npm - @vizzly-testing/cli - Versions diffs - 0.13.4 → 0.15.0 - Mend

@vizzly-testing/cli 0.13.4 → 0.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (143) hide show

package/dist/cli.js +68 -68
package/dist/commands/doctor.js +30 -34
package/dist/commands/finalize.js +24 -23
package/dist/commands/init.js +30 -28
package/dist/commands/login.js +49 -55
package/dist/commands/logout.js +14 -19
package/dist/commands/project.js +83 -103
package/dist/commands/run.js +77 -89
package/dist/commands/status.js +48 -49
package/dist/commands/tdd-daemon.js +90 -86
package/dist/commands/tdd.js +59 -88
package/dist/commands/upload.js +57 -57
package/dist/commands/whoami.js +40 -45
package/dist/index.js +2 -5
package/dist/plugin-loader.js +15 -17
package/dist/reporter/reporter-bundle.css +1 -1
package/dist/reporter/reporter-bundle.iife.js +78 -32
package/dist/sdk/index.js +36 -45
package/dist/server/handlers/api-handler.js +14 -15
package/dist/server/handlers/tdd-handler.js +34 -37
package/dist/server/http-server.js +75 -869
package/dist/server/middleware/cors.js +22 -0
package/dist/server/middleware/json-parser.js +35 -0
package/dist/server/middleware/response.js +79 -0
package/dist/server/routers/assets.js +91 -0
package/dist/server/routers/auth.js +144 -0
package/dist/server/routers/baseline.js +163 -0
package/dist/server/routers/cloud-proxy.js +146 -0
package/dist/server/routers/config.js +126 -0
package/dist/server/routers/dashboard.js +130 -0
package/dist/server/routers/health.js +61 -0
package/dist/server/routers/projects.js +168 -0
package/dist/server/routers/screenshot.js +86 -0
package/dist/services/auth-service.js +1 -1
package/dist/services/build-manager.js +13 -40
package/dist/services/config-service.js +2 -4
package/dist/services/html-report-generator.js +6 -5
package/dist/services/index.js +64 -0
package/dist/services/project-service.js +121 -40
package/dist/services/screenshot-server.js +9 -9
package/dist/services/server-manager.js +11 -18
package/dist/services/static-report-generator.js +3 -4
package/dist/services/tdd-service.js +246 -103
package/dist/services/test-runner.js +24 -25
package/dist/services/uploader.js +5 -4
package/dist/types/commands/init.d.ts +1 -2
package/dist/types/index.d.ts +2 -3
package/dist/types/plugin-loader.d.ts +1 -2
package/dist/types/reporter/src/api/client.d.ts +178 -0
package/dist/types/reporter/src/components/app-router.d.ts +1 -3
package/dist/types/reporter/src/components/code-block.d.ts +4 -0
package/dist/types/reporter/src/components/comparison/comparison-modes/onion-skin-mode.d.ts +10 -0
package/dist/types/reporter/src/components/comparison/comparison-modes/overlay-mode.d.ts +11 -0
package/dist/types/reporter/src/components/comparison/comparison-modes/shared/base-comparison-mode.d.ts +14 -0
package/dist/types/reporter/src/components/comparison/comparison-modes/shared/image-renderer.d.ts +30 -0
package/dist/types/reporter/src/components/comparison/comparison-modes/toggle-view.d.ts +8 -0
package/dist/types/reporter/src/components/comparison/comparison-viewer.d.ts +4 -0
package/dist/types/reporter/src/components/comparison/fullscreen-viewer.d.ts +13 -0
package/dist/types/reporter/src/components/comparison/screenshot-display.d.ts +16 -0
package/dist/types/reporter/src/components/comparison/screenshot-list.d.ts +9 -0
package/dist/types/reporter/src/components/comparison/variant-selector.d.ts +1 -1
package/dist/types/reporter/src/components/design-system/alert.d.ts +9 -0
package/dist/types/reporter/src/components/design-system/badge.d.ts +17 -0
package/dist/types/reporter/src/components/design-system/button.d.ts +19 -0
package/dist/types/reporter/src/components/design-system/card.d.ts +31 -0
package/dist/types/reporter/src/components/design-system/empty-state.d.ts +13 -0
package/dist/types/reporter/src/components/design-system/form-controls.d.ts +44 -0
package/dist/types/reporter/src/components/design-system/health-ring.d.ts +7 -0
package/dist/types/reporter/src/components/design-system/index.d.ts +11 -0
package/dist/types/reporter/src/components/design-system/modal.d.ts +10 -0
package/dist/types/reporter/src/components/design-system/skeleton.d.ts +19 -0
package/dist/types/reporter/src/components/design-system/spinner.d.ts +10 -0
package/dist/types/reporter/src/components/design-system/tabs.d.ts +13 -0
package/dist/types/reporter/src/components/layout/header.d.ts +5 -0
package/dist/types/reporter/src/components/layout/index.d.ts +2 -0
package/dist/types/reporter/src/components/layout/layout.d.ts +6 -0
package/dist/types/reporter/src/components/views/builds-view.d.ts +1 -0
package/dist/types/reporter/src/components/views/comparison-detail-view.d.ts +5 -0
package/dist/types/reporter/src/components/views/comparisons-view.d.ts +5 -6
package/dist/types/reporter/src/components/views/stats-view.d.ts +1 -6
package/dist/types/reporter/src/components/waiting-for-screenshots.d.ts +1 -0
package/dist/types/reporter/src/hooks/queries/use-auth-queries.d.ts +15 -0
package/dist/types/reporter/src/hooks/queries/use-cloud-queries.d.ts +6 -0
package/dist/types/reporter/src/hooks/queries/use-config-queries.d.ts +6 -0
package/dist/types/reporter/src/hooks/queries/use-tdd-queries.d.ts +9 -0
package/dist/types/reporter/src/lib/query-client.d.ts +2 -0
package/dist/types/reporter/src/lib/query-keys.d.ts +13 -0
package/dist/types/sdk/index.d.ts +2 -4
package/dist/types/server/handlers/tdd-handler.d.ts +2 -0
package/dist/types/server/http-server.d.ts +1 -1
package/dist/types/server/middleware/cors.d.ts +11 -0
package/dist/types/server/middleware/json-parser.d.ts +10 -0
package/dist/types/server/middleware/response.d.ts +50 -0
package/dist/types/server/routers/assets.d.ts +6 -0
package/dist/types/server/routers/auth.d.ts +9 -0
package/dist/types/server/routers/baseline.d.ts +13 -0
package/dist/types/server/routers/cloud-proxy.d.ts +11 -0
package/dist/types/server/routers/config.d.ts +9 -0
package/dist/types/server/routers/dashboard.d.ts +6 -0
package/dist/types/server/routers/health.d.ts +11 -0
package/dist/types/server/routers/projects.d.ts +9 -0
package/dist/types/server/routers/screenshot.d.ts +11 -0
package/dist/types/services/build-manager.d.ts +4 -3
package/dist/types/services/config-service.d.ts +2 -3
package/dist/types/services/index.d.ts +7 -0
package/dist/types/services/project-service.d.ts +6 -4
package/dist/types/services/screenshot-server.d.ts +5 -5
package/dist/types/services/server-manager.d.ts +5 -3
package/dist/types/services/tdd-service.d.ts +12 -1
package/dist/types/services/test-runner.d.ts +3 -3
package/dist/types/utils/output.d.ts +84 -0
package/dist/utils/config-loader.js +24 -48
package/dist/utils/global-config.js +2 -17
package/dist/utils/output.js +445 -0
package/dist/utils/security.js +3 -4
package/docs/api-reference.md +0 -1
package/docs/plugins.md +22 -22
package/package.json +3 -2
package/dist/container/index.js +0 -215
package/dist/services/base-service.js +0 -154
package/dist/types/container/index.d.ts +0 -59
package/dist/types/reporter/src/components/comparison/viewer-modes/onion-viewer.d.ts +0 -3
package/dist/types/reporter/src/components/comparison/viewer-modes/overlay-viewer.d.ts +0 -3
package/dist/types/reporter/src/components/comparison/viewer-modes/side-by-side-viewer.d.ts +0 -3
package/dist/types/reporter/src/components/comparison/viewer-modes/toggle-viewer.d.ts +0 -3
package/dist/types/reporter/src/components/dashboard/dashboard-header.d.ts +0 -5
package/dist/types/reporter/src/components/dashboard/dashboard-stats.d.ts +0 -4
package/dist/types/reporter/src/components/dashboard/empty-state.d.ts +0 -8
package/dist/types/reporter/src/components/ui/form-field.d.ts +0 -16
package/dist/types/reporter/src/components/ui/status-badge.d.ts +0 -5
package/dist/types/reporter/src/hooks/use-auth.d.ts +0 -10
package/dist/types/reporter/src/hooks/use-baseline-actions.d.ts +0 -5
package/dist/types/reporter/src/hooks/use-config.d.ts +0 -9
package/dist/types/reporter/src/hooks/use-projects.d.ts +0 -10
package/dist/types/reporter/src/hooks/use-report-data.d.ts +0 -7
package/dist/types/reporter/src/hooks/use-vizzly-api.d.ts +0 -9
package/dist/types/services/base-service.d.ts +0 -71
package/dist/types/utils/console-ui.d.ts +0 -61
package/dist/types/utils/logger-factory.d.ts +0 -26
package/dist/types/utils/logger.d.ts +0 -79
package/dist/utils/console-ui.js +0 -241
package/dist/utils/logger-factory.js +0 -76
package/dist/utils/logger.js +0 -231

package/dist/server/middleware/cors.js ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * CORS Middleware
+ * Handles cross-origin requests and preflight OPTIONS
+ */
+/**
+ * Apply CORS headers and handle OPTIONS preflight
+ * @param {http.IncomingMessage} req
+ * @param {http.ServerResponse} res
+ * @returns {boolean} True if request was handled (OPTIONS), false to continue
+ */
+export function corsMiddleware(req, res) {
+  res.setHeader('Access-Control-Allow-Origin', '*');
+  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
+  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+  if (req.method === 'OPTIONS') {
+    res.statusCode = 200;
+    res.end();
+    return true;
+  }
+  return false;
+}

package/dist/server/middleware/json-parser.js ADDED Viewed

@@ -0,0 +1,35 @@
+/**
+ * JSON Body Parser Middleware
+ * Parses JSON request bodies for POST requests
+ */
+/**
+ * Parse JSON body from request
+ * @param {http.IncomingMessage} req
+ * @returns {Promise<Object|null>} Parsed JSON body or null for non-POST
+ */
+export function parseJsonBody(req) {
+  return new Promise((resolve, reject) => {
+    if (req.method !== 'POST' && req.method !== 'PUT' && req.method !== 'PATCH') {
+      resolve(null);
+      return;
+    }
+    let body = '';
+    req.on('data', chunk => {
+      body += chunk.toString();
+    });
+    req.on('end', () => {
+      if (!body) {
+        resolve({});
+        return;
+      }
+      try {
+        let data = JSON.parse(body);
+        resolve(data);
+      } catch {
+        reject(new Error('Invalid JSON'));
+      }
+    });
+    req.on('error', reject);
+  });
+}

package/dist/server/middleware/response.js ADDED Viewed

@@ -0,0 +1,79 @@
+/**
+ * Response Helpers
+ * Standardized response utilities for consistent API responses
+ */
+/**
+ * Send JSON response
+ * @param {http.ServerResponse} res
+ * @param {number} statusCode
+ * @param {Object} data
+ */
+export function sendJson(res, statusCode, data) {
+  res.setHeader('Content-Type', 'application/json');
+  res.statusCode = statusCode;
+  res.end(JSON.stringify(data));
+}
+/**
+ * Send success response
+ * @param {http.ServerResponse} res
+ * @param {Object} data
+ */
+export function sendSuccess(res, data = {}) {
+  sendJson(res, 200, data);
+}
+/**
+ * Send error response
+ * @param {http.ServerResponse} res
+ * @param {number} statusCode
+ * @param {string} message
+ */
+export function sendError(res, statusCode, message) {
+  sendJson(res, statusCode, {
+    error: message
+  });
+}
+/**
+ * Send 404 Not Found
+ * @param {http.ServerResponse} res
+ * @param {string} message
+ */
+export function sendNotFound(res, message = 'Not found') {
+  sendError(res, 404, message);
+}
+/**
+ * Send 503 Service Unavailable
+ * @param {http.ServerResponse} res
+ * @param {string} serviceName
+ */
+export function sendServiceUnavailable(res, serviceName) {
+  sendError(res, 503, `${serviceName} not available`);
+}
+/**
+ * Send HTML response
+ * @param {http.ServerResponse} res
+ * @param {number} statusCode
+ * @param {string} html
+ */
+export function sendHtml(res, statusCode, html) {
+  res.setHeader('Content-Type', 'text/html');
+  res.statusCode = statusCode;
+  res.end(html);
+}
+/**
+ * Send file response with specified content type
+ * @param {http.ServerResponse} res
+ * @param {Buffer|string} content
+ * @param {string} contentType
+ */
+export function sendFile(res, content, contentType) {
+  res.setHeader('Content-Type', contentType);
+  res.statusCode = 200;
+  res.end(content);
+}

package/dist/server/routers/assets.js ADDED Viewed

@@ -0,0 +1,91 @@
+/**
+ * Assets Router
+ * Serves static assets (bundle files, images)
+ */
+import { readFileSync, existsSync } from 'fs';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
+import { sendFile, sendError, sendNotFound } from '../middleware/response.js';
+import * as output from '../../utils/output.js';
+let __filename = fileURLToPath(import.meta.url);
+let __dirname = dirname(__filename);
+let PROJECT_ROOT = join(__dirname, '..', '..', '..');
+/**
+ * Create assets router
+ * @param {Object} context - Router context
+ * @returns {Function} Route handler
+ */
+export function createAssetsRouter() {
+  return async function handleAssetsRoute(req, res, pathname) {
+    if (req.method !== 'GET') {
+      return false;
+    }
+    // Serve React bundle JS
+    if (pathname === '/reporter-bundle.js') {
+      let bundlePath = join(PROJECT_ROOT, 'dist', 'reporter', 'reporter-bundle.iife.js');
+      if (existsSync(bundlePath)) {
+        try {
+          let bundle = readFileSync(bundlePath, 'utf8');
+          sendFile(res, bundle, 'application/javascript');
+          return true;
+        } catch (error) {
+          output.debug('Error serving reporter bundle:', {
+            error: error.message
+          });
+          sendError(res, 500, 'Error loading reporter bundle');
+          return true;
+        }
+      } else {
+        sendNotFound(res, 'Reporter bundle not found');
+        return true;
+      }
+    }
+    // Serve React bundle CSS
+    if (pathname === '/reporter-bundle.css') {
+      let cssPath = join(PROJECT_ROOT, 'dist', 'reporter', 'reporter-bundle.css');
+      if (existsSync(cssPath)) {
+        try {
+          let css = readFileSync(cssPath, 'utf8');
+          sendFile(res, css, 'text/css');
+          return true;
+        } catch (error) {
+          output.debug('Error serving reporter CSS:', {
+            error: error.message
+          });
+          sendError(res, 500, 'Error loading reporter CSS');
+          return true;
+        }
+      } else {
+        sendNotFound(res, 'Reporter CSS not found');
+        return true;
+      }
+    }
+    // Serve images from .vizzly directory
+    if (pathname.startsWith('/images/')) {
+      let imagePath = pathname.replace('/images/', '');
+      let fullImagePath = join(process.cwd(), '.vizzly', imagePath);
+      if (existsSync(fullImagePath)) {
+        try {
+          let imageData = readFileSync(fullImagePath);
+          sendFile(res, imageData, 'image/png');
+          return true;
+        } catch (error) {
+          output.debug('Error serving image:', {
+            error: error.message
+          });
+          sendError(res, 500, 'Error loading image');
+          return true;
+        }
+      } else {
+        sendNotFound(res, 'Image not found');
+        return true;
+      }
+    }
+    return false;
+  };
+}

package/dist/server/routers/auth.js ADDED Viewed

@@ -0,0 +1,144 @@
+/**
+ * Auth Router
+ * Handles authentication endpoints (device flow login, logout, status)
+ */
+import { parseJsonBody } from '../middleware/json-parser.js';
+import { sendSuccess, sendError, sendServiceUnavailable } from '../middleware/response.js';
+import * as output from '../../utils/output.js';
+/**
+ * Create auth router
+ * @param {Object} context - Router context
+ * @param {Object} context.authService - Auth service
+ * @returns {Function} Route handler
+ */
+export function createAuthRouter({
+  authService
+}) {
+  return async function handleAuthRoute(req, res, pathname) {
+    // Check if auth service is available for all auth routes
+    if (pathname.startsWith('/api/auth') && !authService) {
+      sendServiceUnavailable(res, 'Auth service');
+      return true;
+    }
+    // Get auth status and user info
+    if (req.method === 'GET' && pathname === '/api/auth/status') {
+      try {
+        let isAuthenticated = await authService.isAuthenticated();
+        let user = null;
+        if (isAuthenticated) {
+          let whoami = await authService.whoami();
+          user = whoami.user;
+        }
+        sendSuccess(res, {
+          authenticated: isAuthenticated,
+          user
+        });
+        return true;
+      } catch (error) {
+        output.error('Error getting auth status:', error);
+        sendSuccess(res, {
+          authenticated: false,
+          user: null
+        });
+        return true;
+      }
+    }
+    // Initiate device flow login
+    if (req.method === 'POST' && pathname === '/api/auth/login') {
+      try {
+        let deviceFlow = await authService.initiateDeviceFlow();
+        // Transform snake_case to camelCase for frontend
+        let response = {
+          deviceCode: deviceFlow.device_code,
+          userCode: deviceFlow.user_code,
+          verificationUri: deviceFlow.verification_uri,
+          verificationUriComplete: deviceFlow.verification_uri_complete,
+          expiresIn: deviceFlow.expires_in,
+          interval: deviceFlow.interval
+        };
+        sendSuccess(res, response);
+        return true;
+      } catch (error) {
+        output.error('Error initiating device flow:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Poll device authorization status
+    if (req.method === 'POST' && pathname === '/api/auth/poll') {
+      try {
+        let body = await parseJsonBody(req);
+        let {
+          deviceCode
+        } = body;
+        if (!deviceCode) {
+          sendError(res, 400, 'deviceCode is required');
+          return true;
+        }
+        let result;
+        try {
+          result = await authService.pollDeviceAuthorization(deviceCode);
+        } catch (error) {
+          // Handle "Authorization pending" as a valid response
+          if (error.message && error.message.includes('Authorization pending')) {
+            sendSuccess(res, {
+              status: 'pending'
+            });
+            return true;
+          }
+          throw error;
+        }
+        // Check if authorization is complete by looking for tokens
+        if (result.tokens && result.tokens.accessToken) {
+          let tokensData = result.tokens;
+          let tokenExpiresIn = tokensData.expiresIn || tokensData.expires_in;
+          let tokenExpiresAt = tokenExpiresIn ? new Date(Date.now() + tokenExpiresIn * 1000).toISOString() : result.expires_at || result.expiresAt;
+          let tokens = {
+            accessToken: tokensData.accessToken || tokensData.access_token,
+            refreshToken: tokensData.refreshToken || tokensData.refresh_token,
+            expiresAt: tokenExpiresAt,
+            user: result.user
+          };
+          await authService.completeDeviceFlow(tokens);
+          sendSuccess(res, {
+            status: 'complete',
+            user: result.user
+          });
+        } else {
+          sendSuccess(res, {
+            status: 'pending'
+          });
+        }
+        return true;
+      } catch (error) {
+        output.error('Error polling device authorization:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Logout user
+    if (req.method === 'POST' && pathname === '/api/auth/logout') {
+      try {
+        await authService.logout();
+        sendSuccess(res, {
+          success: true,
+          message: 'Logged out successfully'
+        });
+        return true;
+      } catch (error) {
+        output.error('Error logging out:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    return false;
+  };
+}

package/dist/server/routers/baseline.js ADDED Viewed

@@ -0,0 +1,163 @@
+/**
+ * Baseline Router
+ * Handles baseline management (accept, accept-all, reset)
+ */
+import { parseJsonBody } from '../middleware/json-parser.js';
+import { sendSuccess, sendError, sendServiceUnavailable } from '../middleware/response.js';
+import * as output from '../../utils/output.js';
+/**
+ * Create baseline router
+ * @param {Object} context - Router context
+ * @param {Object} context.screenshotHandler - Screenshot handler
+ * @param {Object} context.tddService - TDD service for baseline downloads
+ * @param {Object} context.authService - Auth service for OAuth requests
+ * @returns {Function} Route handler
+ */
+export function createBaselineRouter({
+  screenshotHandler,
+  tddService,
+  authService
+}) {
+  return async function handleBaselineRoute(req, res, pathname) {
+    // Accept a single screenshot as baseline
+    if (req.method === 'POST' && pathname === '/api/baseline/accept') {
+      if (!screenshotHandler?.acceptBaseline) {
+        sendError(res, 400, 'Baseline management not available');
+        return true;
+      }
+      try {
+        let {
+          id
+        } = await parseJsonBody(req);
+        if (!id) {
+          sendError(res, 400, 'Comparison ID required');
+          return true;
+        }
+        await screenshotHandler.acceptBaseline(id);
+        sendSuccess(res, {
+          success: true,
+          message: `Baseline accepted for comparison ${id}`
+        });
+        return true;
+      } catch (error) {
+        output.error('Error accepting baseline:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Accept all screenshots as baseline
+    if (req.method === 'POST' && pathname === '/api/baseline/accept-all') {
+      if (!screenshotHandler?.acceptAllBaselines) {
+        sendError(res, 400, 'Baseline management not available');
+        return true;
+      }
+      try {
+        let result = await screenshotHandler.acceptAllBaselines();
+        sendSuccess(res, {
+          success: true,
+          message: `Accepted ${result.count} baselines`,
+          count: result.count
+        });
+        return true;
+      } catch (error) {
+        output.error('Error accepting all baselines:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Reset baselines to previous state
+    if (req.method === 'POST' && pathname === '/api/baseline/reset') {
+      if (!screenshotHandler?.resetBaselines) {
+        sendError(res, 400, 'Baseline management not available');
+        return true;
+      }
+      try {
+        await screenshotHandler.resetBaselines();
+        sendSuccess(res, {
+          success: true,
+          message: 'Baselines reset to previous state'
+        });
+        return true;
+      } catch (error) {
+        output.error('Error resetting baselines:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Download baselines from a remote build
+    if (req.method === 'POST' && pathname === '/api/baselines/download') {
+      if (!tddService) {
+        sendServiceUnavailable(res, 'TDD service not available (only available in TDD mode)');
+        return true;
+      }
+      try {
+        let body = await parseJsonBody(req);
+        let {
+          buildId,
+          organizationSlug,
+          projectSlug
+        } = body;
+        if (!buildId) {
+          sendError(res, 400, 'buildId is required');
+          return true;
+        }
+        output.info(`Downloading baselines from build ${buildId}...`);
+        // If organizationSlug and projectSlug are provided, use OAuth-based download
+        if (organizationSlug && projectSlug && authService) {
+          try {
+            let result = await tddService.downloadBaselinesWithAuth(buildId, organizationSlug, projectSlug, authService);
+            sendSuccess(res, {
+              success: true,
+              message: `Baselines downloaded from build ${buildId}`,
+              ...result
+            });
+            return true;
+          } catch (authError) {
+            // Log the OAuth error with details
+            output.warn(`OAuth download failed (org=${organizationSlug}, project=${projectSlug}): ${authError.message}`);
+            // If the error is a 404, it's likely the build doesn't belong to the project
+            // or the project/org is incorrect - provide a helpful error
+            if (authError.message?.includes('404')) {
+              sendError(res, 404, `Build not found or does not belong to project "${projectSlug}" in organization "${organizationSlug}". ` + `Please verify the build exists and you have access to it.`);
+              return true;
+            }
+            // For auth errors, try API token fallback
+            if (!authError.message?.includes('401')) {
+              // For other errors, don't fall through - report them directly
+              throw authError;
+            }
+          }
+        }
+        // Fall back to API token-based download (when no OAuth info or OAuth auth failed)
+        let result = await tddService.downloadBaselines('test',
+        // environment
+        null,
+        // branch (not needed when buildId is specified)
+        buildId,
+        // specific build to download from
+        null // comparisonId (not needed)
+        );
+        sendSuccess(res, {
+          success: true,
+          message: `Baselines downloaded from build ${buildId}`,
+          ...result
+        });
+        return true;
+      } catch (error) {
+        output.error('Error downloading baselines:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    return false;
+  };
+}

package/dist/server/routers/cloud-proxy.js ADDED Viewed

@@ -0,0 +1,146 @@
+/**
+ * Cloud Proxy Router
+ * Proxies requests to Vizzly cloud API with OAuth authentication
+ *
+ * This router transparently handles OAuth token management:
+ * - Reads tokens from ~/.vizzly/config.json via authService
+ * - Adds Authorization header to outgoing requests
+ * - Handles token refresh on 401 responses
+ * - Returns proxied response to React app
+ */
+import { parseJsonBody } from '../middleware/json-parser.js';
+import { sendSuccess, sendError, sendServiceUnavailable } from '../middleware/response.js';
+import * as output from '../../utils/output.js';
+/**
+ * Create cloud proxy router
+ * @param {Object} context - Router context
+ * @param {Object} context.authService - Auth service for token management
+ * @param {string} context.apiUrl - Base API URL (default: https://app.vizzly.dev)
+ * @returns {Function} Route handler
+ */
+export function createCloudProxyRouter({
+  authService,
+  apiUrl: _apiUrl = 'https://app.vizzly.dev'
+}) {
+  /**
+   * Make an authenticated request to the cloud API
+   * @param {string} endpoint - API endpoint (e.g., /api/cli/projects)
+   * @param {Object} options - Fetch options
+   * @returns {Promise<Object>} Response data
+   */
+  async function proxyRequest(endpoint, options = {}) {
+    if (!authService) {
+      throw new Error('Auth service not available');
+    }
+    // Use authService.authenticatedRequest which handles token refresh
+    return authService.authenticatedRequest(endpoint, options);
+  }
+  return async function handleCloudProxyRoute(req, res, pathname, parsedUrl) {
+    // Only handle /api/cloud/* routes
+    if (!pathname.startsWith('/api/cloud')) {
+      return false;
+    }
+    // Check auth service availability
+    if (!authService) {
+      sendServiceUnavailable(res, 'Auth service');
+      return true;
+    }
+    // Route: GET /api/cloud/projects - List user's projects
+    if (req.method === 'GET' && pathname === '/api/cloud/projects') {
+      try {
+        let response = await proxyRequest('/api/cli/projects', {
+          method: 'GET'
+        });
+        sendSuccess(res, {
+          projects: response.projects || []
+        });
+        return true;
+      } catch (error) {
+        output.error('Error fetching projects from cloud:', error);
+        // Return empty array instead of error for better UX when not logged in
+        if (error.message?.includes('not authenticated') || error.code === 'AUTH_ERROR') {
+          sendSuccess(res, {
+            projects: [],
+            authenticated: false
+          });
+        } else {
+          sendError(res, 500, error.message);
+        }
+        return true;
+      }
+    }
+    // Route: GET /api/cloud/organizations/:org/projects/:project/builds
+    let buildsMatch = pathname.match(/^\/api\/cloud\/organizations\/([^/]+)\/projects\/([^/]+)\/builds$/);
+    if (req.method === 'GET' && buildsMatch) {
+      try {
+        let organizationSlug = decodeURIComponent(buildsMatch[1]);
+        let projectSlug = decodeURIComponent(buildsMatch[2]);
+        let limit = parsedUrl.searchParams.get('limit') || '20';
+        let branch = parsedUrl.searchParams.get('branch');
+        let queryParams = new URLSearchParams();
+        if (limit) queryParams.append('limit', limit);
+        if (branch) queryParams.append('branch', branch);
+        let query = queryParams.toString();
+        let endpoint = `/api/cli/organizations/${organizationSlug}/projects/${projectSlug}/builds${query ? `?${query}` : ''}`;
+        let response = await proxyRequest(endpoint, {
+          method: 'GET'
+        });
+        sendSuccess(res, {
+          builds: response.builds || []
+        });
+        return true;
+      } catch (error) {
+        output.error('Error fetching builds from cloud:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Route: POST /api/cloud/baselines/download - Download baselines from build
+    if (req.method === 'POST' && pathname === '/api/cloud/baselines/download') {
+      try {
+        let body = await parseJsonBody(req);
+        let {
+          buildId,
+          screenshotNames
+        } = body;
+        if (!buildId) {
+          sendError(res, 400, 'buildId is required');
+          return true;
+        }
+        // Download baselines from the specified build
+        let response = await proxyRequest('/api/cli/baselines/download', {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json'
+          },
+          body: JSON.stringify({
+            buildId,
+            screenshotNames
+          })
+        });
+        sendSuccess(res, {
+          success: true,
+          message: `Baselines downloaded from build ${buildId}`,
+          ...response
+        });
+        return true;
+      } catch (error) {
+        output.error('Error downloading baselines from cloud:', error);
+        sendError(res, 500, error.message);
+        return true;
+      }
+    }
+    // Unknown cloud route
+    sendError(res, 404, 'Cloud API endpoint not found');
+    return true;
+  };
+}