ardabot 0.1.0 → 0.2.0

package/dist/index.js

@@ -227,6 +227,22 @@ var ApiClient = class {
     }
     return await res.json();
   }
+  /**
+   * Recover an account using a recovery phrase.
+   * Returns a JWT token or throws on invalid phrase.
+   */
+  async recover(recoveryPhrase) {
+    const res = await fetch(`${this.baseUrl}/api/v1/auth/recover`, {
+      method: "POST",
+      headers: this.authHeaders(),
+      body: JSON.stringify({ recoveryPhrase })
+    });
+    if (!res.ok) {
+      const err = await res.json();
+      throw new Error(err.error.message);
+    }
+    return await res.json();
+  }
   // =========================================================================
   // Account endpoints (JWT auth)
   // =========================================================================
@@ -451,33 +467,45 @@ async function loginCommand(options) {
     const promoCode = options.promo ?? gateResult.promoCode;
     const action = await promptChoice(rl, "What would you like to do?", [
       "Link existing account",
-      "Sign up"
+      "Sign up",
+      "Recover account"
     ]);
     if (action === null) return;
+    if (action === 3) {
+      const recovered = await handleRecoverAccount(rl, client);
+      if (recovered) {
+        console.log(chalk.green("\nYou're ready to go! Run `ardabot chat` to talk to your agent.\n"));
+      }
+      return;
+    }
     const authOptions = action === 2 ? ["SMS", "Telegram", "CLI only"] : ["SMS", "Telegram"];
     const authMethod = await promptChoice(rl, "How would you like to verify?", authOptions);
     if (authMethod === null) return;
     let jwt;
+    let recoveryPhrase;
     const isAnonymous = action === 2 && authMethod === 3;
     if (authMethod === 1) {
       const result = await authenticateViaSms(rl, client);
       if (result === null) return;
       jwt = result.jwt;
+      recoveryPhrase = result.recoveryPhrase;
     } else if (authMethod === 2) {
       const result = await authenticateViaTelegram(rl, client);
       if (result === null) return;
       jwt = result.jwt;
+      recoveryPhrase = result.recoveryPhrase;
     } else {
       const result = await authenticateViaCli(rl, client);
       if (result === null) return;
       jwt = result.jwt;
+      recoveryPhrase = result.recoveryPhrase;
     }
     client.setJwt(jwt);
     setJwt(jwt);
     if (action === 1) {
       await handleLinkExisting(client);
     } else {
-      await handleSignUp(rl, client, promoCode, isAnonymous);
+      await handleSignUp(rl, client, promoCode, isAnonymous, recoveryPhrase);
     }
     console.log(chalk.green("\nYou're ready to go! Run `ardabot chat` to talk to your agent.\n"));
   } finally {
@@ -520,10 +548,10 @@ async function authenticateViaSms(rl, client) {
         return null;
       }
       retrySpinner.succeed(retryResult.isNew ? "Account created \u2014 welcome!" : "Welcome back!");
-      return { jwt: retryResult.token, isNew: retryResult.isNew };
+      return { jwt: retryResult.token, isNew: retryResult.isNew, recoveryPhrase: retryResult.recoveryPhrase };
     }
     verifySpinner.succeed(result.isNew ? "Account created \u2014 welcome!" : "Welcome back!");
-    return { jwt: result.token, isNew: result.isNew };
+    return { jwt: result.token, isNew: result.isNew, recoveryPhrase: result.recoveryPhrase };
   } catch (err) {
     verifySpinner.fail("Couldn't verify that code");
     console.log(chalk.red(err.message));
@@ -555,10 +583,10 @@ async function authenticateViaTelegram(rl, client) {
         return null;
       }
       retrySpinner.succeed(retryResult.isNew ? "Account created \u2014 welcome!" : "Welcome back!");
-      return { jwt: retryResult.token, isNew: retryResult.isNew };
+      return { jwt: retryResult.token, isNew: retryResult.isNew, recoveryPhrase: retryResult.recoveryPhrase };
     }
     verifySpinner.succeed(result.isNew ? "Account created \u2014 welcome!" : "Welcome back!");
-    return { jwt: result.token, isNew: result.isNew };
+    return { jwt: result.token, isNew: result.isNew, recoveryPhrase: result.recoveryPhrase };
   } catch (err) {
     verifySpinner.fail("Couldn't verify that code");
     console.log(chalk.red(err.message));
@@ -582,10 +610,10 @@ async function authenticateViaCli(rl, client) {
         return null;
       }
       retrySpinner.succeed("Account created \u2014 welcome!");
-      return { jwt: retryResult.token };
+      return { jwt: retryResult.token, recoveryPhrase: retryResult.recoveryPhrase };
     }
     spinner.succeed("Account created \u2014 welcome!");
-    return { jwt: result.token };
+    return { jwt: result.token, recoveryPhrase: result.recoveryPhrase };
   } catch (err) {
     spinner.fail("Couldn't create account");
     console.log(chalk.red(err.message));
@@ -609,7 +637,7 @@ async function handleLinkExisting(client) {
   }
   await createCliApiKey(client);
 }
-async function handleSignUp(_rl, client, promoCode, isAnonymous = false) {
+async function handleSignUp(_rl, client, promoCode, isAnonymous = false, recoveryPhrase) {
   if (promoCode) {
     const promoSpinner = ora({ text: "Redeeming promo code...", discardStdin: false }).start();
     try {
@@ -657,7 +685,29 @@ async function handleSignUp(_rl, client, promoCode, isAnonymous = false) {
     return;
   }
   instanceSpinner.succeed("Agent is running!");
-  await createCliApiKey(client, isAnonymous);
+  await createCliApiKey(client, isAnonymous, recoveryPhrase);
+}
+async function handleRecoverAccount(rl, client) {
+  console.log(chalk.cyan("\nEnter your 6-word recovery phrase.\n"));
+  const phrase = await prompt(rl, "Recovery phrase:\n");
+  const trimmed = phrase.trim();
+  if (!trimmed) {
+    console.log(chalk.red("Please enter your recovery phrase."));
+    return false;
+  }
+  const spinner = ora({ text: "Recovering account...", discardStdin: false }).start();
+  try {
+    const result = await client.recover(trimmed);
+    spinner.succeed("Account recovered!");
+    client.setJwt(result.token);
+    setJwt(result.token);
+    await handleLinkExisting(client);
+    return true;
+  } catch (err) {
+    spinner.fail("Couldn't recover account");
+    console.log(chalk.red(err.message));
+    return false;
+  }
 }
 var POLL_INTERVAL_MS = 3e3;
 var POLL_TIMEOUT_MS = 5 * 60 * 1e3;
@@ -695,19 +745,26 @@ async function waitForInstance(client) {
 function sleep(ms) {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
-async function createCliApiKey(client, isAnonymous = false) {
+async function createCliApiKey(client, isAnonymous = false, recoveryPhrase) {
   const keySpinner = ora({ text: "Setting up CLI access...", discardStdin: false }).start();
   try {
     const { key } = await client.createApiKeyForInstance("cli");
     setApiKey(key);
     keySpinner.succeed("All set!");
-    if (isAnonymous) {
+    if (isAnonymous && recoveryPhrase) {
       console.log();
-      console.log(chalk.yellow.bold("  Important: Save your API key!"));
+      console.log(chalk.yellow.bold("  Important: Save your recovery phrase!"));
       console.log(chalk.yellow("  Your account has no linked phone or Telegram."));
-      console.log(chalk.yellow("  If you lose access, run `ardabot devices` to link one."));
+      console.log(chalk.yellow("  This is the ONLY way to recover your account."));
+      console.log();
+      console.log(`  Recovery phrase: ${chalk.cyan(recoveryPhrase)}`);
+      console.log();
+      console.log(chalk.dim("  Write it down and keep it safe."));
+      console.log();
+    } else if (recoveryPhrase) {
       console.log();
-      console.log(`  API key: ${chalk.cyan(key)}`);
+      console.log(chalk.dim(`  Recovery phrase: ${recoveryPhrase}`));
+      console.log(chalk.dim("  Save this if you want an alternative way to recover your account."));
       console.log();
     }
   } catch (err) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ardabot",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Terminal client for the Arda platform",
   "author": "r4v3n LLC",
   "license": "SEE LICENSE IN LICENSE",