• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

License Validation API

Dan

Well-known member
#81
Oh, I forgot to mention that I added a "license token" (different from the validation token) that uniquely identifies a license across validation tokens. So a dev could store that rather than the validation token and simply check that subsequent calls match that (if they desire to attach things to a particular license).
Does the token change when the license changes the owner?
 

digitalpoint

Well-known member
#83
Super sexy... Already incorporated it into our secondhand license sales section of our site...


License Validation Token only appears when you choose the "Selling XenForo" prefix... validation happens in realtime and will block any listing from being posted that isn't both valid and eligible for transfer.

Also does some other things like prevent someone from listing the same license more than once.

BTW - I already reset my validation token since making that video just now. :)
 

Rigel Kentaurus

Well-known member
#84
Super sexy... Already incorporated it into our secondhand license sales section of our site...


License Validation Token only appears when you choose the "Selling XenForo" prefix... validation happens in realtime and will block any listing from being posted that isn't both valid and eligible for transfer.

Also does some other things like prevent someone from listing the same license more than once.

BTW - I already reset my validation token since making that video just now. :)
I notice you don't ask for the domain
 

digitalpoint

Well-known member
#85
I notice you don't ask for the domain
Nope... don't really care about the domain to be honest. They are selling the license, so I'd assume the domain is going to change after the sale anyway.

I really just care if the license is valid/transferrable. I don't care what domain they are currently using it on (if any).
 

SheepCow

Well-known member
#87
I've written a little class that performs validation and allows for the best practice approach. It should be easy to integrate in to whatever people are using (either XenForo itself or just a standalone checker). The code is here:

https://gist.github.com/sheepcow/5377877

I've not tested it with a real token (I'm an associated person rather than a license holder) but it's simple enough to understand/edit.

There are some examples at the top of the file for how to use it.

Edit: I probably should have said it's for developers more than end-users as it requires integration in to your application, on it's own it's useless.
 

Mike

XenForo developer
Staff member
#88
I don't think you're actually checking that there's a domain match in the JSON response there, if a domain is passed in. (The data is still returned based on the token only, more data is returned with a domain as well.)
 

SheepCow

Well-known member
#89
I don't think you're actually checking that there's a domain match in the JSON response there, if a domain is passed in. (The data is still returned based on the token only, more data is returned with a domain as well.)

And that's why testing is important :). I've updated it to check the domain_match result.
 

Mike

XenForo developer
Staff member
#92
That's probably because you have whatever code set to follow redirects and we redirect www to no-www. You may want to turn off follow redirects.
 

Jeremy

Well-known member
#93
I was actually using XenForo_Http_Helper::getClient() without changing anything else. But that actually makes sense... I wasted like two hours rewriting my code to get it to work. Felt like an idiot. lol
 

katsulynx

Well-known member
#95
Is it possible to access the API with jQuery? Seems like I'm getting an error every time I try, but maybe I got some error in my code.
Code:
$(document).ready(function() { 
    $(\'#start_form\').ajaxForm(function() {
        var postData = {
                token:$(\'#API_KEY\').val(),
                domain:$(\'#Domain\').val()
        };
       
        $.post( "http://xenforo.com/api/license-lookup.json", postData, function( data ) {
                alert(data);
        }, "json");
    }); 
});
The form below is just a basic form including two fields, one for the token, one for the domain and the submit button, which triggers the function above. However, when submitting the code and triggering the event, I get the following error in my console:
Code:
MLHttpRequest cannot load http://xenforo.com/api/license-lookup.json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:1337' is therefore not allowed access.
As seen in the error, I'm trying to access the API trigger from my local XAMPP installation.
 

katsulynx

Well-known member
#98
However it is not working when calling it via jQuery, but a workaround would be to call a php file at the server you're requesting the validation from and there within do the real validation request and just hand the result back to jQuery.