@opendatalabs/connect 0.9.4 → 0.10.0-canary.2c05df0

package/dist/cli/index.js

@@ -34,6 +34,7 @@ import { findDataConnectorsDir, ManagedPlaywrightRuntime, } from "../runtime/ind
 import { listAvailableSkills, installSkill, readInstalledSkills, } from "../skills/index.js";
 import { queryStatus, querySources, queryDataList, queryDataShow, queryDoctor, } from "./queries.js";
 import { checkForUpdate, readUpdateCheck, isNewerVersion, } from "./update-check.js";
+import { loadCredentials, saveCredentials, clearCredentials, isExpired, formatAddress, formatExpiresIn, getAuthTarget, resolvePersonalServerUrl, runDeviceCodeFlow, runSelfHostedLoginFlow, } from "./auth.js";
 function cleanDescription(desc) {
     return desc
         .replace(/ using Playwright browser automation\.?/i, ".")
@@ -73,6 +74,7 @@ export async function runCli(argv = process.argv) {
         .showSuggestionAfterError(true)
         .addHelpText("after", `
 Quick start:
+  vana login             Log in to your Vana account
   vana connect           Connect a source and collect data
   vana sources           Browse available sources
   vana status            Check system health
@@ -330,6 +332,19 @@ Examples:
         .action(async (scope) => {
         process.exitCode = await runServerData(scope, parsedOptions);
     });
+    program
+        .command("login")
+        .description("Log in to your Vana account or a self-hosted Personal Server")
+        .option("-s, --server <url>", "Self-hosted Personal Server URL")
+        .action(async (loginOptions) => {
+        process.exitCode = await runLogin(parsedOptions, loginOptions.server);
+    });
+    program
+        .command("logout")
+        .description("Log out and remove saved credentials")
+        .action(async () => {
+        process.exitCode = await runLogout(parsedOptions);
+    });
     program
         .command("mcp")
         .description("Start MCP server for agent integration")
@@ -425,7 +440,10 @@ Examples:
     // The concurrent check may have populated the cache during this run.
     if (shouldNotify) {
         try {
-            await updateCheckPromise;
+            await Promise.race([
+                updateCheckPromise,
+                new Promise((resolve) => setTimeout(resolve, 2000)),
+            ]);
             const cache = await readUpdateCheck();
             if (cache && isNewerVersion(cliVersion, cache.latestVersion)) {
                 const { upgrade } = getLifecycleCommands(installMethod, getCliChannel(cliVersion));
@@ -1148,10 +1166,18 @@ async function runStatus(options) {
         }
     }
     if (options.json) {
+        const jsonAuthCreds = loadCredentials();
         const compactJson = {
             runtime: status.runtime,
             personalServer: status.personalServer,
             personalServerUrl: status.personalServerUrl,
+            auth: jsonAuthCreds
+                ? {
+                    authenticated: !isExpired(jsonAuthCreds),
+                    address: jsonAuthCreds.account.address,
+                    expires_at: jsonAuthCreds.account.expires_at,
+                }
+                : { authenticated: false },
             sources: {
                 connected: status.summary?.connectedCount ?? 0,
                 needsAttention: status.summary?.needsAttentionCount ?? 0,
@@ -1174,6 +1200,16 @@ async function runStatus(options) {
     else {
         emit.keyValue("Personal Server", "not connected", "warning");
     }
+    // Auth state
+    const authCreds = loadCredentials();
+    if (authCreds && !isExpired(authCreds)) {
+        emit.keyValue("Account", formatAddress(authCreds.account.address), "success");
+        emit.keyValue("Auth", `Authenticated (expires in ${formatExpiresIn(authCreds.account.expires_at)})`, "success");
+    }
+    else {
+        emit.keyValue("Account", "Not logged in", "muted");
+        emit.keyValue("Auth", "Run `vana login` to authenticate", "muted");
+    }
     const connectedCount = status.summary?.connectedCount ?? 0;
     const attentionCount = status.summary?.needsAttentionCount ?? 0;
     const sourceParts = [
@@ -1230,6 +1266,47 @@ async function runStatus(options) {
             return 0;
         }
     }
+    // Show attention-needing sources that weren't already displayed above
+    const displayedSourceIds = new Set(connectedSources.map(([id]) => id));
+    const hiddenAttentionSources = status.sources.filter((s) => rankSourceStatus(s) <= 4 && !displayedSourceIds.has(s.source));
+    if (hiddenAttentionSources.length > 0) {
+        if (connectedSources.length === 0) {
+            emit.blank();
+        }
+        for (const source of hiddenAttentionSources) {
+            const displayName = displaySource(source.source, sourceLabels);
+            const presentation = getSourceStatusPresentation(source);
+            const collectedAgo = source.lastCollectedAt
+                ? `collected ${formatRelativeTime(source.lastCollectedAt)}`
+                : "";
+            emit.keyValue(`  ${displayName}`, `${presentation.label}${collectedAgo ? `     ${collectedAgo}` : ""}`, presentation.tone);
+            // Show actionable detail line
+            if (source.lastRunOutcome === CliOutcomeStatus.INGEST_FAILED &&
+                source.ingestScopes) {
+                const failedScopes = source.ingestScopes.filter((s) => s.status === "failed");
+                for (const scope of failedScopes) {
+                    const errMsg = scope.error ?? "sync failed";
+                    emit.detail(`  \u21b3 ${source.source}.${scope.scope}: ${errMsg}. Run \`vana connect ${source.source}\``);
+                }
+                if (failedScopes.length === 0) {
+                    emit.detail(`  \u21b3 Sync failed. Run \`vana connect ${source.source}\``);
+                }
+            }
+            else if (source.lastRunOutcome === CliOutcomeStatus.CONNECTOR_UNAVAILABLE) {
+                emit.detail(`  \u21b3 No connector available. Run \`vana sources\``);
+            }
+            else if (source.lastRunOutcome === CliOutcomeStatus.RUNTIME_ERROR) {
+                const reason = source.lastError ?? "runtime error";
+                emit.detail(`  \u21b3 ${reason}. Run \`vana connect ${source.source}\``);
+            }
+            else if (source.lastRunOutcome === CliOutcomeStatus.NEEDS_INPUT) {
+                emit.detail(`  \u21b3 Requires interactive login. Run \`vana connect ${source.source}\``);
+            }
+            else if (source.lastRunOutcome === CliOutcomeStatus.LEGACY_AUTH) {
+                emit.detail(`  \u21b3 Manual auth step required. Run \`vana connect ${source.source}\``);
+            }
+        }
+    }
     if (nextSteps.length > 0) {
         emit.blank();
         const command = extractCommand(nextSteps[0]);
@@ -1350,9 +1427,11 @@ async function runServerStatus(options) {
             ? "(auto-detected)"
             : target.source === "config"
                 ? "(saved)"
-                : target.source === "env"
-                    ? "(from VANA_PERSONAL_SERVER_URL)"
-                    : `(${target.source ?? "unknown"})`;
+                : target.source === "auth"
+                    ? "(from vana login)"
+                    : target.source === "env"
+                        ? "(from VANA_PERSONAL_SERVER_URL)"
+                        : `(${target.source ?? "unknown"})`;
         emit.keyValue("URL", `${target.url} ${urlSuffix}`, "muted");
     }
     const stateLabel = target.state === "available" ? "healthy" : "Not connected";
@@ -2686,7 +2765,7 @@ export function formatHealthMessage(reason) {
         return null;
     const colonIndex = reason.indexOf(": ");
     const prefix = colonIndex > 0 ? reason.slice(0, colonIndex) : reason;
-    const detail = colonIndex > 0 ? reason.slice(colonIndex + 2) : "";
+    const detail = colonIndex > 0 ? reason.slice(colonIndex + 2).replace(/\.$/, "") : "";
     switch (prefix) {
         case "needs-input":
             return `Requires interactive login${detail ? `: ${detail}` : ""}.`;
@@ -3896,4 +3975,185 @@ async function runSkillShow(name, options) {
         return 1;
     }
 }
+// ── Login / Logout ─────────────────────────────────────────────────────
+async function runLogin(options, serverUrl) {
+    // Determine auth target: cloud (account.vana.org) or self-hosted (PS directly)
+    const psUrl = serverUrl ?? resolvePersonalServerUrl() ?? null;
+    const authTarget = getAuthTarget(psUrl);
+    // If self-hosted, use /login/v2 flow against the PS
+    if (authTarget === "self-hosted" && psUrl) {
+        const emit = createEmitter(options);
+        emit.blank();
+        emit.info(`  Logging in to ${psUrl}...`);
+        emit.blank();
+        try {
+            const result = await runSelfHostedLoginFlow(psUrl, (url) => {
+                emit.info(`  ! Open this URL in your browser:`);
+                emit.info(`    ${url}`);
+                emit.blank();
+                emit.info(`  Waiting for authorization...`);
+                // Try to open browser — use spawn with args array to prevent shell injection
+                // (a malicious self-hosted PS could return a URL with shell metacharacters)
+                try {
+                    const { spawn } = require("node:child_process");
+                    const opener = process.platform === "darwin"
+                        ? "open"
+                        : process.platform === "win32"
+                            ? "start"
+                            : "xdg-open";
+                    spawn(opener, [url], { detached: true, stdio: "ignore" }).unref();
+                }
+                catch {
+                    // Browser open failed — user will open manually
+                }
+            });
+            saveCredentials({
+                account: {
+                    address: result.server,
+                    session_token: "",
+                    expires_at: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString(),
+                },
+                personal_server: {
+                    url: psUrl,
+                    access_token: result.access_token,
+                    expires_at: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString(),
+                },
+            });
+            emit.success(`Logged in to ${psUrl}`);
+            emit.success(`Credentials saved to ~/.vana/auth.json`);
+            return 0;
+        }
+        catch (err) {
+            emit.info(`  ✗ Login failed: ${err instanceof Error ? err.message : String(err)}`);
+            return 1;
+        }
+    }
+    // Cloud flow (account.vana.org)
+    // Check env var shortcut
+    const envToken = process.env.VANA_SESSION_TOKEN;
+    if (envToken) {
+        const creds = loadCredentials();
+        if (creds) {
+            if (options.json) {
+                process.stdout.write(`${JSON.stringify({ status: "authenticated", source: "env", address: creds.account.address })}\n`);
+            }
+            else {
+                const emit = createEmitter(options);
+                emit.success(`Already authenticated via VANA_SESSION_TOKEN env var`);
+            }
+            return 0;
+        }
+    }
+    // Check if already logged in
+    const existing = loadCredentials();
+    if (existing && !isExpired(existing)) {
+        if (options.json) {
+            process.stdout.write(`${JSON.stringify({
+                status: "authenticated",
+                address: existing.account.address,
+                personal_server: existing.personal_server?.url ?? null,
+                expires_at: existing.account.expires_at,
+            })}\n`);
+        }
+        else {
+            const emit = createEmitter(options);
+            emit.success(`Already logged in as ${formatAddress(existing.account.address)}`);
+            if (existing.personal_server) {
+                emit.keyValue("Personal Server", existing.personal_server.url, "success");
+            }
+            emit.info(`  Auth expires in ${formatExpiresIn(existing.account.expires_at)}`);
+            emit.blank();
+            emit.info("  Run `vana logout` first to re-authenticate.");
+        }
+        return 0;
+    }
+    if (options.json) {
+        // JSON mode: run flow and output result
+        const creds = await runDeviceCodeFlow({
+            onCode: (code, uri) => {
+                process.stderr.write(JSON.stringify({ event: "device_code", code, uri }) + "\n");
+            },
+            onWaiting: () => { },
+            onAuthorized: () => { },
+            onExpired: () => {
+                process.stdout.write(JSON.stringify({ status: "expired", error: "Device code expired" }) +
+                    "\n");
+            },
+            onError: (err) => {
+                process.stdout.write(JSON.stringify({ status: "error", error: err.message }) + "\n");
+            },
+        });
+        if (creds) {
+            await saveCredentials(creds);
+            process.stdout.write(`${JSON.stringify({
+                status: "authenticated",
+                address: creds.account.address,
+                personal_server: creds.personal_server?.url ?? null,
+                expires_at: creds.account.expires_at,
+            })}\n`);
+            return 0;
+        }
+        return 1;
+    }
+    // Interactive mode
+    const emit = createEmitter(options);
+    emit.blank();
+    emit.info("  Logging in to Vana...");
+    emit.blank();
+    const creds = await runDeviceCodeFlow({
+        onCode: (code, uri) => {
+            emit.info(`  ! Open this URL in your browser:`);
+            emit.info(`    ${uri}`);
+            emit.blank();
+            emit.info(`  ! Enter this code: ${BOLD}${code}${RESET}`);
+            emit.blank();
+        },
+        onWaiting: () => {
+            emit.info("  Waiting for authorization...");
+        },
+        onAuthorized: async (authedCreds) => {
+            await saveCredentials(authedCreds);
+            emit.success(`Logged in as ${formatAddress(authedCreds.account.address)}`);
+            if (authedCreds.personal_server) {
+                emit.blank();
+                emit.keyValue("Personal Server", authedCreds.personal_server.url, "success");
+            }
+            emit.success(`Credentials saved to ~/.vana/auth.json`);
+        },
+        onExpired: () => {
+            emit.info(`  Device code expired. Run ${emit.code("vana login")} to try again.`);
+        },
+        onError: (err) => {
+            emit.info(`  Error: ${err.message}`);
+        },
+    });
+    return creds ? 0 : 1;
+}
+async function runLogout(options) {
+    // Revoke the token server-side before clearing local credentials
+    const creds = loadCredentials();
+    if (creds?.personal_server?.url && creds.personal_server.access_token) {
+        try {
+            await fetch(`${creds.personal_server.url.replace(/\/$/, "")}/login/v2/token`, {
+                method: "DELETE",
+                headers: {
+                    Authorization: `Bearer ${creds.personal_server.access_token}`,
+                },
+                signal: AbortSignal.timeout(5000),
+            });
+        }
+        catch {
+            // Best-effort — server may be down, but we still clear local creds
+        }
+    }
+    await clearCredentials();
+    if (options.json) {
+        process.stdout.write(`${JSON.stringify({ status: "logged_out" })}\n`);
+    }
+    else {
+        const emit = createEmitter(options);
+        emit.success("Logged out. Credentials removed.");
+    }
+    return 0;
+}
 //# sourceMappingURL=index.js.map