@ishlabs/cli 0.12.1 → 0.12.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.d.ts +5 -3
- package/dist/auth.js +22 -16
- package/dist/index.js +1 -1
- package/package.json +1 -1
package/dist/auth.d.ts
CHANGED
|
@@ -18,8 +18,8 @@
|
|
|
18
18
|
* server's `local` mode keeps reading them without changes.
|
|
19
19
|
*/
|
|
20
20
|
export declare function getAppUrl(): string;
|
|
21
|
-
export declare function getSupabaseUrl(): string;
|
|
22
|
-
export declare function getSupabaseAnonKey(): string;
|
|
21
|
+
export declare function getSupabaseUrl(dev?: boolean): string;
|
|
22
|
+
export declare function getSupabaseAnonKey(dev?: boolean): string;
|
|
23
23
|
/**
|
|
24
24
|
* Resolve the Supabase project (URL + anon key) that issued the given JWT.
|
|
25
25
|
* Falls back to env vars / production defaults when the token is unparsable
|
|
@@ -32,7 +32,9 @@ export declare function resolveSupabaseProjectFromToken(accessToken: string | un
|
|
|
32
32
|
export declare function decodeJwtExp(token: string): number;
|
|
33
33
|
export declare function decodeJwtClaims(token: string): Record<string, unknown> | undefined;
|
|
34
34
|
export declare function isTokenExpired(token: string, bufferSeconds?: number): boolean;
|
|
35
|
-
export declare function login(
|
|
35
|
+
export declare function login(opts?: {
|
|
36
|
+
dev?: boolean;
|
|
37
|
+
}): Promise<{
|
|
36
38
|
accessToken: string;
|
|
37
39
|
refreshToken: string;
|
|
38
40
|
clientId: string;
|
package/dist/auth.js
CHANGED
|
@@ -29,26 +29,32 @@ const DEFAULT_APP_URL = "https://app.ishlabs.io";
|
|
|
29
29
|
// must send refresh requests back to that same project (with its matching
|
|
30
30
|
// publishable/anon key) or Supabase will reject them.
|
|
31
31
|
const SUPABASE_PROJECTS = {
|
|
32
|
-
//
|
|
33
|
-
"muqvgnqyubmqnfnqwxuk.supabase.co": {
|
|
34
|
-
url: "https://muqvgnqyubmqnfnqwxuk.supabase.co",
|
|
35
|
-
anonKey: "sb_publishable_pxXwY9EaWFwkR7h728NWvQ_NFqGfh8K",
|
|
36
|
-
},
|
|
37
|
-
// Production
|
|
32
|
+
// Production (default — end users hit this)
|
|
38
33
|
"hngymyxdyamokpbeakps.supabase.co": {
|
|
39
34
|
url: "https://hngymyxdyamokpbeakps.supabase.co",
|
|
40
35
|
anonKey: "sb_publishable_JlS-HfwNyDqLNbrfbrkUlw_PSdZJdo2",
|
|
41
36
|
},
|
|
37
|
+
// Development (opt-in via --dev or ISH_SUPABASE_URL/_ANON_KEY env vars)
|
|
38
|
+
"muqvgnqyubmqnfnqwxuk.supabase.co": {
|
|
39
|
+
url: "https://muqvgnqyubmqnfnqwxuk.supabase.co",
|
|
40
|
+
anonKey: "sb_publishable_pxXwY9EaWFwkR7h728NWvQ_NFqGfh8K",
|
|
41
|
+
},
|
|
42
42
|
};
|
|
43
|
-
const
|
|
43
|
+
const PROD_SUPABASE_PROJECT = SUPABASE_PROJECTS["hngymyxdyamokpbeakps.supabase.co"];
|
|
44
|
+
const DEV_SUPABASE_PROJECT = SUPABASE_PROJECTS["muqvgnqyubmqnfnqwxuk.supabase.co"];
|
|
44
45
|
export function getAppUrl() {
|
|
45
46
|
return process.env.ISH_APP_URL ?? DEFAULT_APP_URL;
|
|
46
47
|
}
|
|
47
|
-
|
|
48
|
-
|
|
48
|
+
// Precedence (matches resolveApiUrl): --dev > ISH_SUPABASE_URL env > prod default.
|
|
49
|
+
export function getSupabaseUrl(dev) {
|
|
50
|
+
if (dev)
|
|
51
|
+
return DEV_SUPABASE_PROJECT.url;
|
|
52
|
+
return process.env.ISH_SUPABASE_URL ?? PROD_SUPABASE_PROJECT.url;
|
|
49
53
|
}
|
|
50
|
-
export function getSupabaseAnonKey() {
|
|
51
|
-
|
|
54
|
+
export function getSupabaseAnonKey(dev) {
|
|
55
|
+
if (dev)
|
|
56
|
+
return DEV_SUPABASE_PROJECT.anonKey;
|
|
57
|
+
return process.env.ISH_SUPABASE_ANON_KEY ?? PROD_SUPABASE_PROJECT.anonKey;
|
|
52
58
|
}
|
|
53
59
|
/**
|
|
54
60
|
* Resolve the Supabase project (URL + anon key) that issued the given JWT.
|
|
@@ -73,7 +79,7 @@ export function resolveSupabaseProjectFromToken(accessToken) {
|
|
|
73
79
|
// default key for apikey (best-effort; will likely fail without env override).
|
|
74
80
|
return {
|
|
75
81
|
url: `https://${host}`,
|
|
76
|
-
anonKey: envKey ??
|
|
82
|
+
anonKey: envKey ?? PROD_SUPABASE_PROJECT.anonKey,
|
|
77
83
|
};
|
|
78
84
|
}
|
|
79
85
|
}
|
|
@@ -82,8 +88,8 @@ export function resolveSupabaseProjectFromToken(accessToken) {
|
|
|
82
88
|
}
|
|
83
89
|
}
|
|
84
90
|
return {
|
|
85
|
-
url: envUrl ??
|
|
86
|
-
anonKey: envKey ??
|
|
91
|
+
url: envUrl ?? PROD_SUPABASE_PROJECT.url,
|
|
92
|
+
anonKey: envKey ?? PROD_SUPABASE_PROJECT.anonKey,
|
|
87
93
|
};
|
|
88
94
|
}
|
|
89
95
|
// --- Browser open ---
|
|
@@ -221,8 +227,8 @@ function generatePkcePair() {
|
|
|
221
227
|
const challenge = crypto.createHash("sha256").update(verifier).digest("base64url");
|
|
222
228
|
return { verifier, challenge };
|
|
223
229
|
}
|
|
224
|
-
export async function login() {
|
|
225
|
-
const supabaseUrl = getSupabaseUrl();
|
|
230
|
+
export async function login(opts = {}) {
|
|
231
|
+
const supabaseUrl = getSupabaseUrl(opts.dev);
|
|
226
232
|
const server = await startCallbackServer();
|
|
227
233
|
const redirectUri = `http://127.0.0.1:${server.port}/callback`;
|
|
228
234
|
try {
|
package/dist/index.js
CHANGED
|
@@ -89,7 +89,7 @@ program
|
|
|
89
89
|
.description("Authenticate with ish via your browser")
|
|
90
90
|
.action(async (_opts, cmd) => {
|
|
91
91
|
await runInline(cmd, async (globals) => {
|
|
92
|
-
const tokens = await login();
|
|
92
|
+
const tokens = await login({ dev: globals.dev });
|
|
93
93
|
const config = loadConfig();
|
|
94
94
|
config.access_token = tokens.accessToken;
|
|
95
95
|
config.refresh_token = tokens.refreshToken;
|