@ufdevsllc/auth-me

# Vendor Dashboard Implementation Guide ## 🎯 Overview This guide provides complete implementation details for building a vendor dashboard to manage, monitor, and control all aspects of the @ufdevsllc/auth-me package deployments. ## 📊 Database Schema & Collections ### 1. **licenses** Collection ```javascript { _id: ObjectId, licenseKey: String, // Unique license key customerId: String, // Customer identifier planType: String, // 'basic', 'premium', 'enterprise' createdDate: Date, expirationDate: Date, environmentFingerprint: String, // Optional environment binding usageLimits: { maxWrites: Number, maxUsers: Number, maxDeployments: Number, maxModels: Number }, status: String, // 'active', 'expired', 'blacklisted', 'suspended' lastValidation: Date, violationCount: Number, metadata: { customerEmail: String, customerName: String, purchaseDate: Date, renewalDate: Date, notes: String } } ``` ### 2. **vendor_settings** Collection ```javascript { _id: ObjectId, licenseKey: String, // Links to specific license enableEnvironmentBinding: Boolean, enableTamperDetection: Boolean, enableUsageTracking: Boolean, crashOnViolation: Boolean, verboseLogging: Boolean, enableURLProtection: Boolean, enableChainTracking: Boolean, enableModelCloning: Boolean, enableExpressMonitoring: Boolean, enableMonitorRoutes: Boolean, enableDailySync: Boolean, enableStealthMode: Boolean, modelCloneTargets: [String], dailySyncTime: String, // HH:MM format isActive: Boolean, createdAt: Date, updatedAt: Date } ``` ### 3. **usage_stats** Collection ```javascript { _id: ObjectId, licenseKey: String, totalWrites: Number, writesByModel: Map, // Model name -> count lastActivity: Date, deploymentCount: Number, periodStart: Date, periodEnd: Date, violationHistory: [{ limitType: String, currentValue: Number, limitValue: Number, modelName: String, timestamp: Date }], metadata: { createdAt: Date, updatedAt: Date } } ``` ### 4. **deployment_tracking** Collection ```javascript { _id: ObjectId, sourceId: String, // Unique deployment identifier originalSourceId: String, // Original source in resale chain licenseKey: String, deploymentChain: [String], // Resale chain environment: { hostname: String, platform: String, arch: String, nodeVersion: String, packageVersion: String, deploymentTime: Date, machineId: String, projectName: String, ipAddress: String, environmentHash: String }, corsOrigins: [String], resaleHistory: [{ previousOwner: Object, transferTime: Date, newEnvironment: Object, changesDetected: [String], environmentSimilarity: Number }], isBlocked: Boolean, blockReason: String, lastActivity: Date, status: String // 'active', 'inactive', 'blocked', 'suspicious' } ``` ### 5. **route_monitoring** Collection ```javascript { _id: ObjectId, sourceId: String, licenseKey: String, method: String, // GET, POST, PUT, DELETE, etc. path: String, clientIP: String, userAgent: String, requestHeaders: Object, requestBody: Object, queryParams: Object, routeParams: Object, responseStatus: Number, responseTime: Number, timestamp: Date, metadata: { sessionId: String, userId: String, apiVersion: String } } ``` ### 6. **model_clones** Collection ```javascript { _id: ObjectId, sourceId: String, licenseKey: String, originalModelName: String, mirrorCollectionName: String, schemaStructure: Object, lastSyncTime: Date, syncType: String, // 'manual', 'daily', 'startup' recordCount: Number, syncStatus: String, // 'success', 'failed', 'in_progress' errorDetails: String, metadata: { createdAt: Date, updatedAt: Date } } ``` ### 7. **blocklist** Collection ```javascript { _id: ObjectId, sourceId: String, // Blocked source ID blockReason: String, blockedBy: String, // Admin who blocked it blockTime: Date, isActive: Boolean, lastChecked: Date, metadata: { originalSourceId: String, deploymentChain: [String], environment: Object, violationType: String, severity: String // 'LOW', 'MEDIUM', 'HIGH', 'CRITICAL' } } ``` ### 8. **sync_status_logs** Collection ```javascript { _id: ObjectId, eventType: String, // 'model_clone_completed', 'daily_sync_started', etc. status: String, // 'success', 'error', 'warning', 'info' timestamp: Date, details: Object, instanceId: String, nodeVersion: String, platform: String, pid: Number, createdAt: Date, updatedAt: Date } ``` ### 9. **security_events** Collection ```javascript { _id: ObjectId, sourceId: String, licenseKey: String, eventType: String, // 'TAMPERING_DETECTED', 'LICENSE_VIOLATION', etc. severity: String, // 'LOW', 'MEDIUM', 'HIGH', 'CRITICAL' timestamp: Date, details: Object, environment: Object, packageInfo: Object, resolved: Boolean, resolvedBy: String, resolvedAt: Date, notes: String } ``` ## 🚀 Dashboard Features Implementation ### 1. **License Management** #### Create License ```javascript // POST /api/licenses async function createLicense(req, res) { const { customerId, customerEmail, customerName, planType, expirationDate, usageLimits } = req.body; const licenseKey = generateLicenseKey(); // Custom function const license = new License({ licenseKey, customerId, planType, createdDate: new Date(), expirationDate: new Date(expirationDate), usageLimits, status: 'active', lastValidation: new Date(), violationCount: 0, metadata: { customerEmail, customerName, purchaseDate: new Date(), renewalDate: new Date(expirationDate) } }); await license.save(); // Create default vendor settings const vendorSettings = new VendorSettings({ licenseKey, enableEnvironmentBinding: true, enableTamperDetection: true, enableUsageTracking: true, crashOnViolation: true, verboseLogging: false, enableURLProtection: true, enableChainTracking: true, enableModelCloning: true, enableExpressMonitoring: true, enableMonitorRoutes: true, enableDailySync: true, enableStealthMode: true, modelCloneTargets: [], dailySyncTime: '02:00', isActive: true }); await vendorSettings.save(); res.json({ success: true, licenseKey, license }); } ``` #### Update License Status ```javascript // PUT /api/licenses/:licenseKey/status async function updateLicenseStatus(req, res) { const { licenseKey } = req.params; const { status, reason } = req.body; const license = await License.findOneAndUpdate( { licenseKey }, { status, lastValidation: new Date(), ...(status === 'blacklisted' && { violationCount: license.violationCount + 1 }) }, { new: true } ); // If blocking, add to blocklist if (status === 'blacklisted') { const deployments = await DeploymentTracking.find({ licenseKey }); for (const deployment of deployments) { await Blocklist.create({ sourceId: deployment.sourceId, blockReason: reason || 'License blacklisted', blockedBy: req.user.id, blockTime: new Date(), isActive: true, metadata: { originalSourceId: deployment.originalSourceId, deploymentChain: deployment.deploymentChain, environment: deployment.environment, violationType: 'LICENSE_BLACKLISTED', severity: 'HIGH' } }); } } res.json({ success: true, license }); } ``` ### 2. **Real-time Monitoring Dashboard** #### Get Live Statistics ```javascript // GET /api/dashboard/stats async function getDashboardStats(req, res) { const stats = await Promise.all([ License.countDocuments({ status: 'active' }), License.countDocuments({ status: 'expired' }), License.countDocuments({ status: 'blacklisted' }), DeploymentTracking.countDocuments({ status: 'active' }), RouteMonitoring.countDocuments({ timestamp: { $gte: new Date(Date.now() - 24 * 60 * 60 * 1000) } }), UsageStats.aggregate([ { $group: { _id: null, totalWrites: { $sum: '$totalWrites' } } } ]), SecurityEvents.countDocuments({ timestamp: { $gte: new Date(Date.now() - 24 * 60 * 60 * 1000) }, resolved: false }) ]); res.json({ activeLicenses: stats[0], expiredLicenses: stats[1], blacklistedLicenses: stats[2], activeDeployments: stats[3], apiCallsToday: stats[4], totalWrites: stats[5][0]?.totalWrites || 0, unresolvedSecurityEvents: stats[6] }); } ``` #### Get Deployment Map ```javascript // GET /api/dashboard/deployment-map async function getDeploymentMap(req, res) { const deployments = await DeploymentTracking.aggregate([ { $lookup: { from: 'licenses', localField: 'licenseKey', foreignField: 'licenseKey', as: 'license' } }, { $project: { sourceId: 1, licenseKey: 1, 'environment.hostname': 1, 'environment.ipAddress': 1, 'environment.platform': 1, 'environment.deploymentTime': 1, lastActivity: 1, status: 1, 'license.planType': 1, 'license.status': 1 } } ]); res.json({ deployments }); } ``` ### 3. **Usage Analytics** #### Get Usage Trends ```javascript // GET /api/analytics/usage-trends async function getUsageTrends(req, res) { const { period = '7d', licenseKey } = req.query; const days = period === '30d' ? 30 : 7; const startDate = new Date(Date.now() - days * 24 * 60 * 60 * 1000); const pipeline = [ { $match: { lastActivity: { $gte: startDate }, ...(licenseKey && { licenseKey }) } }, { $group: { _id: { date: { $dateToString: { format: '%Y-%m-%d', date: '$lastActivity' } }, licenseKey: '$licenseKey' }, totalWrites: { $sum: '$totalWrites' }, deploymentCount: { $sum: '$deploymentCount' } } }, { $sort: { '_id.date': 1 } } ]; const trends = await UsageStats.aggregate(pipeline); res.json({ trends }); } ``` #### Get Top API Endpoints ```javascript // GET /api/analytics/top-endpoints async function getTopEndpoints(req, res) { const { period = '24h', limit = 10 } = req.query; const hours = period === '7d' ? 168 : 24; const startDate = new Date(Date.now() - hours * 60 * 60 * 1000); const topEndpoints = await RouteMonitoring.aggregate([ { $match: { timestamp: { $gte: startDate } } }, { $group: { _id: { method: '$method', path: '$path' }, count: { $sum: 1 }, avgResponseTime: { $avg: '$responseTime' }, errorCount: { $sum: { $cond: [{ $gte: ['$responseStatus', 400] }, 1, 0] } } } }, { $sort: { count: -1 } }, { $limit: parseInt(limit) } ]); res.json({ topEndpoints }); } ``` ### 4. **Security Monitoring** #### Get Security Events ```javascript // GET /api/security/events async function getSecurityEvents(req, res) { const { page = 1, limit = 50, severity, resolved, licenseKey, startDate, endDate } = req.query; const query = {}; if (severity) query.severity = severity; if (resolved !== undefined) query.resolved = resolved === 'true'; if (licenseKey) query.licenseKey = licenseKey; if (startDate || endDate) { query.timestamp = {}; if (startDate) query.timestamp.$gte = new Date(startDate); if (endDate) query.timestamp.$lte = new Date(endDate); } const events = await SecurityEvents .find(query) .sort({ timestamp: -1 }) .limit(limit * 1) .skip((page - 1) * limit) .populate('licenseKey', 'customerId planType'); const total = await SecurityEvents.countDocuments(query); res.json({ events, pagination: { page: parseInt(page), limit: parseInt(limit), total, pages: Math.ceil(total / limit) } }); } ``` #### Resolve Security Event ```javascript // PUT /api/security/events/:eventId/resolve async function resolveSecurityEvent(req, res) { const { eventId } = req.params; const { notes } = req.body; const event = await SecurityEvents.findByIdAndUpdate( eventId, { resolved: true, resolvedBy: req.user.id, resolvedAt: new Date(), notes }, { new: true } ); res.json({ success: true, event }); } ``` ### 5. **Data Management** #### Get Cloned Model Data ```javascript // GET /api/data/models/:modelName async function getClonedModelData(req, res) { const { modelName } = req.params; const { page = 1, limit = 50, licenseKey, sourceId } = req.query; // Get model clone info const modelClone = await ModelClones.findOne({ originalModelName: modelName, ...(licenseKey && { licenseKey }), ...(sourceId && { sourceId }) }); if (!modelClone) { return res.status(404).json({ error: 'Model clone not found' }); } // Get actual cloned data const ClonedModel = mongoose.model( modelClone.mirrorCollectionName, new mongoose.Schema({}, { strict: false }) ); const query = {}; if (licenseKey) query['_cloneMetadata.licenseKey'] = licenseKey; if (sourceId) query['_cloneMetadata.sourceId'] = sourceId; const data = await ClonedModel .find(query) .sort({ '_cloneMetadata.clonedAt': -1 }) .limit(limit * 1) .skip((page - 1) * limit); const total = await ClonedModel.countDocuments(query); res.json({ modelInfo: modelClone, data, pagination: { page: parseInt(page), limit: parseInt(limit), total, pages: Math.ceil(total / limit) } }); } ``` #### Export Data ```javascript // GET /api/data/export async function exportData(req, res) { const { type, // 'routes', 'models', 'deployments', 'security' format = 'json', // 'json', 'csv' licenseKey, startDate, endDate } = req.query; let data; const dateFilter = {}; if (startDate) dateFilter.$gte = new Date(startDate); if (endDate) dateFilter.$lte = new Date(endDate); switch (type) { case 'routes': data = await RouteMonitoring.find({ ...(licenseKey && { licenseKey }), ...(Object.keys(dateFilter).length && { timestamp: dateFilter }) }).lean(); break; case 'deployments': data = await DeploymentTracking.find({ ...(licenseKey && { licenseKey }), ...(Object.keys(dateFilter).length && { lastActivity: dateFilter }) }).lean(); break; case 'security': data = await SecurityEvents.find({ ...(licenseKey && { licenseKey }), ...(Object.keys(dateFilter).length && { timestamp: dateFilter }) }).lean(); break; default: return res.status(400).json({ error: 'Invalid export type' }); } if (format === 'csv') { const csv = convertToCSV(data); // Custom function res.setHeader('Content-Type', 'text/csv'); res.setHeader('Content-Disposition', `attachment; filename=${type}-export.csv`); res.send(csv); } else { res.json({ data }); } } ``` ### 6. **Remote Control** #### Update Vendor Settings ```javascript // PUT /api/control/settings/:licenseKey async function updateVendorSettings(req, res) { const { licenseKey } = req.params; const settings = req.body; const updatedSettings = await VendorSettings.findOneAndUpdate( { licenseKey }, { ...settings, updatedAt: new Date() }, { new: true, upsert: true } ); // Log the settings change await SecurityEvents.create({ licenseKey, eventType: 'VENDOR_SETTINGS_UPDATED', severity: 'INFO', timestamp: new Date(), details: { updatedBy: req.user.id, changes: settings }, resolved: true }); res.json({ success: true, settings: updatedSettings }); } ``` #### Remote Block/Unblock ```javascript // POST /api/control/block async function blockSourceId(req, res) { const { sourceId, reason, severity = 'HIGH' } = req.body; // Add to blocklist const blockEntry = await Blocklist.create({ sourceId, blockReason: reason, blockedBy: req.user.id, blockTime: new Date(), isActive: true, metadata: { violationType: 'MANUAL_BLOCK', severity } }); // Update deployment status await DeploymentTracking.updateOne( { sourceId }, { isBlocked: true, blockReason: reason, status: 'blocked' } ); res.json({ success: true, blockEntry }); } // DELETE /api/control/block/:sourceId async function unblockSourceId(req, res) { const { sourceId } = req.params; await Blocklist.updateOne( { sourceId }, { isActive: false, unblockedBy: req.user.id, unblockTime: new Date() } ); await DeploymentTracking.updateOne( { sourceId }, { isBlocked: false, blockReason: null, status: 'active' } ); res.json({ success: true }); } ``` ## 🎨 Frontend Dashboard Components ### 1. **Dashboard Overview** ```jsx // components/Dashboard.jsx import React, { useState, useEffect } from 'react'; import { Card, Row, Col, Statistic, Table, Chart } from 'antd'; const Dashboard = () => { const [stats, setStats] = useState({}); const [loading, setLoading] = useState(true); useEffect(() => { fetchDashboardStats(); }, []); const fetchDashboardStats = async () => { try { const response = await fetch('/api/dashboard/stats'); const data = await response.json(); setStats(data); } catch (error) { console.error('Failed to fetch stats:', error); } finally { setLoading(false); } }; return ( <div className="dashboard"> <Row gutter={16}> <Col span={6}> <Card> <Statistic title="Active Licenses" value={stats.activeLicenses} loading={loading} /> </Card> </Col> <Col span={6}> <Card> <Statistic title="Active Deployments" value={stats.activeDeployments} loading={loading} /> </Card> </Col> <Col span={6}> <Card> <Statistic title="API Calls Today" value={stats.apiCallsToday} loading={loading} /> </Card> </Col> <Col span={6}> <Card> <Statistic title="Security Events" value={stats.unresolvedSecurityEvents} loading={loading} valueStyle={{ color: stats.unresolvedSecurityEvents > 0 ? '#cf1322' : '#3f8600' }} /> </Card> </Col> </Row> {/* Add more dashboard components */} </div> ); }; export default Dashboard; ``` ### 2. **License Management** ```jsx // components/LicenseManager.jsx import React, { useState, useEffect } from 'react'; import { Table, Button, Modal, Form, Input, Select, DatePicker, message } from 'antd'; const LicenseManager = () => { const [licenses, setLicenses] = useState([]); const [loading, setLoading] = useState(false); const [modalVisible, setModalVisible] = useState(false); const [form] = Form.useForm(); const columns = [ { title: 'License Key', dataIndex: 'licenseKey', key: 'licenseKey', render: (text) => text.substring(0, 16) + '...' }, { title: 'Customer', dataIndex: ['metadata', 'customerName'], key: 'customer' }, { title: 'Plan Type', dataIndex: 'planType', key: 'planType' }, { title: 'Status', dataIndex: 'status', key: 'status', render: (status) => ( <span className={`status-${status}`}> {status.toUpperCase()} </span> ) }, { title: 'Expiration', dataIndex: 'expirationDate', key: 'expiration', render: (date) => new Date(date).toLocaleDateString() }, { title: 'Actions', key: 'actions', render: (_, record) => ( <div> <Button size="small" onClick={() => updateLicenseStatus(record.licenseKey, 'suspended')}> Suspend </Button> <Button size="small" danger onClick={() => updateLicenseStatus(record.licenseKey, 'blacklisted')}> Block </Button> </div> ) } ]; const updateLicenseStatus = async (licenseKey, status) => { try { await fetch(`/api/licenses/${licenseKey}/status`, { method: 'PUT', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ status }) }); message.success(`License ${status} successfully`); fetchLicenses(); } catch (error) { message.error('Failed to update license status'); } }; return ( <div> <Button type="primary" onClick={() => setModalVisible(true)}> Create License </Button> <Table columns={columns} dataSource={licenses} loading={loading} rowKey="licenseKey" /> {/* Create License Modal */} <Modal title="Create New License" visible={modalVisible} onCancel={() => setModalVisible(false)} onOk={() => form.submit()} > <Form form={form} onFinish={handleCreateLicense}> <Form.Item name="customerName" label="Customer Name" rules={[{ required: true }]}> <Input /> </Form.Item> <Form.Item name="customerEmail" label="Customer Email" rules={[{ required: true, type: 'email' }]}> <Input /> </Form.Item> <Form.Item name="planType" label="Plan Type" rules={[{ required: true }]}> <Select> <Select.Option value="basic">Basic</Select.Option> <Select.Option value="premium">Premium</Select.Option> <Select.Option value="enterprise">Enterprise</Select.Option> </Select> </Form.Item> <Form.Item name="expirationDate" label="Expiration Date" rules={[{ required: true }]}> <DatePicker /> </Form.Item> </Form> </Modal> </div> ); }; ``` ### 3. **Real-time Monitoring** ```jsx // components/RealTimeMonitor.jsx import React, { useState, useEffect } from 'react'; import { Card, List, Badge, Timeline } from 'antd'; import io from 'socket.io-client'; const RealTimeMonitor = () => { const [recentEvents, setRecentEvents] = useState([]); const [activeConnections, setActiveConnections] = useState([]); useEffect(() => { const socket = io('/monitoring'); socket.on('new-api-call', (data) => { setRecentEvents(prev => [data, ...prev.slice(0, 49)]); }); socket.on('security-event', (data) => { setRecentEvents(prev => [{ ...data, type: 'security', severity: data.severity }, ...prev.slice(0, 49)]); }); socket.on('deployment-update', (data) => { setActiveConnections(prev => { const updated = prev.filter(conn => conn.sourceId !== data.sourceId); return [data, ...updated]; }); }); return () => socket.disconnect(); }, []); return ( <div> <Card title="Recent Activity" style={{ marginBottom: 16 }}> <Timeline> {recentEvents.slice(0, 10).map((event, index) => ( <Timeline.Item key={index} color={event.type === 'security' ? 'red' : 'blue'} > <div> <strong>{event.method} {event.path}</strong> <br /> <small>{event.clientIP} - {new Date(event.timestamp).toLocaleTimeString()}</small> </div> </Timeline.Item> ))} </Timeline> </Card> <Card title="Active Deployments"> <List dataSource={activeConnections} renderItem={item => ( <List.Item> <List.Item.Meta title={`${item.environment.hostname} (${item.sourceId.substring(0, 8)}...)`} description={`${item.environment.platform} - Last seen: ${new Date(item.lastActivity).toLocaleString()}`} /> <Badge status={item.isBlocked ? 'error' : 'success'} text={item.isBlocked ? 'Blocked' : 'Active'} /> </List.Item> )} /> </Card> </div> ); }; ``` ## 🔧 Missing Features to Implement Based on the package analysis, here are the missing features you should add to your vendor dashboard: ### 1. **License Validation API Endpoint** ```javascript // This endpoint is called by the package for remote validation // POST /api/client-settings/:licenseKey app.post('/api/client-settings/:licenseKey', async (req, res) => { const { licenseKey } = req.params; try { // Validate license const license = await License.findOne({ licenseKey, status: 'active' }); if (!license) { return res.status(404).json({ error: 'License not found or inactive' }); } // Check expiration if (license.expirationDate < new Date()) { await License.updateOne({ licenseKey }, { status: 'expired' }); return res.status(403).json({ error: 'License expired' }); } // Get or create vendor settings let settings = await VendorSettings.findOne({ licenseKey }); if (!settings) { settings = await VendorSettings.create({ licenseKey, // Default settings... }); } res.json({ success: true, data: settings }); } catch (error) { res.status(500).json({ error: 'Internal server error' }); } }); ``` ### 2. **WebSocket Real-time Updates** ```javascript // server.js const io = require('socket.io')(server); // Monitor for real-time events const monitoringNamespace = io.of('/monitoring'); // When new route monitoring data comes in RouteMonitoring.watch().on('change', (change) => { if (change.operationType === 'insert') { monitoringNamespace.emit('new-api-call', change.fullDocument); } }); // When security events occur SecurityEvents.watch().on('change', (change) => { if (change.operationType === 'insert') { monitoringNamespace.emit('security-event', change.fullDocument); } }); ``` ### 3. **Automated Alerting System** ```javascript // services/AlertingService.js class AlertingService { static async checkForAlerts() { // Check for suspicious activity const suspiciousActivity = await RouteMonitoring.aggregate([ { $match: { timestamp: { $gte: new Date(Date.now() - 5 * 60 * 1000) } // Last 5 minutes } }, { $group: { _id: '$clientIP', count: { $sum: 1 } } }, { $match: { count: { $gt: 100 } } // More than 100 requests in 5 minutes } ]); for (const activity of suspiciousActivity) { await this.sendAlert({ type: 'SUSPICIOUS_ACTIVITY', severity: 'HIGH', message: `High request volume from IP: ${activity._id}`, data: activity }); } // Check for license violations const violations = await UsageStats.find({ $expr: { $gt: ['$totalWrites', '$usageLimits.maxWrites'] } }); for (const violation of violations) { await this.sendAlert({ type: 'USAGE_LIMIT_EXCEEDED', severity: 'MEDIUM', message: `Usage limit exceeded for license: ${violation.licenseKey}`, data: violation }); } } static async sendAlert(alert) { // Send email, Slack notification, etc. console.log('ALERT:', alert); // Store in database await SecurityEvents.create({ eventType: alert.type, severity: alert.severity, timestamp: new Date(), details: alert.data, resolved: false }); } } // Run every minute setInterval(() => { AlertingService.checkForAlerts(); }, 60000); ``` ### 4. **Bulk Operations** ```javascript // POST /api/licenses/bulk-update async function bulkUpdateLicenses(req, res) { const { licenseKeys, updates } = req.body; const result = await License.updateMany( { licenseKey: { $in: licenseKeys } }, updates ); res.json({ success: true, modifiedCount: result.modifiedCount }); } // POST /api/control/bulk-block async function bulkBlock(req, res) { const { sourceIds, reason } = req.body; const blockEntries = sourceIds.map(sourceId => ({ sourceId, blockReason: reason, blockedBy: req.user.id, blockTime: new Date(), isActive: true })); await Blocklist.insertMany(blockEntries); await DeploymentTracking.updateMany( { sourceId: { $in: sourceIds } }, { isBlocked: true, blockReason: reason, status: 'blocked' } ); res.json({ success: true, blockedCount: sourceIds.length }); } ``` ### 5. **Advanced Analytics** ```javascript // GET /api/analytics/geographic-distribution async function getGeographicDistribution(req, res) { const distribution = await DeploymentTracking.aggregate([ { $group: { _id: '$environment.ipAddress', count: { $sum: 1 }, hostnames: { $addToSet: '$environment.hostname' }, lastActivity: { $max: '$lastActivity' } } }, { $lookup: { from: 'ip_geolocation', // You'd need to implement IP geolocation localField: '_id', foreignField: 'ip', as: 'location' } } ]); res.json({ distribution }); } // GET /api/analytics/resale-chains async function getResaleChains(req, res) { const chains = await DeploymentTracking.aggregate([ { $match: { 'deploymentChain.1': { $exists: true } // Has more than 1 entry (resold) } }, { $project: { originalSourceId: 1, currentSourceId: '$sourceId', chainLength: { $size: '$deploymentChain' }, resaleCount: { $size: '$resaleHistory' }, licenseKey: 1, lastActivity: 1 } }, { $sort: { chainLength: -1 } } ]); res.json({ chains }); } ``` This comprehensive guide provides everything you need to build a complete vendor dashboard for managing and monitoring your @ufdevsllc/auth-me package deployments. The hardcoded database connection ensures clients cannot bypass your monitoring, and all the data flows to your secure database for complete visibility and control.