Woocommerce linked licensing system for your plugins
-
@d-healey said in Woocommerce linked licensing system for your plugins:
No, we're removing quotation marks ""
Why? I think there is no need to do that?
-
@orange When the token is written to the text file it adds quotation marks. These need to be removed before being added to the header.
-
@d-healey Then substring can work here. This will extract the string between first and last chars.
exampleString.substring(1, exampleString.length-1);
-
@d-healey @orange so,
.substring
works but.replace
doesn't...
(no matter if I write.replace("", "")
or.replace('""', "")
the result is the same).By using this, I mananged to get it to work :
const info = desktop.getChildFile("info.txt"); // Function getTheToken info.writeObject(response); // Function verifyTheToken local text = info.loadAsObject(); local token = text.token; Server.setHttpHeader("Authorization: Bearer " + token);
Is there a preferred method between
.loadAsObject()
and.loadAsString
for these kind of things or is there no difference ? -
@matt_sf I use an encrypted object.
-
@matt_sf said in Woocommerce linked licensing system for your plugins:
Is there a preferred method between .loadAsObject() and .loadAsString for these kind of things or is there no difference ?
I think objects would be better choice. Writing and Rreading encrypted objects is more secure way for that purpose. You can encrypt the file with a combination of complex pin and machine ID. Also you can change the encrypted file extension from .json to .dat or whatever you like.
-
-
@orange I am trying to make a similar thing like you did for license activation but as I see it's very very complicated to make the same licensing application in HISE. Much more harder than I think!
As I also see you do analog modeling plugins too. It's very interesting that you do very very hard to implemet stuff directly in HISE :D For me, unbelievable and extraordinary, congrats dude!
-
This post is deleted! -
Hey, it's me again ! I have a question regarding security :
I'm into the process of "converting" my Kontakt instruments into VSTs and I'm using JWT Auth + the License manager plugin, but I just set up the license system so the customers who already purchased my Kontakt instruments don't have a serial number yet.
In order to offer the smoothest user experience, my first tought of managing this was to implement an 'Auth + Register' system in the VST plugin which does this (roughly) :
User enter Username & Password then use JWT to authenticate the user then :
if (User owns the product) { if (User already have a serial) { ServerCall.use License Manager endpoint to check the serial and authorize the plugin; } else if (User dont have a serial in his account) { plugin.function(generateSerial); ServerCall.use License Manager endpoint to create a serial number into User account and authorize the plugin; } } else { Dont unlock the plugin }
But I'm concerned by automatically creating a serial with the License manager endpoint. Wouldn't it be a major security breach to let a plugin use this endpoint ? Technically it writes something in my DB....
-
@matt_sf If it's an authorised request via jwt it shouldn't be anymore of a risk than doing the same thing through your website
-
@matt_sf said in Woocommerce linked licensing system for your plugins:
But I'm concerned by automatically creating a serial with the License manager endpoint. Wouldn't it be a major security breach to let a plugin use this endpoint? Technically it writes something in my DB....
I think you shouldn't use creating serial number endpoint, that could be a security hole like you said.
What you can do is: upload/create "unregistered" serials into your Woocommerce License Manager admin area. While uploading the serials, you need to mark them as "unregistered".
Then the user needs to enter the exact serial number to register it. This way would be more secure because if the entered serial is not in your "unregistered serials list", then the license activation can't be done. You can also use this system for the resellers too. You can give unregistered serials to the resellers to sell them, then the users will need to register the code into their account.
But giving a right to create a serial number is a different story and this might be a security issue.
-
@orange @d-healey thanks for your answers. My problem was to at least assign thoses licenses - if not send them - to existing customers (there are about 300-400 of them so doing it manually was not an option ).
But I just thought that it shouldn't be a problem to upload a bunch of unregistered licences and, instead of creating one via the plugin, just get one and activate it (I should have thought of that).
Thank you !
-
@orange too bad, it seems there's no way to 'GET' an existing unregistered license which then can be activated on the fly with the License Manager's API. In order for this to work, the user must have received his license beforehand.
I'll have to find another way... Thanks anyway ! -
-
@clumsybear You'd have to use the JUCE network class probably: https://docs.juce.com/master/group__juce__core-network.html
-
@orange said in Woocommerce linked licensing system for your plugins:
- For page design, definitely go with Gutenberg (with Kadence Blocks). I think the page builders (like Divi, Elementor...etc.) will die soon, because Gutenberg (which is designed by Wordpress) is much more faster, getting better day by day, and it is the future of Wordpress.
@orange so after a few years using Gutenberg, do you still think it's the future of page builders? I read a lot of reviews reporting problems with it and people switching back to Elementor. What's your experience?
-
@clumsybear I use Gutenberg but not the woo blocks because they're quite limited
-
nice, what are your thoughts on it? why did you decide against other page builders? @d-healey
-
@clumsybear I try to follow the KISS principle. My website is totally functional without needing an additional dependency of a page builder, and it looks decent and is simple for the user to navigate.