npm - @lifeaitools/clauth - Versions diffs - 0.4.1 → 0.5.1 - Mend

@lifeaitools/clauth 0.4.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/.clauth-skill/SKILL.md +184 -184
package/.clauth-skill/references/keys-guide.md +270 -270
package/.clauth-skill/references/operator-guide.md +148 -148
package/README.md +125 -125
package/cli/api.js +113 -113
package/cli/commands/install.js +291 -291
package/cli/commands/scrub.js +231 -231
package/cli/commands/serve.js +526 -1
package/cli/commands/uninstall.js +164 -164
package/cli/fingerprint.js +91 -91
package/cli/index.js +5 -1
package/install.ps1 +44 -44
package/install.sh +38 -38
package/package.json +54 -54
package/scripts/bin/bootstrap-linux +0 -0
package/scripts/bin/bootstrap-macos +0 -0
package/scripts/bootstrap.cjs +43 -43
package/scripts/build.sh +45 -45
package/supabase/functions/auth-vault/index.ts +235 -235
package/supabase/migrations/001_clauth_schema.sql +103 -103
package/supabase/migrations/002_vault_helpers.sql +90 -90
package/supabase/migrations/20260317_lockout.sql +26 -26

package/cli/api.js CHANGED Viewed

@@ -1,113 +1,113 @@
-// cli/api.js
-// Thin client that calls the auth-vault Edge Function
-import { createRequire } from "module";
-const require = createRequire(import.meta.url);
-import Conf from "conf";
-import { getConfOptions } from "./conf-path.js";
-const config = new Conf(getConfOptions());
-// ============================================================
-// Get Edge Function base URL from local config
-// ============================================================
-export function getBaseUrl() {
-  const url = config.get("supabase_url") || process.env.CLAUTH_SUPABASE_URL;
-  if (!url) throw new Error("Supabase URL not configured. Run: clauth setup");
-  return `${url}/functions/v1/auth-vault`;
-}
-export function getAnonKey() {
-  const key = config.get("supabase_anon_key") || process.env.CLAUTH_SUPABASE_ANON_KEY;
-  if (!key) throw new Error("Supabase anon key not configured. Run: clauth setup");
-  return key;
-}
-// ============================================================
-// Core POST helper
-// ============================================================
-async function post(route, body) {
-  const url = `${getBaseUrl()}/${route}`;
-  const anonKey = getAnonKey();
-  const res = await fetch(url, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      "Authorization": `Bearer ${anonKey}`
-    },
-    body: JSON.stringify(body)
-  });
-  const data = await res.json();
-  if (!res.ok && !data.error) throw new Error(`HTTP ${res.status}`);
-  return data;
-}
-// ============================================================
-// Auth-bearing calls (require HMAC token)
-// ============================================================
-async function authPost(route, password, machineHash, token, timestamp, extra = {}) {
-  return post(route, {
-    machine_hash: machineHash,
-    token,
-    timestamp,
-    password,
-    ...extra
-  });
-}
-// ============================================================
-// Exported API surface
-// ============================================================
-export async function retrieve(password, machineHash, token, timestamp, service) {
-  return authPost("retrieve", password, machineHash, token, timestamp, { service });
-}
-export async function write(password, machineHash, token, timestamp, service, value) {
-  return authPost("write", password, machineHash, token, timestamp, { service, value });
-}
-export async function enable(password, machineHash, token, timestamp, service, enabled) {
-  return authPost("enable", password, machineHash, token, timestamp, { service, enabled });
-}
-export async function addService(password, machineHash, token, timestamp, name, label, key_type, description) {
-  return authPost("add", password, machineHash, token, timestamp, { name, label, key_type, description });
-}
-export async function removeService(password, machineHash, token, timestamp, service, confirm) {
-  return authPost("remove", password, machineHash, token, timestamp, { service, confirm });
-}
-export async function revoke(password, machineHash, token, timestamp, service, confirm) {
-  return authPost("revoke", password, machineHash, token, timestamp, { service, confirm });
-}
-export async function status(password, machineHash, token, timestamp) {
-  return authPost("status", password, machineHash, token, timestamp);
-}
-export async function test(password, machineHash, token, timestamp) {
-  return authPost("test", password, machineHash, token, timestamp);
-}
-export async function changePassword(password, machineHash, token, timestamp, newSeedHash) {
-  return authPost("change-password", password, machineHash, token, timestamp, { new_hmac_seed_hash: newSeedHash });
-}
-export async function registerMachine(machineHash, seedHash, label, adminToken) {
-  return post("register-machine", {
-    machine_hash: machineHash,
-    hmac_seed_hash: seedHash,
-    label,
-    admin_token: adminToken
-  });
-}
-export default {
-  retrieve, write, enable, addService, removeService, revoke,
-  status, test, registerMachine, getBaseUrl, getAnonKey
-};
+// cli/api.js
+// Thin client that calls the auth-vault Edge Function
+import { createRequire } from "module";
+const require = createRequire(import.meta.url);
+import Conf from "conf";
+import { getConfOptions } from "./conf-path.js";
+const config = new Conf(getConfOptions());
+// ============================================================
+// Get Edge Function base URL from local config
+// ============================================================
+export function getBaseUrl() {
+  const url = config.get("supabase_url") || process.env.CLAUTH_SUPABASE_URL;
+  if (!url) throw new Error("Supabase URL not configured. Run: clauth setup");
+  return `${url}/functions/v1/auth-vault`;
+}
+export function getAnonKey() {
+  const key = config.get("supabase_anon_key") || process.env.CLAUTH_SUPABASE_ANON_KEY;
+  if (!key) throw new Error("Supabase anon key not configured. Run: clauth setup");
+  return key;
+}
+// ============================================================
+// Core POST helper
+// ============================================================
+async function post(route, body) {
+  const url = `${getBaseUrl()}/${route}`;
+  const anonKey = getAnonKey();
+  const res = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "Authorization": `Bearer ${anonKey}`
+    },
+    body: JSON.stringify(body)
+  });
+  const data = await res.json();
+  if (!res.ok && !data.error) throw new Error(`HTTP ${res.status}`);
+  return data;
+}
+// ============================================================
+// Auth-bearing calls (require HMAC token)
+// ============================================================
+async function authPost(route, password, machineHash, token, timestamp, extra = {}) {
+  return post(route, {
+    machine_hash: machineHash,
+    token,
+    timestamp,
+    password,
+    ...extra
+  });
+}
+// ============================================================
+// Exported API surface
+// ============================================================
+export async function retrieve(password, machineHash, token, timestamp, service) {
+  return authPost("retrieve", password, machineHash, token, timestamp, { service });
+}
+export async function write(password, machineHash, token, timestamp, service, value) {
+  return authPost("write", password, machineHash, token, timestamp, { service, value });
+}
+export async function enable(password, machineHash, token, timestamp, service, enabled) {
+  return authPost("enable", password, machineHash, token, timestamp, { service, enabled });
+}
+export async function addService(password, machineHash, token, timestamp, name, label, key_type, description) {
+  return authPost("add", password, machineHash, token, timestamp, { name, label, key_type, description });
+}
+export async function removeService(password, machineHash, token, timestamp, service, confirm) {
+  return authPost("remove", password, machineHash, token, timestamp, { service, confirm });
+}
+export async function revoke(password, machineHash, token, timestamp, service, confirm) {
+  return authPost("revoke", password, machineHash, token, timestamp, { service, confirm });
+}
+export async function status(password, machineHash, token, timestamp) {
+  return authPost("status", password, machineHash, token, timestamp);
+}
+export async function test(password, machineHash, token, timestamp) {
+  return authPost("test", password, machineHash, token, timestamp);
+}
+export async function changePassword(password, machineHash, token, timestamp, newSeedHash) {
+  return authPost("change-password", password, machineHash, token, timestamp, { new_hmac_seed_hash: newSeedHash });
+}
+export async function registerMachine(machineHash, seedHash, label, adminToken) {
+  return post("register-machine", {
+    machine_hash: machineHash,
+    hmac_seed_hash: seedHash,
+    label,
+    admin_token: adminToken
+  });
+}
+export default {
+  retrieve, write, enable, addService, removeService, revoke,
+  status, test, registerMachine, getBaseUrl, getAnonKey
+};