@vibecheckai/cli 3.2.4 → 3.2.5

package/bin/vibecheck.js

@@ -1123,35 +1123,60 @@ async function main() {
                     process.env.VIBECHECK_LOCAL === '1';
 
   // Auth check (unless skipAuth or offline mode)
-  if (!cmdDef.skipAuth && !isOffline) {
+  // Only allow login, logout, whoami, and help without auth
+  const authExemptCommands = ['login', 'logout', 'whoami', 'help', '--help', '-h', 'version', '--version'];
+  const needsAuth = !authExemptCommands.includes(cmd) && !cmdDef.skipAuth && !isOffline;
+  
+  if (needsAuth) {
     const auth = getAuthModule();
     const { key } = auth.getApiKey();
     authInfo.key = key;
 
+    // If no API key, prompt for login
+    if (!key) {
+      console.log(`\n  ${c.red}❌ Authentication Required${c.reset}`);
+      console.log(`  Please log in to use vibecheck.\n`);
+      console.log(`  ${c.cyan}Options:${c.reset}`);
+      console.log(`  1. Press ${c.yellow}Enter${c.reset} to open browser and sign up`);
+      console.log(`  2. Visit ${c.underline}https://vibecheckai.dev${c.reset} directly`);
+      console.log(`  3. Run ${c.cyan}vibecheck login${c.reset} after getting your API key\n`);
+      
+      // Wait for Enter key
+      const readline = getReadline();
+      readline.createInterface({
+        input: process.stdin,
+        output: process.stdout
+      }).question('', async () => {
+        try {
+          const https = getHttps();
+          const url = 'https://vibecheckai.dev';
+          console.log(`\n  Opening ${c.underline}${url}${c.reset} in your browser...\n`);
+          
+          // Try to open browser
+          const start = process.platform === 'darwin' ? 'open' : 
+                       process.platform === 'win32' ? 'start' : 'xdg-open';
+          require('child_process').exec(`${start} ${url}`);
+        } catch (e) {
+          console.log(`  Could not open browser. Please visit: ${c.underline}https://vibecheckai.dev${c.reset}`);
+        }
+        process.exit(0);
+      });
+      
+      // Keep process alive
+      return new Promise(() => {});
+    }
+
     const access = await checkCommandAccess(cmd, cmdArgs, authInfo);
 
     if (!access.allowed) {
       console.log(access.reason);
-      process.exit(access.exitCode || 3);
-    }
-
-    // Downgrade notice
-    if (access.downgrade && !config.quiet) {
-      const upsell = getUpsell();
-      console.log(upsell.formatDowngrade(cmd, {
-        currentTier: access.tier,
-        effectiveMode: access.downgrade,
-        caps: access.caps,
-      }));
-    }
-
-    // Tier badge
-    if (!config.quiet && !config.noBanner) {
-      if (access.tier === "pro") {
-        console.log(`${c.magenta}${sym.arrowRight} PRO${c.reset} ${c.dim}feature${c.reset}`);
-      } else if (access.tier === "complete") {
-        console.log(`${c.yellow}${sym.arrowRight} COMPLETE${c.reset} ${c.dim}feature${c.reset}`);
+      
+      // Show upgrade prompt if tier insufficient
+      if (access.upgradeUrl) {
+        console.log(`\n  ${c.cyan}Upgrade:${c.reset} ${access.upgradeUrl}`);
       }
+      
+      return 1;
     }
 
     authInfo.access = access;

package/mcp-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vibecheck-mcp-server",
-  "version": "3.1.8",
+  "version": "3.2.0",
   "description": "Professional MCP server for vibecheck - Intelligent development environment vibechecks",
   "type": "module",
   "main": "index.js",

package/mcp-server/tier-auth.js

@@ -169,8 +169,8 @@ async function loadUserConfig() {
  * Determine tier from API key
  * Matches CLI entitlements-v2.js logic
  */
-function getTierFromApiKey(apiKey) {
-  if (!apiKey) return 'free';
+async function getTierFromApiKey(apiKey) {
+  if (!apiKey) return null; // No API key = no access
   
   // Check API key prefix patterns (matches CLI)
   if (apiKey.startsWith('gr_starter_')) return 'starter';
@@ -178,16 +178,43 @@ function getTierFromApiKey(apiKey) {
   if (apiKey.startsWith('gr_compliance_') || apiKey.startsWith('gr_ent_')) return 'compliance';
   if (apiKey.startsWith('gr_free_')) return 'free';
   
-  // Try to fetch from API (same as CLI)
-  // For now, default to free - API lookup would happen in production
-  return 'free'; // default for unknown keys
-}
+  // Try to validate with API
+  try {
+    const response = await fetch('https://api.vibecheckai.dev/whoami', {
+      headers: {
+        'Authorization': `Bearer ${apiKey}`,
+        'Content-Type': 'application/json',
+      },
+    });
+    
+    if (!response.ok) {
+      return null; // Invalid API key
+    }
+    
+    const data = await response.json();
+    
+    // Map API response to tier
+    switch (data.plan?.toLowerCase()) {
+      case 'starter':
+        return 'starter';
+      case 'pro':
+        return 'pro';
+      case 'compliance':
+        return 'compliance';
+      default:
+        return 'free';
+    }
+  } catch (error) {
+    console.error('API validation failed:', error);
+    return null; // On error, deny access
+  }
+} // default for unknown keys
 
 /**
  * Check if user has access to a specific feature
  * Matches CLI entitlements-v2.js logic
  */
-export async function checkFeatureAccess(featureName, providedApiKey = null) {
+export async function getFeatureAccessStatus(featureName, providedApiKey = null) {
   // Try to load user config
   const userConfig = await loadUserConfig();
   const apiKey = providedApiKey || userConfig?.apiKey;
@@ -195,13 +222,22 @@ export async function checkFeatureAccess(featureName, providedApiKey = null) {
   if (!apiKey) {
     return {
       hasAccess: false,
-      tier: 'free',
-      reason: 'No API key provided. Run: vibecheck auth --key YOUR_API_KEY',
+      tier: null,
+      reason: 'No API key provided. Please set your API key with `vibecheck login`.',
       upgradeUrl: 'https://vibecheckai.dev'
     };
   }
   
-  const currentTier = getTierFromApiKey(apiKey);
+  const currentTier = await getTierFromApiKey(apiKey);
+  
+  if (!currentTier) {
+    return {
+      hasAccess: false,
+      tier: null,
+      reason: 'Invalid API key. Please check your API key or get a new one at https://vibecheckai.dev',
+      upgradeUrl: 'https://vibecheckai.dev'
+    };
+  }
   const currentTierConfig = TIERS[currentTier];
   
   // Find which tier has this feature
@@ -273,11 +309,30 @@ export function withTierCheck(featureName, handler) {
  * Check if user has access to a specific MCP tool
  * MCP tools have specific tier requirements separate from CLI features
  */
-export async function checkMcpToolAccess(toolName, providedApiKey = null) {
+export async function getMcpToolAccess(toolName, providedApiKey = null) {
   const userConfig = await loadUserConfig();
   const apiKey = providedApiKey || userConfig?.apiKey;
   
-  const currentTier = getTierFromApiKey(apiKey);
+  if (!apiKey) {
+    return {
+      hasAccess: false,
+      tier: null,
+      reason: 'No API key provided. Please set your API key with `vibecheck login`.',
+      upgradeUrl: 'https://vibecheckai.dev'
+    };
+  }
+  
+  const currentTier = await getTierFromApiKey(apiKey);
+  
+  if (!currentTier) {
+    return {
+      hasAccess: false,
+      tier: null,
+      reason: 'Invalid API key. Please check your API key or get a new one at https://vibecheckai.dev',
+      upgradeUrl: 'https://vibecheckai.dev'
+    };
+  }
+  
   const currentTierConfig = TIERS[currentTier];
   
   // Check if tool is allowed for current tier

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibecheckai/cli",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "Vibecheck CLI - Ship with confidence. One verdict: SHIP | WARN | BLOCK.",
   "main": "bin/vibecheck.js",
   "bin": {