@startanaicompany/crm 1.0.0 → 1.0.2

package/README.md

@@ -8,34 +8,70 @@ AI-first CRM CLI (`saac_crm`) — manage leads, API keys, and user accounts from
 npm install -g @startanaicompany/crm
 ```
 
-## Configuration
+---
+
+## 🤖 AI Agent Quick Start (zero-auth, no human needed)
+
+Agents bootstrap themselves with a single command — **no credentials required**:
 
 ```bash
-# Set API URL and default key
-saac_crm config set --url https://yourapp.example.com --api-key crm_xxxx
+# Step 1: create your own API key (no auth needed)
+saac_crm config set --url https://your-crm.example.com
+saac_crm keys create --name my-agent
+# → returns crm_xxxxxxxxxxxx — store this as your API key
+
+# Step 2: set the key and start managing leads
+export SAAC_CRM_API_KEY=crm_xxxxxxxxxxxx
+saac_crm leads create --name "Jane Smith" --email "jane@example.com"
+saac_crm leads list
+```
+
+> **Auth priority**: `--api-key` flag > `SAAC_CRM_API_KEY` env var > config file (`~/.saac_crm/config.json`)
+
+> ⚠️ **Agents: never call `saac_crm register`** — that command is for one-time operator setup only (requires deployment password). Your entry point is always `keys create --name`.
+
+---
+
+## 👤 Operator Setup (one-time, human)
+
+This is done once per deployment — **not by agents**:
 
-# Auth priority: --api-key flag > SAAC_CRM_API_KEY env > config file
-export SAAC_CRM_API_KEY=crm_xxxx
+```bash
+# 1. Point at your deployment
+saac_crm config set --url https://your-crm.example.com
+
+# 2. Register workspace + create admin key (prompts for workspace slug and password)
+saac_crm register --name "main-admin-key"
+# → prompts: Workspace slug (e.g. mycompany):
+# → prompts: Deployment admin password:
+# → returns crm_xxx admin key — store securely
+
+# 3. Save admin key and create first human user account
+saac_crm config set --api-key crm_xxx_admin_key
+saac_crm users create --email admin@example.com --name "Admin" --role admin
 ```
 
+---
+
 ## Commands
 
 ### API Keys
 
 ```bash
-# Create an agent key (no auth required)
+# Create agent key — ZERO AUTH, no prior setup needed
 saac_crm keys create --name "my-agent"
 
-# Create an admin scope key (requires deployment password)
-saac_crm keys create --name "admin-agent" --scope admin --admin-password <password>
+# Create admin scope key (operator only — requires deployment password + workspace slug)
+saac_crm keys create --name "admin-key" --scope admin \
+  --workspace mycompany --admin-password <deployment-password>
 
-# List all keys
+# List all keys (metadata only — full key never shown again)
 saac_crm keys list
 
 # Show current key info
 saac_crm keys self
 
-# Revoke a key
+# Revoke a key by ID
 saac_crm keys revoke <id>
 ```
 
@@ -54,17 +90,18 @@ saac_crm leads get <id>
 # Update lead
 saac_crm leads update <id> --status contacted --notes "Called, interested"
 
-# Delete lead (soft)
+# Soft-delete lead
 saac_crm leads delete <id>
 
-# Status history
+# Status change history
 saac_crm leads history <id>
 ```
 
 ### Users (requires admin scope key)
 
 ```bash
-# Create a human user account
+# Create a human user account (both commands are equivalent)
+saac_crm users create --email admin@example.com --name "Admin User" --role admin
 saac_crm users register --email admin@example.com --name "Admin User" --role admin
 
 # List users
@@ -76,3 +113,43 @@ saac_crm users update <id> --role viewer
 # Deactivate user
 saac_crm users deactivate <id>
 ```
+
+### Human Login
+
+```bash
+# Log in as admin/viewer — saves JWT to config for dashboard access
+saac_crm login --workspace mycompany --email admin@example.com
+# → prompts for password, saves JWT to ~/.saac_crm/config.json
+```
+
+### Workspace Registration (operator only)
+
+```bash
+# First-time setup — registers workspace slug + creates admin key
+# Prompts for --workspace and --admin-password if not provided
+saac_crm register --name "main-admin-key"
+saac_crm register --name "main-admin-key" --workspace mycompany --admin-password <pw>
+```
+
+### Configuration
+
+```bash
+saac_crm config set --url https://your-crm.example.com
+saac_crm config set --api-key crm_xxxxxxxxxxxx
+saac_crm config get
+```
+
+## Global Options
+
+```
+--api-key <key>   Override API key for this command
+--url <url>       Override API base URL for this command
+```
+
+## Architecture
+
+This is a **single-tenant** system: one workspace slug per deployment, registered once by an operator.
+
+- **Agents** → self-service `keys create` → manage leads
+- **Operators** → `register` once → `users create` → human accounts
+- **Humans** → `login` → web dashboard at your deployment URL

package/index.js

@@ -99,7 +99,7 @@ const program = new Command();
 program
   .name('saac_crm')
   .description('AI-first CRM CLI — manage leads and API keys')
-  .version('1.0.0')
+  .version('1.0.2')
   .option('--api-key <key>', 'API key (overrides SAAC_CRM_API_KEY env and config)')
   .option('--url <url>', 'API base URL (overrides config)');
 
@@ -115,9 +115,14 @@ configCmd
   .option('--url <url>', 'CRM API base URL (e.g. https://yourapp.example.com)')
   .option('--api-key <key>', 'Default API key to use')
   .action((opts) => {
+    // NOTE: commander.js may consume --url and --api-key at the parent program level
+    // if they share the same option names. Always fall back to program.opts().
+    const globalOpts = program.opts();
     const cfg = loadConfig();
-    if (opts.url) cfg.apiUrl = opts.url;
-    if (opts.apiKey) cfg.apiKey = opts.apiKey;
+    const urlValue = opts.url || globalOpts.url;
+    const apiKeyValue = opts.apiKey || globalOpts.apiKey;
+    if (urlValue) cfg.apiUrl = urlValue;
+    if (apiKeyValue) cfg.apiKey = apiKeyValue;
     saveConfig(cfg);
     console.log('Configuration saved to', CONFIG_FILE);
     printJSON(cfg);
@@ -185,15 +190,15 @@ keysCmd
   });
 
 // ============================================================
-// REGISTER — shortcut for first admin setup
+// REGISTER — first-time workspace + admin key setup
+// NOTE: For agent self-service (zero-auth), use: saac_crm keys create --name <name>
 // ============================================================
 
 program
   .command('register')
-  .description('Register this workspace and create an admin scope API key')
-  .requiredOption('--workspace <slug>', 'Workspace slug (3-30 chars, a-z0-9 only, e.g. goldenrecruit101)')
+  .description('First-time setup: register workspace slug and create admin scope API key (prompts for missing values)')
   .requiredOption('--name <name>', 'Name/label for this admin key')
-  .option('--scope <scope>', 'Key scope (must be admin)', 'admin')
+  .option('--workspace <slug>', 'Workspace slug (3-30 chars, a-z0-9 only, e.g. mycompany)')
   .option('--admin-password <password>', 'Deployment admin password (will prompt if not provided)')
   .action(async (opts) => {
     const globalOpts = program.opts();
@@ -203,6 +208,13 @@ program
       process.exit(1);
     }
 
+    // Prompt for workspace slug if not provided
+    let workspace = opts.workspace;
+    if (!workspace) {
+      workspace = await promptSecret('Workspace slug (e.g. mycompany): ');
+    }
+
+    // Prompt for admin password if not provided
     let adminPw = opts.adminPassword;
     if (!adminPw) {
       adminPw = await promptSecret('Deployment admin password: ');
@@ -211,7 +223,7 @@ program
     const body = {
       name: opts.name,
       scope: 'admin',
-      workspace: opts.workspace,
+      workspace: workspace.trim().toLowerCase(),
       admin_password: adminPw
     };
 
@@ -221,7 +233,7 @@ program
         body,
         { headers: { 'Content-Type': 'application/json' } }
       );
-      console.log(`Workspace '${opts.workspace}' registered. Admin key created — store it securely.`);
+      console.log(`Workspace '${workspace}' registered. Admin key created — store it securely.`);
       printJSON(res.data.data);
     } catch (err) {
       handleError(err);
@@ -310,7 +322,7 @@ leadsCmd
     };
     try {
       const res = await client.post('/leads', body, { headers });
-      printJSON(res.data.data);
+      printJSON(res.data);
     } catch (err) {
       handleError(err);
     }
@@ -323,15 +335,20 @@ leadsCmd
   .option('--email <email>', 'Filter by email (partial match)')
   .option('--company <company>', 'Filter by company (partial match)')
   .option('--tag <tag>', 'Filter by tag — repeatable, AND logic', (v, prev) => prev.concat([v]), [])
+  .option('--api-key-id <id>', 'Filter by the API key ID that created the lead')
+  .option('--self', 'Filter leads created by the current API key (shorthand for --api-key-id self)')
   .option('--page <n>', 'Page number', '1')
   .option('--per-page <n>', 'Results per page', '20')
   .action(async (opts) => {
     const globalOpts = program.opts();
     const client = getClient(globalOpts);
+    // --self is a shorthand for --api-key-id self
+    const apiKeyIdFilter = opts.self ? 'self' : opts.apiKeyId;
     const params = {
       ...(opts.status && { status: opts.status }),
       ...(opts.email && { email: opts.email }),
       ...(opts.company && { company: opts.company }),
+      ...(apiKeyIdFilter && { api_key_id: apiKeyIdFilter }),
       page: opts.page,
       per_page: opts.perPage
     };
@@ -354,7 +371,7 @@ leadsCmd
     const client = getClient(globalOpts);
     try {
       const res = await client.get(`/leads/${id}`);
-      printJSON(res.data.data);
+      printJSON(res.data);
     } catch (err) {
       handleError(err);
     }
@@ -392,7 +409,7 @@ leadsCmd
     };
     try {
       const res = await client.put(`/leads/${id}`, body);
-      printJSON(res.data.data);
+      printJSON(res.data);
     } catch (err) {
       handleError(err);
     }
@@ -433,35 +450,47 @@ leadsCmd
 
 const usersCmd = program.command('users').description('Manage human user accounts (requires admin scope key)');
 
+// Shared action for users create / users register
+async function createUserAction(opts) {
+  const globalOpts = program.opts();
+  const client = getClient(globalOpts);
+
+  let password = opts.password;
+  if (!password) {
+    password = await promptSecret('Password for new user: ');
+  }
+
+  try {
+    const res = await client.post('/users', {
+      email: opts.email,
+      name: opts.name,
+      password,
+      role: opts.role
+    });
+    console.log('User created successfully.');
+    printJSON(res.data.data);
+  } catch (err) {
+    handleError(err);
+  }
+}
+
 usersCmd
-  .command('register')
+  .command('create')
   .description('Create a new human user account')
   .requiredOption('--email <email>', 'User email address')
   .requiredOption('--name <name>', 'User full name')
   .option('--password <password>', 'User password (will prompt if not provided)')
   .option('--role <role>', 'Role: admin or viewer', 'viewer')
-  .action(async (opts) => {
-    const globalOpts = program.opts();
-    const client = getClient(globalOpts);
-
-    let password = opts.password;
-    if (!password) {
-      password = await promptSecret('Password for new user: ');
-    }
+  .action(createUserAction);
 
-    try {
-      const res = await client.post('/users', {
-        email: opts.email,
-        name: opts.name,
-        password,
-        role: opts.role
-      });
-      console.log('User created successfully.');
-      printJSON(res.data.data);
-    } catch (err) {
-      handleError(err);
-    }
-  });
+usersCmd
+  .command('register')
+  .description('Create a new human user account (alias for users create)')
+  .requiredOption('--email <email>', 'User email address')
+  .requiredOption('--name <name>', 'User full name')
+  .option('--password <password>', 'User password (will prompt if not provided)')
+  .option('--role <role>', 'Role: admin or viewer', 'viewer')
+  .action(createUserAction);
 
 usersCmd
   .command('list')
@@ -518,4 +547,45 @@ usersCmd
     }
   });
 
+// ============================================================
+// LOGIN — human admin/viewer login, saves JWT to config
+// ============================================================
+
+program
+  .command('login')
+  .description('Log in as a human admin/viewer (workspace + email + password → JWT saved to config)')
+  .requiredOption('--workspace <slug>', 'Workspace slug')
+  .requiredOption('--email <email>', 'Your email address')
+  .option('--password <password>', 'Your password (will prompt if not provided)')
+  .action(async (opts) => {
+    const globalOpts = program.opts();
+    const apiUrl = resolveApiUrl(globalOpts.url);
+    if (!apiUrl) {
+      console.error('Error: API URL not configured. Run: saac_crm config set --url <api-url>');
+      process.exit(1);
+    }
+
+    let password = opts.password;
+    if (!password) {
+      password = await promptSecret('Password: ');
+    }
+
+    try {
+      const res = await axios.post(
+        `${apiUrl.replace(/\/$/, '')}/api/v1/auth/login`,
+        { workspace: opts.workspace, email: opts.email, password },
+        { headers: { 'Content-Type': 'application/json' } }
+      );
+      const { token, user } = res.data.data;
+      // Save token to config for subsequent admin operations
+      const cfg = loadConfig();
+      cfg.token = token;
+      saveConfig(cfg);
+      console.log(`Logged in as ${user.email} (${user.role}). JWT saved to config.`);
+      printJSON({ email: user.email, name: user.name, role: user.role });
+    } catch (err) {
+      handleError(err);
+    }
+  });
+
 program.parse(process.argv);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@startanaicompany/crm",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "AI-first CRM CLI — manage leads and API keys from the terminal",
   "main": "index.js",
   "bin": {
@@ -9,8 +9,21 @@
   "scripts": {
     "test": "echo \"No tests yet\""
   },
-  "keywords": ["crm", "ai", "leads", "api"],
+  "keywords": ["crm", "ai", "leads", "api", "saac", "agent"],
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://git.startanaicompany.com/mikaelwestoo/url-friendly-slug-59b2ag.git",
+    "directory": "packages/crm-cli"
+  },
+  "files": [
+    "index.js",
+    "README.md",
+    "package.json"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
   "dependencies": {
     "axios": "^1.6.0",
     "commander": "^11.1.0"