237899745/kami
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3178871eb764aa4273e7e79797e829ca86abe88
kami/license-system-launcher/README.md
yuyx d3178871eb Initial commit
2026-01-04 23:00:21 +08:00

83 lines
2.1 KiB
Markdown
Raw Blame History

# License Launcher (Windows)
Single-file launcher that verifies license online, then runs the embedded EXE.
## Build (Windows)
1) Install Rust (MSVC toolchain).
2) Build:
```
cargo build --release --bin launcher_stub
cargo build --release --bin launcher_pack
```
Output:
- `target/release/launcher_stub.exe`
- `target/release/launcher_pack.exe`
- `target/release/launcher_gui.exe`
## Config
Create `config.json` (example):
```json
{
"api_base": "http://118.145.218.2:39256",
"project_id": "PROJ_001",
"project_secret": "YOUR_PROJECT_SECRET",
"client_version": "1.0.0",
"license_file": "license.key",
"request_timeout_sec": 10,
"heartbeat_retries": 2,
"heartbeat_retry_delay_sec": 5,
"extract_to": "temp",
"keep_payload": false
}
```
Notes:
- `extract_to`: `temp` (default) or `self`.
- If `extract_to=self`, the payload is extracted next to the launcher (use this when your app needs local resource files).
- Card key is read from `license.key` next to the launcher (first non-empty line). You can also set `card_key` in config to hardcode.
## Pack
```
launcher_pack --stub launcher_stub.exe --input your_app.exe --config config.json --output your_app_protected.exe
```
The tool writes the payload name into the config automatically.
## GUI Pack (Recommended)
1) Put `launcher_gui.exe` and `launcher_stub.exe` in the same folder.
2) Run `launcher_gui.exe`.
3) Fill:
- API base
- Integration code (LSC1... from Project detail)
4) Drag your EXE into the window.
5) Click **Start Pack**.
Output file defaults to `*_packed.exe`.
## Run
Place `license.key` next to `your_app_protected.exe`:
```
YOUR-CARD-KEY
```
Start `your_app_protected.exe`. It will:
1) Compute deviceId = `MAC|IP` (clamped to 64 chars; hashed if too long).
2) Call `/api/auth/verify` online.
3) Start the embedded app.
4) Send `/api/auth/heartbeat` on interval; failure will exit the app.
## Security Notes
- Online verification is required; no offline cache.
- If the server disables heartbeat, only startup verification is enforced.
- This raises reverse-engineering cost but cannot make a client uncrackable.
Reference in New Issue View Git Blame Copy Permalink