Welcome to the Linux Foundation Forum!
Adding some logic to a Linux Server running Cent OS6
willrob
Posts: 3
Hi, Firstly I would like to say that I know nothing about this what so ever and I wouldn't even know where to start to look (apart from here of course). My scenario is that as of next week I will be deploying my Smartphone web apps to a Linux Server ready for sale. I want to use gumroad webhooks (https://gumroad.com/webhooks) to carry out the administrative side of things but have been advised that I need to create some server side logic for security reasons first. This is what I've been advised to do: (I'd welcome any other Input)
1. You have the user create a username and password for your application if they want to purchase (stored server-side).
2. After the ID is created, you send them over to gumroad to purchase (including a user ID).
3. If the purchase is successful, gumroad contacts your server with the user ID.
4. The server marks that user as authorized/purchased. At this point, what you return to gumroad doesn't matter, as long as it gets the user back to your app.
5. The user logs in, and their account is now authorized.
As you can see, it's going to require a bit of server side authorization if you don't want people to be able to re-use licenses.
If someone could point me in the right direction for examples on procedures and coding that would be much appreciated
Kind Regards
Will
0
Comments
-
Hello,
first of all, I'd say your question is OS-independent. It really doesn't matter whether it's going to run on GNU/Linux or Windows or *BSD.
It pretty much sounds to me like you're in need of full-stack(front-end -> back-end) application no matter whether it's going to be simple or "sophisticated" one. You should hire developer for such task. I don't know if there are any for-free solutions available, I haven't looked for any, have you?
Anyway, I've read your previous post as well. I'd bet on people's honesty rather the opposite. And anything can be hacked. Anyway, I don't know what you can do or can't do on client's phone. In your previous post, you've suggested user_id, phone_id and something else. I'd take these, added SALT(either on device itself or on your server) create SHA256 hash and used it as sort-of key. Or generate license key, add user_id, phone_id, whatever else, create hash. Either way, store this hash at your server. And then check whether such key has been used, resp. is already in DB, or not.
And perhaps create an alternate way for user to re-download your app again in case he has deleted it. Although, this could be a possible back-door for cheating. *shrug*
It all depends what's possible and available(meaning data from client) to you and what isn't.
Really, just shooting ideas. Look around the internet whether there is some free-for-download solution available or hire somebody to do it. I think prevalent tendency is ``I've paid for it[full stack app development], I'll keep it.''.
Regards,
Z.0 -
Hi Z, thanks for getting back to me, I haven't looked around for free solutions as yet because as I explained in the initial post I don't exactly know what it is that I have to do? I was hoping that I could find something that would teach me how to do it. Basically what I have is a website that the user can download the smartphone web app from to their device. I know that there is always a possibility of someone by-passing a payment procedure but never the less I've got to have some security in place as standard procedure. Everything I've done for this has been self taught either from books or searching through stacks of information on the internet so what I'm hoping for is a point in the right direction to give me the information required to carry out my question. An example Test App may help to support my post.
From your Smartphone device browser (iPhone/iPad/iPod touch/Blackberry or Android)
please type in the following address www.nsbapp.com/yrpvTestApp
upon opening up of the app from the NSbasic test server please choose the installation procedure for your particular device
iPhone and iPad/iPod touch
From your device, in the Safari browser choose the required app
When the app appears on to screen select the Action button at the foot of the device
From the menu select add to home screen
You will see the Application Icon appear, select add. Close and return to the home screen
The application is added to the device in which the executable Icon is placed on to the home screen.
Android
From your device, in the browser choose the required phone app
When the app appears on to screen select the menu button and create a Bookmark, then close and return to the home screen.
Hold your finger on the home screen briefly, a menu appears, select shortcuts (In newer versions of Android select widgets), bookmarks and then add application to Home Screen.
The application is added to the device in which the executable Icon is placed on to the home screen.
Blackberry
From your device, in the browser choose the required phone app
When the app appears on to screen select the BlackBerry button, then select add to home screen. The application Icon will appear, select add and then close and return to the home screen.
The application is added to the device in which the executable Icon is placed on to the home
As you can see this is all very simple as long as I can get the list 1 to 5 from my initial post in place before the download and running of the app
Kind regards
Will
0 -
Will,
I hope there is a way for developer to do testing before going live.
You need to install GNU/Linux server, then http server(ngix or apache or jboss for java(?)), configure it based on the solution you're going to deploy - be it homemade or something that's out there.
And then play around and test until you get it right.
As for gumroad, they obviously have some kind of API. I'm pretty sure they're going to call 'http://yourdomain.tld/some_url' and you have to put your script at 'some_url' to do the stuff, resp. accept parameters, process them, and return app to the user. At least that's how I understood it(+/-). It's going to be similar as programming application for a mobile phone. Since you did that, it should be easy-ish.
I'd start small - no license keys and whatever, just get app into your phone. And then start adding restrictions.
Z.0
Categories
- All Categories
- 50 LFX Mentorship
- 103 LFX Mentorship: Linux Kernel
- 575 Linux Foundation IT Professional Programs
- 304 Cloud Engineer IT Professional Program
- 125 Advanced Cloud Engineer IT Professional Program
- 53 DevOps Engineer IT Professional Program
- 60 Cloud Native Developer IT Professional Program
- 5 Express Training Courses
- 5 Express Courses - Discussion Forum
- 2K Training Courses
- 19 LFC110 Class Forum
- 7 LFC131 Class Forum
- 27 LFD102 Class Forum
- 157 LFD103 Class Forum
- 20 LFD121 Class Forum
- 1 LFD137 Class Forum
- 61 LFD201 Class Forum
- 1 LFD210 Class Forum
- LFD210-CN Class Forum
- 1 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum
- LFD237 Class Forum
- 23 LFD254 Class Forum
- 611 LFD259 Class Forum
- 105 LFD272 Class Forum
- 1 LFD272-JP クラス フォーラム
- 1 LFD273 Class Forum
- 2 LFS145 Class Forum
- 24 LFS200 Class Forum
- 739 LFS201 Class Forum
- 1 LFS201-JP クラス フォーラム
- 11 LFS203 Class Forum
- 75 LFS207 Class Forum
- 300 LFS211 Class Forum
- 54 LFS216 Class Forum
- 47 LFS241 Class Forum
- 41 LFS242 Class Forum
- 37 LFS243 Class Forum
- 11 LFS244 Class Forum
- 36 LFS250 Class Forum
- 1 LFS250-JP クラス フォーラム
- LFS251 Class Forum
- 140 LFS253 Class Forum
- LFS254 Class Forum
- 1.1K LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 93 LFS260 Class Forum
- 132 LFS261 Class Forum
- 33 LFS262 Class Forum
- 80 LFS263 Class Forum
- 15 LFS264 Class Forum
- 11 LFS266 Class Forum
- 18 LFS267 Class Forum
- 17 LFS268 Class Forum
- 23 LFS269 Class Forum
- 203 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- LFS274 Class Forum
- LFS281 Class Forum
- 233 LFW211 Class Forum
- 172 LFW212 Class Forum
- 7 SKF100 Class Forum
- SKF200 Class Forum
- 902 Hardware
- 219 Drivers
- 74 I/O Devices
- 44 Monitors
- 115 Multimedia
- 209 Networking
- 101 Printers & Scanners
- 85 Storage
- 763 Linux Distributions
- 88 Debian
- 66 Fedora
- 15 Linux Mint
- 13 Mageia
- 24 openSUSE
- 142 Red Hat Enterprise
- 33 Slackware
- 13 SUSE Enterprise
- 357 Ubuntu
- 479 Linux System Administration
- 41 Cloud Computing
- 70 Command Line/Scripting
- Github systems admin projects
- 95 Linux Security
- 78 Network Management
- 108 System Management
- 49 Web Management
- 68 Mobile Computing
- 23 Android
- 30 Development
- 1.2K New to Linux
- 1.1K Getting Started with Linux
- 537 Off Topic
- 131 Introductions
- 217 Small Talk
- 21 Study Material
- 826 Programming and Development
- 278 Kernel Development
- 514 Software Development
- 928 Software
- 260 Applications
- 184 Command Line
- 3 Compiling/Installing
- 76 Games
- 316 Installation
- 62 All In Program
- 62 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)