No description
- C# 87.7%
- Astro 7.1%
- PowerShell 2.4%
- TypeScript 2.2%
- CSS 0.4%
- Other 0.2%
Michael Davis
21ef7a258d
Implements the narrow license-only backend from updates-and-licensing.md §A8 (sequencing step 5, partial). New license-worker/ Cloudflare Worker: - POST /v1/paddle/webhook: verify Paddle HMAC-SHA256 signature -> upsert license in D1, idempotent by event_id (no timestamp-age rejection so Paddle retries aren't dropped). - POST /v1/license/refresh: license id -> current status + a freshly minted Ed25519 JWS entitlement token (serves activation + re-check). - GET /v1/pubkey + /health. The token is the anti-lock-in core: signed with a Worker-held private key, verified OFFLINE by the app against a baked-in public key, so swapping the Merchant-of-Record only rewrites the webhook event-mapping. No project data ever touches the service. Validated: tsc clean; 5 unit tests green (token mint->offline-verify roundtrip + Paddle signature accept/reject/tamper cases); keygen works. Not yet deployed (D1/secrets/live webhook unprovisioned). Also records the MoR decision (Paddle) and licensing handoff notes in updates-and-licensing.md. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> |
||
|---|---|---|
| docs | ||
| eng | ||
| installer | ||
| license-worker | ||
| spikes/TimelineSpike | ||
| src | ||
| tests/Volarra.Tests | ||
| website | ||
| .gitignore | ||
| gemini-feedback.md | ||
| notes.md | ||
| NuGet.Config | ||
| prd.md | ||
| updates-and-licensing.md | ||
| Volarra.slnx | ||