StarSecure - License Manager v1.1.0

StarSecure Infrastructure Changelog (v1.1.0 Upgrade)​

Here is the complete, detailed breakdown of every single feature, structural change, and security patch we implemented into the StarSecure ecosystem.

1. Database & Core Architecture​

• [ADDED] Global System State:Expanded SystemState in schema.prisma to include:
  • companyName: For dynamic white-label branding.
  • rateLimitMax: Dynamic integer for customized Anti-DDoS thresholds.
  • themeColor: Hex code storage for the platform-wide dynamic accent engine.
• [UPDATED] Server Actions: Refactored customization/actions.js to simultaneously query and update both the SystemState (Core Branding) and BotConfig (Discord Embeds) databases.

2. Security & Authentication​

• [FIXED] The "Ghost" Middleware: Relocated middleware.js to the root src/ directory, permanently sealing the dashboard from unauthorized access.
• [ADDED] Secure Logout Action: Built auth-actions.js to safely destroy starsecure_session cookies.
• [UPDATED] Admin Login (/login):* Upgraded to z-[100] to prevent layout bleed.
  • Now captures and stores the actual admin username into the secure cookie.
  • Maintains the automatic "First-Time Setup" database provisioning switch.
• [ADDED] Customer Login (/portal/login): Built a secure gateway where clients input their license key, verifies against active/revoked statuses, and provisions a 7-day starsecure_customer cookie.

3. API & Backend Engines​

• [UPDATED] Verification Gateway (/api/verify):* Replaced the hardcoded 20-request limit with a dynamic parameter pulled straight from the Customization database.
  • Restored Geo-IP telemetry tracking for security audits.
• [ADDED] E-Commerce Fulfillment API (/api/v1/licenses): Created a secure endpoint utilizing Bearer Token Auth (Master Secret Key) so platforms like BuiltByBit, Stripe, or custom bots can auto-generate and distribute keys.
• [ADDED] Live Daemon Engine (/api/bot):* Replaced fake boot logs with Node.js child_process.spawn.
  • Physically boots your bot.js backend and captures raw stdout/stderr directly to server memory.
• [ADDED] Telemetry Stream (/api/bot/logs): New endpoint that continuously streams the bot's raw terminal output and uptime status to the frontend.

4. User Interface & Global Branding​

• [ADDED] Dynamic Theme Engine: Replaced hardcoded Tailwind colors (cyan, purple) with a global --accent-color CSS variable injected at the layout.js level.
• [UPDATED] Customization Hub (/customization):* Added Global Brand Name inputs.
  • Added Anti-DDoS slider limiters.
  • Added Theme Selectors (Swatches + Custom Hex).
  • [MOVED] Absorbed the entire Discord Transactional Embed Designer (with live Discord UI preview) from the Bot Settings page.
• [UPDATED] Customer Portal (/portal): Re-engineered to automatically inherit the global companyName, themeColor, and added a premium "Software Download Hub" layout.
• [UPDATED] Navigation Structure:
  • Extracted the <header> and <footer> into separate AdminNavbar and AdminFooter components.
  • Wired them to display the active Admin username and hide themselves automatically on public/login pages.
  • Added the active "Discord Daemon" status light to the Dashboard Home metrics grid.

5. Utilities & Developer Tools​

• [ADDED] Global API Simulator: Shrunk the license tester into a "Mini-Terminal" and injected it into SystemSidebar.js so admins can simulate HTTP 200/403/429 gateway responses from anywhere on the dashboard.
• [UPDATED] Documentation (/docs): Separated the documentation into a dual-tab system: "Client Verification" (Lua, Python, JS) and "Storefront Automation" (cURL, Webhooks).
• [UPDATED] Bot Controls (/bot-settings):* Removed the clutter of the Embed designer.
  • Added a live, auto-scrolling terminal output window that fetches real logs from the daemon every 1.5 seconds.
  • Replaced ugly browser alert() popups with premium Sonner toasts.
• Build the Bulk License Generator
• Implement Time-Bomb Subscriptions
• Create the Live Audit Log Feed