问题
Last year, I developed a simple Angular-Express-SQLite based application for a local Warehouse(Logistics Hub) which was used to keep track of daily incoming and outgoing trucks with information like their weight, origin, etc. and I deployed the app on an offline desktop. Everything went well until I came to know that the computer operator of the Warehouse resold the app to other Warehouses for a decent amount.
Now, the first Warehouse owner has contacted me again with some changes in the app with some crucial inputs as per the new guidelines from the government, I'm looking for some solution to prevent the app from getting stolen again.
- I'm looking for a solution that is as light in size as possible because of the type of desktops the app runs on are way too cheap(with lowest possible configuration), hence the choice of SQLite instead of some other Database providers.
- The app should be deployed in such a manner that it can't be copy-pasted from one machine to other. It could be achieved by simple, not so secure methods too as the operators aren't that tech-savvy and only know the bare minimum knowledge about Computers, like copy-paste.
回答1:
So I came across a low-level workaround since I'll be the one who'd set up the application on the client machine.
While initialising the application, an encrypted entry in the database could be set up with the name of the computer by reading the environment variable using express/node.
process.env.COMPUTERNAME
Or using some other system variable unique to that particular Computer and then comparing the stored value and current value on every login.
回答2:
As Joachim already said in his comment, if the App has internet access, you can check for a license-key or something similar on a server.
Perhaps something like PKG can help, which compiles your sources into a single executable file. PKG on npmjs
来源:https://stackoverflow.com/questions/62408633/how-to-prevent-an-offline-angularexpress-based-application-from-getting-stolen