@instafy/cli 0.1.8-staging.350 → 0.1.8-staging.353

package/README.md

@@ -7,6 +7,7 @@ Run Instafy projects locally and connect them back to Instafy Studio — from an
 ## Quickstart
 
 0. Log in once: `instafy login`
+   - Opens a Studio URL; the CLI continues automatically after you sign in.
    - Also enables Git auth (credential helper) for Instafy Git Service. Disable with `instafy login --no-git-setup`.
    - Optional: set defaults with `instafy config set controller-url <url>` / `instafy config set studio-url <url>`
 1. Link a folder to a project:

package/dist/auth.js

@@ -1,7 +1,9 @@
 import kleur from "kleur";
+import { randomBytes } from "node:crypto";
+import * as http from "node:http";
 import { createInterface } from "node:readline/promises";
 import { stdin as input, stdout as output } from "node:process";
-import { clearInstafyCliConfig, getInstafyConfigPath, resolveConfiguredStudioUrl, resolveControllerUrl, resolveUserAccessToken, writeInstafyCliConfig, } from "./config.js";
+import { clearInstafyCliConfig, getInstafyConfigPath, resolveConfiguredControllerUrl, resolveConfiguredStudioUrl, resolveUserAccessToken, writeInstafyCliConfig, } from "./config.js";
 import { installGitCredentialHelper, uninstallGitCredentialHelper } from "./git-setup.js";
 function normalizeUrl(raw) {
     const trimmed = typeof raw === "string" ? raw.trim() : "";
@@ -37,8 +39,177 @@ function deriveDefaultStudioUrl(controllerUrl) {
     }
     return "https://staging.instafy.dev";
 }
+async function isControllerHealthy(controllerUrl, timeoutMs) {
+    const target = `${controllerUrl.replace(/\/$/, "")}/healthz`;
+    const abort = new AbortController();
+    const timeout = setTimeout(() => abort.abort(), timeoutMs);
+    timeout.unref?.();
+    try {
+        const response = await fetch(target, { signal: abort.signal });
+        return response.ok;
+    }
+    catch {
+        return false;
+    }
+    finally {
+        clearTimeout(timeout);
+    }
+}
+function readRequestBody(request, maxBytes = 1000000) {
+    return new Promise((resolve, reject) => {
+        let buffer = "";
+        request.setEncoding("utf8");
+        request.on("data", (chunk) => {
+            buffer += chunk;
+            if (buffer.length > maxBytes) {
+                reject(new Error("Request body too large."));
+                request.destroy();
+            }
+        });
+        request.on("end", () => resolve(buffer));
+        request.on("error", (error) => reject(error));
+    });
+}
+function applyCorsHeaders(request, response) {
+    const origin = typeof request.headers.origin === "string" ? request.headers.origin : "";
+    if (origin) {
+        response.setHeader("access-control-allow-origin", origin);
+        response.setHeader("vary", "origin");
+    }
+    else {
+        response.setHeader("access-control-allow-origin", "*");
+    }
+    response.setHeader("access-control-allow-methods", "POST, OPTIONS");
+    response.setHeader("access-control-allow-headers", "content-type");
+    // Private Network Access preflight (Chrome): allow https -> http://127.0.0.1 callbacks.
+    if (request.headers["access-control-request-private-network"] === "true") {
+        response.setHeader("access-control-allow-private-network", "true");
+    }
+}
+async function startCliLoginCallbackServer() {
+    const state = randomBytes(16).toString("hex");
+    let resolved = false;
+    let resolveToken = null;
+    let rejectToken = null;
+    const tokenPromise = new Promise((resolve, reject) => {
+        resolveToken = resolve;
+        rejectToken = reject;
+    });
+    const server = http.createServer(async (request, response) => {
+        applyCorsHeaders(request, response);
+        if (request.method === "OPTIONS") {
+            response.statusCode = 204;
+            response.end();
+            return;
+        }
+        const url = new URL(request.url ?? "/", "http://127.0.0.1");
+        if (request.method !== "POST" || url.pathname !== "/callback") {
+            response.statusCode = 404;
+            response.setHeader("content-type", "application/json");
+            response.end(JSON.stringify({ ok: false, error: "Not found" }));
+            return;
+        }
+        if (resolved) {
+            response.statusCode = 409;
+            response.setHeader("content-type", "application/json");
+            response.end(JSON.stringify({ ok: false, error: "Already completed" }));
+            return;
+        }
+        try {
+            const body = await readRequestBody(request);
+            const contentType = typeof request.headers["content-type"] === "string" ? request.headers["content-type"] : "";
+            let parsedToken = null;
+            let parsedState = null;
+            if (contentType.includes("application/json")) {
+                const json = JSON.parse(body);
+                parsedToken = typeof json.token === "string" ? json.token : null;
+                parsedState = typeof json.state === "string" ? json.state : null;
+            }
+            else {
+                const params = new URLSearchParams(body);
+                parsedToken = params.get("token");
+                parsedState = params.get("state");
+            }
+            const token = normalizeToken(parsedToken);
+            const receivedState = normalizeToken(parsedState);
+            if (!token) {
+                response.statusCode = 400;
+                response.setHeader("content-type", "application/json");
+                response.end(JSON.stringify({ ok: false, error: "Missing token" }));
+                return;
+            }
+            if (!receivedState || receivedState !== state) {
+                response.statusCode = 403;
+                response.setHeader("content-type", "application/json");
+                response.end(JSON.stringify({ ok: false, error: "Invalid state" }));
+                return;
+            }
+            resolved = true;
+            response.statusCode = 200;
+            response.setHeader("content-type", "application/json");
+            response.end(JSON.stringify({ ok: true }));
+            resolveToken?.(token);
+            resolveToken = null;
+        }
+        catch (error) {
+            response.statusCode = 500;
+            response.setHeader("content-type", "application/json");
+            response.end(JSON.stringify({ ok: false, error: error instanceof Error ? error.message : String(error) }));
+        }
+    });
+    await new Promise((resolve, reject) => {
+        server.once("error", reject);
+        server.listen(0, "127.0.0.1", () => resolve());
+    });
+    const address = server.address();
+    if (!address || typeof address !== "object" || typeof address.port !== "number") {
+        server.close();
+        throw new Error("Failed to start login callback server.");
+    }
+    return {
+        callbackUrl: `http://127.0.0.1:${address.port}/callback`,
+        state,
+        waitForToken: async (timeoutMs) => {
+            if (!Number.isFinite(timeoutMs) || timeoutMs <= 0) {
+                return tokenPromise;
+            }
+            const timeout = setTimeout(() => {
+                if (resolved)
+                    return;
+                resolved = true;
+                rejectToken?.(new Error("Timed out waiting for browser login. Copy the token and paste it into the CLI instead."));
+                rejectToken = null;
+            }, timeoutMs);
+            timeout.unref?.();
+            try {
+                return await tokenPromise;
+            }
+            finally {
+                clearTimeout(timeout);
+            }
+        },
+        cancel: () => {
+            if (resolved)
+                return;
+            resolved = true;
+            rejectToken?.(new Error("Login cancelled."));
+            rejectToken = null;
+            resolveToken = null;
+        },
+        close: () => server.close(),
+    };
+}
 export async function login(options) {
-    const controllerUrl = resolveControllerUrl({ controllerUrl: options.controllerUrl ?? null });
+    const explicitControllerUrl = normalizeUrl(options.controllerUrl ?? null) ??
+        normalizeUrl(process.env["INSTAFY_SERVER_URL"] ?? null) ??
+        normalizeUrl(process.env["CONTROLLER_BASE_URL"] ?? null) ??
+        resolveConfiguredControllerUrl();
+    const defaultLocalControllerUrl = "http://127.0.0.1:8788";
+    const defaultHostedControllerUrl = "https://controller.instafy.dev";
+    const controllerUrl = explicitControllerUrl ??
+        ((await isControllerHealthy(defaultLocalControllerUrl, 250))
+            ? defaultLocalControllerUrl
+            : defaultHostedControllerUrl);
     const studioUrl = normalizeUrl(options.studioUrl ?? null) ??
         normalizeUrl(process.env["INSTAFY_STUDIO_URL"] ?? null) ??
         resolveConfiguredStudioUrl() ??
@@ -49,17 +220,97 @@ export async function login(options) {
         console.log(JSON.stringify({ url: url.toString(), configPath: getInstafyConfigPath() }));
         return;
     }
+    let callbackServer = null;
+    const provided = normalizeToken(options.token ?? null);
+    if (!provided) {
+        try {
+            callbackServer = await startCliLoginCallbackServer();
+            url.searchParams.set("cliCallbackUrl", callbackServer.callbackUrl);
+            url.searchParams.set("cliState", callbackServer.state);
+        }
+        catch {
+            callbackServer = null;
+        }
+    }
     console.log(kleur.green("Instafy CLI login"));
     console.log("");
     console.log("1) Open this URL in your browser:");
     console.log(kleur.cyan(url.toString()));
     console.log("");
-    console.log("2) After you sign in, copy the token shown on that page.");
+    if (callbackServer) {
+        console.log("2) Sign in — this terminal should continue automatically.");
+        console.log(kleur.gray("If it doesn't, copy the token shown on that page and paste it here."));
+    }
+    else {
+        console.log("2) After you sign in, copy the token shown on that page.");
+    }
     console.log("");
-    const provided = normalizeToken(options.token ?? null);
     const existing = resolveUserAccessToken();
     let token = provided;
+    if (!token && callbackServer) {
+        if (input.isTTY) {
+            console.log(kleur.gray("Waiting for browser login…"));
+            console.log(kleur.gray("If it doesn't continue, paste the token here and press Enter."));
+            console.log("");
+            const rl = createInterface({ input, output });
+            const abort = new AbortController();
+            const manualTokenPromise = (async () => {
+                while (true) {
+                    const answer = await rl.question("Paste token (or wait): ", { signal: abort.signal });
+                    const candidate = normalizeToken(answer);
+                    if (candidate) {
+                        return candidate;
+                    }
+                }
+            })();
+            try {
+                const result = await Promise.race([
+                    callbackServer
+                        .waitForToken(10 * 60000)
+                        .then((tokenValue) => ({ source: "browser", token: tokenValue })),
+                    manualTokenPromise.then((tokenValue) => ({ source: "manual", token: tokenValue })),
+                ]);
+                token = result.token;
+                if (result.source === "browser") {
+                    abort.abort();
+                }
+                else {
+                    callbackServer.cancel();
+                }
+            }
+            catch (_error) {
+                // If browser login fails, keep waiting for a pasted token.
+                token = await manualTokenPromise;
+                callbackServer.cancel();
+            }
+            finally {
+                try {
+                    rl.close();
+                }
+                catch {
+                    // ignore
+                }
+                callbackServer.close();
+                callbackServer = null;
+            }
+        }
+        else {
+            try {
+                token = await callbackServer.waitForToken(10 * 60000);
+            }
+            catch (_error) {
+                // Ignore and fall back to manual copy/paste if possible.
+            }
+            finally {
+                callbackServer.close();
+                callbackServer = null;
+            }
+        }
+    }
     if (!token) {
+        if (!input.isTTY) {
+            throw new Error("No token provided.");
+        }
         const rl = createInterface({ input, output });
         try {
             token = normalizeToken(await rl.question("Paste token: "));

package/dist/config.js

@@ -106,6 +106,7 @@ export function resolveUserAccessToken(params) {
     return (normalizeToken(params?.accessToken ?? null) ??
         normalizeToken(process.env["INSTAFY_ACCESS_TOKEN"] ?? null) ??
         normalizeToken(process.env["CONTROLLER_ACCESS_TOKEN"] ?? null) ??
+        normalizeToken(process.env["RUNTIME_ACCESS_TOKEN"] ?? null) ??
         normalizeToken(process.env["SUPABASE_ACCESS_TOKEN"] ?? null) ??
         normalizeToken(config.accessToken ?? null));
 }

package/dist/git.js

@@ -25,6 +25,7 @@ function resolveControllerAccessToken(options) {
     return (normalizeToken(options.controllerAccessToken) ??
         normalizeToken(process.env["INSTAFY_ACCESS_TOKEN"]) ??
         normalizeToken(process.env["CONTROLLER_ACCESS_TOKEN"]) ??
+        normalizeToken(process.env["RUNTIME_ACCESS_TOKEN"]) ??
         normalizeToken(options.supabaseAccessToken) ??
         readTokenFromFile(options.supabaseAccessTokenFile) ??
         normalizeToken(process.env["SUPABASE_ACCESS_TOKEN"]) ??

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@instafy/cli",
-  "version": "0.1.8-staging.350",
+  "version": "0.1.8-staging.353",
   "description": "Run Instafy projects locally, link folders to Studio, and share previews/webhooks via tunnels.",
   "private": false,
   "publishConfig": {