@oodarun/cli 0.1.14 → 0.1.15

package/dist/cli.js

@@ -846,6 +846,31 @@ async function loginWithPassword(email, password) {
     return null;
   }
 }
+async function requestLoginCode(email) {
+  try {
+    const res = await fetch(`${ORG_API_BASE}/auth/request-code`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ email })
+    });
+    return res.ok;
+  } catch {
+    return false;
+  }
+}
+async function verifyLoginCode(email, code) {
+  try {
+    const res = await fetch(`${ORG_API_BASE}/auth/verify-code`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ email, code })
+    });
+    if (!res.ok) return null;
+    return await res.json();
+  } catch {
+    return null;
+  }
+}
 async function signupWithPassword(email, password, name) {
   try {
     const res = await fetch(`${ORG_API_BASE}/auth/signup`, {
@@ -1129,58 +1154,49 @@ function patchFetchForOrg(orgId) {
   });
 }
 async function handleEmailPasswordAuth() {
-  const action = await select2({
-    message: "Do you have an account?",
+  const method = await select2({
+    message: "How would you like to sign in?",
     choices: [
-      { name: "Yes, log me in", value: "login" },
-      { name: "No, I need to sign up (requires invite)", value: "signup" }
+      { name: "Email me a login code (recommended)", value: "code" },
+      { name: "Use my password", value: "password" },
+      { name: "Sign up (requires invite)", value: "signup" }
     ]
   });
   console.log("");
-  if (action === "signup") {
-    const email2 = await prompt(`  ${c.blue}${c.bold}Email:${c.reset} `);
-    if (!email2) process.exit(1);
-    const name = await prompt(`  ${c.blue}${c.bold}Your name:${c.reset} `);
-    if (!name) process.exit(1);
-    for (let attempt = 0; attempt < 3; attempt++) {
-      const password = await promptPassword(`  ${c.blue}${c.bold}Password:${c.reset} `);
-      if (!password) process.exit(1);
-      const result = await signupWithPassword(email2, password, name);
-      if (!result) {
-        console.log(`  ${c.red}Could not reach the server. Check your connection.${c.reset}`);
-        process.exit(1);
-      }
-      if (result.ok) {
-        const loginResult = await loginWithPassword(email2, password);
-        if (!loginResult) {
-          console.log(`  ${c.red}Account created but login failed. Try again.${c.reset}`);
-          process.exit(1);
-        }
-        return completeJwtLogin(loginResult);
-      }
-      const remaining = 2 - attempt;
-      console.log(`  ${c.red}${result.error || "Signup failed"}${c.reset}`);
-      if (result.errors?.length) {
-        for (const err of result.errors) {
-          console.log(`    ${c.gray}\u2022 ${err}${c.reset}`);
-        }
-      }
-      if (remaining > 0) {
-        console.log(`  ${c.gray}${remaining} attempt${remaining > 1 ? "s" : ""} remaining${c.reset}`);
-      }
-    }
-    console.log(`  ${c.red}Too many failed attempts.${c.reset}`);
+  if (method === "code") return emailCodeLoginInteractive();
+  if (method === "signup") return signupInteractive();
+  return passwordLoginInteractive();
+}
+async function emailCodeLoginInteractive(prefillEmail) {
+  const email = prefillEmail || await prompt(`  ${c.blue}${c.bold}Email:${c.reset} `);
+  if (!email) process.exit(1);
+  if (!await requestLoginCode(email)) {
+    console.log(`  ${c.red}Couldn't send a login code. Check the email address and try again.${c.reset}`);
     process.exit(1);
   }
+  console.log(`  ${c.gray}We emailed a 6-digit code to ${email} (expires in 10 minutes).${c.reset}`);
+  console.log("");
+  for (let attempt = 0; attempt < 3; attempt++) {
+    const code = await promptToken(`  ${c.blue}${c.bold}Code:${c.reset} `);
+    if (!code) process.exit(1);
+    const result = await verifyLoginCode(email, code);
+    if (result) return completeJwtLogin(result);
+    const remaining = 2 - attempt;
+    if (remaining > 0) {
+      console.log(`  ${c.red}Invalid or expired code.${c.reset} ${c.gray}${remaining} attempt${remaining > 1 ? "s" : ""} remaining${c.reset}`);
+    }
+  }
+  console.log(`  ${c.red}Too many failed attempts.${c.reset}`);
+  process.exit(1);
+}
+async function passwordLoginInteractive() {
   const email = await prompt(`  ${c.blue}${c.bold}Email:${c.reset} `);
   if (!email) process.exit(1);
   for (let attempt = 0; attempt < 3; attempt++) {
     const password = await promptPassword(`  ${c.blue}${c.bold}Password:${c.reset} `);
     if (!password) process.exit(1);
     const result = await loginWithPassword(email, password);
-    if (result) {
-      return completeJwtLogin(result);
-    }
+    if (result) return completeJwtLogin(result);
     const remaining = 2 - attempt;
     if (remaining > 0) {
       console.log(`  ${c.red}Invalid password.${c.reset} ${c.gray}${remaining} attempt${remaining > 1 ? "s" : ""} remaining${c.reset}`);
@@ -1189,6 +1205,126 @@ async function handleEmailPasswordAuth() {
   console.log(`  ${c.red}Too many failed attempts.${c.reset}`);
   process.exit(1);
 }
+async function signupInteractive() {
+  const email = await prompt(`  ${c.blue}${c.bold}Email:${c.reset} `);
+  if (!email) process.exit(1);
+  const name = await prompt(`  ${c.blue}${c.bold}Your name:${c.reset} `);
+  if (!name) process.exit(1);
+  for (let attempt = 0; attempt < 3; attempt++) {
+    const password = await promptPassword(`  ${c.blue}${c.bold}Password:${c.reset} `);
+    if (!password) process.exit(1);
+    const result = await signupWithPassword(email, password, name);
+    if (!result) {
+      console.log(`  ${c.red}Could not reach the server. Check your connection.${c.reset}`);
+      process.exit(1);
+    }
+    if (result.ok) {
+      const loginResult = await loginWithPassword(email, password);
+      if (!loginResult) {
+        console.log(`  ${c.red}Account created but login failed. Try again.${c.reset}`);
+        process.exit(1);
+      }
+      return completeJwtLogin(loginResult);
+    }
+    const remaining = 2 - attempt;
+    console.log(`  ${c.red}${result.error || "Signup failed"}${c.reset}`);
+    if (result.errors?.length) {
+      for (const err of result.errors) {
+        console.log(`    ${c.gray}\u2022 ${err}${c.reset}`);
+      }
+    }
+    if (remaining > 0) {
+      console.log(`  ${c.gray}${remaining} attempt${remaining > 1 ? "s" : ""} remaining${c.reset}`);
+    }
+  }
+  console.log(`  ${c.red}Too many failed attempts.${c.reset}`);
+  process.exit(1);
+}
+async function loginCmd(opts) {
+  if (opts.email && opts.code) {
+    const result = await verifyLoginCode(opts.email, opts.code);
+    if (!result) return failLogin(opts.json, "Invalid or expired code.");
+    finalizeLogin(result, opts.org, opts.json);
+    return;
+  }
+  if (opts.email) {
+    if (!await requestLoginCode(opts.email)) return failLogin(opts.json, "Couldn't send a login code.");
+    if (opts.json) {
+      console.log(JSON.stringify({ ok: true, sent: true, email: opts.email }));
+    } else {
+      console.log(`
+  ${c.green}${c.bold}\u2713${c.reset} Code sent to ${c.bold}${opts.email}${c.reset}`);
+      console.log(`  ${c.gray}Check your email, then run:${c.reset}`);
+      console.log(`  ${c.cyan}ooda login --email ${opts.email} --code <code>${c.reset}
+`);
+    }
+    return;
+  }
+  await emailCodeLoginInteractive();
+}
+function finalizeLogin(result, orgFlag, json) {
+  if (result.orgs.length === 0) return failLogin(json, "No organizations for this account.");
+  let orgId;
+  let orgName;
+  if (orgFlag) {
+    const match = result.orgs.find((o) => o.orgId === orgFlag);
+    if (!match) return failLogin(json, `You're not a member of org "${orgFlag}".`);
+    orgId = match.orgId;
+    orgName = match.orgName;
+  } else if (result.orgs.length === 1) {
+    orgId = result.orgs[0].orgId;
+    orgName = result.orgs[0].orgName;
+  } else {
+    return failLogin(json, `Multiple organizations \u2014 pass --org <id>. Options: ${result.orgs.map((o) => o.orgId).join(", ")}`);
+  }
+  saveJwtTokens(result.accessToken, result.refreshToken, result.user.id, orgId);
+  const selected = result.orgs.find((o) => o.orgId === orgId);
+  setOrgMode(orgId, result.user.email, result.user.name, orgName, selected?.claudeConfig ?? void 0);
+  patchFetchForOrg(orgId);
+  if (json) {
+    console.log(JSON.stringify({ ok: true, email: result.user.email, orgId, orgName }));
+  } else {
+    console.log(`
+  ${c.green}${c.bold}\u2713${c.reset} Logged in as ${c.bold}${result.user.name}${c.reset} (${orgName})
+`);
+  }
+}
+function failLogin(json, message) {
+  if (json) {
+    console.log(JSON.stringify({ ok: false, error: message }));
+  } else {
+    console.log(`
+  ${c.red}${message}${c.reset}
+`);
+  }
+  process.exitCode = 1;
+}
+function whoamiCmd(opts) {
+  const orgId = getOrgId();
+  const token = getAccessToken();
+  if (!orgId || !token) {
+    if (opts.json) {
+      console.log(JSON.stringify({ ok: false, authenticated: false }));
+    } else {
+      console.log(`
+  ${c.yellow}Not signed in.${c.reset} ${c.gray}Run ${c.bold}ooda login${c.reset}${c.gray} to authenticate.${c.reset}
+`);
+    }
+    process.exitCode = 1;
+    return;
+  }
+  const orgName = getOrgName() || orgId;
+  const email = getOrgEmail();
+  const name = getOrgDisplayName();
+  if (opts.json) {
+    console.log(JSON.stringify({ ok: true, authenticated: true, orgId, orgName, email: email ?? null, name: name ?? null }));
+  } else {
+    const who = name || email;
+    console.log(`
+  ${c.green}${c.bold}\u2713${c.reset} Signed in${who ? ` as ${c.bold}${who}${c.reset}` : ""} ${c.gray}(${orgName})${c.reset}
+`);
+  }
+}
 async function completeJwtLogin(result) {
   let orgId;
   let orgName;
@@ -5767,6 +5903,8 @@ Usage:
 
 Commands:
   (no command)                 Open the interactive project menu
+  login                        Sign in with an email code (password fallback)
+  whoami                       Show the current session (exits non-zero if none)
   list, ls                     List your projects
   connect <project>            Connect to a project and run Claude (interactive)
   deploy [path|github-url]     Deploy a local folder or GitHub repo as a project
@@ -5777,6 +5915,14 @@ Commands:
   sites delete <slug>          Unpublish a site
   help, --help, -h             Show this help
 
+login
+  Passwordless sign-in via a 6-digit email code. No flags \u2192 interactive (with a
+  password fallback). Flag mode (for agents/CI):
+    --email <e>                Send a login code to this email
+    --email <e> --code <c>     Verify the code and save the session
+    --org <id>                 Choose the org when the account has several
+    --json                     Machine-readable JSON output
+
 publish [path]
   Publishes an already-built static site (no build is run). Looks for a build
   output dir (dist, build, out, .output/public, .next/static) in [path] (default:
@@ -5813,7 +5959,7 @@ Examples:
 }
 
 // src/cli/index.ts
-var CLI_VERSION = "0.1.14";
+var CLI_VERSION = "0.1.15";
 function formatMutationError(result) {
   const parts = [];
   if (result.status !== void 0) parts.push(String(result.status));
@@ -5859,6 +6005,8 @@ function parseArgs(argv) {
   else if (first === "deploy") command = "deploy";
   else if (first === "publish") command = "publish";
   else if (first === "sites") command = "sites";
+  else if (first === "login") command = "login";
+  else if (first === "whoami") command = "whoami";
   else if (first === "help") command = "help";
   if (rest.includes("--help") || rest.includes("-h")) command = "help";
   const positionals = [];
@@ -5873,6 +6021,15 @@ function parseArgs(argv) {
     } else if (arg === "--slug" && rest[i + 1]) {
       flags.slug = rest[i + 1];
       i++;
+    } else if (arg === "--email" && rest[i + 1]) {
+      flags.email = rest[i + 1];
+      i++;
+    } else if (arg === "--code" && rest[i + 1]) {
+      flags.code = rest[i + 1];
+      i++;
+    } else if (arg === "--org" && rest[i + 1]) {
+      flags.org = rest[i + 1];
+      i++;
     } else if (arg === "--mode" && rest[i + 1]) {
       flags.mode = rest[i + 1];
       i++;
@@ -5902,6 +6059,13 @@ function parseArgs(argv) {
       clearMode: Boolean(flags.clearMode),
       json: Boolean(flags.json)
     };
+  } else if (command === "login") {
+    args.login = {
+      email: flags.email,
+      code: flags.code,
+      org: flags.org,
+      json: Boolean(flags.json)
+    };
   }
   return args;
 }
@@ -6353,6 +6517,14 @@ async function main() {
     await runSitesCommand(args.sites ?? {});
     process.exit(process.exitCode ?? 0);
   }
+  if (args.command === "login") {
+    await loginCmd(args.login ?? {});
+    process.exit(process.exitCode ?? 0);
+  }
+  if (args.command === "whoami") {
+    whoamiCmd({ json: args.json });
+    process.exit(process.exitCode ?? 0);
+  }
   if (args.command === "connect") {
     if (!args.connectTarget) {
       console.log(`  ${c.red}Usage: ooda connect <project-name>${c.reset}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oodarun/cli",
-  "version": "0.1.14",
+  "version": "0.1.15",
   "description": "Launch Claude Code on cloud dev environments",
   "type": "module",
   "license": "UNLICENSED",