@base44-preview/cli 0.0.1-pr.15.8b10ac1 → 0.0.1-pr.16.514b62d

package/dist/cli/index.js

@@ -1,15 +1,19 @@
 #!/usr/bin/env node
 import { Command } from "commander";
 import chalk from "chalk";
-import { intro, log, spinner } from "@clack/prompts";
+import { cancel, group, intro, log, select, spinner, text } from "@clack/prompts";
 import pWaitFor from "p-wait-for";
 import { z } from "zod";
-import { dirname, join } from "node:path";
+import { dirname, join, resolve } from "node:path";
 import { homedir } from "node:os";
-import ky from "ky";
-import { access, mkdir, readFile, unlink, writeFile } from "node:fs/promises";
-import { parse, printParseErrorCode } from "jsonc-parser";
+import { fileURLToPath } from "node:url";
+import { config } from "dotenv";
 import { globby } from "globby";
+import { access, copyFile, mkdir, readFile, unlink, writeFile } from "node:fs/promises";
+import { parse, printParseErrorCode } from "jsonc-parser";
+import ky from "ky";
+import ejs from "ejs";
+import kebabCase from "lodash.kebabcase";
 
 //#region src/core/auth/schema.ts
 const AuthDataSchema = z.object({
@@ -73,116 +77,24 @@ var AuthValidationError = class extends Error {
 };
 
 //#endregion
-//#region src/core/consts.ts
-const PROJECT_SUBDIR = "base44";
-const FUNCTION_CONFIG_FILE = "function.jsonc";
-function getBase44Dir() {
-	return join(homedir(), ".base44");
-}
-function getAuthFilePath() {
-	return join(getBase44Dir(), "auth", "auth.json");
-}
-function getProjectConfigPatterns() {
-	return [
-		`${PROJECT_SUBDIR}/config.jsonc`,
-		`${PROJECT_SUBDIR}/config.json`,
-		"config.jsonc",
-		"config.json"
-	];
-}
-const AUTH_CLIENT_ID = "base44_cli";
-const DEFAULT_API_URL = "https://app.base44.com";
-function getBase44ApiUrl() {
-	return process.env.BASE44_API_URL || DEFAULT_API_URL;
-}
-function getAppId() {
-	const appId = process.env.BASE44_CLIENT_ID;
-	if (!appId) throw new Error("BASE44_CLIENT_ID environment variable is not set");
-	return appId;
-}
-
-//#endregion
-//#region src/core/auth/authClient.ts
-/**
-* Separate ky instance for OAuth endpoints.
-* These don't need Authorization headers (they use client_id + tokens in body).
-*/
-const authClient = ky.create({
-	prefixUrl: getBase44ApiUrl(),
-	headers: { "User-Agent": "Base44 CLI" }
-});
-var authClient_default = authClient;
-
-//#endregion
-//#region src/core/auth/api.ts
-async function generateDeviceCode() {
-	const response = await authClient_default.post("oauth/device/code", {
-		json: {
-			client_id: AUTH_CLIENT_ID,
-			scope: "apps:read apps:write"
-		},
-		throwHttpErrors: false
-	});
-	if (!response.ok) throw new AuthApiError(`Failed to generate device code: ${response.status} ${response.statusText}`);
-	const result = DeviceCodeResponseSchema.safeParse(await response.json());
-	if (!result.success) throw new AuthValidationError(`Invalid device code response from server: ${result.error.message}`);
-	return result.data;
-}
-async function getTokenFromDeviceCode(deviceCode) {
-	const searchParams = new URLSearchParams();
-	searchParams.set("grant_type", "urn:ietf:params:oauth:grant-type:device_code");
-	searchParams.set("device_code", deviceCode);
-	searchParams.set("client_id", AUTH_CLIENT_ID);
-	const response = await authClient_default.post("oauth/token", {
-		body: searchParams.toString(),
-		headers: { "Content-Type": "application/x-www-form-urlencoded" },
-		throwHttpErrors: false
-	});
-	const json = await response.json();
-	if (!response.ok) {
-		const errorResult = OAuthErrorSchema.safeParse(json);
-		if (!errorResult.success) throw new AuthValidationError(`Token request failed: ${errorResult.error.message}`);
-		const { error, error_description } = errorResult.data;
-		if (error === "authorization_pending" || error === "slow_down") return null;
-		throw new AuthApiError(error_description ?? `OAuth error: ${error}`);
-	}
-	const result = TokenResponseSchema.safeParse(json);
-	if (!result.success) throw new AuthValidationError(`Invalid token response from server: ${result.error.message}`);
-	return result.data;
-}
-async function renewAccessToken(refreshToken) {
-	const searchParams = new URLSearchParams();
-	searchParams.set("grant_type", "refresh_token");
-	searchParams.set("refresh_token", refreshToken);
-	searchParams.set("client_id", AUTH_CLIENT_ID);
-	const response = await authClient_default.post("oauth/token", {
-		body: searchParams.toString(),
-		headers: { "Content-Type": "application/x-www-form-urlencoded" },
-		throwHttpErrors: false
-	});
-	const json = await response.json();
-	if (!response.ok) {
-		const errorResult = OAuthErrorSchema.safeParse(json);
-		if (!errorResult.success) throw new AuthApiError(`Token refresh failed: ${response.statusText}`);
-		const { error, error_description } = errorResult.data;
-		throw new AuthApiError(error_description ?? `OAuth error: ${error}`);
+//#region src/core/utils/fs.ts
+async function pathExists(path) {
+	try {
+		await access(path);
+		return true;
+	} catch {
+		return false;
 	}
-	const result = TokenResponseSchema.safeParse(json);
-	if (!result.success) throw new AuthValidationError(`Invalid token response from server: ${result.error.message}`);
-	return result.data;
 }
-async function getUserInfo(accessToken) {
-	const response = await authClient_default.get("oauth/userinfo", { headers: { Authorization: `Bearer ${accessToken}` } });
-	if (!response.ok) throw new AuthApiError(`Failed to fetch user info: ${response.status}`);
-	const result = UserInfoSchema.safeParse(await response.json());
-	if (!result.success) throw new AuthValidationError(`Invalid UserInfo response from server: ${result.error.message}`);
-	return result.data;
+async function writeFile$1(filePath, content) {
+	const dir = dirname(filePath);
+	if (!await pathExists(dir)) await mkdir(dir, { recursive: true });
+	await writeFile(filePath, content, "utf-8");
 }
-
-//#endregion
-//#region src/core/utils/fs.ts
-function pathExists(path) {
-	return access(path).then(() => true).catch(() => false);
+async function copyFile$1(src, dest) {
+	const dir = dirname(dest);
+	if (!await pathExists(dir)) await mkdir(dir, { recursive: true });
+	await copyFile(src, dest);
 }
 async function readJsonFile(filePath) {
 	if (!await pathExists(filePath)) throw new Error(`File not found: ${filePath}`);
@@ -201,21 +113,67 @@ async function readJsonFile(filePath) {
 	}
 }
 async function writeJsonFile(filePath, data) {
-	try {
-		const dir = dirname(filePath);
-		if (!await pathExists(dir)) await mkdir(dir, { recursive: true });
-		await writeFile(filePath, JSON.stringify(data, null, 2), "utf-8");
-	} catch (error) {
-		throw new Error(`Failed to write file ${filePath}: ${error instanceof Error ? error.message : "Unknown error"}`);
-	}
+	const dir = dirname(filePath);
+	if (!await pathExists(dir)) await mkdir(dir, { recursive: true });
+	await writeFile(filePath, JSON.stringify(data, null, 2), "utf-8");
 }
 async function deleteFile(filePath) {
 	if (!await pathExists(filePath)) return;
-	try {
-		await unlink(filePath);
-	} catch (error) {
-		throw new Error(`Failed to delete file ${filePath}: ${error instanceof Error ? error.message : "Unknown error"}`);
-	}
+	await unlink(filePath);
+}
+
+//#endregion
+//#region src/core/resources/entity/schema.ts
+const EntityPropertySchema = z.object({
+	type: z.string(),
+	description: z.string().optional(),
+	enum: z.array(z.string()).optional(),
+	default: z.union([
+		z.string(),
+		z.number(),
+		z.boolean()
+	]).optional(),
+	format: z.string().optional(),
+	items: z.any().optional(),
+	relation: z.object({
+		entity: z.string(),
+		type: z.string()
+	}).optional()
+});
+const EntityPoliciesSchema = z.object({
+	read: z.string().optional(),
+	create: z.string().optional(),
+	update: z.string().optional(),
+	delete: z.string().optional()
+});
+const EntitySchema = z.object({
+	name: z.string().min(1, "Entity name cannot be empty"),
+	type: z.literal("object"),
+	properties: z.record(z.string(), EntityPropertySchema),
+	required: z.array(z.string()).optional(),
+	policies: EntityPoliciesSchema.optional()
+});
+const SyncEntitiesResponseSchema = z.object({
+	created: z.array(z.string()),
+	updated: z.array(z.string()),
+	deleted: z.array(z.string())
+});
+
+//#endregion
+//#region src/core/resources/entity/config.ts
+async function readEntityFile(entityPath) {
+	const parsed = await readJsonFile(entityPath);
+	const result = EntitySchema.safeParse(parsed);
+	if (!result.success) throw new Error(`Invalid entity configuration in ${entityPath}: ${result.error.issues.map((e) => e.message).join(", ")}`);
+	return result.data;
+}
+async function readAllEntities(entitiesDir) {
+	if (!await pathExists(entitiesDir)) return [];
+	const files = await globby("*.{json,jsonc}", {
+		cwd: entitiesDir,
+		absolute: true
+	});
+	return await Promise.all(files.map((filePath) => readEntityFile(filePath)));
 }
 
 //#endregion
@@ -285,239 +243,62 @@ async function refreshAndSaveTokens() {
 }
 
 //#endregion
-//#region src/cli/utils/runCommand.ts
-const base44Color = chalk.bgHex("#E86B3C");
+//#region src/core/utils/httpClient.ts
+const retriedRequests = /* @__PURE__ */ new WeakSet();
 /**
-* Wraps a command function with the Base44 intro banner.
-* All CLI commands should use this utility to ensure consistent branding.
-*
-* @param commandFn - The async function to execute as the command
+* Handles 401 responses by refreshing the token and retrying the request.
+* Only retries once per request to prevent infinite loops.
 */
-async function runCommand(commandFn) {
-	intro(base44Color(" Base 44 "));
-	try {
-		await commandFn();
-	} catch (e) {
-		if (e instanceof Error) log.error(e.stack ?? e.message);
-		else log.error(String(e));
-		process.exit(1);
-	}
+async function handleUnauthorized(request, _options, response) {
+	if (response.status !== 401) return;
+	if (retriedRequests.has(request)) return;
+	const newAccessToken = await refreshAndSaveTokens();
+	if (!newAccessToken) return;
+	retriedRequests.add(request);
+	return ky(request, { headers: { Authorization: `Bearer ${newAccessToken}` } });
 }
-
-//#endregion
-//#region src/cli/utils/runTask.ts
+const base44Client = ky.create({
+	prefixUrl: getBase44ApiUrl(),
+	headers: { "User-Agent": "Base44 CLI" },
+	hooks: {
+		beforeRequest: [async (request) => {
+			try {
+				const auth = await readAuth();
+				if (isTokenExpired(auth)) {
+					const newAccessToken = await refreshAndSaveTokens();
+					if (newAccessToken) {
+						request.headers.set("Authorization", `Bearer ${newAccessToken}`);
+						return;
+					}
+				}
+				request.headers.set("Authorization", `Bearer ${auth.accessToken}`);
+			} catch {}
+		}],
+		afterResponse: [handleUnauthorized]
+	}
+});
 /**
-* Wraps an async operation with automatic spinner management.
-* The spinner is automatically started, and stopped on both success and error.
-*
-* @param startMessage - Message to show when spinner starts
-* @param operation - The async operation to execute
-* @param options - Optional configuration
-* @returns The result of the operation
+* Returns an HTTP client scoped to the current app.
 */
-async function runTask(startMessage, operation, options) {
-	const s = spinner();
-	s.start(startMessage);
-	try {
-		const result = await operation();
-		s.stop(options?.successMessage || startMessage);
-		return result;
-	} catch (error) {
-		s.stop(options?.errorMessage || "Failed");
-		throw error;
-	}
+function getAppClient() {
+	return base44Client.extend({ prefixUrl: new URL(`/api/apps/${getBase44ClientId()}/`, getBase44ApiUrl()).href });
 }
 
 //#endregion
-//#region src/cli/commands/auth/login.ts
-async function generateAndDisplayDeviceCode() {
-	const deviceCodeResponse = await runTask("Generating device code...", async () => {
-		return await generateDeviceCode();
-	}, {
-		successMessage: "Device code generated",
-		errorMessage: "Failed to generate device code"
+//#region src/core/resources/entity/api.ts
+async function pushEntities(entities) {
+	const appClient = getAppClient();
+	const schemaSyncPayload = Object.fromEntries(entities.map((entity) => [entity.name, entity]));
+	const response = await appClient.put("entities-schemas/sync-all", {
+		json: { entityNameToSchema: schemaSyncPayload },
+		throwHttpErrors: false
 	});
-	log.info(`Your code is: ${chalk.bold(deviceCodeResponse.userCode)}\nPlease visit: ${deviceCodeResponse.verificationUriComplete}`);
-	return deviceCodeResponse;
-}
-async function waitForAuthentication(deviceCode, expiresIn, interval) {
-	let tokenResponse;
-	try {
-		await runTask("Waiting for you to complete authentication...", async () => {
-			await pWaitFor(async () => {
-				const result = await getTokenFromDeviceCode(deviceCode);
-				if (result !== null) {
-					tokenResponse = result;
-					return true;
-				}
-				return false;
-			}, {
-				interval: interval * 1e3,
-				timeout: expiresIn * 1e3
-			});
-		}, {
-			successMessage: "Authentication completed!",
-			errorMessage: "Authentication failed"
-		});
-	} catch (error) {
-		if (error instanceof Error && error.message.includes("timed out")) throw new Error("Authentication timed out. Please try again.");
-		throw error;
-	}
-	if (tokenResponse === void 0) throw new Error("Failed to retrieve authentication token.");
-	return tokenResponse;
-}
-async function saveAuthData(response, userInfo) {
-	const expiresAt = Date.now() + response.expiresIn * 1e3;
-	await writeAuth({
-		accessToken: response.accessToken,
-		refreshToken: response.refreshToken,
-		expiresAt,
-		email: userInfo.email,
-		name: userInfo.name
-	});
-}
-async function login() {
-	const deviceCodeResponse = await generateAndDisplayDeviceCode();
-	const token = await waitForAuthentication(deviceCodeResponse.deviceCode, deviceCodeResponse.expiresIn, deviceCodeResponse.interval);
-	const userInfo = await getUserInfo(token.accessToken);
-	await saveAuthData(token, userInfo);
-	log.success(`Successfully logged in as ${chalk.bold(userInfo.email)}`);
-}
-const loginCommand = new Command("login").description("Authenticate with Base44").action(async () => {
-	await runCommand(login);
-});
-
-//#endregion
-//#region src/cli/commands/auth/whoami.ts
-async function whoami() {
-	const auth = await readAuth();
-	log.info(`Logged in as: ${auth.name} (${auth.email})`);
-}
-const whoamiCommand = new Command("whoami").description("Display current authenticated user").action(async () => {
-	await runCommand(whoami);
-});
-
-//#endregion
-//#region src/cli/commands/auth/logout.ts
-async function logout() {
-	await deleteAuth();
-	log.info("Logged out successfully");
-}
-const logoutCommand = new Command("logout").description("Logout from current device").action(async () => {
-	await runCommand(logout);
-});
-
-//#endregion
-//#region src/core/resources/entity/schema.ts
-const EntityPropertySchema = z.object({
-	type: z.string(),
-	description: z.string().optional(),
-	enum: z.array(z.string()).optional(),
-	default: z.union([
-		z.string(),
-		z.number(),
-		z.boolean()
-	]).optional(),
-	format: z.string().optional(),
-	items: z.any().optional(),
-	relation: z.object({
-		entity: z.string(),
-		type: z.string()
-	}).optional()
-});
-const EntityPoliciesSchema = z.object({
-	read: z.string().optional(),
-	create: z.string().optional(),
-	update: z.string().optional(),
-	delete: z.string().optional()
-});
-const EntitySchema = z.object({
-	name: z.string().min(1, "Entity name cannot be empty"),
-	type: z.literal("object"),
-	properties: z.record(z.string(), EntityPropertySchema),
-	required: z.array(z.string()).optional(),
-	policies: EntityPoliciesSchema.optional()
-});
-const SyncEntitiesResponseSchema = z.object({
-	created: z.array(z.string()),
-	updated: z.array(z.string()),
-	deleted: z.array(z.string())
-});
-
-//#endregion
-//#region src/core/resources/entity/config.ts
-async function readEntityFile(entityPath) {
-	const parsed = await readJsonFile(entityPath);
-	const result = EntitySchema.safeParse(parsed);
-	if (!result.success) throw new Error(`Invalid entity configuration in ${entityPath}: ${result.error.issues.map((e) => e.message).join(", ")}`);
-	return result.data;
-}
-async function readAllEntities(entitiesDir) {
-	if (!await pathExists(entitiesDir)) return [];
-	const files = await globby("*.{json,jsonc}", {
-		cwd: entitiesDir,
-		absolute: true
-	});
-	return await Promise.all(files.map((filePath) => readEntityFile(filePath)));
-}
-
-//#endregion
-//#region src/core/utils/httpClient.ts
-const retriedRequests = /* @__PURE__ */ new WeakSet();
-/**
-* Handles 401 responses by refreshing the token and retrying the request.
-* Only retries once per request to prevent infinite loops.
-*/
-async function handleUnauthorized(request, _options, response) {
-	if (response.status !== 401) return;
-	if (retriedRequests.has(request)) return;
-	const newAccessToken = await refreshAndSaveTokens();
-	if (!newAccessToken) return;
-	retriedRequests.add(request);
-	return ky(request, { headers: { Authorization: `Bearer ${newAccessToken}` } });
-}
-const base44Client = ky.create({
-	prefixUrl: getBase44ApiUrl(),
-	headers: { "User-Agent": "Base44 CLI" },
-	hooks: {
-		beforeRequest: [async (request) => {
-			try {
-				const auth = await readAuth();
-				if (isTokenExpired(auth)) {
-					const newAccessToken = await refreshAndSaveTokens();
-					if (newAccessToken) {
-						request.headers.set("Authorization", `Bearer ${newAccessToken}`);
-						return;
-					}
-				}
-				request.headers.set("Authorization", `Bearer ${auth.accessToken}`);
-			} catch {}
-		}],
-		afterResponse: [handleUnauthorized]
-	}
-});
-/**
-* Returns an HTTP client scoped to the current app.
-*/
-function getAppClient() {
-	return base44Client.extend({ prefixUrl: new URL(`/api/apps/${getAppId()}/`, getBase44ApiUrl()).href });
-}
-
-//#endregion
-//#region src/core/resources/entity/api.ts
-async function pushEntities(entities) {
-	const appClient = getAppClient();
-	const schemaSyncPayload = Object.fromEntries(entities.map((entity) => [entity.name, entity]));
-	const response = await appClient.put("entities-schemas/sync-all", {
-		json: { entityNameToSchema: schemaSyncPayload },
-		throwHttpErrors: false
-	});
-	if (!response.ok) {
-		const errorJson = await response.json();
-		if (response.status === 428) throw new Error(`Failed to delete entity: ${errorJson.message}`);
-		throw new Error(`Error occurred while syncing entities ${errorJson.message}`);
-	}
-	return SyncEntitiesResponseSchema.parse(await response.json());
+	if (!response.ok) {
+		const errorJson = await response.json();
+		if (response.status === 428) throw new Error(`Failed to delete entity: ${errorJson.message}`);
+		throw new Error(`Error occurred while syncing entities ${errorJson.message}`);
+	}
+	return SyncEntitiesResponseSchema.parse(await response.json());
 }
 
 //#endregion
@@ -641,6 +422,365 @@ async function readProjectConfig(projectRoot) {
 	};
 }
 
+//#endregion
+//#region src/core/project/schema.ts
+const TemplateSchema = z.object({
+	id: z.string(),
+	name: z.string(),
+	description: z.string(),
+	path: z.string()
+});
+const TemplatesConfigSchema = z.object({ templates: z.array(TemplateSchema) });
+const SiteConfigSchema = z.object({
+	buildCommand: z.string().optional(),
+	serveCommand: z.string().optional(),
+	outputDirectory: z.string().optional(),
+	installCommand: z.string().optional()
+});
+const AppConfigSchema = z.object({
+	name: z.string().min(1, "App name cannot be empty"),
+	description: z.string().optional(),
+	site: SiteConfigSchema.optional(),
+	domains: z.array(z.string()).optional()
+});
+const CreateProjectResponseSchema = z.looseObject({ id: z.string() });
+
+//#endregion
+//#region src/core/project/api.ts
+async function createProject(projectName, description) {
+	const response = await base44Client.post("api/apps", { json: {
+		name: projectName,
+		user_description: description ?? `Backend for '${projectName}'`,
+		app_type: "baas"
+	} });
+	return { projectId: CreateProjectResponseSchema.parse(await response.json()).id };
+}
+
+//#endregion
+//#region src/core/project/template.ts
+async function listTemplates() {
+	const parsed = await readJsonFile(join(getTemplatesDir(), "templates.json"));
+	return TemplatesConfigSchema.parse(parsed).templates;
+}
+/**
+* Render a template directory to a destination path.
+* - Files ending in .ejs are rendered with EJS and written without the .ejs extension
+* - All other files are copied directly
+*/
+async function renderTemplate(template, destPath, data) {
+	const templateDir = join(getTemplatesDir(), template.path);
+	const files = await globby("**/*", {
+		cwd: templateDir,
+		dot: true,
+		onlyFiles: true
+	});
+	for (const file of files) {
+		const srcPath = join(templateDir, file);
+		if (file.endsWith(".ejs")) await writeFile$1(join(destPath, file.replace(".ejs", "")), await ejs.renderFile(srcPath, data));
+		else await copyFile$1(srcPath, join(destPath, file));
+	}
+}
+
+//#endregion
+//#region src/core/project/create.ts
+async function createProjectFiles(options) {
+	const { name, description, path: basePath, template } = options;
+	const existingConfigs = await globby(getProjectConfigPatterns(), {
+		cwd: basePath,
+		absolute: true
+	});
+	if (existingConfigs.length > 0) throw new Error(`A Base44 project already exists at ${existingConfigs[0]}. Please choose a different location.`);
+	const { projectId } = await createProject(name, description);
+	await renderTemplate(template, basePath, {
+		name,
+		description,
+		projectId
+	});
+	return { projectDir: basePath };
+}
+
+//#endregion
+//#region src/core/config.ts
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const PROJECT_SUBDIR = "base44";
+const FUNCTION_CONFIG_FILE = "function.jsonc";
+const AUTH_CLIENT_ID = "base44_cli";
+function getBase44Dir() {
+	return join(homedir(), ".base44");
+}
+function getAuthFilePath() {
+	return join(getBase44Dir(), "auth", "auth.json");
+}
+function getTemplatesDir() {
+	return join(__dirname, "templates");
+}
+function getProjectConfigPatterns() {
+	return [
+		`${PROJECT_SUBDIR}/config.jsonc`,
+		`${PROJECT_SUBDIR}/config.json`,
+		"config.jsonc",
+		"config.json"
+	];
+}
+/**
+* Load .env.local from the project root if it exists.
+* Values won't override existing process.env variables.
+* Safe to call multiple times - only loads once.
+*/
+async function loadProjectEnv(projectRoot) {
+	const found = projectRoot ? { root: projectRoot } : await findProjectRoot();
+	if (!found) return;
+	config({
+		path: join(found.root, PROJECT_SUBDIR, ".env.local"),
+		override: false,
+		quiet: true
+	});
+}
+/**
+* Get the Base44 API URL.
+* Priority: process.env.BASE44_API_URL > .env.local > default
+*/
+function getBase44ApiUrl() {
+	return process.env.BASE44_API_URL || "https://app.base44.com";
+}
+/**
+* Get the Base44 Client ID (app ID).
+* Priority: process.env.BASE44_CLIENT_ID > .env.local
+* Returns undefined if not set.
+*/
+function getBase44ClientId() {
+	return process.env.BASE44_CLIENT_ID;
+}
+
+//#endregion
+//#region src/core/auth/authClient.ts
+/**
+* Separate ky instance for OAuth endpoints.
+* These don't need Authorization headers (they use client_id + tokens in body).
+*/
+const authClient = ky.create({
+	prefixUrl: getBase44ApiUrl(),
+	headers: { "User-Agent": "Base44 CLI" }
+});
+var authClient_default = authClient;
+
+//#endregion
+//#region src/core/auth/api.ts
+async function generateDeviceCode() {
+	const response = await authClient_default.post("oauth/device/code", {
+		json: {
+			client_id: AUTH_CLIENT_ID,
+			scope: "apps:read apps:write"
+		},
+		throwHttpErrors: false
+	});
+	if (!response.ok) throw new AuthApiError(`Failed to generate device code: ${response.status} ${response.statusText}`);
+	const result = DeviceCodeResponseSchema.safeParse(await response.json());
+	if (!result.success) throw new AuthValidationError(`Invalid device code response from server: ${result.error.message}`);
+	return result.data;
+}
+async function getTokenFromDeviceCode(deviceCode) {
+	const searchParams = new URLSearchParams();
+	searchParams.set("grant_type", "urn:ietf:params:oauth:grant-type:device_code");
+	searchParams.set("device_code", deviceCode);
+	searchParams.set("client_id", AUTH_CLIENT_ID);
+	const response = await authClient_default.post("oauth/token", {
+		body: searchParams.toString(),
+		headers: { "Content-Type": "application/x-www-form-urlencoded" },
+		throwHttpErrors: false
+	});
+	const json = await response.json();
+	if (!response.ok) {
+		const errorResult = OAuthErrorSchema.safeParse(json);
+		if (!errorResult.success) throw new AuthValidationError(`Token request failed: ${errorResult.error.message}`);
+		const { error, error_description } = errorResult.data;
+		if (error === "authorization_pending" || error === "slow_down") return null;
+		throw new AuthApiError(error_description ?? `OAuth error: ${error}`);
+	}
+	const result = TokenResponseSchema.safeParse(json);
+	if (!result.success) throw new AuthValidationError(`Invalid token response from server: ${result.error.message}`);
+	return result.data;
+}
+async function renewAccessToken(refreshToken) {
+	const searchParams = new URLSearchParams();
+	searchParams.set("grant_type", "refresh_token");
+	searchParams.set("refresh_token", refreshToken);
+	searchParams.set("client_id", AUTH_CLIENT_ID);
+	const response = await authClient_default.post("oauth/token", {
+		body: searchParams.toString(),
+		headers: { "Content-Type": "application/x-www-form-urlencoded" },
+		throwHttpErrors: false
+	});
+	const json = await response.json();
+	if (!response.ok) {
+		const errorResult = OAuthErrorSchema.safeParse(json);
+		if (!errorResult.success) throw new AuthApiError(`Token refresh failed: ${response.statusText}`);
+		const { error, error_description } = errorResult.data;
+		throw new AuthApiError(error_description ?? `OAuth error: ${error}`);
+	}
+	const result = TokenResponseSchema.safeParse(json);
+	if (!result.success) throw new AuthValidationError(`Invalid token response from server: ${result.error.message}`);
+	return result.data;
+}
+async function getUserInfo(accessToken) {
+	const response = await authClient_default.get("oauth/userinfo", { headers: { Authorization: `Bearer ${accessToken}` } });
+	if (!response.ok) throw new AuthApiError(`Failed to fetch user info: ${response.status}`);
+	const result = UserInfoSchema.safeParse(await response.json());
+	if (!result.success) throw new AuthValidationError(`Invalid UserInfo response from server: ${result.error.message}`);
+	return result.data;
+}
+
+//#endregion
+//#region src/cli/utils/runCommand.ts
+const base44Color = chalk.bgHex("#E86B3C");
+/**
+* Wraps a command function with the Base44 intro banner.
+* All CLI commands should use this utility to ensure consistent branding.
+* Also loads .env.local from the project root if available.
+*
+* @param commandFn - The async function to execute as the command
+*/
+async function runCommand(commandFn) {
+	intro(base44Color(" Base 44 "));
+	await loadProjectEnv();
+	try {
+		await commandFn();
+	} catch (e) {
+		if (e instanceof Error) log.error(e.stack ?? e.message);
+		else log.error(String(e));
+		process.exit(1);
+	}
+}
+
+//#endregion
+//#region src/cli/utils/runTask.ts
+/**
+* Wraps an async operation with automatic spinner management.
+* The spinner is automatically started, and stopped on both success and error.
+*
+* @param startMessage - Message to show when spinner starts
+* @param operation - The async operation to execute
+* @param options - Optional configuration
+* @returns The result of the operation
+*/
+async function runTask(startMessage, operation, options) {
+	const s = spinner();
+	s.start(startMessage);
+	try {
+		const result = await operation();
+		s.stop(options?.successMessage || startMessage);
+		return result;
+	} catch (error) {
+		s.stop(options?.errorMessage || "Failed");
+		throw error;
+	}
+}
+
+//#endregion
+//#region src/cli/utils/prompts.ts
+/**
+* Standard onCancel handler for prompt groups.
+* Exits the process gracefully when the user cancels.
+*/
+const onPromptCancel = () => {
+	cancel("Operation cancelled.");
+	process.exit(0);
+};
+
+//#endregion
+//#region src/cli/utils/banner.ts
+const orange = chalk.hex("#E86B3C");
+const BANNER = `
+${orange("██████╗  █████╗ ███████╗███████╗ ██╗  ██╗██╗  ██╗")}
+${orange("██╔══██╗██╔══██╗██╔════╝██╔════╝ ██║  ██║██║  ██║")}
+${orange("██████╔╝███████║███████╗█████╗   ███████║███████║")}
+${orange("██╔══██╗██╔══██║╚════██║██╔══╝   ╚════██║╚════██║")}
+${orange("██████╔╝██║  ██║███████║███████╗      ██║     ██║")}
+${orange("╚═════╝ ╚═╝  ╚═╝╚══════╝╚══════╝      ╚═╝     ╚═╝")}
+`;
+function printBanner() {
+	console.log(BANNER);
+}
+
+//#endregion
+//#region src/cli/commands/auth/login.ts
+async function generateAndDisplayDeviceCode() {
+	const deviceCodeResponse = await runTask("Generating device code...", async () => {
+		return await generateDeviceCode();
+	}, {
+		successMessage: "Device code generated",
+		errorMessage: "Failed to generate device code"
+	});
+	log.info(`Your code is: ${chalk.bold(deviceCodeResponse.userCode)}\nPlease visit: ${deviceCodeResponse.verificationUriComplete}`);
+	return deviceCodeResponse;
+}
+async function waitForAuthentication(deviceCode, expiresIn, interval) {
+	let tokenResponse;
+	try {
+		await runTask("Waiting for you to complete authentication...", async () => {
+			await pWaitFor(async () => {
+				const result = await getTokenFromDeviceCode(deviceCode);
+				if (result !== null) {
+					tokenResponse = result;
+					return true;
+				}
+				return false;
+			}, {
+				interval: interval * 1e3,
+				timeout: expiresIn * 1e3
+			});
+		}, {
+			successMessage: "Authentication completed!",
+			errorMessage: "Authentication failed"
+		});
+	} catch (error) {
+		if (error instanceof Error && error.message.includes("timed out")) throw new Error("Authentication timed out. Please try again.");
+		throw error;
+	}
+	if (tokenResponse === void 0) throw new Error("Failed to retrieve authentication token.");
+	return tokenResponse;
+}
+async function saveAuthData(response, userInfo) {
+	const expiresAt = Date.now() + response.expiresIn * 1e3;
+	await writeAuth({
+		accessToken: response.accessToken,
+		refreshToken: response.refreshToken,
+		expiresAt,
+		email: userInfo.email,
+		name: userInfo.name
+	});
+}
+async function login() {
+	const deviceCodeResponse = await generateAndDisplayDeviceCode();
+	const token = await waitForAuthentication(deviceCodeResponse.deviceCode, deviceCodeResponse.expiresIn, deviceCodeResponse.interval);
+	const userInfo = await getUserInfo(token.accessToken);
+	await saveAuthData(token, userInfo);
+	log.success(`Successfully logged in as ${chalk.bold(userInfo.email)}`);
+}
+const loginCommand = new Command("login").description("Authenticate with Base44").action(async () => {
+	await runCommand(login);
+});
+
+//#endregion
+//#region src/cli/commands/auth/whoami.ts
+async function whoami() {
+	const auth = await readAuth();
+	log.info(`Logged in as: ${auth.name} (${auth.email})`);
+}
+const whoamiCommand = new Command("whoami").description("Display current authenticated user").action(async () => {
+	await runCommand(whoami);
+});
+
+//#endregion
+//#region src/cli/commands/auth/logout.ts
+async function logout() {
+	await deleteAuth();
+	log.info("Logged out successfully");
+}
+const logoutCommand = new Command("logout").description("Logout from current device").action(async () => {
+	await runCommand(logout);
+});
+
 //#endregion
 //#region src/cli/commands/project/show-project.ts
 async function showProject() {
@@ -657,21 +797,6 @@ const showProjectCommand = new Command("show-project").description("Display proj
 	await runCommand(showProject);
 });
 
-//#endregion
-//#region src/core/project/schema.ts
-const SiteConfigSchema = z.object({
-	buildCommand: z.string().optional(),
-	serveCommand: z.string().optional(),
-	outputDirectory: z.string().optional(),
-	installCommand: z.string().optional()
-});
-const AppConfigSchema = z.object({
-	name: z.string().min(1, "App name cannot be empty"),
-	description: z.string().optional(),
-	site: SiteConfigSchema.optional(),
-	domains: z.array(z.string()).optional()
-});
-
 //#endregion
 //#region src/cli/commands/entities/push.ts
 async function pushEntitiesAction() {
@@ -696,6 +821,65 @@ const entitiesPushCommand = new Command("entities").description("Manage project
 	await runCommand(pushEntitiesAction);
 }));
 
+//#endregion
+//#region src/cli/commands/project/create.ts
+async function create() {
+	printBanner();
+	await loadProjectEnv();
+	const templateOptions = (await listTemplates()).map((t) => ({
+		value: t,
+		label: t.name,
+		hint: t.description
+	}));
+	const { template, name, description, projectPath } = await group({
+		template: () => select({
+			message: "Select a project template",
+			options: templateOptions
+		}),
+		name: () => text({
+			message: "What is the name of your project?",
+			placeholder: "my-app-backend",
+			validate: (value) => {
+				if (!value || value.trim().length === 0) return "Project name is required";
+			}
+		}),
+		description: () => text({
+			message: "Project description (optional)",
+			placeholder: "A brief description of your project"
+		}),
+		projectPath: async ({ results }) => {
+			const suggestedPath = `./${kebabCase(results.name)}`;
+			return text({
+				message: "Where should we create the base44 folder?",
+				placeholder: suggestedPath,
+				initialValue: suggestedPath
+			});
+		}
+	}, { onCancel: onPromptCancel });
+	const resolvedPath = resolve(projectPath);
+	await runTask("Creating project...", async () => {
+		return await createProjectFiles({
+			name: name.trim(),
+			description: description ? description.trim() : void 0,
+			path: resolvedPath,
+			template
+		});
+	}, {
+		successMessage: "Project created successfully",
+		errorMessage: "Failed to create project"
+	});
+	log.success(`Project ${chalk.bold(name)} has been initialized!`);
+}
+const createCommand = new Command("create").description("Create a new Base44 project").action(async () => {
+	try {
+		await create();
+	} catch (e) {
+		if (e instanceof Error) log.error(e.stack ?? e.message);
+		else log.error(String(e));
+		process.exit(1);
+	}
+});
+
 //#endregion
 //#region package.json
 var version = "0.0.1";
@@ -707,6 +891,7 @@ program.name("base44").description("Base44 CLI - Unified interface for managing
 program.addCommand(loginCommand);
 program.addCommand(whoamiCommand);
 program.addCommand(logoutCommand);
+program.addCommand(createCommand);
 program.addCommand(showProjectCommand);
 program.addCommand(entitiesPushCommand);
 program.parse();