@l4yercak3/cli 1.1.5 → 1.1.6

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@l4yercak3/cli",
-  "version": "1.1.5",
+  "version": "1.1.6",
   "description": "Icing on the L4yercak3 - The sweet finishing touch for your Layer Cake integration",
   "main": "src/index.js",
   "bin": {

package/src/api/backend-client.js

@@ -121,6 +121,26 @@ class BackendClient {
     }
   }
 
+  /**
+   * Revoke CLI session (logout on backend)
+   * This cleans up the session from the database
+   */
+  async revokeSession() {
+    try {
+      const session = configManager.getSession();
+      if (!session || !session.token) {
+        return { success: true }; // Nothing to revoke
+      }
+
+      return await this.request('POST', '/api/v1/auth/cli/revoke');
+    } catch (error) {
+      // Even if revoke fails, we'll clear locally
+      // Log but don't throw - user still wants to logout
+      console.error('Warning: Could not revoke session on backend:', error.message);
+      return { success: false, error: error.message };
+    }
+  }
+
   /**
    * Get CLI login URL with state parameter for CSRF protection
    * Browser login is served by Next.js at APP_URL (not the Convex API URL)

package/src/commands/login.js

@@ -156,9 +156,12 @@ async function handleLogin() {
         await promptSetupWizard();
         return;
       } else {
-        // Session is invalid on backend - clear it and proceed to login
+        // Session is invalid on backend - revoke it and proceed to login
         console.log(chalk.yellow('  ⚠️  Your session has expired or is invalid'));
-        console.log(chalk.gray('  Starting fresh login...\n'));
+        console.log(chalk.gray('  Revoking old session and starting fresh login...\n'));
+
+        // Try to revoke the old session on backend (cleanup)
+        await backendClient.revokeSession();
         configManager.clearSession();
       }
     }

package/src/commands/logout.js

@@ -1,9 +1,10 @@
 /**
  * Logout Command
- * Clears CLI session
+ * Clears CLI session both locally and on the backend
  */
 
 const configManager = require('../config/config-manager');
+const backendClient = require('../api/backend-client');
 const chalk = require('chalk');
 
 async function handleLogout() {
@@ -12,6 +13,11 @@ async function handleLogout() {
     return;
   }
 
+  // Revoke session on backend first (cleans up database)
+  console.log(chalk.gray('  Revoking session...'));
+  await backendClient.revokeSession();
+
+  // Clear local session
   configManager.clearSession();
   console.log(chalk.green('  ✅ Successfully logged out\n'));
 }

package/tests/backend-client.test.js

@@ -248,6 +248,58 @@ describe('BackendClient', () => {
     });
   });
 
+  describe('revokeSession', () => {
+    it('calls revoke endpoint when session exists', async () => {
+      configManager.getSession.mockReturnValue({ token: 'test-token' });
+      const mockResponse = {
+        ok: true,
+        json: jest.fn().mockResolvedValue({ success: true }),
+      };
+      fetch.mockResolvedValue(mockResponse);
+
+      const result = await BackendClient.revokeSession();
+
+      expect(fetch).toHaveBeenCalledWith(
+        expect.stringContaining('/api/v1/auth/cli/revoke'),
+        expect.objectContaining({ method: 'POST' })
+      );
+      expect(result.success).toBe(true);
+    });
+
+    it('returns success when no session exists', async () => {
+      configManager.getSession.mockReturnValue(null);
+
+      const result = await BackendClient.revokeSession();
+
+      expect(fetch).not.toHaveBeenCalled();
+      expect(result.success).toBe(true);
+    });
+
+    it('returns success when session has no token', async () => {
+      configManager.getSession.mockReturnValue({ expiresAt: Date.now() });
+
+      const result = await BackendClient.revokeSession();
+
+      expect(fetch).not.toHaveBeenCalled();
+      expect(result.success).toBe(true);
+    });
+
+    it('returns failure but does not throw on error', async () => {
+      configManager.getSession.mockReturnValue({ token: 'test-token' });
+      fetch.mockRejectedValue(new Error('Revoke failed'));
+
+      // Suppress console.error for this test
+      const consoleSpy = jest.spyOn(console, 'error').mockImplementation(() => {});
+
+      const result = await BackendClient.revokeSession();
+
+      expect(result.success).toBe(false);
+      expect(result.error).toBe('Revoke failed');
+
+      consoleSpy.mockRestore();
+    });
+  });
+
   describe('generateState', () => {
     it('generates a 64-character hex string', () => {
       const state = BackendClient.generateState();

package/tests/commands/logout.test.js

@@ -3,12 +3,15 @@
  */
 
 jest.mock('../../src/config/config-manager');
+jest.mock('../../src/api/backend-client');
 jest.mock('chalk', () => ({
   yellow: (str) => str,
   green: (str) => str,
+  gray: (str) => str,
 }));
 
 const configManager = require('../../src/config/config-manager');
+const backendClient = require('../../src/api/backend-client');
 const logoutCommand = require('../../src/commands/logout');
 
 describe('Logout Command', () => {
@@ -21,6 +24,8 @@ describe('Logout Command', () => {
     console.log = jest.fn((...args) => {
       consoleOutput.push(args.join(' '));
     });
+    // Mock revokeSession to return success
+    backendClient.revokeSession.mockResolvedValue({ success: true });
   });
 
   afterEach(() => {
@@ -59,6 +64,15 @@ describe('Logout Command', () => {
       expect(configManager.clearSession).toHaveBeenCalled();
     });
 
+    it('revokes session on backend before clearing locally', async () => {
+      configManager.isLoggedIn.mockReturnValue(true);
+
+      await logoutCommand.handler();
+
+      expect(backendClient.revokeSession).toHaveBeenCalled();
+      expect(configManager.clearSession).toHaveBeenCalled();
+    });
+
     it('shows success message after logout', async () => {
       configManager.isLoggedIn.mockReturnValue(true);