npm - @lifeaitools/clauth - Versions diffs - 1.1.0 → 1.3.0 - Mend

@lifeaitools/clauth 1.1.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/cli/index.js CHANGED Viewed

@@ -532,40 +532,93 @@ program
   });
 // ──────────────────────────────────────────────
-// clauth tunnel setup
+// clauth tunnel start|stop|status
+// (setup moved to in-browser wizard at http://127.0.0.1:52437)
 // ──────────────────────────────────────────────
 const tunnelCmd = program.command("tunnel").description("Manage Cloudflare tunnel for claude.ai web integration");
 tunnelCmd
   .command("setup")
-  .description("Interactive wizard — configure cloudflared named tunnel")
+  .description("Open the tunnel setup wizard in your browser")
   .action(async () => {
-    const { actionTunnelSetup } = await import("./commands/tunnel.js");
-    await actionTunnelSetup();
+    console.log(chalk.cyan("\n  Tunnel setup is now handled in the browser.\n"));
+    console.log(chalk.white("  1. Start the daemon:  clauth serve start"));
+    console.log(chalk.white("  2. Open:              http://127.0.0.1:52437"));
+    console.log(chalk.white("  3. Unlock the vault and click \"Setup Tunnel\"\n"));
   });
 tunnelCmd
   .command("start")
   .description("Tell daemon to start the tunnel")
   .action(async () => {
-    const { actionTunnelStart } = await import("./commands/tunnel.js");
-    await actionTunnelStart();
+    try {
+      const r = await fetch("http://127.0.0.1:52437/tunnel/start", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        signal: AbortSignal.timeout(5000),
+      });
+      const data = await r.json().catch(() => ({}));
+      if (!r.ok) {
+        console.error(`  ✗ ${data.error || r.statusText}`);
+        if (r.status === 401) console.error("  Unlock the daemon first: http://127.0.0.1:52437");
+        process.exit(1);
+      }
+      console.log(`  ✓ ${data.message || "Tunnel starting — check status with: clauth tunnel status"}`);
+    } catch (e) {
+      console.error("  ✗ Daemon not running. Start it with: clauth serve");
+      process.exit(1);
+    }
   });
 tunnelCmd
   .command("stop")
   .description("Tell daemon to stop the tunnel")
   .action(async () => {
-    const { actionTunnelStop } = await import("./commands/tunnel.js");
-    await actionTunnelStop();
+    try {
+      const r = await fetch("http://127.0.0.1:52437/tunnel/stop", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        signal: AbortSignal.timeout(5000),
+      });
+      const data = await r.json().catch(() => ({}));
+      if (!r.ok) {
+        console.error(`  ✗ ${data.error || r.statusText}`);
+        process.exit(1);
+      }
+      console.log("  ✓ Tunnel stopped.");
+    } catch (e) {
+      console.error("  ✗ Daemon not running.");
+      process.exit(1);
+    }
   });
 tunnelCmd
   .command("status")
   .description("Show current tunnel status")
   .action(async () => {
-    const { actionTunnelStatus } = await import("./commands/tunnel.js");
-    await actionTunnelStatus();
+    try {
+      const r = await fetch("http://127.0.0.1:52437/tunnel", {
+        signal: AbortSignal.timeout(5000),
+      });
+      const data = await r.json().catch(() => ({}));
+      const icons = {
+        live: "✓", starting: "◌", not_configured: "⚠",
+        not_started: "○", error: "✗", missing_cloudflared: "✗",
+      };
+      const labels = {
+        live: `Live — ${data.url || ""}`,
+        starting: "Starting...",
+        not_configured: "Not configured — open http://127.0.0.1:52437 and click Setup Tunnel",
+        not_started: "Not started — run: clauth tunnel start",
+        error: `Error${data.error ? ": " + data.error : ""} — check cloudflared config`,
+        missing_cloudflared: "cloudflared not installed — https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/",
+      };
+      const status = data.status || "unknown";
+      console.log(`\n  ${icons[status] || "?"} Tunnel: ${labels[status] || status}\n`);
+    } catch (e) {
+      console.error("  ✗ Daemon not running. Start it with: clauth serve");
+      process.exit(1);
+    }
   });
 // ──────────────────────────────────────────────
@@ -591,6 +644,7 @@ program
   .option("-p, --pw <password>", "clauth password (optional — omit to start locked, unlock in browser)")
   .option("--services <list>", "Comma-separated service whitelist (default: all)")
   .option("--tunnel <hostname>", "Fixed tunnel hostname (e.g. clauth.prtrust.fund) — uses named Cloudflare Tunnel instead of random URL")
+  .option("--staged", "Start on staging port (52438) for blue-green verification before make-live")
   .option("--action <action>", "Internal: action override for daemon child")
   .addHelpText("after", `
 Actions:
@@ -601,8 +655,9 @@ Actions:
   foreground  Run in foreground (Ctrl+C to stop) — default if no action given
   mcp         Run as MCP stdio server for Claude Code (JSON-RPC over stdin/stdout)
   install     Store password securely + register auto-start service (cross-platform)
-              Windows: DPAPI + Scheduled Task | macOS: Keychain + LaunchAgent | Linux: libsecret/openssl + systemd
+              Windows: DPAPI + HKCU\\Run | macOS: Keychain + LaunchAgent | Linux: libsecret/openssl + systemd
   uninstall   Remove auto-start service + delete stored password
+  upgrade     Blue-green upgrade: start new version on staging port, verify, then make live
 MCP SSE (built into start/foreground):
   The HTTP daemon also serves MCP SSE transport at GET /sse + POST /message.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lifeaitools/clauth",
-  "version": "1.1.0",
+  "version": "1.3.0",
   "description": "Hardware-bound credential vault for the LIFEAI infrastructure stack",
   "type": "module",
   "bin": {

package/cli/commands/tunnel.js DELETED Viewed

@@ -1,210 +0,0 @@
-// cli/commands/tunnel.js
-// clauth tunnel setup — configures Cloudflare named tunnel for claude.ai web integration
-import { execSync, spawnSync } from "child_process";
-import os from "os";
-import path from "path";
-import fs from "fs";
-import readline from "readline";
-function ask(question) {
-  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-  return new Promise(resolve => rl.question(question, ans => { rl.close(); resolve(ans.trim()); }));
-}
-async function actionTunnelSetup() {
-  console.log("\n  clauth tunnel setup\n");
-  console.log("  This wizard configures a Cloudflare named tunnel so claude.ai web");
-  console.log("  can connect to your local clauth daemon without exposing any ports.\n");
-  // Step 1: Check cloudflared is installed
-  try {
-    execSync("cloudflared --version", { stdio: "ignore" });
-    console.log("  ✓ cloudflared detected\n");
-  } catch {
-    console.log("  ✗ cloudflared not found.\n");
-    console.log("  Install it first:");
-    console.log("  Windows: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/");
-    console.log("  Or via winget: winget install Cloudflare.cloudflared\n");
-    process.exit(1);
-  }
-  // Step 2: Authenticate with Cloudflare
-  console.log("  Step 1/4 — Authenticate with Cloudflare");
-  console.log("  This will open your browser to log in.\n");
-  const doAuth = await ask("  Proceed? (y/n): ");
-  if (doAuth.toLowerCase() !== "y") { console.log("  Aborted."); process.exit(0); }
-  try {
-    spawnSync("cloudflared", ["tunnel", "login"], { stdio: "inherit" });
-    console.log("  ✓ Authenticated\n");
-  } catch (e) {
-    console.error("  ✗ Login failed:", e.message);
-    process.exit(1);
-  }
-  // Step 3: Create tunnel
-  console.log("  Step 2/4 — Create named tunnel");
-  const tunnelName = await ask("  Tunnel name (default: clauth): ") || "clauth";
-  let tunnelId;
-  try {
-    const result = execSync(`cloudflared tunnel create ${tunnelName}`, { encoding: "utf8" });
-    const match = result.match(/Created tunnel (.+) with id ([a-f0-9-]+)/i);
-    if (match) tunnelId = match[2];
-    console.log(`  ✓ Tunnel created: ${tunnelName} (${tunnelId || "see above"})\n`);
-  } catch (e) {
-    // Tunnel may already exist
-    console.log("  (Tunnel may already exist — continuing)\n");
-    try {
-      const listResult = execSync(`cloudflared tunnel list`, { encoding: "utf8" });
-      const lines = listResult.split("\n");
-      for (const line of lines) {
-        if (line.toLowerCase().includes(tunnelName.toLowerCase())) {
-          const parts = line.trim().split(/\s+/);
-          if (parts[0] && parts[0].includes("-")) tunnelId = parts[0];
-        }
-      }
-    } catch {
-      // ignore list errors
-    }
-  }
-  // Step 4: Configure hostname
-  console.log("  Step 3/4 — Set public hostname");
-  const hostname = await ask("  Public hostname (e.g. clauth.yourdomain.com): ");
-  if (!hostname) { console.log("  Hostname required."); process.exit(1); }
-  // Write config.yml
-  const cfDir = path.join(os.homedir(), ".cloudflared");
-  if (!fs.existsSync(cfDir)) fs.mkdirSync(cfDir, { recursive: true });
-  const configPath = path.join(cfDir, "config.yml");
-  const credFile = tunnelId ? path.join(cfDir, `${tunnelId}.json`) : `<tunnel-id>.json`;
-  const config = `tunnel: ${tunnelId || tunnelName}
-credentials-file: ${credFile}
-ingress:
-  - hostname: ${hostname}
-    service: http://127.0.0.1:52437
-  - service: http_status:404
-`;
-  fs.writeFileSync(configPath, config, "utf8");
-  console.log(`  ✓ Config written: ${configPath}\n`);
-  // Route DNS
-  console.log("  Step 4/4 — Configure DNS");
-  try {
-    execSync(`cloudflared tunnel route dns ${tunnelName} ${hostname}`, { stdio: "inherit" });
-    console.log(`  ✓ DNS configured: ${hostname}\n`);
-  } catch {
-    console.log(`  ⚠ DNS route failed — add manually in Cloudflare dashboard:`);
-    console.log(`    CNAME ${hostname} → ${tunnelId}.cfargotunnel.com\n`);
-  }
-  // Save hostname to clauth config via api module
-  try {
-    const apiMod = await import("../api.js").catch(() => null);
-    if (apiMod) {
-      const sbUrl = (apiMod.getBaseUrl?.() || "").replace("/functions/v1/auth-vault", "");
-      const sbKey = apiMod.getAnonKey?.();
-      if (sbUrl && sbKey) {
-        await fetch(
-          `${sbUrl}/rest/v1/clauth_config`,
-          {
-            method: "POST",
-            headers: {
-              apikey: sbKey,
-              Authorization: `Bearer ${sbKey}`,
-              "Content-Type": "application/json",
-              Prefer: "resolution=merge-duplicates",
-            },
-            body: JSON.stringify({ key: "tunnel_hostname", value: hostname }),
-          }
-        );
-        console.log(`  ✓ Hostname saved to clauth config: ${hostname}`);
-      }
-    }
-  } catch {
-    console.log(`  ⚠ Could not save to DB. Hostname is set in config.yml — 'clauth serve' will pick it up.`);
-  }
-  console.log("\n  Setup complete!");
-  console.log(`  Restart the daemon: clauth serve restart`);
-  console.log(`  Or use: npm run worker:restart (from clauth directory)\n`);
-}
-// clauth tunnel start — tells daemon to start the tunnel
-async function actionTunnelStart() {
-  try {
-    const r = await fetch("http://127.0.0.1:52437/tunnel/start", {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      signal: AbortSignal.timeout(5000),
-    });
-    const data = await r.json().catch(() => ({}));
-    if (!r.ok) {
-      console.error(`  ✗ ${data.error || r.statusText}`);
-      if (r.status === 401) console.error("  Unlock the daemon first: http://127.0.0.1:52437");
-      process.exit(1);
-    }
-    console.log(`  ✓ ${data.message || "Tunnel starting — check status with: clauth tunnel status"}`);
-  } catch (e) {
-    console.error("  ✗ Daemon not running. Start it with: clauth serve");
-    process.exit(1);
-  }
-}
-// clauth tunnel stop — tells daemon to stop the tunnel
-async function actionTunnelStop() {
-  try {
-    const r = await fetch("http://127.0.0.1:52437/tunnel/stop", {
-      method: "POST",
-      headers: { "Content-Type": "application/json" },
-      signal: AbortSignal.timeout(5000),
-    });
-    const data = await r.json().catch(() => ({}));
-    if (!r.ok) {
-      console.error(`  ✗ ${data.error || r.statusText}`);
-      process.exit(1);
-    }
-    console.log("  ✓ Tunnel stopped.");
-  } catch (e) {
-    console.error("  ✗ Daemon not running.");
-    process.exit(1);
-  }
-}
-// clauth tunnel status — shows current tunnel status from daemon
-async function actionTunnelStatus() {
-  try {
-    const r = await fetch("http://127.0.0.1:52437/tunnel", {
-      signal: AbortSignal.timeout(5000),
-    });
-    const data = await r.json().catch(() => ({}));
-    const icons = {
-      live:                "✓",
-      starting:            "◌",
-      not_configured:      "⚠",
-      not_started:         "○",
-      error:               "✗",
-      missing_cloudflared: "✗",
-    };
-    const labels = {
-      live:                `Live — ${data.url || ""}`,
-      starting:            "Starting...",
-      not_configured:      "Not configured — run: clauth tunnel setup",
-      not_started:         "Not started — run: clauth tunnel start",
-      error:               `Error${data.error ? ": " + data.error : ""} — check cloudflared config`,
-      missing_cloudflared: "cloudflared not installed — https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/",
-    };
-    const status = data.status || "unknown";
-    console.log(`\n  ${icons[status] || "?"} Tunnel: ${labels[status] || status}\n`);
-  } catch (e) {
-    console.error("  ✗ Daemon not running. Start it with: clauth serve");
-    process.exit(1);
-  }
-}
-export { actionTunnelSetup, actionTunnelStart, actionTunnelStop, actionTunnelStatus };