Reinstate offline license validation #32
Conversation
…ey-usage Prompt for license private key during environment bootstrap
…ey-usage-9l9ayt Launch embedded backend for offline license validation
…eout-error Fix backend entry point lookup
…eout-error-oowaaz Fix backend entry point lookup for packaged builds
…eout-error-roea6v Handle missing stdio for backend license prompt
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| const ROOT = process.cwd(); | ||
| const VERIFY_SCRIPT = path.join(ROOT, 'backend/licenses/verify_license.py'); | ||
| const PUB_KEY_PATH = path.join(ROOT, 'backend/licenses/license_public.pem'); | ||
| const SAFEVAULT_DIR = path.join(ROOT, '.safevault'); | ||
| const ENV_PATH = path.join(SAFEVAULT_DIR, 'license.env'); |
There was a problem hiding this comment.
The preload bridge derives SAFEVAULT_DIR from process.cwd() and creates the directory at module load. In packaged Electron apps the current working directory is typically the read‑only installation folder (e.g. …/Resources/app.asar). Attempting to create ./.safevault there will throw synchronously, preventing the preload script from loading and leaving window.safevault undefined. Persisting user data should go through app.getPath('userData') (via IPC to the main process) so it resolves to a writable, per‑user location.
Useful? React with 👍 / 👎.
| export function verifyOfflineLicense(token: string): boolean { | ||
| try { | ||
| const out = execFileSync('python3', [VERIFY_SCRIPT, PUB_KEY_PATH, token, 'GNOMAN', '2.0.0'], { | ||
| encoding: 'utf8', | ||
| timeout: 5000 | ||
| }); | ||
| return out.trim() === 'True'; | ||
| } catch { | ||
| return false; |
There was a problem hiding this comment.
License verification now executes python3 backend/licenses/verify_license.py directly from the preload. On machines where Python 3 or the cryptography module isn’t present—which will be the default for most end users—the execFileSync call throws and the catch block returns { ok: false }, so every key is reported as invalid. Offline activation therefore fails on a clean install. Either bundle a verifier in the app (e.g. a Node implementation) or detect the missing runtime and surface an actionable error.
Useful? React with 👍 / 👎.
Summary
Testing
https://chatgpt.com/codex/tasks/task_e_68fe2d495288832cad6cbeef8ac217f9