@orth/cli 0.2.15 → 0.2.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/auth.js +121 -10
- package/package.json +1 -1
package/dist/commands/auth.js
CHANGED
|
@@ -7,23 +7,134 @@ exports.loginCommand = loginCommand;
|
|
|
7
7
|
exports.logoutCommand = logoutCommand;
|
|
8
8
|
exports.whoamiCommand = whoamiCommand;
|
|
9
9
|
const chalk_1 = __importDefault(require("chalk"));
|
|
10
|
+
const crypto_1 = __importDefault(require("crypto"));
|
|
11
|
+
const http_1 = __importDefault(require("http"));
|
|
10
12
|
const config_js_1 = require("../config.js");
|
|
13
|
+
const API_BASE = process.env.ORTH_API_URL || "https://api.orth.sh";
|
|
14
|
+
const WEB_BASE = process.env.ORTH_WEB_URL || "https://orthogonal.sh";
|
|
15
|
+
function openBrowser(url) {
|
|
16
|
+
const { exec } = require("child_process");
|
|
17
|
+
const platform = process.platform;
|
|
18
|
+
if (platform === "darwin")
|
|
19
|
+
exec(`open "${url}"`);
|
|
20
|
+
else if (platform === "win32")
|
|
21
|
+
exec(`start "${url}"`);
|
|
22
|
+
else
|
|
23
|
+
exec(`xdg-open "${url}"`);
|
|
24
|
+
}
|
|
25
|
+
async function browserLogin() {
|
|
26
|
+
// Generate a random state token to prevent CSRF
|
|
27
|
+
const state = crypto_1.default.randomBytes(32).toString("hex");
|
|
28
|
+
return new Promise((resolve, reject) => {
|
|
29
|
+
const server = http_1.default.createServer((req, res) => {
|
|
30
|
+
const url = new URL(req.url || "/", `http://localhost`);
|
|
31
|
+
if (url.pathname === "/callback") {
|
|
32
|
+
const key = url.searchParams.get("key");
|
|
33
|
+
const error = url.searchParams.get("error");
|
|
34
|
+
const returnedState = url.searchParams.get("state");
|
|
35
|
+
// Verify state token
|
|
36
|
+
if (returnedState !== state) {
|
|
37
|
+
res.writeHead(403, { "Content-Type": "text/html" });
|
|
38
|
+
res.end(`
|
|
39
|
+
<html>
|
|
40
|
+
<body style="font-family: -apple-system, sans-serif; display: flex; align-items: center; justify-content: center; height: 100vh; margin: 0; background: #f0f0f0;">
|
|
41
|
+
<div style="text-align: center; background: white; padding: 48px; border-radius: 16px; box-shadow: 0 4px 12px rgba(0,0,0,0.1);">
|
|
42
|
+
<h1 style="font-size: 24px; margin: 0 0 8px; color: #e11d48;">Invalid Request</h1>
|
|
43
|
+
<p style="color: #666; margin: 0;">State token mismatch. Please try again.</p>
|
|
44
|
+
</div>
|
|
45
|
+
</body>
|
|
46
|
+
</html>
|
|
47
|
+
`);
|
|
48
|
+
console.log(chalk_1.default.red("\n✗ Login failed: state token mismatch"));
|
|
49
|
+
server.close();
|
|
50
|
+
reject(new Error("State token mismatch"));
|
|
51
|
+
return;
|
|
52
|
+
}
|
|
53
|
+
if (key) {
|
|
54
|
+
// Send a nice HTML response
|
|
55
|
+
res.writeHead(200, { "Content-Type": "text/html" });
|
|
56
|
+
res.end(`
|
|
57
|
+
<html>
|
|
58
|
+
<body style="font-family: -apple-system, sans-serif; display: flex; align-items: center; justify-content: center; height: 100vh; margin: 0; background: #f0f0f0;">
|
|
59
|
+
<div style="text-align: center; background: white; padding: 48px; border-radius: 16px; box-shadow: 0 4px 12px rgba(0,0,0,0.1);">
|
|
60
|
+
<h1 style="font-size: 24px; margin: 0 0 8px;">Authenticated</h1>
|
|
61
|
+
<p style="color: #666; margin: 0;">You can close this tab and return to your terminal.</p>
|
|
62
|
+
</div>
|
|
63
|
+
</body>
|
|
64
|
+
</html>
|
|
65
|
+
`);
|
|
66
|
+
(0, config_js_1.setApiKey)(key);
|
|
67
|
+
console.log(chalk_1.default.green("\n✓ Logged in successfully!"));
|
|
68
|
+
console.log(chalk_1.default.gray(` Key: ${key.slice(0, 15)}...${key.slice(-4)}`));
|
|
69
|
+
server.close();
|
|
70
|
+
resolve();
|
|
71
|
+
}
|
|
72
|
+
else {
|
|
73
|
+
res.writeHead(400, { "Content-Type": "text/html" });
|
|
74
|
+
res.end(`
|
|
75
|
+
<html>
|
|
76
|
+
<body style="font-family: -apple-system, sans-serif; display: flex; align-items: center; justify-content: center; height: 100vh; margin: 0; background: #f0f0f0;">
|
|
77
|
+
<div style="text-align: center; background: white; padding: 48px; border-radius: 16px; box-shadow: 0 4px 12px rgba(0,0,0,0.1);">
|
|
78
|
+
<h1 style="font-size: 24px; margin: 0 0 8px; color: #e11d48;">Authentication Failed</h1>
|
|
79
|
+
<p style="color: #666; margin: 0;">${error || "Unknown error"}</p>
|
|
80
|
+
</div>
|
|
81
|
+
</body>
|
|
82
|
+
</html>
|
|
83
|
+
`);
|
|
84
|
+
console.log(chalk_1.default.red(`\n✗ Login failed: ${error || "Unknown error"}`));
|
|
85
|
+
server.close();
|
|
86
|
+
reject(new Error(error || "Login failed"));
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
else {
|
|
90
|
+
res.writeHead(404);
|
|
91
|
+
res.end();
|
|
92
|
+
}
|
|
93
|
+
});
|
|
94
|
+
server.listen(0, "127.0.0.1", () => {
|
|
95
|
+
const address = server.address();
|
|
96
|
+
if (!address || typeof address === "string") {
|
|
97
|
+
reject(new Error("Failed to start local server"));
|
|
98
|
+
return;
|
|
99
|
+
}
|
|
100
|
+
const port = address.port;
|
|
101
|
+
const callbackUrl = `http://127.0.0.1:${port}/callback`;
|
|
102
|
+
const authUrl = `${WEB_BASE}/cli-auth?callback=${encodeURIComponent(callbackUrl)}&state=${state}`;
|
|
103
|
+
console.log(chalk_1.default.gray("Opening browser to authenticate..."));
|
|
104
|
+
console.log(chalk_1.default.gray(`If it doesn't open, visit: ${authUrl}\n`));
|
|
105
|
+
openBrowser(authUrl);
|
|
106
|
+
// Timeout after 5 minutes
|
|
107
|
+
setTimeout(() => {
|
|
108
|
+
console.log(chalk_1.default.red("\n✗ Login timed out. Try again."));
|
|
109
|
+
server.close();
|
|
110
|
+
reject(new Error("Timed out"));
|
|
111
|
+
}, 5 * 60 * 1000);
|
|
112
|
+
});
|
|
113
|
+
server.on("error", (err) => {
|
|
114
|
+
reject(err);
|
|
115
|
+
});
|
|
116
|
+
});
|
|
117
|
+
}
|
|
11
118
|
async function loginCommand(options) {
|
|
12
119
|
const key = options.key || process.env.ORTHOGONAL_API_KEY;
|
|
13
|
-
if (
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
120
|
+
if (key) {
|
|
121
|
+
// Direct key login (existing flow)
|
|
122
|
+
if (!key.startsWith("orth_")) {
|
|
123
|
+
console.error(chalk_1.default.red("Invalid API key format. Keys should start with 'orth_'"));
|
|
124
|
+
process.exit(1);
|
|
125
|
+
}
|
|
126
|
+
(0, config_js_1.setApiKey)(key);
|
|
127
|
+
console.log(chalk_1.default.green("✓ Logged in successfully!"));
|
|
128
|
+
console.log(chalk_1.default.gray(` Key: ${key.slice(0, 15)}...${key.slice(-4)}`));
|
|
17
129
|
return;
|
|
18
130
|
}
|
|
19
|
-
//
|
|
20
|
-
|
|
21
|
-
|
|
131
|
+
// Browser-based login
|
|
132
|
+
try {
|
|
133
|
+
await browserLogin();
|
|
134
|
+
}
|
|
135
|
+
catch {
|
|
22
136
|
process.exit(1);
|
|
23
137
|
}
|
|
24
|
-
(0, config_js_1.setApiKey)(key);
|
|
25
|
-
console.log(chalk_1.default.green("✓ Logged in successfully!"));
|
|
26
|
-
console.log(chalk_1.default.gray(` Key: ${key.slice(0, 15)}...${key.slice(-4)}`));
|
|
27
138
|
}
|
|
28
139
|
async function logoutCommand() {
|
|
29
140
|
(0, config_js_1.clearApiKey)();
|