npm - @syphin/cli - Versions diffs - 0.1.0 → 0.2.0 - Mend

@syphin/cli 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@syphin/cli",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Syphin CLI — centralized AI agent context",
   "license": "MIT",
   "type": "module",

package/src/commands/login.js CHANGED Viewed

@@ -1,11 +1,18 @@
 /**
  * syphin login [--token <t>] [--force]
+ *
+ * Without --token: starts OAuth device flow (opens browser).
+ * With --token: direct token authentication.
  */
 import ora from 'ora'
+import open from 'open'
 import { saveToken, loadToken } from '../lib/config.js'
 import { createApiClient } from '../lib/api.js'
-import { success, fail, info, teal } from '../lib/output.js'
+import { success, fail, info, teal, dim } from '../lib/output.js'
+const POLL_INTERVAL = 5000 // 5 seconds
+const MAX_POLLS = 120      // 10 minutes / 5s
 export function registerLogin(program) {
   program
@@ -20,30 +27,110 @@ export function registerLogin(program) {
         return
       }
-      const token = opts.token
-      if (!token) {
-        fail('Token required. Use: syphin login --token <your-token>')
-        info('Get a token from the Syphin dashboard at https://app.syphin.dev/settings/tokens')
-        process.exit(1)
+      // Direct token mode
+      if (opts.token) {
+        return directLogin(opts.token)
       }
-      const spinner = ora('Verifying token...').start()
+      // Device flow
+      return deviceFlowLogin()
+    })
+}
+async function directLogin(token) {
+  const spinner = ora('Verifying token...').start()
+  try {
+    const api = createApiClient(token)
+    const result = await api.verify()
+    saveToken(token)
+    spinner.succeed('Authenticated successfully!')
+    console.log('')
+    info(`Organization: ${teal(result.orgName)} (${result.orgSlug})`)
+    info(`Plan: ${result.orgPlan}`)
+    console.log('')
+  } catch (err) {
+    spinner.fail('Authentication failed')
+    fail(err.message)
+    process.exit(1)
+  }
+}
+async function deviceFlowLogin() {
+  const api = createApiClient(null)
+  let deviceData
+  const spinner = ora('Starting authentication...').start()
+  try {
+    deviceData = await api.requestDeviceCode()
+    spinner.stop()
+  } catch (err) {
+    spinner.fail('Failed to start authentication')
+    fail(err.message)
+    process.exit(1)
+  }
-      try {
-        const api = createApiClient(token)
-        const result = await api.verify()
+  // Display the code
+  console.log('')
+  console.log(`  Open this URL in your browser:`)
+  console.log('')
+  console.log(`    ${teal(deviceData.verificationUrl)}`)
+  console.log('')
+  console.log(`  And enter this code:`)
+  console.log('')
+  console.log(`    ${teal(deviceData.userCode)}`)
+  console.log('')
+  info(dim('Code expires in 10 minutes'))
+  console.log('')
-        saveToken(token)
-        spinner.succeed('Authenticated successfully!')
+  // Try to open the browser
+  try {
+    await open(deviceData.verificationUrl)
+  } catch {
+    // Browser open failed — user can manually navigate
+  }
+  // Poll for approval
+  const pollSpinner = ora('Waiting for browser authorization...').start()
+  for (let i = 0; i < MAX_POLLS; i++) {
+    await sleep(POLL_INTERVAL)
+    try {
+      const result = await api.pollDeviceToken(deviceData.deviceCode)
+      if (result.status === 'pending') {
+        continue
+      }
+      if (result.status === 'approved') {
+        saveToken(result.token)
+        pollSpinner.succeed('Authenticated successfully!')
         console.log('')
         info(`Organization: ${teal(result.orgName)} (${result.orgSlug})`)
         info(`Plan: ${result.orgPlan}`)
         console.log('')
-      } catch (err) {
-        spinner.fail('Authentication failed')
-        fail(err.message)
+        return
+      }
+    } catch (err) {
+      if (err.message.includes('expired') || err.message.includes('EXPIRED')) {
+        pollSpinner.fail('Code expired')
+        fail('Run `syphin login` to try again.')
         process.exit(1)
       }
-    })
+      // Other errors — keep polling
+    }
+  }
+  pollSpinner.fail('Timed out waiting for authorization')
+  fail('Run `syphin login` to try again.')
+  process.exit(1)
+}
+function sleep(ms) {
+  return new Promise(resolve => setTimeout(resolve, ms))
 }

package/src/lib/api.js CHANGED Viewed

@@ -28,9 +28,30 @@ export function createApiClient(token, apiUrl) {
     return json.data
   }
+  // Device flow endpoints don't need auth
+  async function requestNoAuth(method, path, body) {
+    const url = `${baseUrl}${path}`
+    const opts = {
+      method,
+      headers: { 'Content-Type': 'application/json' },
+    }
+    if (body) opts.body = JSON.stringify(body)
+    const res = await fetch(url, opts)
+    const json = await res.json()
+    if (!res.ok && res.status !== 202) {
+      throw new Error(json.error || `API error ${res.status}`)
+    }
+    return json.data
+  }
   return {
     verify: () => request('POST', '/api/auth/verify'),
     getManifest: (slug, env) => request('GET', `/api/projects/${slug}/manifest?env=${env}`),
     createProject: (name, slug) => request('POST', '/api/projects', { name, slug }),
+    requestDeviceCode: () => requestNoAuth('POST', '/api/auth/device/code'),
+    pollDeviceToken: (deviceCode) => requestNoAuth('POST', '/api/auth/device/token', { deviceCode }),
   }
 }