aviaviavi
diff --git a/‎.toodles.yaml
+3 b/‎.toodles.yaml
+3
diff --git a/‎Dockerfile
+2 b/‎Dockerfile
+2
diff --git a/‎README.md
+32-37 b/‎README.md
+32-37
diff --git a/‎app/Main.hs
+6-2 b/‎app/Main.hs
+6-2
diff --git a/‎package.yaml
+21-8 b/‎package.yaml
+21-8
diff --git a/‎requirements.txt
+1 b/‎requirements.txt
+1
diff --git a/‎src/License.hs
+79 b/‎src/License.hs
+79
@@ -8,6 +8,9 @@ ignore:
 - stack-work
 - node_modules
 - Spec.hs
+- venv
+- vue.js
+- min.js
 # `flags` specify other keywords you might want to scan other than TODO
 # Hardcoded ones include TODO, FIXME, and XXX
 flags:
 
@@ -33,4 +33,6 @@ RUN apt-get update
 RUN apt-get install -y wget
 RUN wget -qO- https://get.haskellstack.org/ | sh
 
+RUN pip install pycrypto
+
 CMD ["toodles","-d","/repo/"]
@@ -96,29 +96,7 @@ These languages will be scanned for any TODO's:
 Submit a PR if you'd like a language to be added. There will eventually be
 support for this to be user configurable
 
-### Installing
-
-The easiest way to get toodles is via [stack](https://docs.haskellstack.org).
-Just a `stack install --resolver=lts-12.14 toodles` and you're done! Alternatively, with GHC 8.4.3
-you can use [cabal](https://www.haskell.org/cabal/download.html). If there is
-desire for it I can look into precompiled distribution.
-
-### Running
-
-Invoking `toodles` with no arguments will treat the current directory as the
-project root and will start a server on port 9001. You can set these with the
-`-d` and `-p` flags, respectively.
-
-
-```bash
-# $ toodles -d <root directory of your project> -p <port to run server>
-# for more info run:
-# $ toodles --help
-$ toodles -d /path/to/your/project -p 9001
-# or simply
-$ toodles
-```
-#### Running with Docker
+### Running with Docker
 
 You can run a pre-built toodles for your current directory via docker:
 
@@ -142,23 +120,40 @@ $ docker run -it -v $(pwd):/repo -p 9001:9001 toodles
 
 ```
 
-### Background
+### Installing manually
 
-I work at a small startup called DotDashPay and over time the TODOs in our code
-base continued building up to the point where it was difficult to use them
-holistically. While the information in the TODOs was actually very useful and
-methodically written, the fact that were couldn't easily organize them started
-to weigh on us as mounting tech debt.
+The best way to install manually is with [stack](https://docs.haskellstack.org).
+Just a `stack install --resolver=lts-12.14 toodles` and you're done! Alternatively, with GHC 8.4.3
+you can use [cabal](https://www.haskell.org/cabal/download.html).
 
-While not our main product focus, we try hard to find opportunities to build
-tools that make use of the organization schemes we already have in place, since
-doing so is a big win for us. Toodles became a nights and weekends side
-project to use the pre-existing TODO scheme we had spent years using, but had
-never effectively capitalized on.
+You'll also need to PyCrypto. If you have pip, you can run:
 
-A quick plug if you also like building great tools, like working in a fast paced
-startup environment, and are located in the SF Bay Area: Reach out at
-[email protected] and come work with us!
+```bash
+$ pip install pycrypto
+```
+
+If you've closed the toodles repo directly, you can also run
+
+```bash
+$ cd path/to/toodles
+$ pip install -r requirements.txt
+```
+
+### Running
+
+Invoking `toodles` with no arguments will treat the current directory as the
+project root and will start a server on port 9001. You can set these with the
+`-d` and `-p` flags, respectively.
+
+
+```bash
+# $ toodles -d <root directory of your project> -p <port to run server>
+# for more info run:
+# $ toodles --help
+$ toodles -d /path/to/your/project -p 9001
+# or simply
+$ toodles
+```
 
 ### Contributing
 
 
@@ -3,6 +3,7 @@
 module Main where
 
 import           Config
+import           License
 import           Paths_toodles
 import           Server
 import           Types
@@ -15,6 +16,9 @@ import           Text.Printf              (printf)
 
 main :: IO ()
 main = do
+  dataDir <- getDataDir
+  licenseRead <- readLicense (dataDir ++ "/toodles-license-public-key.pem") "/etc/toodles/license.json"
+  let license = (either (BadLicense) (id) licenseRead)
   userArgs <- toodlesArgs >>= setAbsolutePath
   case userArgs of
     (ToodlesArgs _ _ _ _ True _) -> do
@@ -23,9 +27,9 @@ main = do
     _ -> do
       let webPort = fromMaybe 9001 $ port userArgs
       ref <- newIORef Nothing
-      dataDir <- (++ "/web") <$> getDataDir
       putStrLn $ "serving on " ++ show webPort
-      run webPort $ app $ ToodlesState ref dataDir
+      tierRef <- newIORef license
+      run webPort $ app $ ToodlesState ref (dataDir ++ "/web") tierRef
 
 prettyFormat :: TodoEntry -> String
 prettyFormat (TodoEntryHead _ l a p n entryPriority f _ _ _ _ _ _) =
 
@@ -1,5 +1,5 @@
 name:                toodles
-version:             1.0.3
+version:             1.1.0
 github:              "aviaviavi/toodles"
 license:             MIT
 author:              "Avi Press"
@@ -17,6 +17,8 @@ data-files:
 - web/css/*
 - web/fonts/*
 - web/img/*
+- verify.py
+- toodles-license-public-key.pem
 
 synopsis:            Manage the TODO entries in your code
 description:
@@ -32,7 +34,7 @@ ghc-options:
   - -Wcompat
 
 dependencies:
-- base >= 4.0 && < 5
+- base >= 4.4.0 && < 5
 
 # TODO (avi|p=3|#dependencies) - dependencies need to be relaxed and
 # fixed to include other ghc versions
@@ -44,22 +46,26 @@ library:
   - Config
   - ToodlesApi
   - Server
+  - License
   dependencies:
-  - hspec >= 2.4.4
-  - hspec-expectations >=0.8.2
   - MissingH >=1.4.0.1
+  - RSA >=2.3.0
   - aeson ==1.3.1.1
+  - base64-bytestring ==1.0.0.1
   - blaze-html ==0.9.1.1
+  - bytestring >=0.10.8.2
   - cmdargs ==0.10.20
   - directory ==1.3.1.5
   - extra ==1.6.13
   - megaparsec ==6.5.0
+  - process >=1.6.3.0
   - regex-posix ==0.95.2
   - servant ==0.14.1
   - servant-blaze ==0.8
   - servant-server ==0.14.1
   - strict ==0.3.2
   - text ==1.2.3.1
+  - time >=1.8.0.2
   - wai ==3.2.1.2
   - warp ==3.2.25
   - yaml ==0.8.32
@@ -77,21 +83,24 @@ executables:
     - -Wall
     - -with-rtsopts=-N
     dependencies:
-    - hspec >= 2.4.4
-    - hspec-expectations >=0.8.2
     - MissingH >=1.4.0.1
+    - RSA >=2.3.0
     - aeson ==1.3.1.1
+    - base64-bytestring ==1.0.0.1
     - blaze-html ==0.9.1.1
+    - bytestring >=0.10.8.2
     - cmdargs ==0.10.20
     - directory ==1.3.1.5
     - extra ==1.6.13
     - megaparsec ==6.5.0
+    - process >=1.6.3.0
     - regex-posix ==0.95.2
     - servant ==0.14.1
     - servant-blaze ==0.8
     - servant-server ==0.14.1
     - strict ==0.3.2
     - text ==1.2.3.1
+    - time >=1.8.0.2
     - wai ==3.2.1.2
     - warp ==3.2.25
     - yaml ==0.8.32
@@ -109,21 +118,25 @@ tests:
     - -w
     dependencies:
     - toodles
-    - hspec >= 2.4.4
-    - hspec-expectations >=0.8.2
     - MissingH >=1.4.0.1
     - aeson ==1.3.1.1
+    - base64-bytestring ==1.0.0.1
     - blaze-html ==0.9.1.1
+    - bytestring >=0.10.8.2
     - cmdargs ==0.10.20
     - directory ==1.3.1.5
     - extra ==1.6.13
+    - hspec >= 2.4.4
+    - hspec-expectations >=0.8.2
     - megaparsec ==6.5.0
+    - process >=1.6.3.0
     - regex-posix ==0.95.2
     - servant ==0.14.1
     - servant-blaze ==0.8
     - servant-server ==0.14.1
     - strict ==0.3.2
     - text ==1.2.3.1
+    - time >=1.8.0.2
     - wai ==3.2.1.2
     - warp ==3.2.25
     - yaml ==0.8.32
@@ -0,0 +1 @@
+pycrypto
@@ -0,0 +1,79 @@
+{-# LANGUAGE DeriveAnyClass      #-}
+{-# LANGUAGE DeriveGeneric       #-}
+{-# LANGUAGE GADTs               #-}
+{-# LANGUAGE OverloadedStrings   #-}
+{-# LANGUAGE ScopedTypeVariables #-}
+
+
+module License
+  (
+    UserTier(..),
+    ToodlesLicense(..),
+    readLicense
+  ) where
+
+import           Paths_toodles
+
+import           Data.Aeson
+import qualified Data.ByteString.Base64.Lazy as B64
+import qualified Data.ByteString.Lazy.Char8  as LB
+import           Data.Text                   (Text)
+import qualified Data.Text                   as T
+import           Data.Time.Clock.POSIX
+import           GHC.Generics
+import           System.Directory
+import           System.Exit
+import           System.Process
+
+data UserTier
+  = BadLicense String
+  | NoLiscense
+  | Individual
+  | Commercial
+  deriving (Show, Eq, Ord, Generic, ToJSON, FromJSON)
+
+data License = License {
+  payload          :: ToodlesLicense,
+  encoded          :: Text,
+  payloadSignature :: Text
+                       } deriving (Generic, FromJSON, ToJSON, Show)
+
+data ToodlesLicense = ToodlesLicense
+  { validStart :: Integer
+  , validEnd   :: Integer
+  , email      :: Text
+  , reference  :: Text
+  , product    :: Text
+  } deriving (Generic, FromJSON, ToJSON, Show)
+
+readLicense :: FilePath -> FilePath  -> IO (Either String UserTier)
+readLicense publicKeyPath licensePath  = do
+  licenseExists <- doesFileExist licensePath
+  if not licenseExists then
+    return $ Right NoLiscense
+  else do
+    parsedContents <- eitherDecodeFileStrict licensePath
+    either (return . Left) (isLicenseValid publicKeyPath) parsedContents
+
+isLicenseValid :: FilePath -> License -> IO (Either String UserTier)
+isLicenseValid publicKeyPath (License _ encodedPayload sig) = do
+  dataDir <- getDataDir
+  now <- ((* 1000) . round) `fmap` getPOSIXTime
+  -- dependencies for license verification. for now, python
+  -- TODO(#techdebt) - license verification should be done in haskell, this removed
+  let args =
+        [ dataDir ++ "/verify.py"
+        , publicKeyPath
+        , T.unpack sig
+        , T.unpack encodedPayload
+        ]
+      decodedPayload =
+        decode (B64.decodeLenient . LB.pack $ T.unpack encodedPayload)
+  (exitcode, stdout, stderr) <- readProcessWithExitCode "python" args ""
+  putStrLn stderr
+  return $
+    let validated = ("True" == T.strip (T.pack stdout))
+    in if (exitcode == ExitSuccess) &&
+          validated && (maybe 0 validEnd decodedPayload >= now)
+         then Right Commercial
+         else Left "Invalid license file"