Essentially what you said there…
The code is minified to make it difficult to read, but as you say anyone who has an interest in doing so or time on their hands can go in and edit the code to remove the checks.
On first run app generates a unique id, when activating it sends that id and licence key to activation server, activation server responds with a yes/no and a code that is then stored locally.
When app is loaded and sporadically during its use in response to user actions, the apps code checks if the licence key exists, if the stored code is what it expects, if it decides it doesn’t it prompts to activate again.
Not particularly secure, but my user base isn’t that likely to go trying to bypass it.
If anyone has any better ways of handling licencing or securing the code I’d love to hear them also.