-1

I work on an application that is to be sold to businesses. The businesses expect to pay for a given amount of license (eg. 5 licenses for 5 computers).

We have implemented a customer specific license file that enables the software to work, but one could simply reuse this license for any number of machines. This is no good. Imagine you are a company that pays for 5 licenses only to find out you could get by with a single license. Sure it would break the terms of use, but nobody would know.

I believe I can bind the license to a single PC via a MAC address / CPU etc., but if I want to do this I need to authenticate the license as it binds to the PC. So the problem I am having is how to authenticate the license on the initial run?

What I am thinking is, I need an external license server that will receive requests, check if valid by looking up instances that this license has been activated, add instance and return a response that will tell the PC it is ok to authenticate/bind the license. I am able to encode the messages and handle the authentication at the PC side. What I don't know is how to go about setting up the server and the request / response (communication) part. I am a complete novice when it comes to networks and I don't want to waste days or weeks just to find out the approach is wrong.

I see two possibilities:

  • using python socket on the server and the PC to communicate.

I should be able to write this up in a few lines of code, however I am finding it difficult to find a service that would enable me to host a socket. Eg. PythonAnywhere does not support this ("Can I use websockets, or run my own socket server? I'm afraid not -- we only support Python apps that implement the WSGI protocol" source: https://help.pythonanywhere.com/pages/#im-a-beginner-learning-python), google app engine also seems not to https://cloud.google.com/appengine/docs/standard/go111/sockets and I had similar indications for others.

  • have the PC issue a http request (python requests) and have the server respond to it dynamically (flask or django!?).

I have absolutely no experiences using either flask or django and it seems like I would need to commit a lot of time to this. It seems like an over complicated thing to do and I don't even know if it can be done.

Are the approaches valid? What option is the appropriate one? Other options?

I am aware everything can be hacked. I only have to make it so that someone can't simply copy the executable to a different PC and have it run there with no real effort.

Help appreciated!

davidism
  • 121,510
  • 29
  • 395
  • 339
Mecgrad
  • 64
  • 5

1 Answers1

0

  1. You can go with a 3rd party to issue and manage your licenses. Just Google 'license management', 'generate and manage licenses', etc

  2. Between Flask and Django, I would say go with Flask. Either one should not take a lot of time to write the code to generate a license and return it. Your challenge would be - writing the code on the application that calls your server, and what you'll do in situations where the application is not on a machine connected to the web (assuming the application can be used offline). This is why some folks prefer to use a 3rd party to manage the license

NoCommandLine
  • 5,044
  • 2
  • 4
  • 15
  • 3rd party is a consideration, but would have to figure it out and it seems like it would take even longer to set everything up. I feel even more lost there :S. I will look into it some more. As to offline; the application would only need internet one time, when the license is being authorized for the first time, after that the license would be modified / tied to the PC and would no longer require the server for validation. – Mecgrad Mar 23 '21 at 20:36