assistme 0.1.2 → 0.1.3

package/dist/{chunk-3TP3YO56.js → chunk-H5BZPIOY.js}

@@ -4,7 +4,11 @@ import { createClient } from "@supabase/supabase-js";
 // src/utils/config.ts
 import Conf from "conf";
 import { resolve } from "path";
+var SUPABASE_URL_DEFAULT = "https://msgplwbgohpokajtibew.supabase.co";
+var SUPABASE_ANON_KEY_DEFAULT = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Im1zZ3Bsd2Jnb2hwb2thanRpYmV3Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NjE3MTMzNTEsImV4cCI6MjA3NzI4OTM1MX0.YqiluL_mIBWKv5dteIcPAPQ_jRp9rzZlvAXvkQttDjs";
 var CONFIG_DEFAULTS = {
+  supabaseUrl: SUPABASE_URL_DEFAULT,
+  supabaseAnonKey: SUPABASE_ANON_KEY_DEFAULT,
   sessionName: "Default",
   model: "claude-sonnet-4-20250514",
   maxTurns: 50
@@ -14,8 +18,8 @@ var config = new Conf({
   defaults: CONFIG_DEFAULTS
 });
 function getConfig() {
-  const supabaseUrl = process.env.SUPABASE_URL || config.get("supabaseUrl") || "";
-  const supabaseAnonKey = process.env.SUPABASE_ANON_KEY || config.get("supabaseAnonKey") || "";
+  const supabaseUrl = process.env.SUPABASE_URL || config.get("supabaseUrl") || SUPABASE_URL_DEFAULT;
+  const supabaseAnonKey = process.env.SUPABASE_ANON_KEY || config.get("supabaseAnonKey") || SUPABASE_ANON_KEY_DEFAULT;
   const anthropicApiKey = process.env.ANTHROPIC_API_KEY || config.get("anthropicApiKey") || "";
   const workspacePath = config.get("workspacePath") || process.cwd();
   return {
@@ -168,28 +172,63 @@ function getSupabase() {
   }
   return supabase;
 }
+async function exchangeCliToken(cliToken) {
+  const config2 = getConfig();
+  const exchangeUrl = `${config2.supabaseUrl}/functions/v1/cli-token-exchange`;
+  const res = await fetch(exchangeUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      apikey: config2.supabaseAnonKey
+    },
+    body: JSON.stringify({ token: cliToken })
+  });
+  if (!res.ok) {
+    const body = await res.json().catch(() => ({ error: res.statusText }));
+    throw new Error(body.error || `Token exchange failed (${res.status})`);
+  }
+  const data = await res.json();
+  if (!data.access_token || !data.refresh_token) {
+    throw new Error("Token exchange returned incomplete session");
+  }
+  return data;
+}
 async function loginWithToken(cliToken) {
-  let parsed;
-  try {
-    const json = Buffer.from(cliToken, "base64").toString("utf-8");
-    parsed = JSON.parse(json);
-    if (!parsed.access_token || !parsed.refresh_token) {
-      throw new Error("Missing token fields");
-    }
-  } catch {
+  if (!cliToken.startsWith("am_")) {
     throw new Error(
-      "Invalid token format. Please copy the full token from the web page."
+      "Invalid token format. Use an am_ token from the web page."
     );
   }
+  const sessionTokens = await exchangeCliToken(cliToken);
+  const store = readAuthStore();
+  store["cli_token"] = cliToken;
+  writeAuthStore(store);
   const sb = getSupabase();
   const { data, error } = await sb.auth.setSession({
-    access_token: parsed.access_token,
-    refresh_token: parsed.refresh_token
+    access_token: sessionTokens.access_token,
+    refresh_token: sessionTokens.refresh_token
   });
   if (error) throw new Error(`Login failed: ${error.message}`);
   if (!data.user) throw new Error("Login failed: no user returned");
   return data.user.id;
 }
+async function refreshWithCliToken() {
+  const store = readAuthStore();
+  const cliToken = store["cli_token"];
+  if (!cliToken || !cliToken.startsWith("am_")) return null;
+  try {
+    const sessionTokens = await exchangeCliToken(cliToken);
+    const sb = getSupabase();
+    const { data, error } = await sb.auth.setSession({
+      access_token: sessionTokens.access_token,
+      refresh_token: sessionTokens.refresh_token
+    });
+    if (error || !data.user) return null;
+    return data.user.id;
+  } catch {
+    return null;
+  }
+}
 async function getSession() {
   const sb = getSupabase();
   const { data } = await sb.auth.getSession();
@@ -199,6 +238,8 @@ async function getCurrentUserId() {
   const sb = getSupabase();
   const { data, error } = await sb.auth.getUser();
   if (error || !data.user) {
+    const refreshed = await refreshWithCliToken();
+    if (refreshed) return refreshed;
     throw new Error("Not authenticated. Run `assistme login`.");
   }
   return data.user.id;
@@ -391,6 +432,7 @@ export {
   DAYBOX_AGENT_ID,
   getSupabase,
   loginWithToken,
+  refreshWithCliToken,
   getSession,
   getCurrentUserId,
   logout,

package/dist/index.js

@@ -24,7 +24,7 @@ import {
   setLogLevel,
   setSessionBusy,
   updateHeartbeat
-} from "./chunk-3TP3YO56.js";
+} from "./chunk-H5BZPIOY.js";
 
 // src/index.ts
 import { Command } from "commander";
@@ -2839,11 +2839,14 @@ function isThinkingContent(msg) {
 
 // src/index.ts
 import { createInterface } from "readline";
+import { createRequire } from "module";
 loadEnv();
+var require2 = createRequire(import.meta.url);
+var { version } = require2("../package.json");
 var program = new Command();
 program.name("assistme").description(
   "AssistMe CLI Agent - AI assistant that controls your real browser"
-).version("0.1.0");
+).version(version);
 program.command("login").description("Authenticate with your AssistMe account via browser token").action(async () => {
   const config = getConfig();
   const webUrl = config.supabaseUrl ? config.supabaseUrl.replace(/\.supabase\.co.*/, ".supabase.co").replace("https://", "") : "";
@@ -2855,7 +2858,7 @@ program.command("login").description("Authenticate with your AssistMe account vi
   console.log();
   console.log(chalk.cyan(`    ${tokenPageUrl}`));
   console.log();
-  console.log("  Step 2: Sign in and copy the CLI token shown on the page.");
+  console.log("  Step 2: Sign in, create a token, and copy it.");
   console.log();
   try {
     const { exec: exec2 } = await import("child_process");
@@ -3005,19 +3008,6 @@ program.command("start", { isDefault: true }).description("Start the agent and l
   if (opts.name) {
     setConfig("sessionName", opts.name);
   }
-  const config = getConfig();
-  if (!config.supabaseUrl || !config.supabaseAnonKey) {
-    log.error("Supabase not configured.");
-    log.info("Run: assistme config set supabaseUrl <url>");
-    log.info("Run: assistme config set supabaseAnonKey <key>");
-    process.exit(1);
-  }
-  if (!config.anthropicApiKey) {
-    log.error("Anthropic API key not configured.");
-    log.info("Run: assistme config set anthropicApiKey <key>");
-    log.info("Or set ANTHROPIC_API_KEY environment variable.");
-    process.exit(1);
-  }
   console.log();
   console.log(
     chalk.bold.cyan("  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557")
@@ -3097,7 +3087,7 @@ program.command("start", { isDefault: true }).description("Start the agent and l
       }
       log.agent(`Processing: "${input}"`);
       try {
-        const { createTask: createTask2 } = await import("./supabase-BQRPXXNA.js");
+        const { createTask: createTask2 } = await import("./supabase-DTKGPEER.js");
         const session = sessionManager.getSession();
         const conversationId = sessionManager.getConversationId();
         if (session && conversationId) {
@@ -3126,7 +3116,7 @@ program.command("start", { isDefault: true }).description("Start the agent and l
 program.command("status").description("Check the status of the current agent session").action(async () => {
   try {
     const userId = await getCurrentUserId();
-    const { getSupabase: getSupabase2 } = await import("./supabase-BQRPXXNA.js");
+    const { getSupabase: getSupabase2 } = await import("./supabase-DTKGPEER.js");
     const sb = getSupabase2();
     const { data: sessions } = await sb.from("agent_sessions").select("*").eq("user_id", userId).in("status", ["online", "busy"]).order("started_at", { ascending: false }).limit(5);
     if (!sessions || sessions.length === 0) {

package/dist/{supabase-BQRPXXNA.js → supabase-DTKGPEER.js}

@@ -16,10 +16,11 @@ import {
   loginWithToken,
   logout,
   pollPendingTasks,
+  refreshWithCliToken,
   resetEventSequence,
   setSessionBusy,
   updateHeartbeat
-} from "./chunk-3TP3YO56.js";
+} from "./chunk-H5BZPIOY.js";
 export {
   CLI_AGENT_ID,
   DAYBOX_AGENT_ID,
@@ -38,6 +39,7 @@ export {
   loginWithToken,
   logout,
   pollPendingTasks,
+  refreshWithCliToken,
   resetEventSequence,
   setSessionBusy,
   updateHeartbeat

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "assistme",
-  "version": "0.1.2",
+  "version": "0.1.3",
   "description": "AssistMe CLI Agent - AI-powered assistant that controls your real browser",
   "type": "module",
   "main": "dist/index.js",

package/src/db/supabase.ts

@@ -85,27 +85,56 @@ export function getSupabase(): SupabaseClient {
 // ── Auth: Token-Based Login ────────────────────────────────────────
 
 /**
- * Login using a CLI token (base64-encoded JSON with access_token + refresh_token).
- * The token is generated by the web UI at /agent/token.
+ * Exchange an am_ CLI token for a Supabase session via the Edge Function.
+ */
+async function exchangeCliToken(
+  cliToken: string
+): Promise<{ access_token: string; refresh_token: string }> {
+  const config = getConfig();
+  const exchangeUrl = `${config.supabaseUrl}/functions/v1/cli-token-exchange`;
+
+  const res = await fetch(exchangeUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      apikey: config.supabaseAnonKey,
+    },
+    body: JSON.stringify({ token: cliToken }),
+  });
+
+  if (!res.ok) {
+    const body = await res.json().catch(() => ({ error: res.statusText }));
+    throw new Error(body.error || `Token exchange failed (${res.status})`);
+  }
+
+  const data = await res.json();
+  if (!data.access_token || !data.refresh_token) {
+    throw new Error("Token exchange returned incomplete session");
+  }
+  return data;
+}
+
+/**
+ * Login using an am_ CLI token (exchanged via Edge Function for a Supabase session).
  */
 export async function loginWithToken(cliToken: string): Promise<string> {
-  let parsed: { access_token: string; refresh_token: string };
-  try {
-    const json = Buffer.from(cliToken, "base64").toString("utf-8");
-    parsed = JSON.parse(json);
-    if (!parsed.access_token || !parsed.refresh_token) {
-      throw new Error("Missing token fields");
-    }
-  } catch {
+  if (!cliToken.startsWith("am_")) {
     throw new Error(
-      "Invalid token format. Please copy the full token from the web page."
+      "Invalid token format. Use an am_ token from the web page."
     );
   }
 
+  const sessionTokens = await exchangeCliToken(cliToken);
+
+  // Persist the CLI token so we can re-authenticate later
+  const store = readAuthStore();
+  store["cli_token"] = cliToken;
+  writeAuthStore(store);
+
   const sb = getSupabase();
   const { data, error } = await sb.auth.setSession({
-    access_token: parsed.access_token,
-    refresh_token: parsed.refresh_token,
+    access_token: sessionTokens.access_token,
+    refresh_token: sessionTokens.refresh_token,
   });
 
   if (error) throw new Error(`Login failed: ${error.message}`);
@@ -114,6 +143,29 @@ export async function loginWithToken(cliToken: string): Promise<string> {
   return data.user.id;
 }
 
+/**
+ * Re-authenticate using the stored CLI token (am_).
+ * Called automatically when the Supabase session has expired.
+ */
+export async function refreshWithCliToken(): Promise<string | null> {
+  const store = readAuthStore();
+  const cliToken = store["cli_token"];
+  if (!cliToken || !cliToken.startsWith("am_")) return null;
+
+  try {
+    const sessionTokens = await exchangeCliToken(cliToken);
+    const sb = getSupabase();
+    const { data, error } = await sb.auth.setSession({
+      access_token: sessionTokens.access_token,
+      refresh_token: sessionTokens.refresh_token,
+    });
+    if (error || !data.user) return null;
+    return data.user.id;
+  } catch {
+    return null;
+  }
+}
+
 export async function getSession() {
   const sb = getSupabase();
   const { data } = await sb.auth.getSession();
@@ -124,6 +176,9 @@ export async function getCurrentUserId(): Promise<string> {
   const sb = getSupabase();
   const { data, error } = await sb.auth.getUser();
   if (error || !data.user) {
+    // Try auto-refresh with stored CLI token
+    const refreshed = await refreshWithCliToken();
+    if (refreshed) return refreshed;
     throw new Error("Not authenticated. Run `assistme login`.");
   }
   return data.user.id;

package/src/index.ts

@@ -19,9 +19,13 @@ import {
 } from "./agent/scheduler.js";
 import { MemoryManager } from "./agent/memory.js";
 import { SkillManager } from "./agent/skills.js";
+import { createRequire } from "module";
 
 loadEnv();
 
+const require = createRequire(import.meta.url);
+const { version } = require("../package.json");
+
 const program = new Command();
 
 program
@@ -29,7 +33,7 @@ program
   .description(
     "AssistMe CLI Agent - AI assistant that controls your real browser"
   )
-  .version("0.1.0");
+  .version(version);
 
 // ── assistme login ──────────────────────────────────────────────────
 
@@ -53,7 +57,7 @@ program
     console.log();
     console.log(chalk.cyan(`    ${tokenPageUrl}`));
     console.log();
-    console.log("  Step 2: Sign in and copy the CLI token shown on the page.");
+    console.log("  Step 2: Sign in, create a token, and copy it.");
     console.log();
 
     // Try to open the URL in the user's default browser
@@ -269,23 +273,6 @@ program
       setConfig("sessionName", opts.name);
     }
 
-    const config = getConfig();
-
-    // Validate configuration
-    if (!config.supabaseUrl || !config.supabaseAnonKey) {
-      log.error("Supabase not configured.");
-      log.info("Run: assistme config set supabaseUrl <url>");
-      log.info("Run: assistme config set supabaseAnonKey <key>");
-      process.exit(1);
-    }
-
-    if (!config.anthropicApiKey) {
-      log.error("Anthropic API key not configured.");
-      log.info("Run: assistme config set anthropicApiKey <key>");
-      log.info("Or set ANTHROPIC_API_KEY environment variable.");
-      process.exit(1);
-    }
-
     console.log();
     console.log(
       chalk.bold.cyan("  ╔══════════════════════════════════════════╗")

package/src/utils/config.ts

@@ -11,7 +11,14 @@ export interface AssistMeConfig {
   maxTurns: number;
 }
 
+const SUPABASE_URL_DEFAULT =
+  "https://msgplwbgohpokajtibew.supabase.co";
+const SUPABASE_ANON_KEY_DEFAULT =
+  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Im1zZ3Bsd2Jnb2hwb2thanRpYmV3Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NjE3MTMzNTEsImV4cCI6MjA3NzI4OTM1MX0.YqiluL_mIBWKv5dteIcPAPQ_jRp9rzZlvAXvkQttDjs";
+
 const CONFIG_DEFAULTS: Partial<AssistMeConfig> = {
+  supabaseUrl: SUPABASE_URL_DEFAULT,
+  supabaseAnonKey: SUPABASE_ANON_KEY_DEFAULT,
   sessionName: "Default",
   model: "claude-sonnet-4-20250514",
   maxTurns: 50,
@@ -24,9 +31,9 @@ const config = new Conf<Partial<AssistMeConfig>>({
 
 export function getConfig(): AssistMeConfig {
   const supabaseUrl =
-    process.env.SUPABASE_URL || config.get("supabaseUrl") || "";
+    process.env.SUPABASE_URL || config.get("supabaseUrl") || SUPABASE_URL_DEFAULT;
   const supabaseAnonKey =
-    process.env.SUPABASE_ANON_KEY || config.get("supabaseAnonKey") || "";
+    process.env.SUPABASE_ANON_KEY || config.get("supabaseAnonKey") || SUPABASE_ANON_KEY_DEFAULT;
   const anthropicApiKey =
     process.env.ANTHROPIC_API_KEY || config.get("anthropicApiKey") || "";
   const workspacePath =