npm - aios-core - Versions diffs - 4.2.1 → 4.2.3 - Mend

aios-core 4.2.1 → 4.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/.aios-core/install-manifest.yaml +2 -2
package/package.json +1 -1
package/packages/installer/src/wizard/pro-setup.js +228 -76

package/.aios-core/install-manifest.yaml CHANGED Viewed

@@ -7,8 +7,8 @@
 # - SHA256 hashes for change detection
 # - File types for categorization
 #
-version: 4.2.1
-generated_at: "2026-02-16T00:12:14.502Z"
+version: 4.2.3
+generated_at: "2026-02-16T00:47:03.699Z"
 generator: scripts/generate-install-manifest.js
 file_count: 992
 files:

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "aios-core",
-  "version": "4.2.1",
+  "version": "4.2.3",
   "description": "Synkra AIOS: AI-Orchestrated System for Full Stack Development - Core Framework",
   "bin": {
     "aios": "bin/aios.js",

package/packages/installer/src/wizard/pro-setup.js CHANGED Viewed

@@ -264,13 +264,18 @@ async function stepLicenseGateCI(options) {
 /**
  * Interactive email/password license gate flow.
  *
- * Prompts for email, then checks if account exists to determine signup vs login.
+ * New flow (PRO-11 v2):
+ * 1. Email → checkEmail API → { isBuyer, hasAccount }
+ * 2. NOT buyer → "No Pro access found" → STOP
+ * 3. IS buyer + HAS account → Password → Login (with retry) → Activate
+ * 4. IS buyer + NO account → Password + Confirm → Signup → Verify email → Login → Activate
  *
  * @returns {Promise<Object>} Result with { success, key, activationResult }
  */
 async function stepLicenseGateWithEmail() {
   const inquirer = require('inquirer');
+  // Step 1: Get email
   const { email } = await inquirer.prompt([
     {
       type: 'input',
@@ -288,53 +293,147 @@ async function stepLicenseGateWithEmail() {
     },
   ]);
-  const { password } = await inquirer.prompt([
-    {
-      type: 'password',
-      name: 'password',
-      message: colors.primary('Password:'),
-      mask: '*',
-      validate: (input) => {
-        if (!input || input.length < MIN_PASSWORD_LENGTH) {
-          return `Password must be at least ${MIN_PASSWORD_LENGTH} characters`;
-        }
-        return true;
-      },
-    },
-  ]);
+  const trimmedEmail = email.trim();
+  // Step 2: Check buyer status + account existence
+  const loader = module.exports._testing ? module.exports._testing.loadLicenseApi : loadLicenseApi;
+  const licenseModule = loader();
+  if (!licenseModule) {
+    return {
+      success: false,
+      error: 'Pro license module not available. Ensure @aios-fullstack/pro is installed.',
+    };
+  }
+  const { LicenseApiClient } = licenseModule;
+  const client = new LicenseApiClient();
+  // Check connectivity
+  const online = await client.isOnline();
+  if (!online) {
+    return {
+      success: false,
+      error: 'License server is unreachable. Check your internet connection and try again.',
+    };
+  }
+  const checkSpinner = createSpinner('Verifying your access...');
+  checkSpinner.start();
+  let checkResult;
+  try {
+    checkResult = await client.checkEmail(trimmedEmail);
+  } catch (checkError) {
+    checkSpinner.fail(`Verification failed: ${checkError.message}`);
+    return { success: false, error: checkError.message };
+  }
+  // Step 2a: NOT a buyer → stop
+  if (!checkResult.isBuyer) {
+    checkSpinner.fail('No AIOS Pro access found for this email.');
+    console.log('');
+    showInfo('If you believe this is an error, please contact support:');
+    showInfo('  Email: support@synkra.ai');
+    showInfo('  Purchase Pro: https://pro.synkra.ai');
+    return { success: false, error: 'Email not found in Pro buyers list.' };
+  }
+  // Step 2b: IS a buyer
+  if (checkResult.hasAccount) {
+    checkSpinner.succeed('Pro access confirmed! Account found.');
+    // Flow 3: Existing account → Login with password (retry loop)
+    return loginWithRetry(client, trimmedEmail);
+  }
-  return authenticateWithEmail(email.trim(), password);
+  checkSpinner.succeed('Pro access confirmed! Let\'s create your account.');
+  // Flow 4: New account → Create account flow
+  return createAccountFlow(client, trimmedEmail);
 }
 /**
- * Prompt user to create a new account interactively.
- *
- * Asks for confirmation, then password with confirmation.
- * Calls signup API and logs in to get session token.
+ * Login flow with password retry (max 3 attempts).
  *
  * @param {object} client - LicenseApiClient instance
- * @param {string} email - User email
- * @returns {Promise<Object>} Result with { success, sessionToken } or { success: false, error }
+ * @param {string} email - Verified buyer email
+ * @returns {Promise<Object>} Result with { success, key, activationResult }
  */
-async function promptCreateAccount(client, email) {
+async function loginWithRetry(client, email) {
   const inquirer = require('inquirer');
-  console.log('');
-  showInfo(`No account found for ${email}.`);
+  for (let attempt = 1; attempt <= MAX_RETRIES; attempt++) {
+    const { password } = await inquirer.prompt([
+      {
+        type: 'password',
+        name: 'password',
+        message: colors.primary('Password:'),
+        mask: '*',
+        validate: (input) => {
+          if (!input || input.length < MIN_PASSWORD_LENGTH) {
+            return `Password must be at least ${MIN_PASSWORD_LENGTH} characters`;
+          }
+          return true;
+        },
+      },
+    ]);
-  const { wantCreate } = await inquirer.prompt([
-    {
-      type: 'confirm',
-      name: 'wantCreate',
-      message: colors.primary('Would you like to create an account?'),
-      default: true,
-    },
-  ]);
+    const spinner = createSpinner('Authenticating...');
+    spinner.start();
+    try {
+      const loginResult = await client.login(email, password);
+      spinner.succeed('Authenticated successfully.');
+      // Wait for email verification if needed
+      if (!loginResult.emailVerified) {
+        const verifyResult = await waitForEmailVerification(client, loginResult.sessionToken);
+        if (!verifyResult.success) {
+          return verifyResult;
+        }
+      }
-  if (!wantCreate) {
-    return { success: false, error: 'Account creation cancelled.' };
+      // Activate Pro
+      return activateProByAuth(client, loginResult.sessionToken);
+    } catch (loginError) {
+      if (loginError.code === 'INVALID_CREDENTIALS') {
+        const remaining = MAX_RETRIES - attempt;
+        if (remaining > 0) {
+          spinner.fail(`Incorrect password. ${remaining} attempt${remaining > 1 ? 's' : ''} remaining.`);
+          showInfo('Forgot your password? Visit https://pro.synkra.ai/reset-password');
+        } else {
+          spinner.fail('Maximum login attempts reached.');
+          showInfo('Forgot your password? Visit https://pro.synkra.ai/reset-password');
+          showInfo('Or contact support: support@synkra.ai');
+          return { success: false, error: 'Maximum login attempts reached.' };
+        }
+      } else if (loginError.code === 'AUTH_RATE_LIMITED') {
+        spinner.fail(loginError.message);
+        return { success: false, error: loginError.message };
+      } else {
+        spinner.fail(`Authentication failed: ${loginError.message}`);
+        return { success: false, error: loginError.message };
+      }
+    }
   }
+  return { success: false, error: 'Maximum login attempts reached.' };
+}
+/**
+ * Create account flow for new buyers.
+ *
+ * Asks for password, creates account, waits for email verification.
+ *
+ * @param {object} client - LicenseApiClient instance
+ * @param {string} email - Verified buyer email
+ * @returns {Promise<Object>} Result with { success, key, activationResult }
+ */
+async function createAccountFlow(client, email) {
+  const inquirer = require('inquirer');
+  console.log('');
+  showInfo('Create your AIOS Pro account to get started.');
   // Ask for password with confirmation
   const { newPassword } = await inquirer.prompt([
     {
@@ -370,29 +469,79 @@ async function promptCreateAccount(client, email) {
   const spinner = createSpinner('Creating account...');
   spinner.start();
+  let sessionToken;
   try {
     await client.signup(email, confirmPassword);
     spinner.succeed('Account created! Verification email sent.');
-    // Login to get session token
-    const loginResult = await client.login(email, confirmPassword);
-    return { success: true, sessionToken: loginResult.sessionToken };
   } catch (signupError) {
     if (signupError.code === 'EMAIL_ALREADY_REGISTERED') {
-      spinner.fail('An account already exists with this email but the password is incorrect.');
-      showInfo('Forgot your password? Visit https://pro.synkra.ai/reset-password or contact support@synkra.ai');
-      return { success: false, error: signupError.message };
+      spinner.info('Account already exists. Switching to login...');
+      return loginWithRetry(client, email);
     }
     spinner.fail(`Account creation failed: ${signupError.message}`);
     return { success: false, error: signupError.message };
   }
+  // Wait for email verification
+  console.log('');
+  showInfo('Please check your email and click the verification link.');
+  // Login after signup to get session token
+  try {
+    const loginResult = await client.login(email, confirmPassword);
+    sessionToken = loginResult.sessionToken;
+  } catch {
+    // Login might fail if email not verified yet — that's OK, we'll poll
+  }
+  if (sessionToken) {
+    const verifyResult = await waitForEmailVerification(client, sessionToken);
+    if (!verifyResult.success) {
+      return verifyResult;
+    }
+  } else {
+    // Need to wait for verification then login
+    showInfo('Waiting for email verification...');
+    showInfo('After verifying, the installation will continue automatically.');
+    // Poll by trying to login periodically
+    const startTime = Date.now();
+    while (Date.now() - startTime < VERIFY_POLL_TIMEOUT_MS) {
+      await new Promise((resolve) => setTimeout(resolve, VERIFY_POLL_INTERVAL_MS));
+      try {
+        const loginResult = await client.login(email, confirmPassword);
+        sessionToken = loginResult.sessionToken;
+        if (loginResult.emailVerified) {
+          showSuccess('Email verified!');
+          break;
+        }
+        // Got session but not verified yet — use the verification polling
+        const verifyResult = await waitForEmailVerification(client, sessionToken);
+        if (!verifyResult.success) {
+          return verifyResult;
+        }
+        break;
+      } catch {
+        // Still waiting for verification
+      }
+    }
+    if (!sessionToken) {
+      showError('Email verification timed out after 10 minutes.');
+      showInfo('Run the installer again to retry.');
+      return { success: false, error: 'Email verification timed out.' };
+    }
+  }
+  // Activate Pro
+  return activateProByAuth(client, sessionToken);
 }
 /**
- * Authenticate with email and password.
+ * Authenticate with email and password (CI mode / pre-provided credentials).
  *
- * Tries login first. If user doesn't exist, offers to create account.
- * Handles email verification polling for new signups.
+ * For interactive mode, use stepLicenseGateWithEmail() instead (buyer-first flow).
+ * This function is used when credentials are pre-provided (CI, CLI args).
  *
  * @param {string} email - User email
  * @param {string} password - User password
@@ -421,7 +570,22 @@ async function authenticateWithEmail(email, password) {
     };
   }
-  // Try login first
+  // CI mode: check buyer first, then try login or auto-signup
+  const checkSpinner = createSpinner('Verifying access...');
+  checkSpinner.start();
+  try {
+    const checkResult = await client.checkEmail(email);
+    if (!checkResult.isBuyer) {
+      checkSpinner.fail('No AIOS Pro access found for this email.');
+      return { success: false, error: 'Email not found in Pro buyers list.' };
+    }
+    checkSpinner.succeed('Pro access confirmed.');
+  } catch {
+    checkSpinner.info('Buyer check unavailable, proceeding with login...');
+  }
+  // Try login
   const spinner = createSpinner('Authenticating...');
   spinner.start();
@@ -434,44 +598,31 @@ async function authenticateWithEmail(email, password) {
     emailVerified = loginResult.emailVerified;
     spinner.succeed('Authenticated successfully.');
   } catch (loginError) {
-    // If invalid credentials, offer to create account
     if (loginError.code === 'INVALID_CREDENTIALS') {
-      spinner.info('No account found for this email.');
-      // In CI mode, auto-create without prompting
-      if (isCIEnvironment()) {
-        try {
-          await client.signup(email, password);
-          showSuccess('Account created. Verification email sent!');
-          emailVerified = false;
-          const loginAfterSignup = await client.login(email, password);
-          sessionToken = loginAfterSignup.sessionToken;
-        } catch (signupError) {
-          if (signupError.code === 'EMAIL_ALREADY_REGISTERED') {
-            showError('An account exists with this email but the password is incorrect.');
-            showInfo('Forgot your password? Visit https://pro.synkra.ai/reset-password or contact support@synkra.ai');
-            return { success: false, error: signupError.message };
-          }
-          return { success: false, error: signupError.message };
-        }
-      } else {
-        // Interactive: ask user if they want to create account
-        const signupResult = await promptCreateAccount(client, email);
-        if (!signupResult.success) {
-          return signupResult;
-        }
-        sessionToken = signupResult.sessionToken;
+      spinner.info('Login failed, attempting signup...');
+      try {
+        await client.signup(email, password);
+        showSuccess('Account created. Verification email sent!');
         emailVerified = false;
+        const loginAfterSignup = await client.login(email, password);
+        sessionToken = loginAfterSignup.sessionToken;
+      } catch (signupError) {
+        if (signupError.code === 'EMAIL_ALREADY_REGISTERED') {
+          showError('Account exists but the password is incorrect.');
+          return { success: false, error: 'Invalid password.' };
+        }
+        return { success: false, error: signupError.message };
       }
-    } else if (loginError.code === 'AUTH_RATE_LIMITED') {
-      spinner.fail(loginError.message);
-      return { success: false, error: loginError.message };
     } else {
       spinner.fail(`Authentication failed: ${loginError.message}`);
       return { success: false, error: loginError.message };
     }
   }
+  if (!sessionToken) {
+    return { success: false, error: 'Authentication failed.' };
+  }
   // Wait for email verification if needed
   if (!emailVerified) {
     const verifyResult = await waitForEmailVerification(client, sessionToken);
@@ -1005,11 +1156,12 @@ module.exports = {
     authenticateWithEmail,
     waitForEmailVerification,
     activateProByAuth,
+    loginWithRetry,
+    createAccountFlow,
     stepLicenseGateCI,
     stepLicenseGateWithKey,
     stepLicenseGateWithKeyInteractive,
     stepLicenseGateWithEmail,
-    promptCreateAccount,
     loadLicenseApi,
     loadFeatureGate,
     loadProScaffolder,