@onexapis/cli 1.1.63 → 1.1.65

package/dist/index.d.mts

@@ -1,8 +1,16 @@
+/**
+ * CLI Auth Utilities
+ * Token storage, refresh, and API authentication for onexthm CLI.
+ */
+/** Supported target environments. */
+type Env = "dev" | "prod";
+
 interface InitOptions {
     template?: string;
     noInstall?: boolean;
     git?: boolean;
     yes?: boolean;
+    env?: Env;
 }
 declare function initCommand(projectName?: string, options?: InitOptions): Promise<void>;
 
@@ -72,41 +80,26 @@ interface DownloadOptions {
     themeId?: string;
     version?: string;
     output?: string;
+    env?: Env;
     /** @deprecated kept for backwards-compat with older scripts; ignored. */
     bucket?: string;
-    /** @deprecated kept for backwards-compat with older scripts; ignored. */
-    environment?: "staging" | "production";
 }
 /**
  * Download a published theme via the website-api Lambda endpoints.
- *
- * This command no longer talks to S3 directly — the platform now serves
- * theme content through HTTP-only endpoints, so AWS credentials, bucket
- * names, and region settings are no longer required. The legacy
- * `--bucket` and `--environment` flags are accepted but ignored for
- * backwards compatibility with existing scripts.
  */
 declare function downloadCommand(options: DownloadOptions): Promise<void>;
 
 interface CloneOptions {
     version?: string;
     output?: string;
+    env?: Env;
     /** @deprecated kept for backwards-compat with older scripts; ignored. */
     bucket?: string;
-    /** @deprecated kept for backwards-compat with older scripts; ignored. */
-    environment?: "staging" | "production";
     install?: boolean;
     name?: string;
 }
 /**
  * Clone theme source code via the website-api.
- *
- * Calls the authenticated `/source` Lambda to get a presigned S3 URL,
- * downloads the source.zip, and extracts it to a local directory. Asks
- * the user for a new theme name to differentiate from the original.
- *
- * Requires login (`onexthm login`) — the source endpoint is JWT-gated
- * because cloning grants access to a developer's full theme source.
  */
 declare function cloneCommand(themeName: string, options: CloneOptions): Promise<void>;
 

package/dist/index.d.ts

@@ -1,8 +1,16 @@
+/**
+ * CLI Auth Utilities
+ * Token storage, refresh, and API authentication for onexthm CLI.
+ */
+/** Supported target environments. */
+type Env = "dev" | "prod";
+
 interface InitOptions {
     template?: string;
     noInstall?: boolean;
     git?: boolean;
     yes?: boolean;
+    env?: Env;
 }
 declare function initCommand(projectName?: string, options?: InitOptions): Promise<void>;
 
@@ -72,41 +80,26 @@ interface DownloadOptions {
     themeId?: string;
     version?: string;
     output?: string;
+    env?: Env;
     /** @deprecated kept for backwards-compat with older scripts; ignored. */
     bucket?: string;
-    /** @deprecated kept for backwards-compat with older scripts; ignored. */
-    environment?: "staging" | "production";
 }
 /**
  * Download a published theme via the website-api Lambda endpoints.
- *
- * This command no longer talks to S3 directly — the platform now serves
- * theme content through HTTP-only endpoints, so AWS credentials, bucket
- * names, and region settings are no longer required. The legacy
- * `--bucket` and `--environment` flags are accepted but ignored for
- * backwards compatibility with existing scripts.
  */
 declare function downloadCommand(options: DownloadOptions): Promise<void>;
 
 interface CloneOptions {
     version?: string;
     output?: string;
+    env?: Env;
     /** @deprecated kept for backwards-compat with older scripts; ignored. */
     bucket?: string;
-    /** @deprecated kept for backwards-compat with older scripts; ignored. */
-    environment?: "staging" | "production";
     install?: boolean;
     name?: string;
 }
 /**
  * Clone theme source code via the website-api.
- *
- * Calls the authenticated `/source` Lambda to get a presigned S3 URL,
- * downloads the source.zip, and extracts it to a local directory. Asks
- * the user for a new theme name to differentiate from the original.
- *
- * Requires login (`onexthm login`) — the source endpoint is JWT-gated
- * because cloning grants access to a developer's full theme source.
  */
 declare function cloneCommand(themeName: string, options: CloneOptions): Promise<void>;
 

package/dist/index.js

@@ -1586,21 +1586,43 @@ async function installDependencies(projectPath, packageManager = "npm") {
   });
 }
 var AUTH_DIR = path8__default.default.join(os__default.default.homedir(), ".onexthm");
-var AUTH_FILE = path8__default.default.join(AUTH_DIR, "auth.json");
-function getApiUrl() {
-  return process.env.ONEXTHM_API_URL || "https://platform-dev.onexeos.com";
+var ENV_URLS = {
+  dev: "https://platform-dev.onexeos.com",
+  prod: "https://platform-staging.onexeos.com"
+};
+function getAuthFile(env = "dev") {
+  const newFile = path8__default.default.join(AUTH_DIR, `auth-${env}.json`);
+  if (env === "dev") {
+    const legacyFile = path8__default.default.join(AUTH_DIR, "auth.json");
+    if (fs__default.default.existsSync(legacyFile) && !fs__default.default.existsSync(newFile)) {
+      try {
+        fs__default.default.moveSync(legacyFile, newFile);
+      } catch {
+        try {
+          fs__default.default.copySync(legacyFile, newFile);
+          fs__default.default.removeSync(legacyFile);
+        } catch {
+        }
+      }
+    }
+  }
+  return newFile;
 }
-async function saveAuthTokens(tokens) {
+function getApiUrl(env = "dev") {
+  return process.env.ONEXTHM_API_URL || ENV_URLS[env];
+}
+async function saveAuthTokens(tokens, env = "dev") {
   await fs__default.default.ensureDir(AUTH_DIR);
   const key = getMachineKey();
   const data = JSON.stringify(tokens);
   const encrypted = encrypt(data, key);
-  await fs__default.default.writeFile(AUTH_FILE, encrypted, "utf-8");
+  await fs__default.default.writeFile(getAuthFile(env), encrypted, "utf-8");
 }
-function loadAuthTokens() {
+function loadAuthTokens(env = "dev") {
   try {
-    if (!fs__default.default.existsSync(AUTH_FILE)) return null;
-    const encrypted = fs__default.default.readFileSync(AUTH_FILE, "utf-8");
+    const file = getAuthFile(env);
+    if (!fs__default.default.existsSync(file)) return null;
+    const encrypted = fs__default.default.readFileSync(file, "utf-8");
     const key = getMachineKey();
     const data = decrypt(encrypted, key);
     return JSON.parse(data);
@@ -1608,34 +1630,34 @@ function loadAuthTokens() {
     return null;
   }
 }
-async function clearAuthTokens() {
+async function clearAuthTokens(env = "dev") {
   try {
-    await fs__default.default.remove(AUTH_FILE);
+    await fs__default.default.remove(getAuthFile(env));
   } catch {
   }
 }
 function isTokenExpired(tokens) {
   return Date.now() / 1e3 > tokens.expiresAt - 300;
 }
-async function getValidTokens() {
-  const tokens = loadAuthTokens();
+async function getValidTokens(env = "dev") {
+  const tokens = loadAuthTokens(env);
   if (!tokens) return null;
   if (!isTokenExpired(tokens)) return tokens;
   try {
-    const apiUrl = getApiUrl();
+    const apiUrl = getApiUrl(env);
     const response = await fetch(`${apiUrl}/auth/refresh`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
       body: JSON.stringify({ refresh_token: tokens.refreshToken })
     });
     if (!response.ok) {
-      await clearAuthTokens();
+      await clearAuthTokens(env);
       return null;
     }
     const data = await response.json();
     const body = data.statusCode ? data.body : data;
     if (!body.IdToken) {
-      await clearAuthTokens();
+      await clearAuthTokens(env);
       return null;
     }
     const refreshed = {
@@ -1644,17 +1666,19 @@ async function getValidTokens() {
       idToken: body.IdToken,
       expiresAt: Math.floor(Date.now() / 1e3) + (body.ExpiresIn || 3600)
     };
-    await saveAuthTokens(refreshed);
+    await saveAuthTokens(refreshed, env);
     return refreshed;
   } catch {
-    await clearAuthTokens();
+    await clearAuthTokens(env);
     return null;
   }
 }
-async function authenticatedFetch(url, init) {
-  const tokens = await getValidTokens();
+async function authenticatedFetch(url, init, env = "dev") {
+  const tokens = await getValidTokens(env);
   if (!tokens) {
-    throw new Error("Not logged in. Run: onexthm login");
+    throw new Error(
+      `Not logged in to ${env} environment. Run: onexthm login --env ${env}`
+    );
   }
   const headers = new Headers(init?.headers);
   headers.set("Authorization", `Bearer ${tokens.idToken}`);
@@ -1729,7 +1753,7 @@ async function initCommand(projectName, options = {}) {
   }
   if (!options.yes) {
     try {
-      const apiUrl = getApiUrl();
+      const apiUrl = getApiUrl(options.env ?? "dev");
       const controller = new AbortController();
       const timeout = setTimeout(() => controller.abort(), 3e3);
       const response = await fetch(
@@ -3041,9 +3065,7 @@ function showDownloadFailureHelp(themeId, apiUrl) {
   console.log();
   console.log(chalk4__default.default.white("2. Check API URL configuration:"));
   console.log(chalk4__default.default.gray(`   Current API URL: ${apiUrl}`));
-  console.log(
-    chalk4__default.default.gray("   Override with NEXT_PUBLIC_API_URL or ONEXTHM_API_URL")
-  );
+  console.log(chalk4__default.default.gray("   Override with ONEXTHM_API_URL env var if needed"));
   console.log();
   console.log(chalk4__default.default.white("3. Pin a specific version (CI/production):"));
   console.log(
@@ -3053,15 +3075,17 @@ function showDownloadFailureHelp(themeId, apiUrl) {
 }
 async function downloadCommand(options) {
   exports.logger.header("Download Theme");
+  const env = options.env ?? "dev";
+  const apiUrl = getApiUrl(env);
+  exports.logger.info(`Environment: ${env}  (${apiUrl})`);
   const spinner = ora__default.default("Initializing download...").start();
-  if (options.bucket || options.environment) {
+  if (options.bucket) {
     spinner.stop();
     exports.logger.warning(
-      "--bucket and --environment are deprecated and ignored. Themes are now served via HTTP from the website-api Lambda."
+      "--bucket is deprecated and ignored. Themes are now served via HTTP from the website-api Lambda."
     );
     spinner.start();
   }
-  const apiUrl = getApiUrl();
   try {
     const themeId = options.themeId || process.env.NEXT_PUBLIC_THEME_ID || process.env.THEME_ID;
     const requestedVersion = options.version || process.env.THEME_VERSION || "latest";
@@ -3118,6 +3142,7 @@ async function downloadCommand(options) {
     console.log(
       chalk4__default.default.cyan("   Theme:   ") + chalk4__default.default.white(`${themeId}@${resolvedVersion}`)
     );
+    console.log(chalk4__default.default.cyan("   Env:     ") + chalk4__default.default.white(env));
     console.log(chalk4__default.default.cyan("   Source:  ") + chalk4__default.default.white(apiUrl));
     console.log(chalk4__default.default.cyan("   Output:  ") + chalk4__default.default.white(outputDir));
     console.log(chalk4__default.default.cyan("   Files:   ") + chalk4__default.default.white(entries.length));
@@ -3160,11 +3185,9 @@ async function resolveLatestVersion2(apiUrl, themeId) {
   }
   return latest;
 }
-async function fetchSourceZip(apiUrl, themeId, version) {
+async function fetchSourceZip(apiUrl, themeId, version, env) {
   const url = `${apiUrl}/website-api/themes/${encodeURIComponent(themeId)}/source?version=${encodeURIComponent(version)}`;
-  const response = await authenticatedFetch(url, {
-    method: "GET"
-  });
+  const response = await authenticatedFetch(url, { method: "GET" }, env);
   if (!response.ok) {
     if (response.status === 404) {
       throw new Error(
@@ -3173,7 +3196,7 @@ async function fetchSourceZip(apiUrl, themeId, version) {
     }
     if (response.status === 401 || response.status === 403) {
       throw new Error(
-        `Not authorized to download source for "${themeId}". Run \`onexthm login\` first.`
+        `Not authorized to download source for "${themeId}". Run \`onexthm login --env ${env}\` first.`
       );
     }
     throw new Error(
@@ -3292,14 +3315,19 @@ async function renameTheme(themeDir, oldName, newName) {
 }
 async function cloneCommand(themeName, options) {
   exports.logger.header("Clone Theme Source");
-  if (options.bucket || options.environment) {
+  const env = options.env ?? "dev";
+  const apiUrl = getApiUrl(env);
+  exports.logger.info(`Environment: ${env}  (${apiUrl})`);
+  if (options.bucket) {
     exports.logger.warning(
-      "--bucket and --environment are deprecated and ignored. Source is now fetched via HTTP from the website-api Lambda."
+      "--bucket is deprecated and ignored. Source is now fetched via HTTP from the website-api Lambda."
     );
   }
-  const tokens = await getValidTokens();
+  const tokens = await getValidTokens(env);
   if (!tokens) {
-    exports.logger.error("Not logged in. Run: onexthm login");
+    exports.logger.error(
+      `Not logged in to ${env} environment. Run: onexthm login --env ${env}`
+    );
     process.exit(1);
   }
   let newName = options.name;
@@ -3308,7 +3336,6 @@ async function cloneCommand(themeName, options) {
   }
   const spinner = ora__default.default("Initializing clone...").start();
   try {
-    const apiUrl = getApiUrl();
     const outputDir = options.output || path8__default.default.resolve(process.cwd(), newName);
     if (await fs__default.default.pathExists(outputDir)) {
       spinner.fail(chalk4__default.default.red(`Directory already exists: ${outputDir}`));
@@ -3328,7 +3355,7 @@ async function cloneCommand(themeName, options) {
     spinner.start(`Downloading source.zip for ${themeName}@${version}...`);
     let zipBuffer;
     try {
-      zipBuffer = await fetchSourceZip(apiUrl, themeName, version);
+      zipBuffer = await fetchSourceZip(apiUrl, themeName, version, env);
     } catch (error) {
       spinner.fail(chalk4__default.default.red(error.message));
       console.log();
@@ -3362,7 +3389,7 @@ async function cloneCommand(themeName, options) {
         [
           "# API Configuration (enables real data in preview)",
           "# Get your Company ID from the OneX dashboard",
-          "NEXT_PUBLIC_API_URL=https://platform-dev.onexeos.com",
+          `NEXT_PUBLIC_API_URL=${apiUrl}`,
           "NEXT_PUBLIC_COMPANY_ID=",
           ""
         ].join("\n")
@@ -3415,6 +3442,7 @@ async function cloneCommand(themeName, options) {
     console.log(
       chalk4__default.default.cyan("   Source:   ") + chalk4__default.default.gray(`${themeName}@${version}`)
     );
+    console.log(chalk4__default.default.cyan("   Env:      ") + chalk4__default.default.white(env));
     console.log(chalk4__default.default.cyan("   Theme:    ") + chalk4__default.default.white(newName));
     console.log(chalk4__default.default.cyan("   Location: ") + chalk4__default.default.white(outputDir));
     console.log(chalk4__default.default.cyan("   Files:    ") + chalk4__default.default.white(entries.length));