Protect js code from being stolen
It's impossible to prevent your Javascript from being "stolen" because the code is served to the browser. To answer your specific points:
1. I have disabled the right click button of mouse
This will have absolutely no effect. No one will ever try to steal code using right click (heck, right click doesn't give access to anything in a browser anyway). So it won't prevent "casual thieves", let alone people who actually know what they're doing.
2. I have minified and obfuscated the code.
This is a decent step as it makes it much harder to understand exactly what the code it doing. However, there are are plenty of code "deminifiers" out there that will reformat the code nicely - albeit with unintelligible variable names.
3. I have used js code to add external js file and obfuscated the code so that none can understand the name of the external js file
If you load an external file at any time it is captured by browsers' developer tools (check the Network tab in Google Chrome). So this won't add any extra protection.
4. I have created a index.html file in the js folder so that none can get access the js folder
Again, this is worthless as anyone can see what JS file is loaded. Furthermore, "index.html" is a terrible way to prevent folder listing, it should be accomplished server-side (e.g. .htaccess
file).
The real answer: you can't prevent Javascript theft at all. Minify and obfuscate to prevent any easy understanding of your code, but that's all you can do in terms of JS.
You may be able to move some of the logic to the server-side (and use AJAX in your app), which would of course prevent any users from using the JS without modification - they would need to replicate your server-side logic themselves.
And finally, don't forget that the Javascript code you write is already your property and copyrighted by you. If someone steals it they are breaking the law and you can seek legal action against them.
I have disabled the right click button of mouse
Don't do this.
There are valid uses for right-click that you are blocking in addition to (not) protecting your code. All you'll do is annoy everybody while doing absolutely nothing to stop the people who know enough to try and steal your code in the first place.
Use PHP to make the JavaScript only load if the user is authenticated (by premium subscription?)
I have created a index.html file in the js folder so that none can get access the js folder
What if they guess the file name? You should be using a .htaccess
for this to do a Options -Indexes
to disable directory viewing; it's foolproof.
But most web applications I know of/write use some sort of hypertext processor like PHP or ASP. The source to the actual functionality is entirely closed if it runs on a secure server. Who cares if someone steals the CSS/JavaScript if when they copy the "source" they get a non-functional copy? You could also get it copyrighted or patented if it's unique and innovative.