npm - @blinkdotnew/cli - Versions diffs - 0.4.3 → 0.5.1 - Mend

@blinkdotnew/cli 0.4.3 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli.js CHANGED Viewed

@@ -3,6 +3,12 @@ var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
 var __esm = (fn, res) => function __init() {
   return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
@@ -2074,12 +2080,115 @@ After linking, most commands work without specifying a project_id:
 // src/commands/auth.ts
 import chalk10 from "chalk";
+import { createServer } from "http";
+var TIMEOUT_MS = 12e4;
+function getBaseUrl() {
+  return process.env.BLINK_APP_URL || "https://blink.new";
+}
+function generateState() {
+  const { randomBytes } = __require("crypto");
+  return randomBytes(24).toString("base64url");
+}
+function findFreePort() {
+  return new Promise((resolve, reject) => {
+    const srv = createServer();
+    srv.listen(0, "127.0.0.1", () => {
+      const port = srv.address().port;
+      srv.close(() => resolve(port));
+    });
+    srv.on("error", reject);
+  });
+}
+function callbackHtml() {
+  return `<!DOCTYPE html><html><head><meta charset="utf-8"><title>Blink CLI</title>
+<style>body{font-family:system-ui,sans-serif;display:flex;justify-content:center;align-items:center;min-height:100vh;margin:0;background:#fafafa;color:#111}
+.card{text-align:center;padding:3rem;border-radius:12px;background:#fff;box-shadow:0 1px 3px rgba(0,0,0,.08)}
+h1{font-size:1.5rem;margin:0 0 .5rem}p{color:#666;margin:0}</style></head>
+<body><div class="card"><h1>\u2713 CLI authorized</h1><p>You can close this tab.</p></div></body></html>`;
+}
+function parseCallback(url) {
+  const params = new URL(url, "http://localhost").searchParams;
+  const key = params.get("key");
+  const workspace_id = params.get("workspace_id");
+  const workspace_name = params.get("workspace_name");
+  const email = params.get("email");
+  if (!key || !workspace_id || !workspace_name || !email) return null;
+  return { key, workspace_id, workspace_name, email };
+}
+function startCallbackServer(port, expectedState) {
+  let resolveCb;
+  let rejectCb;
+  const promise = new Promise((res, rej) => {
+    resolveCb = res;
+    rejectCb = rej;
+  });
+  const server = createServer((req, res) => {
+    if (!req.url?.startsWith("/callback")) {
+      res.writeHead(404).end();
+      return;
+    }
+    const state = new URL(req.url, "http://localhost").searchParams.get("state");
+    if (state !== expectedState) {
+      res.writeHead(403).end("State mismatch");
+      rejectCb(new Error("State mismatch \u2014 possible CSRF. Try again."));
+      return;
+    }
+    const result = parseCallback(req.url);
+    if (!result) {
+      res.writeHead(400).end("Missing parameters");
+      rejectCb(new Error("Incomplete callback \u2014 missing parameters."));
+      return;
+    }
+    res.writeHead(200, { "Content-Type": "text/html" }).end(callbackHtml());
+    resolveCb(result);
+  });
+  server.listen(port, "127.0.0.1");
+  return { promise, close: () => server.close() };
+}
+async function openBrowserLogin(port, state) {
+  const url = `${getBaseUrl()}/auth/cli?port=${port}&state=${state}`;
+  const open = await import("open").then((m) => m.default).catch(() => null);
+  if (open) await open(url).catch(() => {
+  });
+  else console.log(chalk10.yellow("  Browser did not open automatically."));
+  console.log(chalk10.dim(`  If needed, visit: ${url}
+`));
+}
+async function waitForCallback(promise) {
+  return Promise.race([
+    promise,
+    new Promise(
+      (_, reject) => setTimeout(() => reject(new Error("Timed out after 120s \u2014 no callback received.")), TIMEOUT_MS)
+    )
+  ]);
+}
+async function browserLogin() {
+  const state = generateState();
+  const port = await findFreePort();
+  const { promise, close } = startCallbackServer(port, state);
+  console.log(chalk10.bold("\n  Opening browser to authorize...\n"));
+  await openBrowserLogin(port, state);
+  const result = await waitForCallback(promise).finally(close);
+  writeConfig({ api_key: result.key, workspace_id: result.workspace_id });
+  console.log(chalk10.green("\u2713") + ` Logged in as ${chalk10.bold(result.email)} (${result.workspace_name})`);
+}
+async function interactiveLogin() {
+  const { password } = await import("@clack/prompts");
+  const apiKey = await password({ message: "Paste your API key (blnk_ak_...):" });
+  if (!apiKey?.startsWith("blnk_ak_")) {
+    console.error("Error: API key must start with blnk_ak_");
+    process.exit(1);
+  }
+  writeConfig({ api_key: apiKey });
+  console.log(chalk10.green("\u2713") + " Saved to ~/.config/blink/config.toml");
+}
 function registerAuthCommands(program2) {
   program2.command("login").description("Authenticate with your Blink API key").option("--interactive", "Prompt for API key (for headless/SSH/CI environments)").addHelpText("after", `
 Get your API key at: blink.new \u2192 Settings \u2192 API Keys  (starts with blnk_ak_)
 Examples:
-  $ blink login --interactive          Saves key to ~/.config/blink/config.toml
+  $ blink login                     Opens browser for one-click auth
+  $ blink login --interactive       Paste key manually (headless/SSH/CI)
   $ export BLINK_API_KEY=blnk_ak_...  Alternative: set env var directly (no login needed)
 In Blink Claw agents: BLINK_API_KEY is already set \u2014 login is not needed.
@@ -2089,28 +2198,8 @@ For CI/GitHub Actions: set BLINK_API_KEY as a secret, skip login entirely.
       console.log(chalk10.green("\u2713") + " Already authenticated via BLINK_API_KEY env var.");
       return;
     }
-    const url = "https://blink.new/settings?tab=api-keys";
-    if (!opts.interactive) {
-      console.log(chalk10.bold("\n  Open this page to get your API key:\n"));
-      console.log(`  ${chalk10.cyan(url)}
-`);
-      const open = await import("open").then((m) => m.default).catch(() => null);
-      if (open) {
-        await open(url).catch(() => {
-        });
-        console.log(chalk10.dim("  (opened in browser)"));
-      }
-      console.log(chalk10.dim("  Then run: blink login --interactive\n"));
-      return;
-    }
-    const { password } = await import("@clack/prompts");
-    const apiKey = await password({ message: "Paste your API key (blnk_ak_...):" });
-    if (!apiKey?.startsWith("blnk_ak_")) {
-      console.error("Error: API key must start with blnk_ak_");
-      process.exit(1);
-    }
-    writeConfig({ api_key: apiKey });
-    console.log(chalk10.green("\u2713") + " Saved to ~/.config/blink/config.toml");
+    if (opts.interactive) return interactiveLogin();
+    return browserLogin();
   });
   program2.command("logout").description("Remove stored credentials").action(() => {
     clearConfig();
@@ -2119,7 +2208,7 @@ For CI/GitHub Actions: set BLINK_API_KEY as a secret, skip login entirely.
   program2.command("whoami").description("Show current authentication status and key info").action(async () => {
     const token = resolveToken();
     if (!token) {
-      console.error("Error: Not authenticated. Run `blink login --interactive` or set BLINK_API_KEY.");
+      console.error("Error: Not authenticated. Run `blink login` or set BLINK_API_KEY.");
       process.exit(1);
     }
     if (isJsonMode()) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@blinkdotnew/cli",
-  "version": "0.4.3",
+  "version": "0.5.1",
   "description": "Blink CLI — full-stack cloud infrastructure from your terminal. Deploy, database, auth, storage, backend, domains, and more.",
   "bin": {
     "blink": "dist/cli.js"

package/src/commands/auth.ts CHANGED Viewed

@@ -1,9 +1,134 @@
 import { Command } from 'commander'
-import { appRequest } from '../lib/api-app.js'
-import { requireToken, resolveToken } from '../lib/auth.js'
+import { resolveToken } from '../lib/auth.js'
 import { writeConfig, clearConfig } from '../lib/config.js'
 import { printJson, isJsonMode } from '../lib/output.js'
 import chalk from 'chalk'
+import { createServer, type IncomingMessage, type ServerResponse } from 'node:http'
+import type { AddressInfo } from 'node:net'
+const TIMEOUT_MS = 120_000
+interface CallbackResult {
+  key: string
+  workspace_id: string
+  workspace_name: string
+  email: string
+}
+function getBaseUrl(): string {
+  return process.env.BLINK_APP_URL || 'https://blink.new'
+}
+function generateState(): string {
+  const { randomBytes } = require('node:crypto')
+  return randomBytes(24).toString('base64url')
+}
+function findFreePort(): Promise<number> {
+  return new Promise((resolve, reject) => {
+    const srv = createServer()
+    srv.listen(0, '127.0.0.1', () => {
+      const port = (srv.address() as AddressInfo).port
+      srv.close(() => resolve(port))
+    })
+    srv.on('error', reject)
+  })
+}
+function callbackHtml(): string {
+  return `<!DOCTYPE html><html><head><meta charset="utf-8"><title>Blink CLI</title>
+<style>body{font-family:system-ui,sans-serif;display:flex;justify-content:center;align-items:center;min-height:100vh;margin:0;background:#fafafa;color:#111}
+.card{text-align:center;padding:3rem;border-radius:12px;background:#fff;box-shadow:0 1px 3px rgba(0,0,0,.08)}
+h1{font-size:1.5rem;margin:0 0 .5rem}p{color:#666;margin:0}</style></head>
+<body><div class="card"><h1>✓ CLI authorized</h1><p>You can close this tab.</p></div></body></html>`
+}
+function parseCallback(url: string): CallbackResult | null {
+  const params = new URL(url, 'http://localhost').searchParams
+  const key = params.get('key')
+  const workspace_id = params.get('workspace_id')
+  const workspace_name = params.get('workspace_name')
+  const email = params.get('email')
+  if (!key || !workspace_id || !workspace_name || !email) return null
+  return { key, workspace_id, workspace_name, email }
+}
+function startCallbackServer(
+  port: number,
+  expectedState: string,
+): { promise: Promise<CallbackResult>; close: () => void } {
+  let resolveCb: (v: CallbackResult) => void
+  let rejectCb: (e: Error) => void
+  const promise = new Promise<CallbackResult>((res, rej) => { resolveCb = res; rejectCb = rej })
+  const server = createServer((req: IncomingMessage, res: ServerResponse) => {
+    if (!req.url?.startsWith('/callback')) {
+      res.writeHead(404).end()
+      return
+    }
+    const state = new URL(req.url, 'http://localhost').searchParams.get('state')
+    if (state !== expectedState) {
+      res.writeHead(403).end('State mismatch')
+      rejectCb(new Error('State mismatch — possible CSRF. Try again.'))
+      return
+    }
+    const result = parseCallback(req.url)
+    if (!result) {
+      res.writeHead(400).end('Missing parameters')
+      rejectCb(new Error('Incomplete callback — missing parameters.'))
+      return
+    }
+    res.writeHead(200, { 'Content-Type': 'text/html' }).end(callbackHtml())
+    resolveCb(result)
+  })
+  server.listen(port, '127.0.0.1')
+  return { promise, close: () => server.close() }
+}
+async function openBrowserLogin(port: number, state: string) {
+  const url = `${getBaseUrl()}/auth/cli?port=${port}&state=${state}`
+  const open = await import('open').then(m => m.default).catch(() => null)
+  if (open) await open(url).catch(() => {})
+  else console.log(chalk.yellow('  Browser did not open automatically.'))
+  console.log(chalk.dim(`  If needed, visit: ${url}\n`))
+}
+async function waitForCallback(
+  promise: Promise<CallbackResult>,
+): Promise<CallbackResult> {
+  return Promise.race([
+    promise,
+    new Promise<never>((_, reject) =>
+      setTimeout(() => reject(new Error('Timed out after 120s — no callback received.')), TIMEOUT_MS),
+    ),
+  ])
+}
+async function browserLogin() {
+  const state = generateState()
+  const port = await findFreePort()
+  const { promise, close } = startCallbackServer(port, state)
+  console.log(chalk.bold('\n  Opening browser to authorize...\n'))
+  await openBrowserLogin(port, state)
+  const result = await waitForCallback(promise).finally(close)
+  writeConfig({ api_key: result.key, workspace_id: result.workspace_id })
+  console.log(chalk.green('✓') + ` Logged in as ${chalk.bold(result.email)} (${result.workspace_name})`)
+}
+async function interactiveLogin() {
+  const { password } = await import('@clack/prompts')
+  const apiKey = await password({ message: 'Paste your API key (blnk_ak_...):' }) as string
+  if (!apiKey?.startsWith('blnk_ak_')) {
+    console.error('Error: API key must start with blnk_ak_')
+    process.exit(1)
+  }
+  writeConfig({ api_key: apiKey })
+  console.log(chalk.green('✓') + ' Saved to ~/.config/blink/config.toml')
+}
 export function registerAuthCommands(program: Command) {
   program.command('login')
@@ -13,7 +138,8 @@ export function registerAuthCommands(program: Command) {
 Get your API key at: blink.new → Settings → API Keys  (starts with blnk_ak_)
 Examples:
-  $ blink login --interactive          Saves key to ~/.config/blink/config.toml
+  $ blink login                     Opens browser for one-click auth
+  $ blink login --interactive       Paste key manually (headless/SSH/CI)
   $ export BLINK_API_KEY=blnk_ak_...  Alternative: set env var directly (no login needed)
 In Blink Claw agents: BLINK_API_KEY is already set — login is not needed.
@@ -24,28 +150,8 @@ For CI/GitHub Actions: set BLINK_API_KEY as a secret, skip login entirely.
         console.log(chalk.green('✓') + ' Already authenticated via BLINK_API_KEY env var.')
         return
       }
-      const url = 'https://blink.new/settings?tab=api-keys'
-      if (!opts.interactive) {
-        console.log(chalk.bold('\n  Open this page to get your API key:\n'))
-        console.log(`  ${chalk.cyan(url)}\n`)
-        const open = await import('open').then(m => m.default).catch(() => null)
-        if (open) {
-          await open(url).catch(() => {})
-          console.log(chalk.dim('  (opened in browser)'))
-        }
-        console.log(chalk.dim('  Then run: blink login --interactive\n'))
-        return
-      }
-      const { password } = await import('@clack/prompts')
-      const apiKey = await password({ message: 'Paste your API key (blnk_ak_...):' }) as string
-      if (!apiKey?.startsWith('blnk_ak_')) {
-        console.error('Error: API key must start with blnk_ak_')
-        process.exit(1)
-      }
-      writeConfig({ api_key: apiKey })
-      console.log(chalk.green('✓') + ' Saved to ~/.config/blink/config.toml')
+      if (opts.interactive) return interactiveLogin()
+      return browserLogin()
     })
   program.command('logout')
@@ -60,7 +166,7 @@ For CI/GitHub Actions: set BLINK_API_KEY as a secret, skip login entirely.
     .action(async () => {
       const token = resolveToken()
       if (!token) {
-        console.error('Error: Not authenticated. Run `blink login --interactive` or set BLINK_API_KEY.')
+        console.error('Error: Not authenticated. Run `blink login` or set BLINK_API_KEY.')
         process.exit(1)
       }