@dubeyvishal/orbital-cli 1.0.3 → 1.0.5

package/server/src/cli/commands/General/openApp.js

@@ -2,10 +2,9 @@ import chalk from "chalk";
 import { Command } from "commander";
 import yoctoSpinner from "yocto-spinner";
 import { getStoredToken } from "../../../lib/token.js";
-import prisma from "../../../lib/db.js";
-import { ensureDbConnection } from "../../../lib/dbHealth.js";
 import { select } from "@clack/prompts";
 import {openGithub , openLinkedin ,  openLeetcode , openGmail , openWhatsApp} from "../../../cli/generalApp/Apps.js"
+import { apiRequestSafe } from "../../utils/apiClient.js";
 
 const openAppAction = async () => {
   const token = await getStoredToken();
@@ -15,29 +14,13 @@ const openAppAction = async () => {
     return;
   }
 
-  const dbOk = await ensureDbConnection();
-  if (!dbOk) return;
-
   const spinner = yoctoSpinner({ text: "Fetching user information..." });
   spinner.start();
 
   let user;
   try {
-    user = await prisma.user.findFirst({
-      where: {
-        sessions: {
-          some: {
-            token: token.access_token,
-          },
-        },
-      },
-      select: {
-        id: true,
-        name: true,
-        email: true,
-        image: true,
-      },
-    });
+    const result = await apiRequestSafe("/api/cli/me");
+    user = result?.user;
   } finally {
     spinner.stop();
   }

package/server/src/cli/commands/ai/wakeUp.js

@@ -2,46 +2,35 @@ import chalk from "chalk";
 import {Command} from "commander";
 import yoctoSpinner  from "yocto-spinner";
 import {getStoredToken} from "../../../lib/token.js"
-import prisma from "../../../lib/db.js"
-import { ensureDbConnection } from "../../../lib/dbHealth.js";
 import {select} from "@clack/prompts";
 import {startChat} from "../../../cli/chat/chat-with-ai.js";
 import {startToolChat} from "../../../cli/chat/chat-with-ai-tools.js";
 import {startAgentChat} from "../../../cli/chat/chat-with-ai-agent.js";
+import { apiRequestSafe } from "../../utils/apiClient.js";
+import { requireGeminiApiKey } from "../../../lib/orbitalConfig.js";
 
 
 const wakeUpAction = async()=>{
+    try {
+        await requireGeminiApiKey();
+    } catch {
+        console.log(chalk.red("Gemini API key not set. Run: orbital set-key <API_KEY>"));
+        return;
+    }
+
     const token = await getStoredToken();
      if(!token?.access_token){
         console.log(chalk.red("Not Authenticated. please login"))
         return ;
      }
 
-      const dbOk = await ensureDbConnection();
-      if(!dbOk){
-          return;
-      }
-
      const spinner = yoctoSpinner({text: "Fetching user information ..."})
      spinner.start()
 
      let user;
      try{
-        user = await prisma.user.findFirst({
-            where : {
-                sessions : {
-                    some : {
-                        token : token.access_token
-                    }
-                }
-            },
-            select : {
-                id : true ,
-                name : true ,
-                email : true ,
-                image : true 
-            }
-        });
+        const result = await apiRequestSafe("/api/cli/me");
+        user = result?.user;
      }
      finally{
         spinner.stop();

package/server/src/cli/commands/auth/aboutMe.js

@@ -1,8 +1,9 @@
 import chalk from "chalk";
 import { Command } from "commander";
 import { requireAuth } from "../../../lib/token.js";
+import { API_BASE } from "../../../config/api.js";
 
-const DEFAULT_SERVER_URL = "https://smart-cli-based-agent.onrender.com";
+const DEFAULT_SERVER_URL = API_BASE;
 
 export const whoAmIAction = async (cmdOptions = {})=>{
     const token = await requireAuth();

package/server/src/cli/commands/auth/login.js

@@ -1,3 +1,4 @@
+import "../../../config/env.js";
 import { cancel, confirm, intro, outro, isCancel } from "@clack/prompts";
 import chalk from "chalk";
 import { Command } from "commander";
@@ -11,24 +12,36 @@ import { deviceAuthorizationClient } from "better-auth/client/plugins";
 import { logger } from "better-auth";
 import { fileURLToPath } from "url";
 import { getStoredToken, isTokenExpired, storeToken ,TOKEN_FILE } from "../../../lib/token.js";
+import { API_BASE } from "../../../config/api.js";
+import { apiRequestSafe } from "../../utils/apiClient.js";
+import { requireGeminiApiKey } from "../../../lib/orbitalConfig.js";
 
 
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
-const URL = "https://smart-cli-based-agent.onrender.com";
-const CLIENT_ID = process.env.GITHUB_CLIENT_ID;
+const URL = API_BASE;
+
+const resolveClientId = async (cliClientId) => {
+  const resolved = (cliClientId || "").trim();
+  if (resolved.length > 0) return resolved;
+
+  const response = await apiRequestSafe("/auth/github/client-id", {
+    method: "GET",
+    requireAuth: false,
+  });
+
+  const clientId = typeof response?.client_id === "string" ? response.client_id.trim() : "";
+  return clientId.length > 0 ? clientId : undefined;
+};
 
 
 export const loginAction = async (cmdOptions) => {
-  if (!process.env.GOOGLE_GENERATIVE_AI_API_KEY) {
-    console.log(chalk.red("Gemini API key is not set."));
-    console.log(
-      chalk.gray(
-        "Run: orbital setkey <your-gemini-api-key>\nThen run: orbital login",
-      ),
-    );
+  try {
+    await requireGeminiApiKey();
+  } catch {
+    console.log(chalk.red("Gemini API key not set. Run: orbital set-key <API_KEY>"));
     process.exit(1);
   }
 
@@ -43,7 +56,17 @@ export const loginAction = async (cmdOptions) => {
   });
 
   const serverUrl = options.serverUrl || URL;
-  const clientId = options.clientId || CLIENT_ID;
+  const clientId = await resolveClientId(options.clientId);
+
+  if (!clientId) {
+    console.error(chalk.red("GitHub OAuth client ID is not available from the server."));
+    console.log(
+      chalk.gray(
+        "Make sure the backend is deployed and configured with GITHUB_CLIENT_ID.",
+      ),
+    );
+    process.exit(1);
+  }
 
   intro(chalk.bold("Auth CLI Login"));
 
@@ -238,5 +261,5 @@ const pollForToken = async (
 export const login = new Command("login")
   .description("Login to Better Auth")
   .option("--server-url <url>", "The Better Auth server URL", URL)
-  .option("--client-id <id>", "The OAuth client ID", CLIENT_ID)
+  .option("--client-id <id>", "The OAuth client ID")
   .action(loginAction);

package/server/src/cli/commands/config/setkey.js

@@ -1,19 +1,26 @@
 import { Command } from "commander";
 import chalk from "chalk";
-import { setGeminiApiKey, ORBITAL_CONFIG_FILE } from "../../../lib/orbitalConfig.js";
+import { setGeminiApiKey } from "../../../lib/orbitalConfig.js";
+import { getCredentialServiceName } from "../../../lib/credentialStore.js";
 
 const setKeyAction = async (apiKey) => {
   try {
     await setGeminiApiKey(apiKey);
     console.log(chalk.green("Gemini API key saved."));
-    console.log(chalk.gray(`Stored at: ${ORBITAL_CONFIG_FILE}`));
+    console.log(
+      chalk.gray(
+        `Stored securely in your OS credential manager (service: ${getCredentialServiceName()}).`
+      )
+    );
   } catch (err) {
     console.log(chalk.red("Failed to save key:"), err?.message || err);
     process.exit(1);
   }
 };
 
-export const setkey = new Command("setkey")
-  .description("Set Gemini API key for Orbital")
-  .argument("<apiKey>", "Your Gemini API key")
+export const setkey = new Command("set-key")
+  .description("Store your Gemini API key securely (keytar)")
+  .argument("<API_KEY>", "Your Gemini API key")
+  .alias("set")
+  .alias("setkey")
   .action(setKeyAction);

package/server/src/cli/main.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 
 import "../config/env.js";
 import chalk from "chalk";

package/server/src/cli/utils/apiClient.js

@@ -0,0 +1,66 @@
+import chalk from "chalk";
+import { API_BASE } from "../../config/api.js";
+import { getStoredToken, requireAuth } from "../../lib/token.js";
+
+const buildUrl = (path) => {
+  const normalized = path.startsWith("/") ? path : `/${path}`;
+  return `${API_BASE}${normalized}`;
+};
+
+const getAuthHeader = async (isRequired) => {
+  const token = isRequired ? await requireAuth() : await getStoredToken();
+  if (!token?.access_token) return {};
+
+  const headerValue = token.token_type
+    ? `${token.token_type} ${token.access_token}`
+    : `Bearer ${token.access_token}`;
+
+  return { Authorization: headerValue };
+};
+
+export const apiRequest = async (
+  path,
+  { method = "GET", body, requireAuth: isRequired = true } = {}
+) => {
+  const headers = {
+    "content-type": "application/json",
+    ...(await getAuthHeader(isRequired)),
+  };
+
+  let response;
+  try {
+    response = await fetch(buildUrl(path), {
+      method,
+      headers,
+      body: body ? JSON.stringify(body) : undefined,
+    });
+  } catch (error) {
+    throw new Error(`Failed to reach server at ${API_BASE}`);
+  }
+
+  const text = await response.text();
+  let data = null;
+  if (text) {
+    try {
+      data = JSON.parse(text);
+    } catch {
+      data = null;
+    }
+  }
+
+  if (!response.ok) {
+    const errorMessage = data?.error || data?.message || response.statusText;
+    throw new Error(`${errorMessage} (HTTP ${response.status})`);
+  }
+
+  return data;
+};
+
+export const apiRequestSafe = async (...args) => {
+  try {
+    return await apiRequest(...args);
+  } catch (error) {
+    console.error(chalk.red(error?.message || "Request failed"));
+    throw error;
+  }
+};

package/server/src/config/agentConfig.js

@@ -8,7 +8,7 @@ import { z } from "zod";
 const genenateObject = generateObject;
 
 
-const applicationSchema = z.object({
+export const applicationSchema = z.object({
   folderName: z.string().describe("Kebab-Case folder name for the application"),
   description: z.string().describe("Brief description of what was created"),
   files: z.array(
@@ -35,7 +35,7 @@ const printSystem = (message) => {
   console.log(message);
 }
 
-const displayFileTree = (files, folderName) => {
+export const displayFileTree = (files, folderName) => {
   printSystem(chalk.cyan("📂 Project Structure:"));
   printSystem(chalk.white(`${folderName}/`));
 
@@ -77,7 +77,7 @@ const displayFileTree = (files, folderName) => {
   printTree(tree, "  ");
 }
 
-const createApplicationFiles = async(baseDir , folderName , files)=>{
+export const createApplicationFiles = async(baseDir , folderName , files)=>{
   const appDir = path.join(baseDir , folderName)
 
   await fs.mkdir(appDir , {recursive : true});
@@ -97,18 +97,11 @@ const createApplicationFiles = async(baseDir , folderName , files)=>{
 
 }
 
-
-export const generateApplication = async (description, aiService, cwd = process.cwd()) => {
-  try {
-    printSystem(chalk.cyan(`\n Agent Mode: Generating your application...\n`));
-    printSystem(chalk.gray(`Request: ${description}\n`));
-
-    printSystem(chalk.magenta("Agent Response: \n"));
-
-    const { object: application } = await generateObject({
-      model: aiService.model,
-      schema: applicationSchema,
-      prompt: `Create a complete, production-ready application for: ${description}
+export const generateApplicationPlan = async (description, aiService) => {
+  const { object: application } = await generateObject({
+    model: aiService.model,
+    schema: applicationSchema,
+    prompt: `Create a complete, production-ready application for: ${description}
 
 CRITICAL REQUIREMENTS:
 1. Generate ALL files needed for the application to run
@@ -125,9 +118,21 @@ Provide:
 - A meaningful kebab-case folder name
 - All necessary files with complete content
 - Setup commands (cd folder, npm install, npm run dev, etc.)
-- All dependencies with versions`
+- All dependencies with versions`,
+  });
 
-    });
+  return application;
+};
+
+
+export const generateApplication = async (description, aiService, cwd = process.cwd()) => {
+  try {
+    printSystem(chalk.cyan(`\n Agent Mode: Generating your application...\n`));
+    printSystem(chalk.gray(`Request: ${description}\n`));
+
+    printSystem(chalk.magenta("Agent Response: \n"));
+
+    const application = await generateApplicationPlan(description, aiService);
 
     printSystem(chalk.green(`\n Generated: ${application.folderName}`));
     printSystem(chalk.green(`\n Description: ${application.description}`));

package/server/src/config/api.js

@@ -0,0 +1,22 @@
+const DEFAULT_API_BASE = "https://smart-cli-based-agent.onrender.com";
+const DEFAULT_FRONTEND_URL = "https://smart-cli-based-agent-t7x4.vercel.app";
+
+const stripTrailingSlash = (value) => {
+  if (typeof value !== "string") return value;
+  return value.replace(/\/+$/, "");
+};
+
+export const API_BASE = stripTrailingSlash(
+  process.env.ORBITAL_SERVER_URL ||
+    process.env.BACKEND_URL ||
+    process.env.SERVER_URL ||
+    DEFAULT_API_BASE
+);
+
+export const FRONTEND_URL = stripTrailingSlash(
+  process.env.FRONTEND_URL || process.env.CLIENT_ORIGIN || DEFAULT_FRONTEND_URL
+);
+
+export const AUTH_BASE_URL = stripTrailingSlash(
+  process.env.BETTER_AUTH_BASE_URL || API_BASE
+);

package/server/src/config/env.js

@@ -1,8 +1,6 @@
 import dotenv from "dotenv";
 import path from "path";
 import { fileURLToPath } from "url";
-import fs from "fs";
-import os from "os";
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@@ -12,20 +10,8 @@ const serverEnvPath = path.resolve(__dirname, "../../.env");
 
 dotenv.config({ path: serverEnvPath });
 
-// Load Orbital user config (stored in the user's home directory) and
-// hydrate env vars if they are not already set.
-try {
-	const orbitalConfigPath = path.join(os.homedir(), ".orbital", "config.json");
-	if (!process.env.GOOGLE_GENERATIVE_AI_API_KEY && fs.existsSync(orbitalConfigPath)) {
-		const raw = fs.readFileSync(orbitalConfigPath, "utf-8");
-		const parsed = JSON.parse(raw);
-		if (parsed?.geminiApiKey && typeof parsed.geminiApiKey === "string") {
-			process.env.GOOGLE_GENERATIVE_AI_API_KEY = parsed.geminiApiKey.trim();
-		}
-	}
-} catch {
-	// ignore
-}
+// Note: The Gemini API key is stored in the OS credential manager via keytar.
+// CLI code will hydrate GOOGLE_GENERATIVE_AI_API_KEY from keytar when needed.
 
 const stripWrappingQuotes = (value) => {
 	if (typeof value !== "string") return value;

package/server/src/config/toolConfig.js

@@ -1,5 +1,6 @@
 import { google } from "@ai-sdk/google";
 import chalk from "chalk";
+import { requireGeminiApiKeySync } from "../lib/orbitalConfig.js";
 
 export const availableTools = [
   {
@@ -32,6 +33,12 @@ export const getEnabledTools = () => {
   const tools = {};
 
   try {
+    const enabledToolCount = availableTools.filter((t) => t.enabled).length;
+    if (enabledToolCount > 0 && !process.env.GOOGLE_GENERATIVE_AI_API_KEY) {
+      
+      requireGeminiApiKeySync();
+    }
+
     for (const toolConfig of availableTools) {
       if (toolConfig.enabled) {
         tools[toolConfig.id] = toolConfig.getTool();

package/server/src/controllers/aiController.js

@@ -0,0 +1,58 @@
+import { ChatService } from "../services/chatService.js";
+import { getAIService } from "../services/aiService.js";
+import { enableTools, getEnabledTools, resetTools } from "../config/toolConfig.js";
+import { generateApplicationPlan } from "../config/agentConfig.js";
+
+const chatService = new ChatService();
+
+export const respond = async (req, res, next) => {
+  try {
+    const { conversationId, mode, toolIds } = req.body || {};
+
+    if (!conversationId) {
+      return res.status(400).json({ error: "conversationId is required" });
+    }
+
+    const messages = await chatService.getMessages(conversationId);
+    const aiMessages = chatService.formatMessageForAI(messages);
+
+    let tools;
+    if (mode === "tool") {
+      resetTools();
+      if (Array.isArray(toolIds)) {
+        enableTools(toolIds);
+      }
+      tools = getEnabledTools();
+    }
+
+    const aiService = getAIService();
+    const result = await aiService.sendMessage(aiMessages, null, tools);
+
+    await chatService.addMessage(conversationId, "assistant", result.content);
+
+    return res.json({
+      content: result.content,
+      toolCalls: result.toolCalls || [],
+      toolResults: result.toolResults || [],
+    });
+  } catch (error) {
+    return next(error);
+  }
+};
+
+export const generateAgentPlan = async (req, res, next) => {
+  try {
+    const { description } = req.body || {};
+
+    if (!description || typeof description !== "string") {
+      return res.status(400).json({ error: "description is required" });
+    }
+
+    const aiService = getAIService();
+    const application = await generateApplicationPlan(description, aiService);
+
+    return res.json({ application });
+  } catch (error) {
+    return next(error);
+  }
+};

package/server/src/controllers/cliController.js

@@ -0,0 +1,77 @@
+import { ChatService } from "../services/chatService.js";
+
+const chatService = new ChatService();
+
+export const getMe = async (req, res) => {
+  return res.json({
+    user: req.user,
+    session: {
+      id: req.session?.id,
+      expiresAt: req.session?.expiresAt,
+    },
+  });
+};
+
+export const initConversation = async (req, res, next) => {
+  try {
+    const { conversationId, mode } = req.body || {};
+
+    const conversation = await chatService.getOrCreateConversation(
+      req.user.id,
+      conversationId || null,
+      mode || "chat"
+    );
+
+    const messages = await chatService.getMessages(conversation.id);
+
+    return res.json({ conversation, messages });
+  } catch (error) {
+    return next(error);
+  }
+};
+
+export const addMessage = async (req, res, next) => {
+  try {
+    const { conversationId, role, content } = req.body || {};
+
+    if (!conversationId || !role) {
+      return res.status(400).json({ error: "conversationId and role are required" });
+    }
+
+    const message = await chatService.addMessage(conversationId, role, content);
+    return res.json({ message });
+  } catch (error) {
+    return next(error);
+  }
+};
+
+export const getMessages = async (req, res, next) => {
+  try {
+    const { conversationId } = req.query || {};
+
+    if (!conversationId) {
+      return res.status(400).json({ error: "conversationId is required" });
+    }
+
+    const messages = await chatService.getMessages(conversationId);
+    return res.json({ messages });
+  } catch (error) {
+    return next(error);
+  }
+};
+
+export const updateTitle = async (req, res, next) => {
+  try {
+    const { id } = req.params || {};
+    const { title } = req.body || {};
+
+    if (!id || !title) {
+      return res.status(400).json({ error: "title is required" });
+    }
+
+    const conversation = await chatService.updateTitle(id, title);
+    return res.json({ conversation });
+  } catch (error) {
+    return next(error);
+  }
+};

package/server/src/db/prisma.js

@@ -0,0 +1,3 @@
+import prisma from "../lib/db.js";
+
+export default prisma;

package/server/src/index.js

@@ -5,14 +5,14 @@ import cors from "cors";
 import { auth } from "./lib/auth.js";
 import prisma from "./lib/db.js";
 import { ensureDbConnectionOrExit } from "./lib/dbHealth.js";
-
+import { FRONTEND_URL } from "./config/api.js";
+import cliRoutes from "./routes/cliRoutes.js";
+import authRoutes from "./routes/authRoutes.js";
+import { errorHandler } from "./middleware/errorHandler.js";
 
 const app = express();
 const PORT = process.env.PORT || 8080;
-const CLIENT_ORIGIN =
-  process.env.CLIENT_ORIGIN ||
-  process.env.FRONTEND_URL ||
-  "https://smart-cli-based-agent-t7x4.vercel.app";
+const CLIENT_ORIGIN = FRONTEND_URL;
 
 app.use(express.json());
 
@@ -20,12 +20,14 @@ app.use(
   cors({
     origin: CLIENT_ORIGIN,
     methods: ["GET", "POST", "PUT", "DELETE"],
-    credentials: true, 
+    credentials: true,
   })
 );
 
 app.all("/api/auth/*splat", toNodeHandler(auth));
 
+app.use("/auth", authRoutes);
+
 app.get("/api/me" , async (req, res)=>{
   const session = await auth.api.getSession({
     headers : fromNodeHeaders (req.headers),
@@ -72,6 +74,10 @@ app.get("/device" , async(req , res)=>{
   res.redirect(`${CLIENT_ORIGIN}/device?user_code=${user_code}`)
 });
 
+app.use("/api/cli", cliRoutes);
+
+app.use(errorHandler);
+
 const start = async () => {
   await ensureDbConnectionOrExit({
     retries: Number(process.env.DB_CONNECT_RETRIES || 10),

package/server/src/lib/auth.js

@@ -3,6 +3,7 @@ import { betterAuth } from "better-auth";
 import { prismaAdapter } from "better-auth/adapters/prisma";
 import { deviceAuthorization } from "better-auth/plugins"; 
 import prisma from "./db.js";
+import { FRONTEND_URL } from "../config/api.js";
 
 export const auth = betterAuth({
     database: prismaAdapter(prisma, {
@@ -12,16 +13,15 @@ export const auth = betterAuth({
     // auth cookies are set on the frontend origin. The OAuth callback must therefore
     // also land on the frontend origin to avoid `state_mismatch`.
     baseURL:
-      process.env.BETTER_AUTH_BASE_URL ||
       process.env.FRONTEND_URL ||
       process.env.CLIENT_ORIGIN ||
-      "http://localhost:3000",
+      FRONTEND_URL,
     basePath:"/api/auth" ,
     trustedOrigins: [
       process.env.CLIENT_ORIGIN ||
         process.env.FRONTEND_URL ||
-        "https://smart-cli-based-agent-t7x4.vercel.app",
-      "http://localhost:3000",
+        FRONTEND_URL,
+      FRONTEND_URL,
     ],
     plugins: [
     deviceAuthorization({