE tools. like Arturias Software center or NI app.

Is this possible? What do you think

d.healey

@hisefilo I'd recommend doing it as an Electron app. You might be able to do it with HISE but it will be quite limited.

d.healey

@hisefilo Now that I've played with the Server API I think it's definitely possible to make a software centre type app.