🛡️ SpeXCore KeyAuth - Advanced Authentication System

Professional authentication and licensing system for applications and games

Features • Installation • Documentation • Contributing • License

---

📋 Overview

SpeXCore KeyAuth is a comprehensive, production-ready authentication and licensing system built with modern web technologies. It provides robust user management, license key generation, HWID locking, webhook notifications, and detailed API logging - perfect for protecting your applications, games, or software products.

✨ Key Highlights

• 🔐 Secure Authentication - JWT-based auth with HWID binding
• 🎫 License Management - Generate, validate, and track license keys
• 👥 User Management - Complete user lifecycle management
• 📊 Analytics Dashboard - Real-time statistics and insights
• 🔔 Webhook System - Event-driven notifications (Discord support)
• 🛡️ Rate Limiting - Built-in protection against abuse
• 📝 API Logging - Comprehensive request/response tracking
• 🎨 Modern UI - Beautiful, responsive interface with glass-morphism design

---

🚀 Features

Authentication & Security

• ✅ JWT token-based authentication
• ✅ Hardware ID (HWID) binding and verification
• ✅ IP tracking and validation
• ✅ Rate limiting per endpoint
• ✅ Secure password hashing (bcrypt)
• ✅ Session management
• ✅ Ban system with reason tracking
• ✅ HWID reset request system

License Management

• ✅ Bulk license key generation
• ✅ Customizable license duration
• ✅ License validation and redemption
• ✅ Usage tracking (who, when, where)
• ✅ License notes and metadata
• ✅ Export licenses to CSV/TXT

User Management

• ✅ Application-specific users (App Users)
• ✅ Subscription/expiration management
• ✅ Ban/unban functionality
• ✅ User activity logs
• ✅ Login history tracking
• ✅ Bulk user operations

Webhook System

• ✅ Event-driven notifications
• ✅ Discord webhook support with rich embeds
• ✅ Multiple webhook endpoints per app
• ✅ Event filtering (login, register, ban, license, HWID)
• ✅ HMAC signature verification
• ✅ Webhook testing tool

API System

• ✅ RESTful API v1 endpoints
• ✅ Comprehensive API documentation
• ✅ API key management
• ✅ Request logging with metadata
• ✅ Response time tracking
• ✅ Error tracking
• ✅ Filterable logs (by app, method, status, date)

Dashboard & UI

• ✅ Modern glass-morphism design
• ✅ Responsive layout (mobile-friendly)
• ✅ Real-time statistics
• ✅ Interactive charts
• ✅ Dark mode interface
• ✅ Smooth animations

---

🎯 Use Cases

• Game Protection - Protect your game from unauthorized access
• Software Licensing - Manage software licenses and subscriptions
• Cheat/Mod Distribution - Control access to your modifications
• SaaS Applications - User authentication and subscription management
• Beta Testing - Controlled access with license keys
• Educational Software - Student license management

---

🛠️ Tech Stack

Frontend

• Next.js 14 - React framework with App Router
• TypeScript - Type-safe development
• Tailwind CSS - Utility-first styling
• Lucide React - Beautiful icons

Backend

• Next.js API Routes - Serverless API endpoints
• Prisma ORM - Type-safe database access
• MySQL - Reliable database
• JWT - Secure token authentication
• bcrypt - Password hashing

Tools & Libraries

• crypto - HMAC signature generation
• rate-limiting - Request throttling
• date-fns - Date manipulation

---

📦 Installation

Prerequisites

• Node.js >= 18.0.0
• MySQL database
• npm or yarn

Quick Start

1. Clone the repository

git clone https://github.com/spexdw/spexcore-keyauth.git
cd spexcore-keyauth/keyauth

2. Install dependencies

npm install

3. Configure environment variables

cp .env.example .env

Edit .env file:

DATABASE_URL="mysql://user:password@localhost:3306/keyauth"
JWT_SECRET="your-super-secret-jwt-key-change-this"
NEXTAUTH_SECRET="your-nextauth-secret-change-this"
NEXTAUTH_URL="http://localhost:3000"

4. Setup database

npx prisma generate
npx prisma db push

5. Run development server

npm run dev

6. Open application

http://localhost:3000

Production Build

npm run build
npm start

---

📖 Documentation

API Endpoints

Base URL: https://your-domain.com/api/v1

Authentication Required Headers

X-App-ID: your_application_id
X-API-Key: your_api_key
Content-Type: application/json

Available Endpoints

Authentication

• POST /api/v1/auth/login - User login
• POST /api/v1/auth/register - User registration
• POST /api/v1/auth/verify - Token verification
• POST /api/v1/auth/logout - User logout

License Management

• POST /api/v1/license/validate - Validate license key
• POST /api/v1/license/redeem - Redeem license key

User Profile

• GET /api/v1/user/profile - Get user profile
• POST /api/v1/user/hwid/reset-request - Request HWID reset

Application Info

• GET /api/v1/app/info - Get application details
• GET /api/v1/app/version - Check for updates

Security

• POST /api/v1/security/report - Report security event

For detailed API documentation, visit /usercp/docs in the application or visit EXAMPLES/.

Example Usage

// Login Example
const response = await fetch('https://api.example.com/api/v1/auth/login', {
  method: 'POST',
  headers: {
    'X-App-ID': 'your_app_id',
    'X-API-Key': 'your_api_key',
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    username: 'testuser',
    password: 'password123',
    hwid: 'ABC-123-DEF-456'
  })
});

const data = await response.json();
console.log(data.data.token); // JWT token

---

🤝 Contributing

We welcome contributions from the community! Here's how you can help:

Ways to Contribute

1. Report Bugs 🐛

   • Check if the issue already exists
   • Provide detailed reproduction steps
   • Include system information and logs

2. Suggest Features 💡

   • Open an issue with the enhancement label
   • Describe the feature and its benefits
   • Provide examples or mockups if possible

3. Submit Pull Requests 🔧

   • Fork the repository
   • Create a feature branch (git checkout -b feature/AmazingFeature)
   • Commit your changes (git commit -m 'Add some AmazingFeature')
   • Push to the branch (git push origin feature/AmazingFeature)
   • Open a Pull Request

Development Guidelines

• Follow the existing code style
• Write meaningful commit messages
• Add comments for complex logic
• Update documentation if needed
• Test your changes thoroughly
• Ensure all endpoints work correctly

Code Style

• Use TypeScript for type safety
• Follow React/Next.js best practices
• Use Tailwind CSS for styling
• Keep components modular and reusable
• Add proper error handling

---

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

What does this mean?

✅ You CAN:

• Use commercially
• Modify the code
• Distribute
• Use privately
• Sublicense

❌ You CANNOT:

• Hold the author liable
• Use the author's name for endorsement

⚠️ You MUST:

• Include the original license and copyright notice

---

🙏 Acknowledgments

• Built with ❤️ by the SpeXCore
• Inspired by KeyAuth and similar authentication systems
• Thanks to all contributors and supporters

---

📞 Support

Need help? Have questions?

• 💬 Discord: spexd
• 📖 Documentation: Read the docs
• 🐛 Issues: GitHub Issues

---

📊 Project Stats

---

⚡ Performance

• API Response Time: < 100ms average
• Rate Limiting: Configurable per endpoint
• Database Queries: Optimized with Prisma
• Bundle Size: Optimized for production
• Uptime: 99.9% SLA

---

🔒 Security

Security is our top priority. If you discover a security vulnerability, please:

1. DO NOT open a public issue
2. Discord spexd with details
3. Allow us time to address the issue
4. We'll credit you in our security acknowledgments

---

Made with ❤️ by SpeXCore

⬆ Back to Top