@imdeadpool/codex-account-switcher 0.1.5 → 0.1.6

package/README.md

@@ -22,9 +22,21 @@ npm i -g @imdeadpool/codex-account-switcher
 ## Usage
 
 ```sh
+# login to Codex and immediately snapshot the refreshed auth session
+codex-auth login [name]
+
+# headless/remote login flow + snapshot
+codex-auth login [name] --device-auth
+
+# force overwrite when reusing a name across different detected identities
+codex-auth login [name] --force
+
 # save the current logged-in token as a named account
 codex-auth save <name>
 
+# force overwrite a name even when it currently maps to a different email
+codex-auth save <name> --force
+
 # switch active account (symlinks on macOS/Linux; copies on Windows)
 codex-auth use <name>
 
@@ -34,16 +46,70 @@ codex-auth use
 # list accounts
 codex-auth list
 
+# list accounts with mapping metadata (email/account/user/usage)
+codex-auth list --details
+
 # show current account name
 codex-auth current
+
+# remove accounts (interactive multi-select)
+codex-auth remove
+
+# remove by selector or all
+codex-auth remove <query>
+codex-auth remove --all
+
+# show auto-switch + service status
+codex-auth status
+
+# auto-switch configuration
+codex-auth config auto enable
+codex-auth config auto disable
+codex-auth config auto --5h 12 --weekly 8
+
+# usage source configuration
+codex-auth config api enable
+codex-auth config api disable
+
+# daemon runtime (internal/service use)
+codex-auth daemon --once
+codex-auth daemon --watch
 ```
 
 ### Command reference
 
-- `codex-auth save <name>` – Validates `<name>`, ensures `auth.json` exists, then snapshots it to `~/.codex/accounts/<name>.json`.
+- `codex-auth save <name> [--force]` – Validates `<name>`, ensures `auth.json` exists, then snapshots it to `~/.codex/accounts/<name>.json`. By default, it blocks overwriting a name when the existing snapshot email differs from current auth. If `name` is omitted, it first tries reusing the active snapshot name when identity matches; otherwise it infers one from auth email.
+- `codex-auth login [name] [--device-auth] [--force]` – Runs `codex login` (optionally with device auth), waits for refreshed auth snapshot detection, then saves it. If `name` is omitted, it always infers one from auth email with unique-suffix handling for multi-workspace identities.
 - `codex-auth use [name]` – Accepts a name or launches an interactive selector with the current account pre-selected. Copies on Windows, creates a symlink elsewhere, and records the active name.
-- `codex-auth list` – Lists all saved snapshots alphabetically and marks the active one with `*`.
+- `codex-auth list [--details]` – Lists all saved snapshots alphabetically and marks the active one with `*`. `--details` adds per-snapshot mapping metadata (email, account id, user id, and usage metadata) for easier session/account troubleshooting.
 - `codex-auth current` – Prints the active account name, or a friendly message if none is active.
+- `codex-auth remove [query|--all]` – Removes snapshots interactively or by selector. If the active account is removed, the best remaining account is activated automatically.
+- `codex-auth status` – Prints auto-switch state, managed service status, active thresholds, and usage mode.
+- `codex-auth config auto ...` – Enables/disables managed auto-switch and updates threshold percentages.
+- `codex-auth config api enable|disable` – Chooses usage source mode (`api` or `local`).
+- `codex-auth daemon --once|--watch` – Runs the auto-switch loop once or continuously.
+
+### Auto-switch behavior
+
+When auto-switch is enabled, the daemon evaluates the active account and switches when either threshold is crossed:
+
+- `5h` remaining `< threshold5h` (default `10%`)
+- `weekly` remaining `< thresholdWeekly` (default `5%`)
+
+Usage refresh is hybrid:
+
+1. API mode (`config api enable`): query ChatGPT usage endpoint for each account.
+2. Local fallback: active account usage can fall back to local session rollout logs when API data is unavailable.
+
+### Managed background service
+
+`codex-auth config auto enable` installs a managed watcher per OS:
+
+- Linux: user `systemd` service
+- macOS: LaunchAgent
+- Windows: Scheduled Task
+
+`codex-auth status` reports whether the managed watcher is active.
 
 Notes:
 

package/dist/commands/config.d.ts

@@ -0,0 +1,15 @@
+import { BaseCommand } from "../lib/base-command";
+export default class ConfigCommand extends BaseCommand {
+    static description: string;
+    static args: {
+        readonly section: import("@oclif/core/lib/interfaces").Arg<string, Record<string, unknown>>;
+        readonly action: import("@oclif/core/lib/interfaces").Arg<string | undefined, Record<string, unknown>>;
+    };
+    static flags: {
+        readonly "5h": import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        readonly weekly: import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+    private handleAutoConfig;
+    private handleApiConfig;
+}

package/dist/commands/config.js

@@ -0,0 +1,81 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const base_command_1 = require("../lib/base-command");
+class ConfigCommand extends base_command_1.BaseCommand {
+    async run() {
+        await this.runSafe(async () => {
+            var _a;
+            const { args, flags } = await this.parse(ConfigCommand);
+            const section = args.section;
+            const action = (_a = args.action) === null || _a === void 0 ? void 0 : _a.toLowerCase();
+            if (section === "auto") {
+                await this.handleAutoConfig(action, flags["5h"], flags.weekly);
+                return;
+            }
+            await this.handleApiConfig(action);
+        });
+    }
+    async handleAutoConfig(action, threshold5h, thresholdWeekly) {
+        const hasThresholds = typeof threshold5h === "number" || typeof thresholdWeekly === "number";
+        if (action === "enable") {
+            if (hasThresholds) {
+                this.error("`config auto` cannot mix enable/disable with threshold flags.");
+            }
+            const status = await this.accounts.setAutoSwitchEnabled(true);
+            this.log(`auto-switch enabled; usage mode: ${status.usageMode === "api" ? "api" : "local-only"}`);
+            return;
+        }
+        if (action === "disable") {
+            if (hasThresholds) {
+                this.error("`config auto` cannot mix enable/disable with threshold flags.");
+            }
+            await this.accounts.setAutoSwitchEnabled(false);
+            this.log("auto-switch disabled");
+            return;
+        }
+        if (action) {
+            this.error(`Unknown action \"${action}\" for \`config auto\`.`);
+        }
+        if (!hasThresholds) {
+            this.error("`config auto` requires `enable`, `disable`, or threshold flags.");
+        }
+        const status = await this.accounts.configureAutoSwitchThresholds({
+            threshold5hPercent: threshold5h,
+            thresholdWeeklyPercent: thresholdWeekly,
+        });
+        this.log(`auto-switch thresholds updated: 5h<${status.threshold5hPercent}%, weekly<${status.thresholdWeeklyPercent}%`);
+    }
+    async handleApiConfig(action) {
+        if (action !== "enable" && action !== "disable") {
+            this.error("`config api` requires `enable` or `disable`.");
+        }
+        const status = await this.accounts.setApiUsageEnabled(action === "enable");
+        this.log(`usage mode: ${status.usageMode}`);
+    }
+}
+ConfigCommand.description = "Manage auto-switch and usage API configuration";
+ConfigCommand.args = {
+    section: core_1.Args.string({
+        name: "section",
+        required: true,
+        options: ["auto", "api"],
+        description: "Config section",
+    }),
+    action: core_1.Args.string({
+        name: "action",
+        required: false,
+        description: "Action for the section",
+    }),
+};
+ConfigCommand.flags = {
+    "5h": core_1.Flags.integer({
+        description: "Set 5h threshold percent (1-100)",
+        required: false,
+    }),
+    weekly: core_1.Flags.integer({
+        description: "Set weekly threshold percent (1-100)",
+        required: false,
+    }),
+};
+exports.default = ConfigCommand;

package/dist/commands/daemon.d.ts

@@ -0,0 +1,9 @@
+import { BaseCommand } from "../lib/base-command";
+export default class DaemonCommand extends BaseCommand {
+    static description: string;
+    static flags: {
+        readonly watch: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+        readonly once: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/daemon.js

@@ -0,0 +1,39 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const base_command_1 = require("../lib/base-command");
+class DaemonCommand extends base_command_1.BaseCommand {
+    async run() {
+        await this.runSafe(async () => {
+            const { flags } = await this.parse(DaemonCommand);
+            const watch = Boolean(flags.watch);
+            const once = Boolean(flags.once);
+            if (watch === once) {
+                this.error("`daemon` requires exactly one of `--watch` or `--once`.");
+            }
+            if (once) {
+                const result = await this.accounts.runAutoSwitchOnce();
+                if (result.switched) {
+                    this.log(`switched: ${result.fromAccount} -> ${result.toAccount}`);
+                }
+                else {
+                    this.log(`no switch: ${result.reason}`);
+                }
+                return;
+            }
+            await this.accounts.runDaemon("watch");
+        });
+    }
+}
+DaemonCommand.description = "Run the background auto-switch daemon";
+DaemonCommand.flags = {
+    watch: core_1.Flags.boolean({
+        description: "Run continuously and evaluate switching every 30s",
+        default: false,
+    }),
+    once: core_1.Flags.boolean({
+        description: "Run one evaluation pass and exit",
+        default: false,
+    }),
+};
+exports.default = DaemonCommand;

package/dist/commands/list.d.ts

@@ -1,5 +1,8 @@
 import { BaseCommand } from "../lib/base-command";
 export default class ListCommand extends BaseCommand {
     static description: string;
+    static flags: {
+        readonly details: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+    };
     run(): Promise<void>;
 }

package/dist/commands/list.js

@@ -1,21 +1,46 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
 const base_command_1 = require("../lib/base-command");
 class ListCommand extends base_command_1.BaseCommand {
     async run() {
         await this.runSafe(async () => {
-            const accounts = await this.accounts.listAccountNames();
-            const current = await this.accounts.getCurrentAccountName();
+            var _a, _b, _c, _d, _e, _f;
+            const { flags } = await this.parse(ListCommand);
+            const detailed = Boolean(flags.details);
+            if (!detailed) {
+                const accounts = await this.accounts.listAccountNames();
+                const current = await this.accounts.getCurrentAccountName();
+                if (!accounts.length) {
+                    this.log("No saved Codex accounts yet. Run `codex-auth save <name>`.");
+                    return;
+                }
+                for (const name of accounts) {
+                    const mark = current === name ? "*" : " ";
+                    this.log(`${mark} ${name}`);
+                }
+                return;
+            }
+            const accounts = await this.accounts.listAccountMappings();
             if (!accounts.length) {
                 this.log("No saved Codex accounts yet. Run `codex-auth save <name>`.");
                 return;
             }
-            for (const name of accounts) {
-                const mark = current === name ? "*" : " ";
-                this.log(`${mark} ${name}`);
+            for (const account of accounts) {
+                const mark = account.active ? "*" : " ";
+                this.log(`${mark} ${account.name}`);
+                this.log(`    email=${(_a = account.email) !== null && _a !== void 0 ? _a : "-"} account=${(_b = account.accountId) !== null && _b !== void 0 ? _b : "-"} user=${(_c = account.userId) !== null && _c !== void 0 ? _c : "-"}`);
+                this.log(`    plan=${(_d = account.planType) !== null && _d !== void 0 ? _d : "-"} usage=${(_e = account.usageSource) !== null && _e !== void 0 ? _e : "-"} lastUsageAt=${(_f = account.lastUsageAt) !== null && _f !== void 0 ? _f : "-"}`);
             }
         });
     }
 }
 ListCommand.description = "List accounts managed under ~/.codex";
+ListCommand.flags = {
+    details: core_1.Flags.boolean({
+        char: "d",
+        description: "Show per-account mapping metadata (email/account/user/usage)",
+        default: false,
+    }),
+};
 exports.default = ListCommand;

package/dist/commands/login.d.ts

@@ -0,0 +1,15 @@
+import { BaseCommand } from "../lib/base-command";
+export default class LoginCommand extends BaseCommand {
+    protected readonly syncExternalAuthBeforeRun = false;
+    static description: string;
+    static args: {
+        readonly name: import("@oclif/core/lib/interfaces").Arg<string | undefined, Record<string, unknown>>;
+    };
+    static flags: {
+        readonly "device-auth": import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+        readonly force: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+    private runCodexLogin;
+    private waitForCodexAuthSnapshot;
+}

package/dist/commands/login.js

@@ -0,0 +1,97 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const node_child_process_1 = require("node:child_process");
+const base_command_1 = require("../lib/base-command");
+const accounts_1 = require("../lib/accounts");
+const auth_parser_1 = require("../lib/accounts/auth-parser");
+const paths_1 = require("../lib/config/paths");
+class LoginCommand extends base_command_1.BaseCommand {
+    constructor() {
+        super(...arguments);
+        this.syncExternalAuthBeforeRun = false;
+    }
+    async run() {
+        await this.runSafe(async () => {
+            const { args, flags } = await this.parse(LoginCommand);
+            const providedName = args.name;
+            const status = await this.accounts.getStatus();
+            if (status.autoSwitchEnabled) {
+                await this.accounts.setAutoSwitchEnabled(false);
+                this.log("Auto-switch disabled before login.");
+            }
+            await this.runCodexLogin(Boolean(flags["device-auth"]));
+            await this.waitForCodexAuthSnapshot();
+            const resolvedName = providedName
+                ? { name: providedName, source: "explicit" }
+                : await this.accounts.resolveLoginAccountNameFromCurrentAuth();
+            const forceOverwrite = Boolean(flags.force);
+            const savedName = await this.accounts.saveAccount(resolvedName.name, {
+                force: forceOverwrite,
+            });
+            const suffix = resolvedName.source === "explicit" ? "" : " (inferred from auth email)";
+            this.log(`Saved current Codex auth tokens as "${savedName}"${suffix}.`);
+        });
+    }
+    async runCodexLogin(deviceAuth) {
+        const loginArgs = deviceAuth ? ["login", "--device-auth"] : ["login"];
+        await new Promise((resolve, reject) => {
+            const child = (0, node_child_process_1.spawn)("codex", loginArgs, {
+                stdio: "inherit",
+            });
+            child.on("error", (error) => {
+                const err = error;
+                if (err.code === "ENOENT") {
+                    reject(new accounts_1.CodexAuthError("`codex` CLI was not found in PATH. Install Codex CLI first, then retry."));
+                    return;
+                }
+                reject(error);
+            });
+            child.on("exit", (code, signal) => {
+                if (code === 0) {
+                    resolve();
+                    return;
+                }
+                if (typeof code === "number") {
+                    reject(new accounts_1.CodexAuthError(`\`codex ${loginArgs.join(" ")}\` failed with exit code ${code}.`));
+                    return;
+                }
+                reject(new accounts_1.CodexAuthError(`\`codex ${loginArgs.join(" ")}\` was terminated by signal ${signal !== null && signal !== void 0 ? signal : "unknown"}.`));
+            });
+        });
+    }
+    async waitForCodexAuthSnapshot() {
+        const authPath = (0, paths_1.resolveAuthPath)();
+        const timeoutMs = 5000;
+        const pollMs = 200;
+        const deadline = Date.now() + timeoutMs;
+        while (Date.now() <= deadline) {
+            const parsed = await (0, auth_parser_1.parseAuthSnapshotFile)(authPath);
+            if (parsed.authMode !== "unknown") {
+                return;
+            }
+            await new Promise((resolve) => setTimeout(resolve, pollMs));
+        }
+        throw new accounts_1.CodexAuthError("Timed out waiting for refreshed Codex auth snapshot after login. Retry `codex-auth login`.");
+    }
+}
+LoginCommand.description = "Run `codex login` and save the resulting ~/.codex/auth.json as a named account (or infer one from auth email)";
+LoginCommand.args = {
+    name: core_1.Args.string({
+        name: "name",
+        required: false,
+        description: "Optional account snapshot name. If omitted, inferred from auth email",
+    }),
+};
+LoginCommand.flags = {
+    "device-auth": core_1.Flags.boolean({
+        description: "Pass through to `codex login --device-auth`",
+        default: false,
+    }),
+    force: core_1.Flags.boolean({
+        char: "f",
+        description: "Force overwrite when the existing snapshot name belongs to a different detected account identity",
+        default: false,
+    }),
+};
+exports.default = LoginCommand;

package/dist/commands/remove.d.ts

@@ -0,0 +1,14 @@
+import { BaseCommand } from "../lib/base-command";
+export default class RemoveCommand extends BaseCommand {
+    static description: string;
+    static args: {
+        readonly query: import("@oclif/core/lib/interfaces").Arg<string | undefined, Record<string, unknown>>;
+    };
+    static flags: {
+        readonly all: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+    private selectQueryMatches;
+    private promptForAccounts;
+    private buildChoiceLabel;
+}

package/dist/commands/remove.js

@@ -0,0 +1,104 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const prompts_1 = __importDefault(require("prompts"));
+const base_command_1 = require("../lib/base-command");
+const accounts_1 = require("../lib/accounts");
+class RemoveCommand extends base_command_1.BaseCommand {
+    async run() {
+        await this.runSafe(async () => {
+            const { args, flags } = await this.parse(RemoveCommand);
+            const query = args.query;
+            const removeAll = Boolean(flags.all);
+            if (query && removeAll) {
+                this.error("`remove` cannot combine a query with `--all`.");
+            }
+            let selectedNames;
+            if (removeAll) {
+                selectedNames = (await this.accounts.listAccountNames()).slice();
+            }
+            else if (query) {
+                selectedNames = await this.selectQueryMatches(query);
+            }
+            else {
+                selectedNames = await this.promptForAccounts(await this.accounts.listAccountChoices());
+            }
+            if (selectedNames.length === 0) {
+                throw new accounts_1.InvalidRemoveSelectionError();
+            }
+            const result = await this.accounts.removeAccounts(selectedNames);
+            this.log(`Removed ${result.removed.length} account(s): ${result.removed.join(", ")}`);
+            if (result.activated) {
+                this.log(`Activated fallback account: ${result.activated}`);
+            }
+        });
+    }
+    async selectQueryMatches(query) {
+        const matches = await this.accounts.findMatchingAccounts(query);
+        if (matches.length === 0) {
+            throw new accounts_1.AccountNotFoundError(query);
+        }
+        if (matches.length === 1) {
+            return [matches[0].name];
+        }
+        if (!process.stdin.isTTY) {
+            this.error(`Query "${query}" matched multiple accounts in non-interactive mode. Refine the query or run with a TTY.`);
+        }
+        return this.promptForAccounts(matches);
+    }
+    async promptForAccounts(choices) {
+        if (choices.length === 0) {
+            throw new accounts_1.AccountNotFoundError("*");
+        }
+        const response = await (0, prompts_1.default)({
+            type: "multiselect",
+            name: "accounts",
+            message: "Select accounts to remove",
+            choices: choices.map((choice) => ({
+                title: this.buildChoiceLabel(choice),
+                value: choice.name,
+                selected: false,
+            })),
+            instructions: false,
+            hint: "Space to toggle, Enter to confirm",
+        }, {
+            onCancel: () => {
+                throw new accounts_1.PromptCancelledError();
+            },
+        });
+        const accounts = response.accounts;
+        if (!accounts) {
+            throw new accounts_1.PromptCancelledError();
+        }
+        return accounts;
+    }
+    buildChoiceLabel(choice) {
+        const parts = [choice.name];
+        if (choice.email) {
+            parts.push(`<${choice.email}>`);
+        }
+        if (choice.active) {
+            parts.push("(active)");
+        }
+        return parts.join(" ");
+    }
+}
+RemoveCommand.description = "Remove accounts with interactive multi-select";
+RemoveCommand.args = {
+    query: core_1.Args.string({
+        name: "query",
+        required: false,
+        description: "Account selector by name or email fragment",
+    }),
+};
+RemoveCommand.flags = {
+    all: core_1.Flags.boolean({
+        char: "a",
+        description: "Remove all saved accounts",
+        default: false,
+    }),
+};
+exports.default = RemoveCommand;

package/dist/commands/save.d.ts

@@ -2,7 +2,10 @@ import { BaseCommand } from "../lib/base-command";
 export default class SaveCommand extends BaseCommand {
     static description: string;
     static args: {
-        readonly name: import("@oclif/core/lib/interfaces").Arg<string, Record<string, unknown>>;
+        readonly name: import("@oclif/core/lib/interfaces").Arg<string | undefined, Record<string, unknown>>;
+    };
+    static flags: {
+        readonly force: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
     };
     run(): Promise<void>;
 }

package/dist/commands/save.js

@@ -5,18 +5,36 @@ const base_command_1 = require("../lib/base-command");
 class SaveCommand extends base_command_1.BaseCommand {
     async run() {
         await this.runSafe(async () => {
-            const { args } = await this.parse(SaveCommand);
-            const savedName = await this.accounts.saveAccount(args.name);
-            this.log(`Saved current Codex auth tokens as "${savedName}".`);
+            const { args, flags } = await this.parse(SaveCommand);
+            const providedName = args.name;
+            const resolvedName = providedName
+                ? { name: providedName, source: "explicit" }
+                : await this.accounts.resolveDefaultAccountNameFromCurrentAuth();
+            const savedName = await this.accounts.saveAccount(resolvedName.name, {
+                force: Boolean(flags.force),
+            });
+            const suffix = resolvedName.source === "explicit"
+                ? ""
+                : resolvedName.source === "active"
+                    ? " (reused active account name)"
+                    : " (inferred from auth email)";
+            this.log(`Saved current Codex auth tokens as "${savedName}"${suffix}.`);
         });
     }
 }
-SaveCommand.description = "Save the current ~/.codex/auth.json as a named account";
+SaveCommand.description = "Save the current ~/.codex/auth.json as a named account (or infer one from auth email)";
 SaveCommand.args = {
     name: core_1.Args.string({
         name: "name",
-        required: true,
-        description: "Name for the account snapshot",
+        required: false,
+        description: "Optional account snapshot name. If omitted, inferred from auth email",
+    }),
+};
+SaveCommand.flags = {
+    force: core_1.Flags.boolean({
+        char: "f",
+        description: "Force overwrite when the existing snapshot name belongs to a different email account",
+        default: false,
     }),
 };
 exports.default = SaveCommand;

package/dist/commands/status.d.ts

@@ -0,0 +1,5 @@
+import { BaseCommand } from "../lib/base-command";
+export default class StatusCommand extends BaseCommand {
+    static description: string;
+    run(): Promise<void>;
+}

package/dist/commands/status.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const base_command_1 = require("../lib/base-command");
+class StatusCommand extends base_command_1.BaseCommand {
+    async run() {
+        await this.runSafe(async () => {
+            const status = await this.accounts.getStatus();
+            this.log(`auto-switch: ${status.autoSwitchEnabled ? "ON" : "OFF"}`);
+            this.log(`service: ${status.serviceState}`);
+            this.log(`thresholds: 5h<${status.threshold5hPercent}%, weekly<${status.thresholdWeeklyPercent}%`);
+            this.log(`usage: ${status.usageMode}`);
+        });
+    }
+}
+StatusCommand.description = "Show auto-switch, service, and usage status";
+exports.default = StatusCommand;