npm - @keywaysh/cli - Versions diffs - 0.1.0 → 0.1.2 - Mend

@keywaysh/cli 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/auth-QLPQ24HZ.js ADDED Viewed

@@ -0,0 +1,12 @@
+import {
+  clearAuth,
+  getAuthFilePath,
+  getStoredAuth,
+  saveAuthToken
+} from "./chunk-F4C46224.js";
+export {
+  clearAuth,
+  getAuthFilePath,
+  getStoredAuth,
+  saveAuthToken
+};

package/dist/chunk-F4C46224.js ADDED Viewed

@@ -0,0 +1,102 @@
+// src/utils/auth.ts
+import Conf from "conf";
+import { createCipheriv, createDecipheriv, randomBytes } from "crypto";
+import { existsSync, readFileSync, writeFileSync, mkdirSync, chmodSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+var store = new Conf({
+  projectName: "keyway",
+  configName: "config",
+  fileMode: 384
+});
+var KEY_DIR = join(homedir(), ".keyway");
+var KEY_FILE = join(KEY_DIR, ".key");
+function getOrCreateEncryptionKey() {
+  if (!existsSync(KEY_DIR)) {
+    mkdirSync(KEY_DIR, { recursive: true, mode: 448 });
+  }
+  if (existsSync(KEY_FILE)) {
+    const keyHex2 = readFileSync(KEY_FILE, "utf-8").trim();
+    if (keyHex2.length === 64) {
+      return Buffer.from(keyHex2, "hex");
+    }
+  }
+  const key = randomBytes(32);
+  const keyHex = key.toString("hex");
+  writeFileSync(KEY_FILE, keyHex, { mode: 384 });
+  try {
+    chmodSync(KEY_FILE, 384);
+  } catch {
+  }
+  return key;
+}
+function encryptToken(token) {
+  const key = getOrCreateEncryptionKey();
+  const iv = randomBytes(16);
+  const cipher = createCipheriv("aes-256-gcm", key, iv);
+  const encrypted = Buffer.concat([cipher.update(token, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return `${iv.toString("hex")}:${authTag.toString("hex")}:${encrypted.toString("hex")}`;
+}
+function decryptToken(encryptedData) {
+  const key = getOrCreateEncryptionKey();
+  const parts = encryptedData.split(":");
+  if (parts.length !== 3) {
+    throw new Error("Invalid encrypted token format");
+  }
+  const iv = Buffer.from(parts[0], "hex");
+  const authTag = Buffer.from(parts[1], "hex");
+  const encrypted = Buffer.from(parts[2], "hex");
+  const decipher = createDecipheriv("aes-256-gcm", key, iv);
+  decipher.setAuthTag(authTag);
+  const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
+  return decrypted.toString("utf8");
+}
+function isExpired(auth) {
+  if (!auth.expiresAt) return false;
+  const expires = Date.parse(auth.expiresAt);
+  if (Number.isNaN(expires)) return false;
+  return expires <= Date.now();
+}
+async function getStoredAuth() {
+  const encryptedData = store.get("auth");
+  if (!encryptedData) {
+    return null;
+  }
+  try {
+    const decrypted = decryptToken(encryptedData);
+    const auth = JSON.parse(decrypted);
+    if (isExpired(auth)) {
+      clearAuth();
+      return null;
+    }
+    return auth;
+  } catch {
+    console.error("Failed to decrypt stored auth, clearing...");
+    clearAuth();
+    return null;
+  }
+}
+async function saveAuthToken(token, meta) {
+  const auth = {
+    keywayToken: token,
+    githubLogin: meta?.githubLogin,
+    expiresAt: meta?.expiresAt,
+    createdAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  const encrypted = encryptToken(JSON.stringify(auth));
+  store.set("auth", encrypted);
+}
+function clearAuth() {
+  store.delete("auth");
+}
+function getAuthFilePath() {
+  return store.path;
+}
+export {
+  getStoredAuth,
+  saveAuthToken,
+  clearAuth,
+  getAuthFilePath
+};