From 121338677c9b8e4978133319311495d0eb50af87 Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 14:41:35 +0630 Subject: [PATCH 1/4] add license --- app/controllers/application_controller.rb | 7 +++++-- app/helpers/application_helper.rb | 16 +--------------- app/models/license.rb | 8 ++++---- config/sx.yml | 3 ++- 4 files changed, 12 insertions(+), 22 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ce00dda9..956c90d0 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :lookup_domain, :set_locale + before_action :check_license, :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user @@ -94,7 +94,10 @@ class ApplicationController < ActionController::Base private def check_license - if current_company.nil? + # if current_company.nil? + # redirect_to install_path + # end + if !File.directory?("/config/license.yml") redirect_to install_path end end diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 037767c9..27024d75 100755 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -6,19 +6,5 @@ module ApplicationHelper when :error then "alert alert-error fade-in" when :alert then "alert alert-error fade-in" end - end - - # For Pageless - # def pageless(total_pages, url=nil, container=nil) - # opts = { - # :totalPages => total_pages, - # :url => url, - # :loaderMsg => 'Loading more pages...', - # :loaderImage => image_path('load.gif') - # } - - # container && opts[:container] ||= container - - # javascript_tag("$('#{container}').pageless(#{opts.to_json});") - # end + end end diff --git a/app/models/license.rb b/app/models/license.rb index b2682213..b7e2a9bb 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -13,14 +13,14 @@ class License def initialize(server = "", lookup = "") #this code is hard-code to reflect server mode - Very important. - self.server_mode = "cloud" + self.server_mode = ENV["server_mode"] if (server != "") self.class.base_uri server end @secret = SecureRandom.hex(10) - @params = { query: { device: "SXlite", token: SECRETS_CONFIG['provision_key'] } } + @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end def shop_code @@ -106,7 +106,7 @@ class License def check_remote_license(license_key) # @options = { query: {device: "cloud", key: license_key, skey: @secret, token: Rails.application.secrets.provision_key} } - @options = { query: {device: "SXlite", key: license_key, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @options = { query: {device: "SX", key: license_key, skey: @secret, token: SECRETS_CONFIG['provision_key']} } response = self.class.get("/license", @options) @license = response.parsed_response @@ -120,7 +120,7 @@ class License end def verify_by_api_token(api_token) - @options = { query: {device: "SXlite", api_token: api_token, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @options = { query: {device: "SX", api_token: api_token, skey: @secret, token: SECRETS_CONFIG['provision_key']} } response = self.class.get("/verify", @options) @license = response.parsed_response diff --git a/config/sx.yml b/config/sx.yml index 1fc3a186..4dca50a2 100755 --- a/config/sx.yml +++ b/config/sx.yml @@ -1,6 +1,7 @@ development: - server_mode: cloud #local + server_mode: local sx_provision_url: http://192.168.1.162:3005/api + expired_date: 2017-11-09 05:02:33 test: From 99cfc19392c5cd88a432d19b7c5fdf2209902487 Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 14:41:56 +0630 Subject: [PATCH 2/4] add AES key --- app/models/AESEncDec.rb | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 app/models/AESEncDec.rb diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb new file mode 100644 index 00000000..54afbe1a --- /dev/null +++ b/app/models/AESEncDec.rb @@ -0,0 +1,15 @@ +require 'openssl' +require 'base64' +require 'uri' + +class AESEncDec { + cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") + + def encrypt + cipher.encrypt + end + + def decrypt + + end +} \ No newline at end of file From 9c50e1486f71aa8e87030911ee8c6669c596990e Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 18:30:33 +0630 Subject: [PATCH 3/4] activation form --- config/initializers/license.rb | 4 ++++ config/license.yml | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100755 config/initializers/license.rb create mode 100755 config/license.yml diff --git a/config/initializers/license.rb b/config/initializers/license.rb new file mode 100755 index 00000000..edb075ea --- /dev/null +++ b/config/initializers/license.rb @@ -0,0 +1,4 @@ +config = YAML.load_file(Rails.root.join("config/license.yml")) +config.fetch(Rails.env, {}).each do |key, value| + ENV[key.upcase] = value.to_s +end \ No newline at end of file diff --git a/config/license.yml b/config/license.yml new file mode 100755 index 00000000..5e66e752 --- /dev/null +++ b/config/license.yml @@ -0,0 +1,14 @@ +development: + server_mode: local + license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + + +test: + sx_provision_url: secure.smartsales.asia/api + +# Do not keep production secrets in the repository, +# instead read values from the environment. +production: + server_mode: cloud + license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + From a70f9a43e6a97769661b3c2ffe1881afc75386d5 Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 14:11:10 +0630 Subject: [PATCH 4/4] license --- app/controllers/application_controller.rb | 9 ++++----- app/models/AESEncDec.rb | 8 ++++---- app/models/license.rb | 13 ++++++++++--- config/initializers/license.rb | 0 config/license.yml | 0 5 files changed, 18 insertions(+), 12 deletions(-) mode change 100755 => 100644 config/initializers/license.rb mode change 100755 => 100644 config/license.yml diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index aab3f86f..da9fde0a 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :lookup_domain, :set_locale + before_action :check_license, :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user @@ -94,10 +94,9 @@ class ApplicationController < ActionController::Base private def check_license - # if current_company.nil? - # redirect_to install_path - # end - if !File.directory?("/config/license.yml") + if License.check_license_file + + else redirect_to install_path end end diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb index ec84dcb7..e175a3a9 100644 --- a/app/models/AESEncDec.rb +++ b/app/models/AESEncDec.rb @@ -5,12 +5,12 @@ require 'uri' class AESEncDec { cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") - def export_key + def self.export_key ENV['aes_key'] = cipher.key = cipher.random_key # stores the key in key, and also sets the generated key on the cipher ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher end - def encrypt(data) + def self.encrypt(data) cipher.encrypt cipher.key = ENV["aes_key"] cipher.iv = ENV["aes_iv"] @@ -19,13 +19,13 @@ class AESEncDec { return encrypted end - def decrypt + def self.decrypt(data) cipher.decrypt cipher.key = ENV["aes_key"] cipher.iv = ENV["aes_iv"] # Start the decryption - decoded = Base64.urlsafe_decode64(encrypted) + decoded = Base64.urlsafe_decode64(data) decrypted = cipher.update(decoded) + cipher.final end } \ No newline at end of file diff --git a/app/models/license.rb b/app/models/license.rb index d7c23fbf..6089218a 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -19,7 +19,10 @@ class License self.class.base_uri server end - @secret = SecureRandom.hex(10) + # generate key for license file encrypt + AESCrypt.export_key() + + @secret = ENV["aes_key"] @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end @@ -31,6 +34,10 @@ class License end end + def self.check_license_file + return File.exist?("config/license.yml") + end + def detail_with_local_cache(lookup, key) ##Check from local redis - if available load local otherwise get from remote cache_key = "store:license:#{key}:hostname" @@ -50,7 +57,7 @@ class License if cache_license.nil? ##change the d/e key # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } - @params = { query: { device: "SXlite", token: SECRETS_CONFIG['license_key']} } + @params = { query: { lookup_type: "cloud", lookup: "subdomain", token: SECRETS_CONFIG['license_key']} } response = self.class.get("/request_license", @params) @license = response.parsed_response @@ -106,7 +113,7 @@ class License def check_remote_license(license_key) # @options = { query: {device: "cloud", key: license_key, skey: @secret, token: Rails.application.secrets.provision_key} } - @options = { query: {device: "SX", key: license_key, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @options = { query: {lookup_type: "application", encrypted_key: @secret, token: SECRETS_CONFIG['provision_key']} } response = self.class.get("/license", @options) @license = response.parsed_response diff --git a/config/initializers/license.rb b/config/initializers/license.rb old mode 100755 new mode 100644 diff --git a/config/license.yml b/config/license.yml old mode 100755 new mode 100644