@xuda.ai/cli 0.1.0

package/README.md

@@ -0,0 +1,53 @@
+# @xuda.ai/cli
+
+Run published Xuda AI agents from your terminal.
+
+## Install
+
+```
+npm i -g @xuda.ai/cli
+```
+
+## Sign in
+
+```
+xuda login
+```
+
+Opens xuda.ai in your browser and asks you to approve a one-time code. The
+access token is stored at `~/.xuda/credentials.json`.
+
+## Run an agent
+
+```
+xuda run <agent-id>
+```
+
+Or install a specific agent's published shim — the package runs it for you:
+
+```
+npm i -g @xuda.ai/<agent-slug>
+<agent-slug>
+```
+
+## Commands
+
+| Command           | What it does                          |
+|-------------------|---------------------------------------|
+| `xuda login`      | Device-code sign-in to Xuda           |
+| `xuda logout`     | Forget stored credentials             |
+| `xuda whoami`     | Print the signed-in account email     |
+| `xuda run <id>`   | Open a chat session with an agent     |
+
+## Environment
+
+| Variable         | Default                  |
+|------------------|--------------------------|
+| `XUDA_API_URL`   | `https://api.xuda.io`    |
+| `XUDA_WEB_URL`   | `https://xuda.ai`        |
+| `XUDA_WS_URL`    | derived from `XUDA_API_URL` |
+
+## Notes
+
+Only free agents are published to npm. Paid agents stay accessible through the
+Xuda dashboard.

package/bin/xuda.mjs

@@ -0,0 +1,59 @@
+#!/usr/bin/env node
+import { login, clearCredentials, loadCredentials, runAgent } from '../src/index.mjs';
+
+const [, , cmd, ...rest] = process.argv;
+
+const help = () => {
+  console.log(`xuda — Xuda AI agent CLI
+
+Usage:
+  xuda login                Sign in to Xuda
+  xuda logout               Forget stored credentials
+  xuda whoami               Show signed-in account
+  xuda run <agent-id>       Run a published AI agent
+  xuda help                 Show this help
+
+Per-agent CLIs (installed as @xuda.ai/<agent>) call xuda under the hood.
+`);
+};
+
+const main = async () => {
+  try {
+    switch (cmd) {
+      case 'login':
+        await login();
+        break;
+      case 'logout':
+        await clearCredentials();
+        console.log('Signed out.');
+        break;
+      case 'whoami': {
+        const c = await loadCredentials();
+        if (!c) { console.log('Not signed in.'); process.exit(1); }
+        console.log(c.user_email || c.uid || '(unknown)');
+        break;
+      }
+      case 'run': {
+        const agentId = rest[0];
+        if (!agentId) { console.error('xuda run: agent-id required'); process.exit(2); }
+        await runAgent({ agentId });
+        break;
+      }
+      case 'help':
+      case '--help':
+      case '-h':
+      case undefined:
+        help();
+        break;
+      default:
+        console.error(`unknown command: ${cmd}`);
+        help();
+        process.exit(2);
+    }
+  } catch (err) {
+    console.error(`error: ${err.message || err}`);
+    process.exit(1);
+  }
+};
+
+main();

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "@xuda.ai/cli",
+  "version": "0.1.0",
+  "description": "Xuda CLI — sign in to Xuda and run published AI agents from your terminal.",
+  "type": "module",
+  "bin": {
+    "xuda": "./bin/xuda.mjs"
+  },
+  "exports": {
+    ".": "./src/index.mjs",
+    "./run": "./src/index.mjs"
+  },
+  "files": [
+    "bin",
+    "src",
+    "README.md"
+  ],
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "dependencies": {
+    "socket.io-client": "^4.7.5"
+  },
+  "scripts": {
+    "pub": "npm version patch --force && npm publish --access public"
+  },
+  "keywords": [
+    "xuda",
+    "ai",
+    "agent",
+    "cli",
+    "chat"
+  ],
+  "homepage": "https://xuda.ai",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/xudaio/xuda"
+  },
+  "author": "Xuda",
+  "license": "MIT"
+}

package/src/auth.mjs

@@ -0,0 +1,91 @@
+import fs from 'node:fs/promises';
+import { spawn } from 'node:child_process';
+import { API_URL, WEB_URL, CRED_DIR, CRED_FILE } from './config.mjs';
+
+const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+
+const post = async (route, body) => {
+  const res = await fetch(`${API_URL}${route}`, {
+    method: 'POST',
+    headers: { 'content-type': 'application/json' },
+    body: JSON.stringify(body || {}),
+  });
+  if (!res.ok) {
+    const txt = await res.text().catch(() => '');
+    throw new Error(`POST ${route} ${res.status} ${txt}`);
+  }
+  return res.json();
+};
+
+const openBrowser = (url) => {
+  const cmd = process.platform === 'darwin' ? 'open' : process.platform === 'win32' ? 'start' : 'xdg-open';
+  try {
+    spawn(cmd, [url], { stdio: 'ignore', detached: true }).unref();
+  } catch {}
+};
+
+export const loadCredentials = async () => {
+  try {
+    const raw = await fs.readFile(CRED_FILE, 'utf8');
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+};
+
+export const saveCredentials = async (creds) => {
+  await fs.mkdir(CRED_DIR, { recursive: true, mode: 0o700 });
+  await fs.writeFile(CRED_FILE, JSON.stringify(creds, null, 2), { mode: 0o600 });
+};
+
+export const clearCredentials = async () => {
+  try {
+    await fs.unlink(CRED_FILE);
+  } catch {}
+};
+
+export const login = async () => {
+  const start = await post('/cpi/start_cli_auth', { client_name: 'xuda-cli' });
+  if (start.code < 0) throw new Error(`auth start failed: ${start.data}`);
+  const { device_code, user_code, verification_uri, interval = 3, expires_in = 600 } = start.data;
+
+  const fullUri = `${verification_uri}?code=${encodeURIComponent(user_code)}`;
+  console.log('');
+  console.log('  Sign in to Xuda to continue.');
+  console.log('');
+  console.log(`  Open:  ${fullUri}`);
+  console.log(`  Code:  ${user_code}`);
+  console.log('');
+  console.log('  (waiting for approval...)');
+  openBrowser(fullUri);
+
+  const deadline = Date.now() + expires_in * 1000;
+  while (Date.now() < deadline) {
+    await sleep(interval * 1000);
+    const poll = await post('/cpi/poll_cli_auth', { device_code });
+    if (poll.code === 1 && poll.data?.access_token) {
+      const creds = {
+        access_token: poll.data.access_token,
+        uid: poll.data.uid,
+        user_email: poll.data.user_email,
+        api_url: API_URL,
+        web_url: WEB_URL,
+        created_ts: Date.now(),
+      };
+      await saveCredentials(creds);
+      console.log(`  Signed in as ${creds.user_email}`);
+      return creds;
+    }
+    if (poll.code === -1 || poll.data === 'denied') {
+      throw new Error('access denied');
+    }
+  }
+  throw new Error('auth code expired');
+};
+
+export const requireCredentials = async () => {
+  const creds = await loadCredentials();
+  if (creds?.access_token) return creds;
+  console.log('Not signed in. Starting login...');
+  return await login();
+};

package/src/config.mjs

@@ -0,0 +1,11 @@
+import os from 'node:os';
+import path from 'node:path';
+
+export const API_URL = process.env.XUDA_API_URL || 'https://api.xuda.io';
+export const WEB_URL = process.env.XUDA_WEB_URL || 'https://xuda.ai';
+export const WS_URL = (process.env.XUDA_WS_URL || API_URL).replace(/^http/, 'ws') + '/ws';
+
+export const CRED_DIR = path.join(os.homedir(), '.xuda');
+export const CRED_FILE = path.join(CRED_DIR, 'credentials.json');
+
+export const CLI_NAME = '@xuda.ai/cli';

package/src/index.mjs

@@ -0,0 +1,10 @@
+import { requireCredentials } from './auth.mjs';
+
+export { login, loadCredentials, saveCredentials, clearCredentials, requireCredentials } from './auth.mjs';
+
+export const runAgent = async ({ agentId, agentName, agentVersion } = {}) => {
+  if (!agentId) throw new Error('runAgent: agentId is required');
+  const credentials = await requireCredentials();
+  const { runAgentSession } = await import('./session.mjs');
+  await runAgentSession({ agentId, agentName, agentVersion, credentials });
+};

package/src/session.mjs

@@ -0,0 +1,77 @@
+import readline from 'node:readline';
+import { io } from 'socket.io-client';
+import { API_URL } from './config.mjs';
+
+const CLI_VERSION = '0.1.0';
+
+export const runAgentSession = async ({ agentId, agentName, agentVersion, credentials }) => {
+  const socket = io(API_URL, {
+    path: '/ws',
+    transports: ['websocket'],
+    reconnection: false,
+    query: {
+      source: 'cli',
+      gtp_token: credentials.access_token,
+      account_id: credentials.uid,
+      cli_version: CLI_VERSION,
+    },
+  });
+
+  let sessionId = null;
+  const rl = readline.createInterface({ input: process.stdin, output: process.stdout, terminal: process.stdin.isTTY });
+  const prompt = () => {
+    if (!process.stdin.isTTY) return;
+    rl.setPrompt('› ');
+    rl.prompt();
+  };
+
+  await new Promise((resolve, reject) => {
+    const t = setTimeout(() => reject(new Error('handshake timeout')), 15000);
+
+    socket.on('connect', () => {
+      socket.emit('agent_handshake', { agent_id: agentId, agent_version: agentVersion, cli_version: CLI_VERSION });
+    });
+
+    socket.on('handshake_ok', (msg) => {
+      clearTimeout(t);
+      sessionId = msg.session_id;
+      const name = msg.agent_name || agentName || 'agent';
+      console.log(`Connected to ${name}.  (ctrl-c to exit)`);
+      if (msg.welcome) console.log(`\n${msg.welcome}\n`);
+      resolve();
+      prompt();
+    });
+
+    socket.on('handshake_err', (msg) => {
+      clearTimeout(t);
+      reject(new Error(msg?.reason || 'handshake refused'));
+    });
+
+    socket.on('connect_error', (err) => {
+      clearTimeout(t);
+      reject(new Error(`connection error: ${err.message}`));
+    });
+  });
+
+  socket.on('stream_start', () => process.stdout.write('\n'));
+  socket.on('stream_delta', (msg) => { if (msg?.text) process.stdout.write(msg.text); });
+  socket.on('stream_end', () => { process.stdout.write('\n\n'); prompt(); });
+  socket.on('error', (msg) => { console.error(`\nerror: ${msg?.message || 'unknown'}`); prompt(); });
+
+  socket.on('disconnect', () => {
+    rl.close();
+    process.exit(0);
+  });
+
+  rl.on('line', (line) => {
+    const text = line.trim();
+    if (!text) { prompt(); return; }
+    socket.emit('prompt', { session_id: sessionId, text });
+  });
+
+  rl.on('SIGINT', () => {
+    try { socket.emit('close', { session_id: sessionId }); } catch {}
+    socket.disconnect();
+    process.exit(0);
+  });
+};