@geekmidas/cli 0.10.0 → 0.13.0

package/src/__tests__/test-helpers.ts

@@ -2,8 +2,8 @@ import { mkdir, rm, writeFile } from 'node:fs/promises';
 import { tmpdir } from 'node:os';
 import { join } from 'node:path';
 import {
-  CronBuilder,
-  type ScheduleExpression,
+	CronBuilder,
+	type ScheduleExpression,
 } from '@geekmidas/constructs/crons';
 import { e } from '@geekmidas/constructs/endpoints';
 import { z } from 'zod';
@@ -12,50 +12,50 @@ import { z } from 'zod';
  * Creates a temporary directory for testing
  */
 export async function createTempDir(prefix = 'cli-test-'): Promise<string> {
-  const tempPath = join(
-    tmpdir(),
-    `${prefix}${Date.now()}-${Math.random().toString(36).slice(2)}`,
-  );
-  await mkdir(tempPath, { recursive: true });
-  return tempPath;
+	const tempPath = join(
+		tmpdir(),
+		`${prefix}${Date.now()}-${Math.random().toString(36).slice(2)}`,
+	);
+	await mkdir(tempPath, { recursive: true });
+	return tempPath;
 }
 
 /**
  * Cleans up a directory
  */
 export async function cleanupDir(path: string): Promise<void> {
-  try {
-    await rm(path, { recursive: true, force: true });
-  } catch (error) {
-    // Ignore errors during cleanup
-  }
+	try {
+		await rm(path, { recursive: true, force: true });
+	} catch (_error) {
+		// Ignore errors during cleanup
+	}
 }
 
 /**
  * Creates a test file with content
  */
 export async function createTestFile(
-  dir: string,
-  filename: string,
-  content: string,
+	dir: string,
+	filename: string,
+	content: string,
 ): Promise<string> {
-  const filePath = join(dir, filename);
-  await mkdir(dirname(filePath), { recursive: true });
-  await writeFile(filePath, content);
-  return filePath;
+	const filePath = join(dir, filename);
+	await mkdir(dirname(filePath), { recursive: true });
+	await writeFile(filePath, content);
+	return filePath;
 }
 
 /**
  * Creates a mock endpoint file with real endpoint construct
  */
 export async function createMockEndpointFile(
-  dir: string,
-  filename: string,
-  exportName: string,
-  path: string = '/test',
-  method: string = 'GET',
+	dir: string,
+	filename: string,
+	exportName: string,
+	path: string = '/test',
+	method: string = 'GET',
 ): Promise<string> {
-  const content = `
+	const content = `
 import { e } from '@geekmidas/constructs/endpoints';
 import { z } from 'zod';
 
@@ -64,19 +64,19 @@ export const ${exportName} = e
   .output(z.object({ message: z.string() }))
   .handle(async () => ({ message: 'Hello from ${exportName}' }));
 `;
-  return createTestFile(dir, filename, content);
+	return createTestFile(dir, filename, content);
 }
 
 /**
  * Creates a mock function file with real function construct
  */
 export async function createMockFunctionFile(
-  dir: string,
-  filename: string,
-  exportName: string,
-  timeout = 30,
+	dir: string,
+	filename: string,
+	exportName: string,
+	timeout = 30,
 ): Promise<string> {
-  const content = `
+	const content = `
 import { f } from '@geekmidas/constructs/functions';
 import { z } from 'zod';
 
@@ -86,19 +86,19 @@ export const ${exportName} = f
   .timeout(${timeout})
   .handle(async ({ input }) => ({ greeting: \`Hello, \${input.name}!\` }));
 `;
-  return createTestFile(dir, filename, content);
+	return createTestFile(dir, filename, content);
 }
 
 /**
  * Creates a mock cron file with real cron construct
  */
 export async function createMockCronFile(
-  dir: string,
-  filename: string,
-  exportName: string,
-  schedule = 'rate(1 hour)',
+	dir: string,
+	filename: string,
+	exportName: string,
+	schedule = 'rate(1 hour)',
 ): Promise<string> {
-  const content = `
+	const content = `
 import { CronBuilder } from '@geekmidas/constructs/crons';
 import { z } from 'zod';
 
@@ -110,70 +110,70 @@ export const ${exportName} = new CronBuilder()
     return { processed: 10 };
   });
 `;
-  return createTestFile(dir, filename, content);
+	return createTestFile(dir, filename, content);
 }
 
 /**
  * Helper functions to create real constructs for testing
  */
 export function createTestEndpoint(path: string, method: HttpMethod = 'GET') {
-  const m = method.toLowerCase() as Lowercase<HttpMethod>;
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  const builder = (e as any)[m](path);
-  builder.output(z.object({ message: z.string() }));
-  return builder.handle(async () => ({ message: `Hello from ${path}` }));
+	const m = method.toLowerCase() as Lowercase<HttpMethod>;
+	// eslint-disable-next-line @typescript-eslint/no-explicit-any
+	const builder = (e as any)[m](path);
+	builder.output(z.object({ message: z.string() }));
+	return builder.handle(async () => ({ message: `Hello from ${path}` }));
 }
 
 export function createTestFunction(timeout: number = 30) {
-  const builder = new FunctionBuilder();
-  builder.input(z.object({ name: z.string() }));
-  builder.output(z.object({ greeting: z.string() }));
-  builder.timeout(timeout);
-  return builder.handle(async ({ input }: any) => ({
-    greeting: `Hello, ${input.name}!`,
-  }));
+	const builder = new FunctionBuilder();
+	builder.input(z.object({ name: z.string() }));
+	builder.output(z.object({ greeting: z.string() }));
+	builder.timeout(timeout);
+	return builder.handle(async ({ input }: any) => ({
+		greeting: `Hello, ${input.name}!`,
+	}));
 }
 
 export function createTestCron(
-  schedule: ScheduleExpression = 'rate(1 hour)',
-  timeout: number = 30,
+	schedule: ScheduleExpression = 'rate(1 hour)',
+	timeout: number = 30,
 ) {
-  const builder = new CronBuilder();
-  builder.schedule(schedule);
-  builder.output(z.object({ processed: z.number() }));
-  builder.timeout(timeout);
-  return builder.handle(async () => {
-    return { processed: 10 };
-  });
+	const builder = new CronBuilder();
+	builder.schedule(schedule);
+	builder.output(z.object({ processed: z.number() }));
+	builder.timeout(timeout);
+	return builder.handle(async () => {
+		return { processed: 10 };
+	});
 }
 
 /**
  * Creates a mock build context
  */
 export function createMockBuildContext() {
-  return {
-    envParserPath: './env',
-    envParserImportPattern: 'envParser',
-    loggerPath: './logger',
-    loggerImportPattern: 'logger',
-  };
+	return {
+		envParserPath: './env',
+		envParserImportPattern: 'envParser',
+		loggerPath: './logger',
+		loggerImportPattern: 'logger',
+	};
 }
 
 /**
  * Waits for a condition to be true
  */
 export async function waitFor(
-  condition: () => boolean,
-  timeout = 5000,
-  interval = 100,
+	condition: () => boolean,
+	timeout = 5000,
+	interval = 100,
 ): Promise<void> {
-  const start = Date.now();
-  while (!condition() && Date.now() - start < timeout) {
-    await new Promise((resolve) => setTimeout(resolve, interval));
-  }
-  if (!condition()) {
-    throw new Error('Timeout waiting for condition');
-  }
+	const start = Date.now();
+	while (!condition() && Date.now() - start < timeout) {
+		await new Promise((resolve) => setTimeout(resolve, interval));
+	}
+	if (!condition()) {
+		throw new Error('Timeout waiting for condition');
+	}
 }
 
 import { dirname } from 'node:path';

package/src/auth/__tests__/credentials.spec.ts

@@ -0,0 +1,204 @@
+import { existsSync } from 'node:fs';
+import { mkdir, readFile, rm } from 'node:fs/promises';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { afterEach, beforeEach, describe, expect, it } from 'vitest';
+
+import {
+	getCredentialsDir,
+	getCredentialsPath,
+	getDokployCredentials,
+	getDokployToken,
+	readCredentials,
+	removeDokployCredentials,
+	storeDokployCredentials,
+	writeCredentials,
+} from '../credentials';
+
+describe('credentials storage', () => {
+	let tempDir: string;
+
+	beforeEach(async () => {
+		tempDir = join(tmpdir(), `gkm-auth-test-${Date.now()}`);
+		await mkdir(tempDir, { recursive: true });
+	});
+
+	afterEach(async () => {
+		if (existsSync(tempDir)) {
+			await rm(tempDir, { recursive: true });
+		}
+	});
+
+	describe('path utilities', () => {
+		it('should return credentials dir in specified root directory', () => {
+			const dir = getCredentialsDir({ root: tempDir });
+			expect(dir).toBe(join(tempDir, '.gkm'));
+		});
+
+		it('should return credentials path', () => {
+			const path = getCredentialsPath({ root: tempDir });
+			expect(path).toBe(join(tempDir, '.gkm', 'credentials.json'));
+		});
+	});
+
+	describe('readCredentials / writeCredentials', () => {
+		it('should return empty object when no credentials file exists', async () => {
+			const creds = await readCredentials({ root: tempDir });
+			expect(creds).toEqual({});
+		});
+
+		it('should write and read credentials', async () => {
+			const credentials = {
+				dokploy: {
+					token: 'test-token',
+					endpoint: 'https://dokploy.example.com',
+					storedAt: new Date().toISOString(),
+				},
+			};
+
+			await writeCredentials(credentials, { root: tempDir });
+			const read = await readCredentials({ root: tempDir });
+
+			expect(read).toEqual(credentials);
+		});
+
+		it('should create credentials directory if it does not exist', async () => {
+			const credentials = {
+				dokploy: {
+					token: 'test',
+					endpoint: 'https://test.com',
+					storedAt: new Date().toISOString(),
+				},
+			};
+
+			await writeCredentials(credentials, { root: tempDir });
+
+			expect(existsSync(join(tempDir, '.gkm'))).toBe(true);
+			expect(existsSync(join(tempDir, '.gkm', 'credentials.json'))).toBe(true);
+		});
+
+		it('should set secure file permissions', async () => {
+			const credentials = {
+				dokploy: {
+					token: 'test',
+					endpoint: 'https://test.com',
+					storedAt: new Date().toISOString(),
+				},
+			};
+
+			await writeCredentials(credentials, { root: tempDir });
+
+			// Verify the file was created (we can't easily check permissions in tests)
+			const content = await readFile(
+				getCredentialsPath({ root: tempDir }),
+				'utf-8',
+			);
+			expect(JSON.parse(content)).toEqual(credentials);
+		});
+	});
+
+	describe('storeDokployCredentials', () => {
+		it('should store dokploy credentials', async () => {
+			await storeDokployCredentials('my-token', 'https://dokploy.example.com', {
+				root: tempDir,
+			});
+
+			const creds = await readCredentials({ root: tempDir });
+			expect(creds.dokploy).toBeDefined();
+			expect(creds.dokploy!.token).toBe('my-token');
+			expect(creds.dokploy!.endpoint).toBe('https://dokploy.example.com');
+			expect(creds.dokploy!.storedAt).toBeDefined();
+		});
+
+		it('should overwrite existing credentials', async () => {
+			await storeDokployCredentials('old-token', 'https://old.com', {
+				root: tempDir,
+			});
+			await storeDokployCredentials('new-token', 'https://new.com', {
+				root: tempDir,
+			});
+
+			const creds = await getDokployCredentials({ root: tempDir });
+			expect(creds!.token).toBe('new-token');
+			expect(creds!.endpoint).toBe('https://new.com');
+		});
+	});
+
+	describe('getDokployCredentials', () => {
+		it('should return null when no credentials stored', async () => {
+			const creds = await getDokployCredentials({ root: tempDir });
+			expect(creds).toBeNull();
+		});
+
+		it('should return stored credentials', async () => {
+			await storeDokployCredentials('test-token', 'https://test.com', {
+				root: tempDir,
+			});
+
+			const creds = await getDokployCredentials({ root: tempDir });
+			expect(creds).toEqual({
+				token: 'test-token',
+				endpoint: 'https://test.com',
+			});
+		});
+	});
+
+	describe('removeDokployCredentials', () => {
+		it('should return false when no credentials to remove', async () => {
+			const removed = await removeDokployCredentials({ root: tempDir });
+			expect(removed).toBe(false);
+		});
+
+		it('should remove dokploy credentials', async () => {
+			await storeDokployCredentials('test-token', 'https://test.com', {
+				root: tempDir,
+			});
+
+			const removed = await removeDokployCredentials({ root: tempDir });
+			expect(removed).toBe(true);
+
+			const creds = await getDokployCredentials({ root: tempDir });
+			expect(creds).toBeNull();
+		});
+	});
+
+	describe('getDokployToken', () => {
+		it('should return null when no token available', async () => {
+			const token = await getDokployToken({ root: tempDir });
+			expect(token).toBeNull();
+		});
+
+		it('should return stored token', async () => {
+			await storeDokployCredentials('stored-token', 'https://test.com', {
+				root: tempDir,
+			});
+
+			const token = await getDokployToken({ root: tempDir });
+			expect(token).toBe('stored-token');
+		});
+
+		it('should prefer environment variable over stored token', async () => {
+			await storeDokployCredentials('stored-token', 'https://test.com', {
+				root: tempDir,
+			});
+			process.env.DOKPLOY_API_TOKEN = 'env-token';
+
+			try {
+				const token = await getDokployToken({ root: tempDir });
+				expect(token).toBe('env-token');
+			} finally {
+				delete process.env.DOKPLOY_API_TOKEN;
+			}
+		});
+
+		it('should fall back to stored token when env var not set', async () => {
+			delete process.env.DOKPLOY_API_TOKEN;
+			await storeDokployCredentials('stored-token', 'https://test.com', {
+				root: tempDir,
+			});
+
+			const token = await getDokployToken({ root: tempDir });
+			expect(token).toBe('stored-token');
+		});
+	});
+});

package/src/auth/__tests__/index.spec.ts

@@ -0,0 +1,168 @@
+import { existsSync } from 'node:fs';
+import { mkdir, rm } from 'node:fs/promises';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { HttpResponse, http } from 'msw';
+import { setupServer } from 'msw/node';
+import { afterEach, beforeEach, describe, expect, it } from 'vitest';
+
+import {
+	getDokployCredentials,
+	removeDokployCredentials,
+	storeDokployCredentials,
+} from '../credentials';
+import { maskToken, validateDokployToken } from '../index';
+
+// MSW server for mocking API calls
+const server = setupServer();
+
+describe('auth commands', () => {
+	let tempDir: string;
+
+	beforeEach(async () => {
+		tempDir = join(tmpdir(), `gkm-auth-cmd-test-${Date.now()}`);
+		await mkdir(tempDir, { recursive: true });
+		server.listen({ onUnhandledRequest: 'bypass' });
+	});
+
+	afterEach(async () => {
+		server.resetHandlers();
+		server.close();
+		if (existsSync(tempDir)) {
+			await rm(tempDir, { recursive: true });
+		}
+	});
+
+	describe('validateDokployToken', () => {
+		it('should return true for valid token', async () => {
+			server.use(
+				http.get('https://dokploy.example.com/api/project.all', () => {
+					return HttpResponse.json([{ projectId: 'proj_1', name: 'Test' }]);
+				}),
+			);
+
+			const result = await validateDokployToken(
+				'https://dokploy.example.com',
+				'valid-token',
+			);
+
+			expect(result).toBe(true);
+		});
+
+		it('should return false for invalid token (401)', async () => {
+			server.use(
+				http.get('https://dokploy.example.com/api/project.all', () => {
+					return new HttpResponse(null, { status: 401 });
+				}),
+			);
+
+			const result = await validateDokployToken(
+				'https://dokploy.example.com',
+				'invalid-token',
+			);
+
+			expect(result).toBe(false);
+		});
+
+		it('should return false for server error (500)', async () => {
+			server.use(
+				http.get('https://dokploy.example.com/api/project.all', () => {
+					return new HttpResponse(null, { status: 500 });
+				}),
+			);
+
+			const result = await validateDokployToken(
+				'https://dokploy.example.com',
+				'token',
+			);
+
+			expect(result).toBe(false);
+		});
+
+		it('should return false on network error', async () => {
+			server.use(
+				http.get('https://dokploy.example.com/api/project.all', () => {
+					return HttpResponse.error();
+				}),
+			);
+
+			const result = await validateDokployToken(
+				'https://dokploy.example.com',
+				'token',
+			);
+
+			expect(result).toBe(false);
+		});
+	});
+
+	describe('maskToken', () => {
+		it('should mask long tokens showing first and last 4 chars', () => {
+			expect(maskToken('abcdefghijklmnop')).toBe('abcd...mnop');
+		});
+
+		it('should fully mask tokens 8 chars or less', () => {
+			expect(maskToken('short')).toBe('****');
+			expect(maskToken('12345678')).toBe('****');
+		});
+
+		it('should handle exactly 9 character token', () => {
+			expect(maskToken('123456789')).toBe('1234...6789');
+		});
+
+		it('should handle very long tokens', () => {
+			const longToken = 'a'.repeat(100);
+			expect(maskToken(longToken)).toBe('aaaa...aaaa');
+		});
+
+		it('should handle empty string', () => {
+			expect(maskToken('')).toBe('****');
+		});
+	});
+
+	describe('credentials flow', () => {
+		it('should store and retrieve credentials', async () => {
+			await storeDokployCredentials('my-token', 'https://dokploy.example.com', {
+				root: tempDir,
+			});
+
+			const creds = await getDokployCredentials({ root: tempDir });
+			expect(creds).not.toBeNull();
+			expect(creds!.token).toBe('my-token');
+			expect(creds!.endpoint).toBe('https://dokploy.example.com');
+		});
+
+		it('should remove credentials', async () => {
+			await storeDokployCredentials('my-token', 'https://dokploy.example.com', {
+				root: tempDir,
+			});
+
+			const removed = await removeDokployCredentials({ root: tempDir });
+			expect(removed).toBe(true);
+
+			const creds = await getDokployCredentials({ root: tempDir });
+			expect(creds).toBeNull();
+		});
+
+		it('should return false when removing non-existent credentials', async () => {
+			const removed = await removeDokployCredentials({ root: tempDir });
+			expect(removed).toBe(false);
+		});
+	});
+});
+
+describe('URL normalization', () => {
+	it('should remove trailing slash from endpoint', () => {
+		const endpoint = 'https://dokploy.example.com/'.replace(/\/$/, '');
+		expect(endpoint).toBe('https://dokploy.example.com');
+	});
+
+	it('should not modify endpoint without trailing slash', () => {
+		const endpoint = 'https://dokploy.example.com'.replace(/\/$/, '');
+		expect(endpoint).toBe('https://dokploy.example.com');
+	});
+
+	it('should validate URL format', () => {
+		expect(() => new URL('https://dokploy.example.com')).not.toThrow();
+		expect(() => new URL('invalid-url')).toThrow();
+	});
+});