npm - @userland.fun/cli - Versions diffs - 0.3.1 → 0.4.0 - Mend

@userland.fun/cli 0.3.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -17,6 +17,7 @@ npm install -g @userland.fun/cli
 Then run:
 ```sh
+userland --version
 userland login
 userland login --no-browser
 userland signup
@@ -24,6 +25,10 @@ userland auth status
 userland auth save-key --api-key <api-key>
 userland auth logout
 userland auth logout --revoke
+userland auth api-keys list
+userland auth api-keys create --name "CI deploy key"
+userland auth api-keys rename <api-key-id> --name "Production deploy"
+userland auth api-keys revoke <api-key-id> --yes
 userland accounts list
 userland accounts use <account-id>
 userland accounts status --account <account-id>
@@ -48,6 +53,7 @@ userland apps domains verify <app-id> <hostname>
 From this repo, the same commands can be run from source:
 ```sh
+npm run userland -- --version
 npm run userland -- login
 npm run userland -- login --no-browser
 npm run userland -- signup
@@ -55,6 +61,10 @@ npm run userland -- auth status
 npm run userland -- auth save-key --api-key <api-key>
 npm run userland -- auth logout
 npm run userland -- auth logout --revoke
+npm run userland -- auth api-keys list
+npm run userland -- auth api-keys create --name "CI deploy key"
+npm run userland -- auth api-keys rename <api-key-id> --name "Production deploy"
+npm run userland -- auth api-keys revoke <api-key-id> --yes
 npm run userland -- accounts list
 npm run userland -- accounts use <account-id>
 npm run userland -- accounts status --account <account-id>
@@ -80,6 +90,17 @@ npm run userland -- apps domains verify <app-id> <hostname>
 The CLI does not store platform passwords. App commands prefer `USERLAND_API_KEY` when it is set, then fall back to the saved API key. `auth save-key` remains available for CI, support, and manually copied API keys.
+API key lifecycle commands use the same authenticated management endpoints as the browser console:
+```sh
+userland auth api-keys list
+userland auth api-keys create --name "CI deploy key"
+userland auth api-keys rename key_... --name "Production deploy"
+userland auth api-keys revoke key_... --yes
+```
+`auth api-keys list` prints metadata only. `auth api-keys create` prints the raw key exactly once and does not write it to `~/.userland/credentials.json`. `auth api-keys revoke` prompts in interactive terminals unless `--yes` is passed.
 Most users do not need to select an account. If no account is selected, the API uses the actor's default account. Team, client, and agency workflows can select an account with `--account <account-id>`, `USERLAND_ACCOUNT_ID`, or `userland accounts use <account-id>`. Platform account members manage apps, releases, secrets, billing, and settings; they are separate from app users inside a published app.
 Status and limits:

package/dist/index.js CHANGED Viewed

@@ -19,6 +19,10 @@ async function main() {
     if (isHelpCommand(command)) {
         usage(0);
     }
+    if (isVersionCommand(command)) {
+        console.log(CLI_VERSION);
+        return;
+    }
     if (command === "apps") {
         await appsCommand(args);
         return;
@@ -27,6 +31,10 @@ async function main() {
         await authCommand(args);
         return;
     }
+    if (command === "api-keys") {
+        await apiKeysCommand(args);
+        return;
+    }
     if (command === "accounts") {
         await accountsCommand(args);
         return;
@@ -119,6 +127,30 @@ async function authCommand(args) {
         await logoutCommand(rest);
         return;
     }
+    if (subcommand === "api-keys") {
+        await apiKeysCommand(rest);
+        return;
+    }
+    usage(1);
+}
+async function apiKeysCommand(args) {
+    const [subcommand, keyId, ...rest] = args;
+    if (subcommand === "list") {
+        await apiKeysListCommand();
+        return;
+    }
+    if (subcommand === "create") {
+        await apiKeysCreateCommand([keyId, ...rest].filter((value) => value !== undefined));
+        return;
+    }
+    if (subcommand === "rename" && keyId) {
+        await apiKeysRenameCommand(keyId, rest);
+        return;
+    }
+    if (subcommand === "revoke" && keyId) {
+        await apiKeysRevokeCommand(keyId, rest);
+        return;
+    }
     usage(1);
 }
 async function accountsCommand(args) {
@@ -329,6 +361,77 @@ async function logoutCommand(args) {
     console.log("local_credentials=removed");
     console.log(`credentials_file=${filePath}`);
 }
+async function apiKeysListCommand() {
+    const response = await apiFetch("/v0/auth/api-keys", {
+        method: "GET"
+    });
+    for (const key of response.api_keys) {
+        console.log([
+            key.api_key_id,
+            key.revoked_at ? "revoked" : "active",
+            key.created_at,
+            key.last_used_at ?? "never",
+            key.key_prefix,
+            key.name ?? ""
+        ].join("\t"));
+    }
+}
+async function apiKeysCreateCommand(args) {
+    const options = parseApiKeyOptions(args);
+    if (!options.name) {
+        throw new Error("--name is required.");
+    }
+    const response = await apiFetch("/v0/auth/api-keys", {
+        method: "POST",
+        body: JSON.stringify({ name: options.name })
+    });
+    console.log(`Created API key ${response.api_key_id}`);
+    console.log(`Name: ${response.key.name ?? ""}`);
+    console.log(`Prefix: ${response.key_prefix}`);
+    console.log("");
+    console.log("API key:");
+    console.log(response.api_key);
+    console.log("");
+    console.log(response.warning);
+}
+async function apiKeysRenameCommand(apiKeyId, args) {
+    const options = parseApiKeyOptions(args);
+    if (!options.name) {
+        throw new Error("--name is required.");
+    }
+    const response = await apiFetch(`/v0/auth/api-keys/${encodeURIComponent(apiKeyId)}`, {
+        method: "PATCH",
+        body: JSON.stringify({ name: options.name })
+    });
+    console.log(`Renamed API key ${response.api_key_id}`);
+    console.log(`Name: ${response.key.name ?? ""}`);
+}
+async function apiKeysRevokeCommand(apiKeyId, args) {
+    const options = parseApiKeyOptions(args);
+    const credentials = await readCredentials();
+    if (credentials?.api_key_id === apiKeyId) {
+        console.log("This is the API key saved for the current CLI credentials. Subsequent saved-credential commands may fail.");
+    }
+    if (!options.yes) {
+        if (!process.stdin.isTTY) {
+            throw new Error("Pass --yes to revoke an API key non-interactively.");
+        }
+        const answer = await promptLine(`Revoke API key ${apiKeyId}? Type yes to continue: `);
+        if (answer.toLowerCase() !== "yes") {
+            console.log("revocation=cancelled");
+            return;
+        }
+    }
+    const response = await apiFetch(`/v0/auth/api-keys/${encodeURIComponent(apiKeyId)}`, {
+        method: "DELETE"
+    });
+    if (response.revoked) {
+        console.log(`Revoked API key ${response.api_key_id}`);
+    }
+    else {
+        console.log(`API key ${response.api_key_id} was already revoked.`);
+    }
+}
 async function listAccountsCommand() {
     const response = await apiFetch("/v0/accounts", {
         method: "GET"
@@ -1023,6 +1126,22 @@ function parseAuthOptions(args) {
     }
     return options;
 }
+function parseApiKeyOptions(args) {
+    const options = {};
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (arg === "--name") {
+            options.name = args[++index];
+        }
+        else if (arg === "--yes" || arg === "-y") {
+            options.yes = true;
+        }
+        else {
+            throw new Error(`Unknown option: ${arg}`);
+        }
+    }
+    return options;
+}
 function parseSecretSetOptions(args) {
     const options = {};
     for (let index = 0; index < args.length; index += 1) {
@@ -1287,14 +1406,22 @@ function docsUrlForError(message) {
 function isHelpCommand(command) {
     return command === "--help" || command === "-h" || command === "help";
 }
+function isVersionCommand(command) {
+    return command === "--version" || command === "version";
+}
 function usage(exitCode) {
     const message = `Usage:
   userland [--help]
+  userland --version
   userland signup [--no-browser] [--email <email>] [--api-base-url <url>] [--console-url <url>] [--no-save]
   userland login [--no-browser] [--email <email>] [--api-base-url <url>] [--console-url <url>] [--no-save]
   userland auth status
   userland auth save-key --api-key <api-key> [--account <account-id>] [--api-base-url <url>] [--console-url <url>]
   userland auth logout [--revoke]
+  userland auth api-keys list
+  userland auth api-keys create --name <name>
+  userland auth api-keys rename <api-key-id> --name <name>
+  userland auth api-keys revoke <api-key-id> [--yes]
   userland accounts list
   userland accounts use <account-id>
   userland accounts status [--account <account-id>]
@@ -1328,6 +1455,7 @@ function usage(exitCode) {
 Aliases:
   userland auth signup [--no-browser] [--email <email>] [--no-save]
   userland auth login [--no-browser] [--email <email>] [--no-save]
+  userland api-keys list|create|rename|revoke ...
   userland publish <dir> [--app <app-id>] [--message <message>] [--account <account-id>]
   userland releases <app-id> [--account <account-id>]
   userland versions <app-id> [--account <account-id>]

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@userland.fun/cli",
-  "version": "0.3.1",
+  "version": "0.4.0",
   "description": "Userland command-line tools for publishing and operating apps.",
   "license": "MIT",
   "type": "module",