@claudetools/cli 0.13.13 → 0.13.15

package/dist/api-keys/index.js

@@ -0,0 +1,228 @@
+import ora from 'ora';
+import { getApiClient, ApiError } from '../lib/api.js';
+import { requireAuth } from '../auth/config.js';
+import { getCredential } from '../auth/keychain.js';
+import { theme, formatError, formatWarning } from '../lib/theme.js';
+import * as readline from 'readline';
+/**
+ * Mask an API key for display
+ */
+function maskKey(keyPrefix) {
+    return `${keyPrefix}****`;
+}
+/**
+ * Prompt for confirmation
+ */
+async function confirm(question) {
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+    return new Promise((resolve) => {
+        rl.question(`${question} (y/N) `, (answer) => {
+            rl.close();
+            resolve(answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes');
+        });
+    });
+}
+/**
+ * List all API keys
+ */
+export async function runKeysList() {
+    await requireAuth();
+    const spinner = ora('Loading API keys...').start();
+    try {
+        const api = getApiClient();
+        const { data } = await api.get('/keys');
+        if (!data) {
+            spinner.fail('Failed to load API keys');
+            console.error(`  ${formatError('No data received from server', 'ERR_NO_DATA')}`);
+            process.exit(1);
+        }
+        spinner.stop();
+        console.log();
+        console.log(`  ${theme.bold('API Keys')}`);
+        const keysLimitDisplay = data.quota.limit === null ? 'unlimited' : String(data.quota.limit);
+        console.log(`  ${theme.muted(`${data.quota.used}/${keysLimitDisplay} keys used`)}`);
+        console.log();
+        if (data.keys.length === 0) {
+            console.log(`  ${theme.muted('No API keys created yet.')}`);
+            console.log();
+            console.log(`  ${theme.muted(`Run ${theme.command('claudetools keys create <name>')} to create one.`)}`);
+            console.log();
+            return;
+        }
+        // Get current key to mark it
+        const currentKey = await getCredential();
+        const currentKeyPrefix = currentKey ? currentKey.substring(0, 8) : null;
+        // Display keys
+        data.keys.forEach((key) => {
+            const isCurrent = currentKeyPrefix && key.keyPrefix === currentKeyPrefix;
+            const indicator = isCurrent ? theme.success('*') : ' ';
+            const maskedKey = maskKey(key.keyPrefix);
+            const lastUsed = key.lastUsedAt
+                ? new Date(key.lastUsedAt).toLocaleDateString()
+                : 'Never';
+            console.log(`  ${indicator} ${theme.bold(key.name)}`);
+            console.log(`    ${theme.muted('Key:')} ${maskedKey}`);
+            console.log(`    ${theme.muted('ID:')} ${key.id}`);
+            console.log(`    ${theme.muted('Last used:')} ${lastUsed}`);
+            console.log(`    ${theme.muted('Created:')} ${new Date(key.createdAt).toLocaleDateString()}`);
+            console.log();
+        });
+        if (currentKeyPrefix) {
+            console.log(`  ${theme.muted('* = Currently active key')}`);
+            console.log();
+        }
+    }
+    catch (error) {
+        spinner.fail('Failed to load API keys');
+        if (error instanceof ApiError && error.code === 'AUTH_REQUIRED') {
+            console.log();
+            console.log(`  ${formatWarning('Session expired. Please log in again.')}`);
+            console.log(`  ${theme.muted(`Run ${theme.command('claudetools login')}`)}`);
+            console.log();
+        }
+        else {
+            console.error(`  ${formatError(error instanceof Error ? error.message : 'Unknown error', 'ERR_API')}`);
+        }
+        process.exit(1);
+    }
+}
+/**
+ * Create a new API key
+ */
+export async function runKeysCreate(name) {
+    await requireAuth();
+    if (!name) {
+        console.log();
+        console.log(`  ${formatError('Key name is required', 'ERR_MISSING_NAME')}`);
+        console.log();
+        console.log(`  ${theme.muted('Usage: claudetools keys create <name>')}`);
+        console.log();
+        process.exit(1);
+    }
+    const spinner = ora(`Creating API key "${name}"...`).start();
+    try {
+        const api = getApiClient();
+        const { data } = await api.post('/keys', {
+            name,
+            scopes: ['*'], // Default to all scopes
+        });
+        if (!data) {
+            spinner.fail('Failed to create API key');
+            console.error(`  ${formatError('No data received from server', 'ERR_NO_DATA')}`);
+            process.exit(1);
+        }
+        spinner.succeed(`API key "${name}" created`);
+        console.log();
+        console.log(`  ${theme.warning(theme.bold('Save this key now - it will not be shown again!'))}`);
+        console.log();
+        console.log(`  ${theme.bold('Your API key:')}`);
+        console.log(`  ${theme.success(data.key)}`);
+        console.log();
+        console.log(`  ${theme.muted('Copy to clipboard:')}`);
+        console.log(`  ${theme.muted(`echo "${data.key}" | pbcopy`)}`);
+        console.log();
+    }
+    catch (error) {
+        spinner.fail('Failed to create API key');
+        if (error instanceof ApiError && error.code === 'AUTH_REQUIRED') {
+            console.log();
+            console.log(`  ${formatWarning('Session expired. Please log in again.')}`);
+            console.log(`  ${theme.muted(`Run ${theme.command('claudetools login')}`)}`);
+            console.log();
+        }
+        else if (error instanceof ApiError && error.code === 'QUOTA_EXCEEDED') {
+            console.log();
+            console.log(`  ${formatWarning('API key quota exceeded.')}`);
+            console.log(`  ${theme.muted('Delete an existing key or upgrade your plan.')}`);
+            console.log();
+        }
+        else {
+            console.error(`  ${formatError(error instanceof Error ? error.message : 'Unknown error', 'ERR_API')}`);
+        }
+        process.exit(1);
+    }
+}
+/**
+ * Revoke an API key
+ */
+export async function runKeysRevoke(keyId, options = {}) {
+    await requireAuth();
+    if (!keyId) {
+        console.log();
+        console.log(`  ${formatError('Key ID is required', 'ERR_MISSING_ID')}`);
+        console.log();
+        console.log(`  ${theme.muted('Usage: claudetools keys revoke <id>')}`);
+        console.log(`  ${theme.muted(`Run ${theme.command('claudetools keys list')} to see key IDs`)}`);
+        console.log();
+        process.exit(1);
+    }
+    // Check if trying to revoke current key
+    const currentKey = await getCredential();
+    if (currentKey) {
+        // Get the key details first to check the prefix
+        const spinner = ora('Checking key...').start();
+        try {
+            const api = getApiClient();
+            const { data } = await api.get('/keys');
+            spinner.stop();
+            if (data) {
+                const keyToRevoke = data.keys.find(k => k.id === keyId);
+                if (keyToRevoke) {
+                    const currentKeyPrefix = currentKey.substring(0, 8);
+                    if (keyToRevoke.keyPrefix === currentKeyPrefix) {
+                        console.log();
+                        console.log(`  ${formatError('Cannot revoke the currently active key', 'ERR_ACTIVE_KEY')}`);
+                        console.log(`  ${theme.muted('Log in with a different key or create a new one first')}`);
+                        console.log();
+                        process.exit(1);
+                    }
+                }
+            }
+        }
+        catch {
+            spinner.stop();
+            // Continue - we'll let the API handle validation
+        }
+    }
+    // Prompt for confirmation unless --force
+    if (!options.force) {
+        console.log();
+        const confirmed = await confirm(`  ${theme.warning('Are you sure you want to revoke this API key?')}`);
+        if (!confirmed) {
+            console.log();
+            console.log(`  ${theme.muted('Cancelled.')}`);
+            console.log();
+            return;
+        }
+    }
+    const spinner = ora('Revoking API key...').start();
+    try {
+        const api = getApiClient();
+        await api.delete(`/keys/${keyId}`);
+        spinner.succeed('API key revoked');
+        console.log();
+    }
+    catch (error) {
+        spinner.fail('Failed to revoke API key');
+        if (error instanceof ApiError && error.code === 'AUTH_REQUIRED') {
+            console.log();
+            console.log(`  ${formatWarning('Session expired. Please log in again.')}`);
+            console.log(`  ${theme.muted(`Run ${theme.command('claudetools login')}`)}`);
+            console.log();
+        }
+        else if (error instanceof ApiError && error.code === 'NOT_FOUND') {
+            console.log();
+            console.log(`  ${formatWarning('Key not found.')}`);
+            console.log(`  ${theme.muted(`Run ${theme.command('claudetools keys list')} to see available keys`)}`);
+            console.log();
+        }
+        else {
+            console.error(`  ${formatError(error instanceof Error ? error.message : 'Unknown error', 'ERR_API')}`);
+        }
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/api-keys/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/api-keys/index.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,KAAK,EAAE,WAAW,EAAiB,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACnF,OAAO,KAAK,QAAQ,MAAM,UAAU,CAAC;AA4BrC;;GAEG;AACH,SAAS,OAAO,CAAC,SAAiB;IAChC,OAAO,GAAG,SAAS,MAAM,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,OAAO,CAAC,QAAgB;IACrC,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC;QAClC,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,MAAM,EAAE,OAAO,CAAC,MAAM;KACvB,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,GAAG,QAAQ,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE;YAC3C,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,GAAG,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,WAAW,EAAE,CAAC;IAEpB,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEnD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,GAAG,CAAC,GAAG,CAAsB,OAAO,CAAC,CAAC;QAE7D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACxC,OAAO,CAAC,KAAK,CAAC,KAAK,WAAW,CAAC,8BAA8B,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;YACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,IAAI,EAAE,CAAC;QAEf,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC3C,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,gBAAgB,YAAY,CAAC,EAAE,CAAC,CAAC;QACpF,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,0BAA0B,CAAC,EAAE,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,gCAAgC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;YACzG,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO;QACT,CAAC;QAED,6BAA6B;QAC7B,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;QACzC,MAAM,gBAAgB,GAAG,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAExE,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YACxB,MAAM,SAAS,GAAG,gBAAgB,IAAI,GAAG,CAAC,SAAS,KAAK,gBAAgB,CAAC;YACzE,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YACvD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU;gBAC7B,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,kBAAkB,EAAE;gBAC/C,CAAC,CAAC,OAAO,CAAC;YAEZ,OAAO,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;YAC9F,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,IAAI,gBAAgB,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,0BAA0B,CAAC,EAAE,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACxC,IAAI,KAAK,YAAY,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAChE,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,aAAa,CAAC,uCAAuC,CAAC,EAAE,CAAC,CAAC;YAC3E,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,KAAK,WAAW,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;QACzG,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAAY;IAC9C,MAAM,WAAW,EAAE,CAAC;IAEpB,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,WAAW,CAAC,sBAAsB,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC;QAC5E,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,uCAAuC,CAAC,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,IAAI,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;IAE7D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;QAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,GAAG,CAAC,IAAI,CAAuB,OAAO,EAAE;YAC7D,IAAI;YACJ,MAAM,EAAE,CAAC,GAAG,CAAC,EAAG,wBAAwB;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;YACzC,OAAO,CAAC,KAAK,CAAC,KAAK,WAAW,CAAC,8BAA8B,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;YACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,OAAO,CAAC,YAAY,IAAI,WAAW,CAAC,CAAC;QAE7C,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC,EAAE,CAAC,CAAC;QACjG,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,SAAS,IAAI,CAAC,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC;QAC/D,OAAO,CAAC,GAAG,EAAE,CAAC;IAEhB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACzC,IAAI,KAAK,YAAY,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAChE,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,aAAa,CAAC,uCAAuC,CAAC,EAAE,CAAC,CAAC;YAC3E,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;aAAM,IAAI,KAAK,YAAY,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YACxE,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,aAAa,CAAC,yBAAyB,CAAC,EAAE,CAAC,CAAC;YAC7D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,8CAA8C,CAAC,EAAE,CAAC,CAAC;YAChF,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,KAAK,WAAW,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;QACzG,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAa,EAAE,UAA+B,EAAE;IAClF,MAAM,WAAW,EAAE,CAAC;IAEpB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,WAAW,CAAC,oBAAoB,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACxE,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;QACvE,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,uBAAuB,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QAChG,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,wCAAwC;IACxC,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;IACzC,IAAI,UAAU,EAAE,CAAC;QACf,gDAAgD;QAChD,MAAM,OAAO,GAAG,GAAG,CAAC,iBAAiB,CAAC,CAAC,KAAK,EAAE,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;YAC3B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,GAAG,CAAC,GAAG,CAAsB,OAAO,CAAC,CAAC;YAC7D,OAAO,CAAC,IAAI,EAAE,CAAC;YAEf,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,CAAC;gBACxD,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,gBAAgB,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;oBACpD,IAAI,WAAW,CAAC,SAAS,KAAK,gBAAgB,EAAE,CAAC;wBAC/C,OAAO,CAAC,GAAG,EAAE,CAAC;wBACd,OAAO,CAAC,GAAG,CAAC,KAAK,WAAW,CAAC,wCAAwC,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC;wBAC5F,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,uDAAuD,CAAC,EAAE,CAAC,CAAC;wBACzF,OAAO,CAAC,GAAG,EAAE,CAAC;wBACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAClB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,IAAI,EAAE,CAAC;YACf,iDAAiD;QACnD,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,KAAK,KAAK,CAAC,OAAO,CAAC,+CAA+C,CAAC,EAAE,CAAC,CAAC;QACvG,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEnD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;QAC3B,MAAM,GAAG,CAAC,MAAM,CAAC,SAAS,KAAK,EAAE,CAAC,CAAC;QAEnC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEhB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACzC,IAAI,KAAK,YAAY,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAChE,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,aAAa,CAAC,uCAAuC,CAAC,EAAE,CAAC,CAAC;YAC3E,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YAC7E,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;aAAM,IAAI,KAAK,YAAY,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACnE,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,KAAK,aAAa,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;YACpD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,uBAAuB,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC;YACvG,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,KAAK,WAAW,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;QACzG,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/auth/config.d.ts

@@ -0,0 +1,15 @@
+export interface UserConfig {
+    userId?: string;
+    email?: string;
+    name?: string;
+    tier?: string;
+    activeTeam?: string;
+    tokenExpiresAt?: number;
+}
+export declare function loadConfig(): UserConfig;
+export declare function saveConfig(config: UserConfig): void;
+export declare function clearConfig(): void;
+export declare function isLoggedIn(): Promise<boolean>;
+export declare function requireAuth(): Promise<UserConfig>;
+export declare function getConfigDir(): string;
+//# sourceMappingURL=config.d.ts.map

package/dist/auth/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/auth/config.ts"],"names":[],"mappings":"AAQA,MAAM,WAAW,UAAU;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAQD,wBAAgB,UAAU,IAAI,UAAU,CAUvC;AAED,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CAOnD;AAED,wBAAgB,WAAW,IAAI,IAAI,CAQlC;AAED,wBAAsB,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC,CAanD;AAED,wBAAsB,WAAW,IAAI,OAAO,CAAC,UAAU,CAAC,CASvD;AAED,wBAAgB,YAAY,IAAI,MAAM,CAErC"}

package/dist/auth/config.js

@@ -0,0 +1,67 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync, unlinkSync } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+import { hasCredential } from './keychain.js';
+const CONFIG_DIR = join(homedir(), '.claudetools');
+const CONFIG_FILE = join(CONFIG_DIR, 'config.json');
+function ensureConfigDir() {
+    if (!existsSync(CONFIG_DIR)) {
+        mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    }
+}
+export function loadConfig() {
+    try {
+        if (!existsSync(CONFIG_FILE)) {
+            return {};
+        }
+        const content = readFileSync(CONFIG_FILE, 'utf-8');
+        return JSON.parse(content);
+    }
+    catch {
+        return {};
+    }
+}
+export function saveConfig(config) {
+    ensureConfigDir();
+    const existing = loadConfig();
+    const merged = { ...existing, ...config };
+    writeFileSync(CONFIG_FILE, JSON.stringify(merged, null, 2), {
+        mode: 0o600,
+    });
+}
+export function clearConfig() {
+    try {
+        if (existsSync(CONFIG_FILE)) {
+            unlinkSync(CONFIG_FILE);
+        }
+    }
+    catch {
+        // Ignore errors
+    }
+}
+export async function isLoggedIn() {
+    const config = loadConfig();
+    if (!config.userId || !config.email) {
+        return false;
+    }
+    // Verify an actual credential exists (not just a crafted config)
+    const credentialExists = await hasCredential();
+    if (!credentialExists) {
+        return false;
+    }
+    return true;
+}
+export async function requireAuth() {
+    if (!(await isLoggedIn())) {
+        console.log();
+        console.log('  Authentication required.');
+        console.log('  Run: claudetools login');
+        console.log();
+        process.exit(1);
+    }
+    return loadConfig();
+}
+export function getConfigDir() {
+    return CONFIG_DIR;
+}
+//# sourceMappingURL=config.js.map

package/dist/auth/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/auth/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AACpF,OAAO,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,cAAc,CAAC,CAAC;AACnD,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;AAWpD,SAAS,eAAe;IACtB,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,IAAI,CAAC;QACH,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAkB;IAC3C,eAAe,EAAE,CAAC;IAClB,MAAM,QAAQ,GAAG,UAAU,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,MAAM,EAAE,CAAC;IAC1C,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;QAC1D,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,IAAI,CAAC;QACH,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,UAAU,CAAC,WAAW,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gBAAgB;IAClB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU;IAC9B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QACpC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iEAAiE;IACjE,MAAM,gBAAgB,GAAG,MAAM,aAAa,EAAE,CAAC;IAC/C,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,IAAI,CAAC,CAAC,MAAM,UAAU,EAAE,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,UAAU,EAAE,CAAC;AACtB,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,OAAO,UAAU,CAAC;AACpB,CAAC"}

package/dist/auth/index.d.ts

@@ -0,0 +1,8 @@
+export declare function runLogin(options?: {
+    noBrowser?: boolean;
+}): Promise<void>;
+export declare function runLogout(): Promise<void>;
+export declare function runWhoami(options?: {
+    json?: boolean;
+}): Promise<void>;
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAoDA,wBAAsB,QAAQ,CAAC,OAAO,GAAE;IAAE,SAAS,CAAC,EAAE,OAAO,CAAA;CAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAoFnF;AA+HD,wBAAsB,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,CAmC/C;AAED,wBAAsB,SAAS,CAAC,OAAO,GAAE;IAAE,IAAI,CAAC,EAAE,OAAO,CAAA;CAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAkE/E"}

package/dist/auth/index.js

@@ -0,0 +1,299 @@
+import { createServer } from 'node:http';
+import { URL } from 'node:url';
+import crypto from 'node:crypto';
+import ora from 'ora';
+import { getApiClient, ApiError } from '../lib/api.js';
+import { saveConfig, clearConfig, isLoggedIn } from './config.js';
+import { storeCredential, deleteCredential } from './keychain.js';
+import { theme, formatError, formatSuccess, formatWarning, formatInfo } from '../lib/theme.js';
+import { openBrowser } from '../lib/browser.js';
+function formatTier(tier) {
+    switch (tier) {
+        case 'free':
+            return theme.muted('🆓 Free');
+        case 'pro':
+            return theme.highlight('⭐ Pro');
+        case 'team':
+            return theme.brand('👥 Team');
+        case 'enterprise':
+            return theme.warning('🏢 Enterprise');
+        default:
+            return tier;
+    }
+}
+export async function runLogin(options = {}) {
+    // Check if already logged in
+    if (await isLoggedIn()) {
+        console.log();
+        console.log(`  ${formatInfo('Already logged in.')}`);
+        console.log(`  ${theme.muted(`Run ${theme.command('claudetools logout')} to sign out first.`)}`);
+        console.log();
+        return;
+    }
+    // Generate a random state for CSRF protection
+    const state = crypto.randomUUID();
+    // Start local HTTP server on a random available port
+    const { port, waitForCallback, close } = await startCallbackServer(state);
+    // Build the auth URL — derive web origin from the API base URL
+    const apiBase = process.env.CLAUDETOOLS_API_URL || 'https://claudetools.com/api';
+    const webBase = apiBase.replace(/\/api\/?$/, '');
+    const authUrl = `${webBase}/cli-auth?port=${port}&state=${state}`;
+    console.log();
+    console.log(`  ${theme.bold('To authenticate, visit:')}`);
+    console.log();
+    console.log(`    ${theme.highlight(authUrl)}`);
+    console.log();
+    // Open browser automatically unless --no-browser
+    if (!options.noBrowser) {
+        try {
+            await openBrowser(authUrl);
+            console.log(`  ${theme.muted('Browser opened automatically.')}`);
+        }
+        catch {
+            console.log(`  ${theme.muted('Could not open browser. Please visit the URL above.')}`);
+        }
+    }
+    console.log();
+    const spinner = ora('Waiting for authentication...').start();
+    try {
+        // Wait for the redirect callback (timeout after 5 minutes)
+        const credentials = await waitForCallback(5 * 60 * 1000);
+        spinner.succeed('Authenticated successfully!');
+        // Store credentials in keychain
+        const tokenExpiresAt = Date.now() + credentials.expiresIn * 1000;
+        await storeCredential(credentials.token);
+        saveConfig({
+            userId: credentials.userId,
+            email: credentials.email,
+            name: credentials.name || undefined,
+            tier: credentials.tier,
+            tokenExpiresAt,
+        });
+        // Push credentials to sync engine for cloud sync
+        try {
+            const { isSyncEngineRunning, getSyncEngineClient } = await import('../sync-engine/client.js');
+            if (await isSyncEngineRunning()) {
+                const syncClient = getSyncEngineClient();
+                await syncClient.authStore({
+                    token: credentials.token,
+                    userId: credentials.userId,
+                    email: credentials.email,
+                    tier: credentials.tier,
+                    expiresAt: new Date(tokenExpiresAt).toISOString(),
+                    refreshToken: undefined,
+                });
+            }
+        }
+        catch {
+            // Best-effort — cloud sync will work when engine starts
+        }
+        console.log();
+        console.log(`  ${formatSuccess(`Welcome, ${theme.bold(credentials.name || credentials.email)}!`)}`);
+        console.log();
+    }
+    catch (authError) {
+        spinner.fail(authError instanceof Error ? authError.message : 'Authentication failed');
+        process.exit(1);
+    }
+    finally {
+        close();
+    }
+}
+// ── Local callback server ─────────────────────────────────────────────
+async function startCallbackServer(expectedState) {
+    return new Promise((resolveServer, rejectServer) => {
+        let callbackResolve;
+        let timeoutId;
+        const server = createServer(async (req, res) => {
+            const requestUrl = new URL(req.url || '/', 'http://localhost');
+            if (requestUrl.pathname === '/callback') {
+                try {
+                    let params;
+                    if (req.method === 'POST') {
+                        // Parse URL-encoded form body with size limit
+                        const MAX_BODY_SIZE = 8192;
+                        let body;
+                        try {
+                            body = await new Promise((resolve, reject) => {
+                                let formData = '';
+                                req.on('data', (chunk) => {
+                                    formData += chunk.toString();
+                                    if (formData.length > MAX_BODY_SIZE) {
+                                        req.destroy();
+                                        reject(new Error('Body too large'));
+                                    }
+                                });
+                                req.on('end', () => { resolve(formData); });
+                            });
+                        }
+                        catch {
+                            res.writeHead(413, { 'Content-Type': 'text/html' });
+                            res.end('<html><body><h2>Authentication failed</h2>' +
+                                '<p>Request body too large.</p></body></html>');
+                            return;
+                        }
+                        params = new URLSearchParams(body);
+                    }
+                    else {
+                        // GET fallback for backwards compatibility
+                        params = requestUrl.searchParams;
+                    }
+                    const receivedState = params.get('state');
+                    const token = params.get('token');
+                    const userId = params.get('userId');
+                    const email = params.get('email');
+                    const name = params.get('name') || '';
+                    const tier = params.get('tier') || 'free';
+                    const expiresIn = parseInt(params.get('expiresIn') || '604800', 10);
+                    // Validate state to prevent CSRF
+                    if (receivedState !== expectedState) {
+                        res.writeHead(400, { 'Content-Type': 'text/html' });
+                        res.end('<html><body><h2>Authentication failed</h2>' +
+                            '<p>Invalid state parameter. Please try again.</p></body></html>');
+                        return;
+                    }
+                    if (!token || !userId || !email) {
+                        res.writeHead(400, { 'Content-Type': 'text/html' });
+                        res.end('<html><body><h2>Authentication failed</h2>' +
+                            '<p>Missing required parameters.</p></body></html>');
+                        return;
+                    }
+                    // Send success page to browser
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end('<html><body style="text-align:center;padding:40px;font-family:system-ui;">' +
+                        '<h2>Authentication successful!</h2>' +
+                        '<p>You can close this tab and return to your terminal.</p>' +
+                        '</body></html>');
+                    // Resolve the callback promise
+                    callbackResolve({ token, userId, email, name, tier, expiresIn });
+                    clearTimeout(timeoutId);
+                }
+                catch {
+                    res.writeHead(500, { 'Content-Type': 'text/html' });
+                    res.end('<html><body><h2>Authentication failed</h2><p>Internal error. Please try again.</p></body></html>');
+                }
+            }
+            else {
+                res.writeHead(404);
+                res.end();
+            }
+        });
+        // Listen on random available port (0 = OS assigns)
+        server.listen(0, '127.0.0.1', () => {
+            const address = server.address();
+            if (!address || typeof address === 'string') {
+                rejectServer(new Error('Failed to start callback server'));
+                return;
+            }
+            resolveServer({
+                port: address.port,
+                waitForCallback: (timeoutMs) => {
+                    return new Promise((resolve, reject) => {
+                        callbackResolve = resolve;
+                        timeoutId = setTimeout(() => {
+                            reject(new Error('Authentication timed out. Please try again.'));
+                            server.close();
+                        }, timeoutMs);
+                    });
+                },
+                close: () => {
+                    clearTimeout(timeoutId);
+                    server.close();
+                },
+            });
+        });
+        server.on('error', (serverError) => {
+            rejectServer(new Error(`Failed to start callback server: ${serverError.message}`));
+        });
+    });
+}
+export async function runLogout() {
+    if (!(await isLoggedIn())) {
+        console.log();
+        console.log(`  ${theme.muted('Not logged in.')}`);
+        console.log();
+        return;
+    }
+    const spinner = ora('Signing out...').start();
+    try {
+        // Clear stored credentials
+        await deleteCredential();
+        clearConfig();
+        // Clear sync engine credentials
+        try {
+            const { isSyncEngineRunning, getSyncEngineClient } = await import('../sync-engine/client.js');
+            if (await isSyncEngineRunning()) {
+                const syncClient = getSyncEngineClient();
+                await syncClient.authClear();
+            }
+        }
+        catch {
+            // Best-effort — sync engine may not be running
+        }
+        spinner.succeed('Signed out successfully');
+        console.log();
+    }
+    catch (error) {
+        spinner.fail('Failed to sign out');
+        console.error(`  ${formatError(error instanceof Error ? error.message : 'Unknown error', 'ERR_LOGOUT')}`);
+        process.exit(1);
+    }
+}
+export async function runWhoami(options = {}) {
+    if (!(await isLoggedIn())) {
+        console.log();
+        console.log(`  ${formatWarning('Not logged in.')}`);
+        console.log(`  ${theme.muted(`Run ${theme.command('claudetools login')} to authenticate.`)}`);
+        console.log();
+        return;
+    }
+    const spinner = ora('Loading user info...').start();
+    try {
+        const api = getApiClient();
+        const { data: user } = await api.get('/users/me');
+        if (!user) {
+            spinner.fail('Failed to load user info');
+            console.error(`  ${formatError('No data received from server', 'ERR_NO_DATA')}`);
+            process.exit(1);
+        }
+        spinner.stop();
+        if (options.json) {
+            console.log(JSON.stringify(user, null, 2));
+            return;
+        }
+        console.log();
+        console.log(`  ${theme.bold('Name:')}  ${user.name || theme.muted('Not set')}`);
+        console.log(`  ${theme.bold('Email:')} ${user.email}`);
+        console.log(`  ${theme.bold('Tier:')}  ${formatTier(user.tier)}`);
+        // Show subscription info for paid tiers
+        if (user.tier !== 'free' && user.subscriptionCurrentPeriodEnd) {
+            const renewDate = new Date(user.subscriptionCurrentPeriodEnd).toLocaleDateString();
+            console.log(`  ${theme.bold('Renews:')} ${renewDate}`);
+            if (user.subscriptionStatus && user.subscriptionStatus !== 'active') {
+                console.log(`  ${theme.bold('Status:')} ${theme.warning(user.subscriptionStatus)}`);
+            }
+        }
+        console.log(`  ${theme.bold('ID:')}    ${theme.muted(user.id)}`);
+        console.log();
+        // Show upgrade prompt for free users
+        if (user.tier === 'free') {
+            console.log(`  ${theme.muted('Upgrade to Pro for cloud sync and unlimited stacks:')}`);
+            console.log(`  ${theme.command('claudetools upgrade')}`);
+            console.log();
+        }
+    }
+    catch (error) {
+        spinner.fail('Failed to load user info');
+        if (error instanceof ApiError && error.code === 'AUTH_REQUIRED') {
+            console.log();
+            console.log(`  ${formatWarning('Session expired. Please log in again.')}`);
+            console.log(`  ${theme.muted(`Run ${theme.command('claudetools login')}`)}`);
+            console.log();
+        }
+        else {
+            console.error(`  ${formatError(error instanceof Error ? error.message : 'Unknown error', 'ERR_WHOAMI')}`);
+        }
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=index.js.map