How to manage licensing to enable features for a web application? [closed]

Question

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 6 years ago.

Improve this question

I will be selling a new product that will be managed by a web application on my own servers. The web application will allow to manage some devices.

I would like to limit the amount of managable devices to the number of licenses bought by the user.

My web app is currently allowing to manage all the devices with no quantity limitations.

I don't know where to start to implement the licensing (license key generation and checking) nor to limit the devices based on the license keys the user owns.

Any help would be more than welcome. Thank you in advance.

FYI: I am using jquery, php and mysql.

Answer 1

I would implement several tables in database, as it is shown below:

There will be the following entities: User, License and Device

And these entities will be related to each other as it is shown above. Every license will contain information about qty of licensed devices.

When a device connects to your service your service recognizes it by its id, which is being sent by device upon the connection. Then you can check, is the device registered, and what license is related to this device.

Limitations on quantity of devices will be checked upon device registration.

When a user registers a device (adds information to tables: Devices and LicensedDevices), your code should check the quantity of already registered devices with this license against devicesQty field value in Licenses table.

And if devicesQty value allows to add more devices, then your code adds new device to the database.

UPDATE:

To control quantity of licensed devices you need to register these devices (for instance - using unique ids of these devices). Otherwise you cannot control quantity of devices which are using your service.

One device connects, works, disconnects, then another, then another and so on. How can you control quantity in this case? I think there is no way unless registering ids of these devices.

And if a user changes his device to a new one, then there should be a procedure to update information about a registered device.

If your customer uses only web-browser to use your services, then the only way to control license/devices is to bind userid+password+deviceId to a license. And check this information upon logging in to your web-service/web-servers.

If you are using a native application on mobile devices to connect to your web-service then there is more sophisticated way.

Implement license key generation/verification via asymetric encryption approach.

For each user generate public and private key. Then store private key in your database and do not show it to anyone.

Let say your public key is: ABC-123-456

Use Base64 algorithm to convert public key bytes to alphanumeric characters.

Then, upon selling a license generate an arbitrary unique license code.

Let say your license code is: XYZ-789-012

And provide end-users with public key and license code: ABC-123-456 and XYZ-789-012

User sets public key and license code to the custom mobile application settings. And this application encrypts all sending data with this public key. And license code is included to the data package before encrypting it.

When your server receives a data from a device, it finds appropriate user by deviceId, then it finds appropriate private key to decrypt the data package. And then it inspects this data package on correctness.