@sekyuriti/attest 0.1.1 → 0.2.1

package/bin/attest.js

@@ -0,0 +1,555 @@
+#!/usr/bin/env node
+
+const { spawn } = require("child_process");
+const fs = require("fs");
+const path = require("path");
+const https = require("https");
+const http = require("http");
+const crypto = require("crypto");
+const os = require("os");
+const readline = require("readline");
+
+// ANSI colors
+const c = {
+  reset: "\x1b[0m",
+  bold: "\x1b[1m",
+  dim: "\x1b[2m",
+  black: "\x1b[30m",
+  white: "\x1b[37m",
+  gray: "\x1b[90m",
+  inverse: "\x1b[7m",
+};
+
+const CONFIG_DIR = path.join(os.homedir(), ".attest");
+const CONFIG_FILE = path.join(CONFIG_DIR, "config.json");
+const API_BASE = "https://sekyuriti.build";
+
+// ═══════════════════════════════════════════════════════════════════
+// UTILITIES
+// ═══════════════════════════════════════════════════════════════════
+
+function log(msg) {
+  console.log(msg);
+}
+
+function logBold(msg) {
+  console.log(`${c.bold}${msg}${c.reset}`);
+}
+
+function logDim(msg) {
+  console.log(`${c.dim}${msg}${c.reset}`);
+}
+
+function logBox(lines) {
+  const maxLen = Math.max(...lines.map((l) => l.length));
+  const top = "┌" + "─".repeat(maxLen + 2) + "┐";
+  const bot = "└" + "─".repeat(maxLen + 2) + "┘";
+  log(top);
+  for (const line of lines) {
+    log("│ " + line.padEnd(maxLen) + " │");
+  }
+  log(bot);
+}
+
+function sleep(ms) {
+  return new Promise((r) => setTimeout(r, ms));
+}
+
+function fetch(url, options = {}) {
+  return new Promise((resolve, reject) => {
+    const isHttps = url.startsWith("https");
+    const lib = isHttps ? https : http;
+    const urlObj = new URL(url);
+
+    const req = lib.request(
+      {
+        hostname: urlObj.hostname,
+        port: urlObj.port || (isHttps ? 443 : 80),
+        path: urlObj.pathname + urlObj.search,
+        method: options.method || "GET",
+        headers: options.headers || {},
+      },
+      (res) => {
+        let data = "";
+        res.on("data", (chunk) => (data += chunk));
+        res.on("end", () => {
+          resolve({
+            ok: res.statusCode >= 200 && res.statusCode < 300,
+            status: res.statusCode,
+            json: () => Promise.resolve(JSON.parse(data)),
+            text: () => Promise.resolve(data),
+          });
+        });
+      }
+    );
+
+    req.on("error", reject);
+
+    if (options.body) {
+      req.write(options.body);
+    }
+
+    req.end();
+  });
+}
+
+function openBrowser(url) {
+  const platform = process.platform;
+  let cmd;
+
+  if (platform === "darwin") {
+    cmd = "open";
+  } else if (platform === "win32") {
+    cmd = "start";
+  } else {
+    cmd = "xdg-open";
+  }
+
+  spawn(cmd, [url], { detached: true, stdio: "ignore" }).unref();
+}
+
+function loadConfig() {
+  try {
+    if (fs.existsSync(CONFIG_FILE)) {
+      return JSON.parse(fs.readFileSync(CONFIG_FILE, "utf-8"));
+    }
+  } catch (e) {}
+  return null;
+}
+
+function saveConfig(config) {
+  if (!fs.existsSync(CONFIG_DIR)) {
+    fs.mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+  fs.writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2));
+}
+
+function clearConfig() {
+  if (fs.existsSync(CONFIG_FILE)) {
+    fs.unlinkSync(CONFIG_FILE);
+  }
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// HEADER
+// ═══════════════════════════════════════════════════════════════════
+
+function printHeader() {
+  log("");
+  logBold("  █▀▀ █▀▀ █▄▀ █▄█ █ █ █▀█ █ ▀█▀ █");
+  logBold("  ▄▄█ ██▄ █ █  █  █▄█ █▀▄ █  █  █");
+  log("");
+  logDim("  ATTEST CLI v0.2.0");
+  log("");
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// LOGIN COMMAND
+// ═══════════════════════════════════════════════════════════════════
+
+async function cmdLogin() {
+  printHeader();
+
+  // Check if already logged in
+  const existing = loadConfig();
+  if (existing && existing.token) {
+    log("  You are already logged in as:");
+    logBold(`  ${existing.email}`);
+    log("");
+    log(`  Project: ${existing.projectName || "Unknown"}`);
+    logDim(`  Key: ${existing.publicKey}`);
+    log("");
+    log("  Run 'attest logout' to sign out.");
+    log("");
+    return;
+  }
+
+  // Generate session token
+  const sessionId = crypto.randomBytes(16).toString("hex");
+  const authUrl = `${API_BASE}/cli/auth?session=${sessionId}`;
+
+  log("  Opening browser to authenticate...");
+  log("");
+  logBox([
+    "Waiting for browser confirmation...",
+    "",
+    `${authUrl.slice(0, 45)}...`,
+  ]);
+  log("");
+
+  // Open browser
+  openBrowser(authUrl);
+
+  // Poll for completion
+  let attempts = 0;
+  const maxAttempts = 120; // 2 minutes
+
+  process.stdout.write("  Waiting");
+
+  while (attempts < maxAttempts) {
+    try {
+      const res = await fetch(
+        `${API_BASE}/api/v2/attest/cli/poll?session=${sessionId}`
+      );
+
+      if (res.ok) {
+        const data = await res.json();
+
+        if (data.status === "completed") {
+          process.stdout.write("\n\n");
+          log(`  ${c.bold}✓${c.reset} Authenticated as ${c.bold}${data.email}${c.reset}`);
+          log(`  ${c.bold}✓${c.reset} Project: ${c.bold}${data.projectName}${c.reset}`);
+          log(`  ${c.bold}✓${c.reset} Credentials saved to ~/.attest/config.json`);
+          log("");
+
+          saveConfig({
+            token: data.token,
+            email: data.email,
+            projectId: data.projectId,
+            projectName: data.projectName,
+            publicKey: data.publicKey,
+            apiKey: data.apiKey,
+          });
+
+          return;
+        }
+      }
+    } catch (e) {}
+
+    process.stdout.write(".");
+    await sleep(1000);
+    attempts++;
+  }
+
+  process.stdout.write("\n\n");
+  log("  ✗ Authentication timed out. Please try again.");
+  log("");
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// LOGOUT COMMAND
+// ═══════════════════════════════════════════════════════════════════
+
+async function cmdLogout() {
+  printHeader();
+
+  const config = loadConfig();
+
+  if (!config || !config.token) {
+    log("  You are not logged in.");
+    log("");
+    return;
+  }
+
+  clearConfig();
+
+  log(`  ${c.bold}✓${c.reset} Logged out successfully`);
+  log(`  ${c.dim}Credentials removed from ~/.attest/config.json${c.reset}`);
+  log("");
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// STATUS COMMAND
+// ═══════════════════════════════════════════════════════════════════
+
+async function cmdStatus() {
+  printHeader();
+
+  const config = loadConfig();
+
+  if (!config || !config.token) {
+    log("  You are not logged in.");
+    log("  Run 'attest login' to authenticate.");
+    log("");
+    return;
+  }
+
+  log(`  Account: ${c.bold}${config.email}${c.reset}`);
+  log(`  Project: ${c.bold}${config.projectName}${c.reset}`);
+  log(`  Key:     ${c.dim}${config.publicKey}${c.reset}`);
+  log("");
+
+  // Fetch usage stats
+  process.stdout.write("  Fetching usage stats...");
+
+  try {
+    const res = await fetch(
+      `${API_BASE}/api/v2/attest/cli/status?key=${config.publicKey}`,
+      {
+        headers: {
+          Authorization: `Bearer ${config.token}`,
+        },
+      }
+    );
+
+    if (res.ok) {
+      const data = await res.json();
+      process.stdout.write("\r" + " ".repeat(30) + "\r");
+
+      log("  ┌─────────────────────────────────────────┐");
+      log(`  │  MONTHLY USAGE                          │`);
+      log("  ├─────────────────────────────────────────┤");
+
+      const used = data.used || 0;
+      const limit = data.limit || 10000;
+      const percent = Math.round((used / limit) * 100);
+      const barLen = 20;
+      const filled = Math.round((percent / 100) * barLen);
+      const bar = "█".repeat(filled) + "░".repeat(barLen - filled);
+
+      log(`  │  ${bar}  ${percent}%    │`);
+      log(`  │  ${used.toLocaleString()} / ${limit.toLocaleString()} requests            │`);
+      log("  └─────────────────────────────────────────┘");
+      log("");
+
+      if (data.tier) {
+        logDim(`  Tier: ${data.tier.toUpperCase()}`);
+        log("");
+      }
+    } else {
+      process.stdout.write("\n");
+      log("  Could not fetch usage stats.");
+      log("");
+    }
+  } catch (e) {
+    process.stdout.write("\n");
+    log("  Could not fetch usage stats.");
+    log("");
+  }
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// INIT COMMAND
+// ═══════════════════════════════════════════════════════════════════
+
+async function cmdInit() {
+  printHeader();
+
+  const config = loadConfig();
+
+  if (!config || !config.token) {
+    log("  You are not logged in.");
+    log("  Run 'attest login' first.");
+    log("");
+    return;
+  }
+
+  let steps = [];
+
+  // Step 1: Add .env variables
+  const envPath = path.join(process.cwd(), ".env");
+  const envLocalPath = path.join(process.cwd(), ".env.local");
+  let targetEnvPath = envLocalPath;
+
+  if (fs.existsSync(envLocalPath)) {
+    targetEnvPath = envLocalPath;
+  } else if (fs.existsSync(envPath)) {
+    targetEnvPath = envPath;
+  }
+
+  const envVars = `
+# ATTEST Configuration
+NEXT_PUBLIC_ATTEST_KEY=${config.publicKey}
+ATTEST_SECRET_KEY=${config.apiKey}
+`.trim();
+
+  if (fs.existsSync(targetEnvPath)) {
+    let content = fs.readFileSync(targetEnvPath, "utf-8");
+    if (!content.includes("ATTEST_KEY")) {
+      content += "\n\n" + envVars + "\n";
+      fs.writeFileSync(targetEnvPath, content);
+      steps.push(`Added ATTEST config to ${path.basename(targetEnvPath)}`);
+    } else {
+      steps.push(`ATTEST config already in ${path.basename(targetEnvPath)}`);
+    }
+  } else {
+    fs.writeFileSync(envLocalPath, envVars + "\n");
+    steps.push("Created .env.local with ATTEST config");
+  }
+
+  // Step 2: Find and update layout.tsx
+  const layoutPaths = [
+    path.join(process.cwd(), "src/app/layout.tsx"),
+    path.join(process.cwd(), "app/layout.tsx"),
+    path.join(process.cwd(), "src/app/layout.js"),
+    path.join(process.cwd(), "app/layout.js"),
+  ];
+
+  let layoutPath = null;
+  for (const p of layoutPaths) {
+    if (fs.existsSync(p)) {
+      layoutPath = p;
+      break;
+    }
+  }
+
+  const scriptTag = `<Script
+        src="https://sekyuriti.build/api/v2/attest/script/${config.publicKey}"
+        strategy="beforeInteractive"
+      />`;
+
+  if (layoutPath) {
+    let layoutContent = fs.readFileSync(layoutPath, "utf-8");
+
+    if (layoutContent.includes("sekyuriti.build/api/v2/attest/script")) {
+      steps.push("ATTEST script already in layout");
+    } else {
+      // Check if Script is already imported
+      const hasScriptImport = layoutContent.includes("from 'next/script'") || layoutContent.includes('from "next/script"');
+
+      if (!hasScriptImport) {
+        // Add Script import after the first import line
+        layoutContent = layoutContent.replace(
+          /(import .+ from ['"][^'"]+['"];?\n)/,
+          `$1import Script from "next/script";\n`
+        );
+      }
+
+      // Add script tag after <body> or <body className=...>
+      if (layoutContent.includes("<body")) {
+        layoutContent = layoutContent.replace(
+          /(<body[^>]*>)/,
+          `$1\n      ${scriptTag}`
+        );
+        fs.writeFileSync(layoutPath, layoutContent);
+        steps.push(`Added ATTEST script to ${path.basename(layoutPath)}`);
+      } else {
+        steps.push("Could not find <body> tag in layout");
+      }
+    }
+  } else {
+    steps.push("No layout.tsx found - add script manually");
+  }
+
+  // Step 3: Check for middleware.ts and offer to add verification
+  const middlewarePaths = [
+    path.join(process.cwd(), "middleware.ts"),
+    path.join(process.cwd(), "src/middleware.ts"),
+    path.join(process.cwd(), "middleware.js"),
+    path.join(process.cwd(), "src/middleware.js"),
+  ];
+
+  let hasMiddleware = false;
+  for (const p of middlewarePaths) {
+    if (fs.existsSync(p)) {
+      hasMiddleware = true;
+      break;
+    }
+  }
+
+  // Print results
+  log("  SETUP COMPLETE");
+  log("");
+
+  for (const step of steps) {
+    log(`  ${c.bold}✓${c.reset} ${step}`);
+  }
+
+  log("");
+
+  if (!hasMiddleware) {
+    log("  Optional: Add middleware for server-side verification:");
+    log("");
+    log(`  ${c.dim}// middleware.ts${c.reset}`);
+    log(`  ${c.dim}import { createAttestMiddleware } from '@sekyuriti/attest/middleware';${c.reset}`);
+    log(`  ${c.dim}export default createAttestMiddleware({${c.reset}`);
+    log(`  ${c.dim}  protectedPaths: ['/api/'],${c.reset}`);
+    log(`  ${c.dim}});${c.reset}`);
+    log("");
+  }
+
+  log("  Documentation: https://sekyuriti.build/docs/attest");
+  log("");
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// WHOAMI COMMAND
+// ═══════════════════════════════════════════════════════════════════
+
+async function cmdWhoami() {
+  const config = loadConfig();
+
+  if (!config || !config.token) {
+    console.log("Not logged in");
+    return;
+  }
+
+  console.log(config.email);
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// HELP
+// ═══════════════════════════════════════════════════════════════════
+
+function printHelp() {
+  printHeader();
+  log("  USAGE");
+  log("");
+  log(`    ${c.bold}attest${c.reset} <command>`);
+  log("");
+  log("  COMMANDS");
+  log("");
+  log(`    ${c.bold}login${c.reset}     Authenticate with SEKYURITI`);
+  log(`    ${c.bold}logout${c.reset}    Sign out and clear credentials`);
+  log(`    ${c.bold}status${c.reset}    Show account and usage info`);
+  log(`    ${c.bold}init${c.reset}      Setup ATTEST in current project`);
+  log(`    ${c.bold}whoami${c.reset}    Print current user email`);
+  log(`    ${c.bold}help${c.reset}      Show this help message`);
+  log("");
+  log("  EXAMPLES");
+  log("");
+  logDim("    $ attest login");
+  logDim("    $ attest init");
+  logDim("    $ attest status");
+  log("");
+  log("  DOCUMENTATION");
+  log("");
+  log("    https://sekyuriti.build/docs/attest");
+  log("");
+}
+
+// ═══════════════════════════════════════════════════════════════════
+// MAIN
+// ═══════════════════════════════════════════════════════════════════
+
+async function main() {
+  const args = process.argv.slice(2);
+  const cmd = args[0];
+
+  switch (cmd) {
+    case "login":
+      await cmdLogin();
+      break;
+    case "logout":
+      await cmdLogout();
+      break;
+    case "status":
+      await cmdStatus();
+      break;
+    case "init":
+      await cmdInit();
+      break;
+    case "whoami":
+      await cmdWhoami();
+      break;
+    case "help":
+    case "--help":
+    case "-h":
+      printHelp();
+      break;
+    case undefined:
+      printHelp();
+      break;
+    default:
+      log("");
+      log(`  Unknown command: ${cmd}`);
+      log("  Run 'attest help' for usage.");
+      log("");
+      process.exit(1);
+  }
+}
+
+main().catch((e) => {
+  console.error("Error:", e.message);
+  process.exit(1);
+});

package/package.json

@@ -1,10 +1,13 @@
 {
   "name": "@sekyuriti/attest",
-  "version": "0.1.1",
+  "version": "0.2.1",
   "description": "API protection middleware for Next.js - verify requests with ATTEST",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
   "types": "dist/index.d.ts",
+  "bin": {
+    "attest": "./bin/attest.js"
+  },
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
@@ -18,7 +21,8 @@
     }
   },
   "files": [
-    "dist"
+    "dist",
+    "bin"
   ],
   "scripts": {
     "build": "tsup",