@lightupai/polaris 0.0.5 → 0.0.7

package/src/cli/cli.ts

@@ -1,135 +1,132 @@
 #!/usr/bin/env bun
 // --- Polaris CLI ---
 // Usage:
-//   polaris login    — authenticate via Google SSO, install local components
-//   polaris daemon   — start the local daemon
-//   polaris status   — show daemon health and active sessions
-//   polaris logout   — remove credentials and local config
-
-import { mkdir, writeFile, readFile, rm, exists } from "node:fs/promises";
-import { homedir } from "node:os";
+//   polaris              — install + login (default onboarding)
+//   polaris install      — install local components (no auth)
+//   polaris login        — authenticate via Google SSO (production)
+//   polaris login --local — authenticate against localhost
+//   polaris login --url <url> — authenticate against a custom URL
+//   polaris login --profile <name> — explicit profile name
+//   polaris use <profile> — switch active profile
+//   polaris profiles     — list profiles
+//   polaris daemon       — start the local daemon
+//   polaris status       — show connection status
+//   polaris logout       — remove credentials
+
+import { mkdir, writeFile, readFile, rm } from "node:fs/promises";
+import { homedir, hostname } from "node:os";
 import { join } from "node:path";
 
 const POLARIS_DIR = join(homedir(), ".polaris");
-const CREDENTIALS_FILE = join(POLARIS_DIR, "credentials.json");
+const CONFIG_FILE = join(POLARIS_DIR, "config.json");
+const LEGACY_CREDENTIALS_FILE = join(POLARIS_DIR, "credentials.json");
 const CLAUDE_DIR = join(homedir(), ".claude");
-const CLAUDE_SETTINGS_DIR = join(CLAUDE_DIR);
 
-const SERVICE_URL = process.env.POLARIS_SERVICE_URL ?? "http://localhost:3000";
+const DEFAULT_APP_URL = "https://app.polaris.lightup.ai";
+const LOCAL_APP_URL = "http://localhost:3000";
 
-// --- Login ---
+// --- Config ---
 
-async function login() {
-  console.log("Polaris — setting up your machine\n");
+interface Profile {
+  api: string;
+  app: string;
+  token: string;
+  email: string;
+  name: string;
+  org_id: string;
+  participant_id: string;
+}
 
-  // 1. Start a local HTTP server to receive the token callback
-  let resolveToken: (token: string) => void;
-  const tokenPromise = new Promise<string>((resolve) => { resolveToken = resolve; });
+interface Config {
+  active: string;
+  profiles: Record<string, Profile>;
+}
 
-  const callbackServer = Bun.serve({
-    port: 0,
-    hostname: "127.0.0.1",
-    fetch(req) {
-      const url = new URL(req.url);
-      if (url.pathname === "/callback") {
-        const token = url.searchParams.get("token");
-        if (token) {
-          resolveToken!(token);
-          return new Response(
-            `<!DOCTYPE html><html><head><title>Polaris</title><style>body{font-family:-apple-system,sans-serif;display:flex;align-items:center;justify-content:center;height:100vh;margin:0;color:#1a1a1a;}</style></head><body><div style="text-align:center"><h2>Authenticated!</h2><p>You can close this tab and return to the terminal.</p></div></body></html>`,
-            { headers: { "Content-Type": "text/html" } }
-          );
-        }
+async function loadConfig(): Promise<Config> {
+  try {
+    return JSON.parse(await readFile(CONFIG_FILE, "utf-8"));
+  } catch {
+    // Migrate from legacy credentials.json if it exists
+    try {
+      const legacy = JSON.parse(await readFile(LEGACY_CREDENTIALS_FILE, "utf-8"));
+      if (legacy.token) {
+        const appUrl = legacy.service_url ?? DEFAULT_APP_URL;
+        const profileName = deriveProfileName(appUrl);
+        const config: Config = {
+          active: profileName,
+          profiles: {
+            [profileName]: {
+              api: appToApi(appUrl),
+              app: appUrl,
+              token: legacy.token,
+              email: legacy.email ?? "",
+              name: legacy.name ?? "",
+              org_id: legacy.org_id ?? "",
+              participant_id: legacy.participant_id ?? "",
+            },
+          },
+        };
+        await saveConfig(config);
+        return config;
       }
-      return new Response("Not found", { status: 404 });
-    },
-  });
-
-  const callbackPort = callbackServer.port;
-  const authUrl = `${SERVICE_URL}/auth/cli?port=${callbackPort}`;
-
-  console.log("Opening browser for Google sign-in...");
-  console.log(`If the browser doesn't open, visit: ${authUrl}\n`);
-
-  // Open browser
-  const proc = Bun.spawn(
-    process.platform === "darwin" ? ["open", authUrl] :
-    process.platform === "win32" ? ["cmd", "/c", "start", authUrl] :
-    ["xdg-open", authUrl],
-    { stdout: "ignore", stderr: "ignore" }
-  );
-  await proc.exited;
+    } catch { /* no legacy file either */ }
+    return { active: "", profiles: {} };
+  }
+}
 
-  // 2. Wait for the token
-  console.log("Waiting for authentication...");
-  const token = await tokenPromise;
-  // Keep server alive briefly so the browser can render the success page
-  setTimeout(() => callbackServer.stop(true), 3000);
+async function saveConfig(config: Config): Promise<void> {
+  await mkdir(POLARIS_DIR, { recursive: true });
+  await writeFile(CONFIG_FILE, JSON.stringify(config, null, 2));
+}
 
-  // 3. Validate the token and get user info
-  const res = await fetch(`${SERVICE_URL}/auth/token?token=${token}`);
-  if (!res.ok) {
-    console.error("Failed to validate token. Please try again.");
-    process.exit(1);
-  }
-  const userInfo = (await res.json()) as {
-    sub: string;
-    email: string;
-    name: string;
-    org_id: string;
-    participant_id: string;
-  };
+function getActiveProfile(config: Config): Profile | null {
+  if (!config.active || !config.profiles[config.active]) return null;
+  return config.profiles[config.active];
+}
 
-  // Fetch org name
-  let orgName = userInfo.org_id;
+function deriveProfileName(appUrl: string): string {
+  if (appUrl.includes("localhost") || appUrl.includes("127.0.0.1")) return "local";
   try {
-    const orgRes = await fetch(`${SERVICE_URL}/auth/token?token=${token}`);
-    if (orgRes.ok) {
-      const orgData = (await orgRes.json()) as { org_id: string };
-      // The org name isn't in the token — use the email domain as display
-      orgName = userInfo.email.split("@")[1].split(".")[0];
-      orgName = orgName.charAt(0).toUpperCase() + orgName.slice(1);
-    }
-  } catch { /* use org_id as fallback */ }
+    const host = new URL(appUrl).hostname;
+    // app.polaris.lightup.ai → prod
+    if (host.includes("polaris.lightup.ai")) return "prod";
+    // strip common prefixes
+    return host.replace(/^app\./, "").replace(/\./g, "-");
+  } catch {
+    return "default";
+  }
+}
 
-  console.log(`\nAuthenticated as ${userInfo.name} (${userInfo.email})`);
-  console.log(`Organization: ${orgName}`);
-  console.log(`Participant ID: ${userInfo.participant_id}\n`);
+function appToApi(appUrl: string): string {
+  if (appUrl.includes("localhost") || appUrl.includes("127.0.0.1")) {
+    return appUrl.replace(":3000", ":4321");
+  }
+  return appUrl.replace("app.", "api.");
+}
 
-  // 4. Store credentials
-  await mkdir(POLARIS_DIR, { recursive: true });
-  await writeFile(CREDENTIALS_FILE, JSON.stringify({
-    token,
-    ...userInfo,
-    service_url: SERVICE_URL,
-  }, null, 2));
-  console.log(`Credentials saved to ${CREDENTIALS_FILE}`);
+// --- Install ---
 
-  // 5. Install MCP server config
+async function install(participantId?: string) {
   await mkdir(CLAUDE_DIR, { recursive: true });
 
-  // Find the path to the client.ts relative to this CLI
+  // MCP server config
   const clientPath = join(import.meta.dir, "..", "client", "client.ts");
-
   const mcpConfig = {
     mcpServers: {
       polaris: {
-        command: "bun",
-        args: [clientPath],
+        command: "npx",
+        args: ["bun", clientPath],
         env: {
-          POLARIS_DAEMON_URL: "http://127.0.0.1:4321",
-          POLARIS_SERVICE_URL: SERVICE_URL.replace(":3000", ":4321"), // API port
+          POLARIS_DAEMON_URL: "http://127.0.0.1:4322",
         },
       },
     },
   };
 
   const mcpConfigPath = join(CLAUDE_DIR, ".mcp.json");
-  // Merge with existing config if present
   let existingMcp: Record<string, unknown> = {};
   try {
-    const existing = await readFile(mcpConfigPath, "utf-8");
-    existingMcp = JSON.parse(existing);
+    existingMcp = JSON.parse(await readFile(mcpConfigPath, "utf-8"));
   } catch { /* doesn't exist yet */ }
 
   const mergedMcp = {
@@ -140,9 +137,9 @@ async function login() {
     },
   };
   await writeFile(mcpConfigPath, JSON.stringify(mergedMcp, null, 2));
-  console.log(`MCP server config written to ${mcpConfigPath}`);
+  console.log("  ✓ MCP server config written");
 
-  // 6. Install hooks
+  // Hooks
   const captureShPath = join(import.meta.dir, "..", "..", "hooks", "capture.sh");
   const hooksConfig = {
     UserPromptSubmit: [{ hooks: [{ type: "command", command: captureShPath }] }],
@@ -154,28 +151,34 @@ async function login() {
   const settingsPath = join(CLAUDE_DIR, "settings.json");
   let existingSettings: Record<string, unknown> = {};
   try {
-    const existing = await readFile(settingsPath, "utf-8");
-    existingSettings = JSON.parse(existing);
+    existingSettings = JSON.parse(await readFile(settingsPath, "utf-8"));
   } catch { /* doesn't exist yet */ }
 
+  // Status line
+  const statusLinePath = join(import.meta.dir, "..", "..", "hooks", "statusline.sh");
   const mergedSettings = {
     ...existingSettings,
     hooks: {
       ...(existingSettings as { hooks?: Record<string, unknown> }).hooks,
       ...hooksConfig,
     },
+    statusLine: {
+      type: "command",
+      command: statusLinePath,
+    },
   };
   await writeFile(settingsPath, JSON.stringify(mergedSettings, null, 2));
-  console.log(`Hooks config written to ${settingsPath}`);
+  console.log("  ✓ Hooks + status line config written");
 
-  // 7. Install /polaris skill
+  // /polaris skill
   const skillDir = join(CLAUDE_DIR, "skills", "polaris");
   await mkdir(skillDir, { recursive: true });
+  const identity = participantId ? `\`${participantId}\`` : "the user's participant ID (ask them if unknown)";
   const skillContent = `---
 name: polaris
 description: Connect to a Polaris multiplayer collaboration session
-allowed-tools: polaris_connect polaris_disconnect polaris_status polaris_reply polaris_context
-argument-hint: [join <project> <session> | disconnect | (no args for status)]
+allowed-tools: polaris_connect polaris_disconnect polaris_status polaris_reply polaris_context polaris_rename
+argument-hint: [join <project> <session> | rename <new-name> | disconnect | (no args for status)]
 ---
 
 ## Polaris — Multiplayer Collaboration
@@ -187,9 +190,13 @@ Manage your connection to a Polaris collaboration session.
 Based on the arguments provided, do ONE of the following:
 
 **\`/polaris join <project> <session>\`** — Connect to a session:
-1. Call \`polaris_connect\` with the given project, session, and user identity \`${userInfo.participant_id}\`
+1. Call \`polaris_connect\` with the given project, session, and user identity ${identity}
 2. Report the connection status
 
+**\`/polaris rename <new-name>\`** — Rename the current project:
+1. Call \`polaris_rename\` with the new name
+2. Report the result
+
 **\`/polaris disconnect\`** — Disconnect:
 1. Call \`polaris_disconnect\`
 2. Confirm disconnection
@@ -201,24 +208,142 @@ Based on the arguments provided, do ONE of the following:
 ### Arguments: $ARGUMENTS
 `;
   await writeFile(join(skillDir, "SKILL.md"), skillContent);
-  console.log(`/polaris skill written to ${skillDir}/SKILL.md`);
+  console.log("  ✓ /polaris skill written");
+}
 
-  // 8. Install status line
-  const statusLinePath = join(import.meta.dir, "..", "..", "hooks", "statusline.sh");
-  const mergedSettingsWithStatusLine = {
-    ...mergedSettings,
-    statusLine: {
-      type: "command",
-      command: statusLinePath,
+// --- Login ---
+
+async function login(appUrl: string, profileName?: string) {
+  const derivedName = profileName ?? deriveProfileName(appUrl);
+
+  // Browser OAuth
+  let resolveToken: (token: string) => void;
+  const tokenPromise = new Promise<string>((resolve) => { resolveToken = resolve; });
+
+  const callbackServer = Bun.serve({
+    port: 0,
+    hostname: "127.0.0.1",
+    fetch(req) {
+      const url = new URL(req.url);
+      if (url.pathname === "/callback") {
+        const token = url.searchParams.get("token");
+        if (token) {
+          resolveToken!(token);
+          return new Response(
+            `<!DOCTYPE html><html><head><title>Polaris</title><style>body{font-family:-apple-system,sans-serif;display:flex;align-items:center;justify-content:center;height:100vh;margin:0;color:#1a1a1a;}</style></head><body><div style="text-align:center"><h2>Authenticated!</h2><p>You can close this tab and return to the terminal.</p></div></body></html>`,
+            { headers: { "Content-Type": "text/html" } }
+          );
+        }
+      }
+      return new Response("Not found", { status: 404 });
     },
+  });
+
+  const callbackPort = callbackServer.port;
+  const authUrl = `${appUrl}/auth/cli?port=${callbackPort}`;
+
+  console.log(`  Opening browser for Google sign-in (${derivedName})...`);
+  console.log(`  If the browser doesn't open, visit: ${authUrl}\n`);
+
+  const proc = Bun.spawn(
+    process.platform === "darwin" ? ["open", authUrl] :
+    process.platform === "win32" ? ["cmd", "/c", "start", authUrl] :
+    ["xdg-open", authUrl],
+    { stdout: "ignore", stderr: "ignore" }
+  );
+  await proc.exited;
+
+  console.log("  Waiting for authentication...");
+  const token = await tokenPromise;
+  setTimeout(() => callbackServer.stop(true), 3000);
+
+  // Validate token
+  const res = await fetch(`${appUrl}/auth/token?token=${token}`);
+  if (!res.ok) {
+    console.error("  ✗ Failed to validate token. Please try again.");
+    process.exit(1);
+  }
+  const userInfo = (await res.json()) as {
+    sub: string;
+    email: string;
+    name: string;
+    org_id: string;
+    participant_id: string;
   };
-  await writeFile(settingsPath, JSON.stringify(mergedSettingsWithStatusLine, null, 2));
-  console.log(`Status line config written to ${settingsPath}`);
 
-  // 9. Post system event (device connected)
-  const hostname = (await import("node:os")).hostname();
+  let orgName = userInfo.email.split("@")[1].split(".")[0];
+  orgName = orgName.charAt(0).toUpperCase() + orgName.slice(1);
+
+  console.log(`\n  Authenticated as ${userInfo.name} (${userInfo.email})`);
+  console.log(`  Organization: ${orgName}`);
+  console.log(`  Participant ID: ${userInfo.participant_id}`);
+
+  // Save to profile
+  const config = await loadConfig();
+  config.profiles[derivedName] = {
+    api: appToApi(appUrl),
+    app: appUrl,
+    token,
+    email: userInfo.email,
+    name: userInfo.name,
+    org_id: userInfo.org_id,
+    participant_id: userInfo.participant_id,
+  };
+  config.active = derivedName;
+  await saveConfig(config);
+
+  // Also write legacy credentials.json for backward compat (daemon reads it)
+  await writeFile(LEGACY_CREDENTIALS_FILE, JSON.stringify({
+    token,
+    ...userInfo,
+    service_url: appUrl,
+  }, null, 2));
+
+  console.log(`  ✓ Profile "${derivedName}" saved and set as active`);
+
+  // Re-install skill with personalized participant ID
+  await mkdir(join(CLAUDE_DIR, "skills", "polaris"), { recursive: true });
+  const identity = `\`${userInfo.participant_id}\``;
+  const skillDir = join(CLAUDE_DIR, "skills", "polaris");
+  const skillContent = `---
+name: polaris
+description: Connect to a Polaris multiplayer collaboration session
+allowed-tools: polaris_connect polaris_disconnect polaris_status polaris_reply polaris_context polaris_rename
+argument-hint: [join <project> <session> | rename <new-name> | disconnect | (no args for status)]
+---
+
+## Polaris — Multiplayer Collaboration
+
+Manage your connection to a Polaris collaboration session.
+
+### Commands
+
+Based on the arguments provided, do ONE of the following:
+
+**\`/polaris join <project> <session>\`** — Connect to a session:
+1. Call \`polaris_connect\` with the given project, session, and user identity ${identity}
+2. Report the connection status
+
+**\`/polaris rename <new-name>\`** — Rename the current project:
+1. Call \`polaris_rename\` with the new name
+2. Report the result
+
+**\`/polaris disconnect\`** — Disconnect:
+1. Call \`polaris_disconnect\`
+2. Confirm disconnection
+
+**\`/polaris\`** (no arguments) — Show status:
+1. Call \`polaris_status\`
+2. Display the current connection state
+
+### Arguments: $ARGUMENTS
+`;
+  await writeFile(join(skillDir, "SKILL.md"), skillContent);
+
+  // Post system event (device connected)
+  const apiUrl = appToApi(appUrl);
   try {
-    await fetch(`${SERVICE_URL.replace(":3000", ":4321")}/projects/_system/sessions/_system/events`, {
+    await fetch(`${apiUrl}/projects/_system/sessions/_system/events`, {
       method: "POST",
       headers: {
         "Content-Type": "application/json",
@@ -229,21 +354,63 @@ Based on the arguments provided, do ONE of the following:
         payload: {
           hook_event_name: "Stop",
           session_id: "_system",
-          stop_response: `Device connected: ${hostname} (${process.platform})`,
+          stop_response: `Device connected: ${hostname()} (${process.platform})`,
         },
       }),
     });
-    // Notify web app dashboard to refresh
-    await fetch(`${SERVICE_URL}/api/notify-dashboard`, {
-      method: "POST",
-      headers: { "Content-Type": "application/json", Authorization: `Bearer ${token}` },
-    });
   } catch { /* non-fatal */ }
+}
+
+// --- Use ---
+
+async function use(profileName: string) {
+  const config = await loadConfig();
+  if (!config.profiles[profileName]) {
+    console.error(`Profile "${profileName}" not found.`);
+    const names = Object.keys(config.profiles);
+    if (names.length > 0) {
+      console.error(`Available profiles: ${names.join(", ")}`);
+    } else {
+      console.error("No profiles configured. Run: polaris login");
+    }
+    process.exit(1);
+  }
+  config.active = profileName;
+  await saveConfig(config);
+
+  // Update legacy credentials.json for daemon
+  const profile = config.profiles[profileName];
+  await writeFile(LEGACY_CREDENTIALS_FILE, JSON.stringify({
+    token: profile.token,
+    email: profile.email,
+    name: profile.name,
+    org_id: profile.org_id,
+    participant_id: profile.participant_id,
+    service_url: profile.app,
+  }, null, 2));
 
-  console.log("\n✓ Polaris is set up on this machine!");
-  console.log("\nNext steps:");
-  console.log("  1. Start the daemon:  polaris daemon");
-  console.log("  2. Open your AI agent and run:  /polaris join <project> <session>");
+  console.log(`Active profile: ${profileName} (${profile.api})`);
+  console.log("Restart the daemon for this to take effect.");
+}
+
+// --- Profiles ---
+
+async function profiles() {
+  const config = await loadConfig();
+  const names = Object.keys(config.profiles);
+  if (names.length === 0) {
+    console.log("No profiles configured. Run: polaris login");
+    return;
+  }
+  console.log("Profiles:\n");
+  for (const name of names) {
+    const p = config.profiles[name];
+    const active = name === config.active ? " (active)" : "";
+    console.log(`  ${name}${active}`);
+    console.log(`    API: ${p.api}`);
+    console.log(`    User: ${p.name} (${p.email})`);
+    console.log("");
+  }
 }
 
 // --- Daemon ---
@@ -256,7 +423,6 @@ async function daemon() {
     stderr: "inherit",
     env: {
       ...process.env,
-      POLARIS_SERVICE_URL: SERVICE_URL.replace(":3000", ":4321"),
     },
   });
   await proc.exited;
@@ -265,68 +431,143 @@ async function daemon() {
 // --- Status ---
 
 async function status() {
+  // Active profile
+  const config = await loadConfig();
+  const profile = getActiveProfile(config);
+  if (profile) {
+    console.log(`Profile: ${config.active} (${profile.api})`);
+    console.log(`User: ${profile.name} (${profile.email})`);
+  } else {
+    console.log("Not logged in. Run: polaris login");
+  }
+
+  // Daemon
   try {
-    const res = await fetch("http://127.0.0.1:4321/status");
+    const res = await fetch("http://127.0.0.1:4322/status");
     const data = (await res.json()) as { ok: boolean; sessions?: Array<{ ccSessionId: string; project: string; session: string; user: string }> };
     if (data.ok) {
-      console.log("Daemon: running");
+      console.log("\nDaemon: running");
       if (data.sessions && data.sessions.length > 0) {
         console.log(`Active sessions (${data.sessions.length}):`);
         for (const s of data.sessions) {
-          console.log(`  ${s.project}/${s.session} as ${s.user} (cc: ${s.ccSessionId})`);
+          console.log(`  ${s.project}/${s.session} as ${s.user}`);
         }
       } else {
         console.log("No active sessions");
       }
     }
   } catch {
-    console.log("Daemon: not running");
-  }
-
-  // Check credentials
-  try {
-    const creds = JSON.parse(await readFile(CREDENTIALS_FILE, "utf-8"));
-    console.log(`\nLogged in as: ${creds.name} (${creds.email})`);
-    console.log(`Org: ${creds.org_id}`);
-    console.log(`Service: ${creds.service_url}`);
-  } catch {
-    console.log("\nNot logged in. Run: polaris login");
+    console.log("\nDaemon: not running");
   }
 }
 
 // --- Logout ---
 
-async function logout() {
-  try {
-    await rm(POLARIS_DIR, { recursive: true });
-    console.log("Credentials removed.");
-  } catch { /* already gone */ }
-  console.log("Logged out. MCP config and hooks are still installed — remove them manually if needed.");
+async function logout(all = false) {
+  if (all) {
+    try {
+      await rm(POLARIS_DIR, { recursive: true });
+      console.log("All profiles and credentials removed.");
+    } catch { /* already gone */ }
+  } else {
+    const config = await loadConfig();
+    if (!config.active || !config.profiles[config.active]) {
+      console.log("No active profile to remove.");
+      return;
+    }
+    const name = config.active;
+    delete config.profiles[name];
+    // Set active to first remaining profile, or empty
+    const remaining = Object.keys(config.profiles);
+    config.active = remaining.length > 0 ? remaining[0] : "";
+    await saveConfig(config);
+    console.log(`Profile "${name}" removed.`);
+    if (config.active) {
+      console.log(`Active profile switched to: ${config.active}`);
+    }
+  }
+  console.log("MCP config and hooks are still installed — run `polaris install` to reset them.");
 }
 
 // --- Main ---
 
-const command = process.argv[2];
+const args = process.argv.slice(2);
+const command = args[0];
+
+function getFlag(name: string): string | undefined {
+  const idx = args.indexOf(`--${name}`);
+  if (idx >= 0 && idx + 1 < args.length) return args[idx + 1];
+  return undefined;
+}
+
+function hasFlag(name: string): boolean {
+  return args.includes(`--${name}`);
+}
 
 switch (command) {
-  case "login":
-    await login();
+  case "install":
+    console.log("Polaris — installing local components\n");
+    await install();
+    console.log("\nInstall complete.");
     break;
+
+  case "login": {
+    const appUrl = hasFlag("local") ? LOCAL_APP_URL : (getFlag("url") ?? DEFAULT_APP_URL);
+    const profileName = getFlag("profile");
+    console.log("Polaris — authenticating\n");
+    await login(appUrl, profileName);
+    console.log("\n✓ Login complete!");
+    console.log("\nNext: start the daemon with `polaris daemon`, then `/polaris join <project> <session>` in your AI agent.");
+    break;
+  }
+
+  case "use":
+    if (!args[1]) {
+      console.error("Usage: polaris use <profile>");
+      process.exit(1);
+    }
+    await use(args[1]);
+    break;
+
+  case "profiles":
+    await profiles();
+    break;
+
   case "daemon":
     await daemon();
     break;
+
   case "status":
     await status();
     break;
+
   case "logout":
-    await logout();
+    await logout(hasFlag("all"));
+    break;
+
+  case undefined:
+    // Default: install + login
+    console.log("Polaris — setting up your machine\n");
+    console.log("[1/2] Installing local components...\n");
+    await install();
+    console.log("\n  Install complete. Run `polaris install` to repeat this step independently.\n");
+    console.log("[2/2] Authenticating...\n");
+    await login(DEFAULT_APP_URL);
+    console.log("\n✓ Polaris is set up on this machine!");
+    console.log("\nNext: start the daemon with `polaris daemon`, then `/polaris join <project> <session>` in your AI agent.");
     break;
+
   default:
-    console.log("Polaris CLI");
-    console.log("");
+    console.log("Polaris CLI\n");
     console.log("Usage:");
-    console.log("  polaris login    — authenticate and set up this machine");
-    console.log("  polaris daemon   — start the local daemon");
-    console.log("  polaris status   — show connection status");
-    console.log("  polaris logout   — remove credentials");
+    console.log("  polaris                — install + login (default setup)");
+    console.log("  polaris install        — install local components (no auth)");
+    console.log("  polaris login          — authenticate (production)");
+    console.log("  polaris login --local  — authenticate (local dev)");
+    console.log("  polaris use <profile>  — switch active profile");
+    console.log("  polaris profiles       — list all profiles");
+    console.log("  polaris daemon         — start the local daemon");
+    console.log("  polaris status         — show connection status");
+    console.log("  polaris logout         — remove active profile");
+    console.log("  polaris logout --all   — remove all credentials");
 }