brandguideai-mcp 1.0.1 → 1.0.2

package/README.md

@@ -62,14 +62,28 @@ Responses include expert answers with source citations from brand strategy books
 
 Every user gets 4 free queries. No account or API key required — a temporary session is created automatically on first use.
 
-After 8 queries, the tool returns upgrade links:
+After 4 queries, the tool returns upgrade links:
 - **Creator** — 300 queries/month
 - **Pro** — 1,000 queries/month
 - **Mentor+** — unlimited
 
 ## For existing brandguide/AI subscribers
 
-Your subscription quota works automatically. The MCP server uses the same account system as the web app at [ai.brandguide.hu](https://ai.brandguide.hu).
+Log in once to use your subscription quota:
+
+```bash
+npx brandguideai-mcp login
+```
+
+Enter your brandguide/AI email and password. A refresh token is stored locally at `~/.brandguide/credentials.json` — your password is never saved.
+
+After login, all MCP queries use your subscription quota instead of the 4 free queries.
+
+To log out:
+
+```bash
+npx brandguideai-mcp logout
+```
 
 ## How it works
 

package/dist/auth.d.ts

@@ -1,2 +1,4 @@
+export declare function clearCredentials(): void;
+export declare function loginFlow(): Promise<void>;
 export declare function getAccessToken(): Promise<string>;
 export declare function getStoredEmail(): string;

package/dist/auth.js

@@ -1,22 +1,30 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.clearCredentials = clearCredentials;
+exports.loginFlow = loginFlow;
 exports.getAccessToken = getAccessToken;
 exports.getStoredEmail = getStoredEmail;
 const supabase_js_1 = require("@supabase/supabase-js");
 const node_fs_1 = require("node:fs");
 const node_path_1 = require("node:path");
 const node_os_1 = require("node:os");
+const node_readline_1 = require("node:readline");
 const constants_js_1 = require("./constants.js");
 const CREDENTIALS_DIR = (0, node_path_1.join)((0, node_os_1.homedir)(), '.brandguide');
 const CREDENTIALS_FILE = (0, node_path_1.join)(CREDENTIALS_DIR, 'credentials.json');
 let cachedSession = null;
+function createSupabaseClient() {
+    return (0, supabase_js_1.createClient)(constants_js_1.SUPABASE_URL, constants_js_1.SUPABASE_ANON_KEY, {
+        auth: { persistSession: false, autoRefreshToken: false },
+    });
+}
 function loadCredentials() {
     try {
         if (!(0, node_fs_1.existsSync)(CREDENTIALS_FILE))
             return null;
         const raw = (0, node_fs_1.readFileSync)(CREDENTIALS_FILE, 'utf-8');
         const data = JSON.parse(raw);
-        if (data.email && data.password && data.userId)
+        if (data.email && (data.password || data.refreshToken) && data.userId)
             return data;
         return null;
     }
@@ -35,6 +43,55 @@ function saveCredentials(creds) {
         console.error('[auth] Failed to save credentials:', err);
     }
 }
+function clearCredentials() {
+    try {
+        if ((0, node_fs_1.existsSync)(CREDENTIALS_FILE)) {
+            (0, node_fs_1.unlinkSync)(CREDENTIALS_FILE);
+        }
+    }
+    catch { }
+}
+async function prompt(question, hidden = false) {
+    const rl = (0, node_readline_1.createInterface)({ input: process.stdin, output: process.stderr });
+    return new Promise((resolve) => {
+        if (hidden) {
+            process.stderr.write(question);
+            let input = '';
+            const stdin = process.stdin;
+            const wasRaw = stdin.isRaw;
+            if (stdin.isTTY)
+                stdin.setRawMode(true);
+            stdin.resume();
+            const onData = (char) => {
+                const c = char.toString();
+                if (c === '\n' || c === '\r') {
+                    if (stdin.isTTY)
+                        stdin.setRawMode(wasRaw ?? false);
+                    stdin.removeListener('data', onData);
+                    process.stderr.write('\n');
+                    rl.close();
+                    resolve(input);
+                }
+                else if (c === '\u0003') {
+                    process.exit(1);
+                }
+                else if (c === '\u007f' || c === '\b') {
+                    input = input.slice(0, -1);
+                }
+                else {
+                    input += c;
+                }
+            };
+            stdin.on('data', onData);
+        }
+        else {
+            rl.question(question, (answer) => {
+                rl.close();
+                resolve(answer.trim());
+            });
+        }
+    });
+}
 async function createTempAccount() {
     const response = await fetch(constants_js_1.CREATE_TEMP_SESSION_URL, {
         method: 'POST',
@@ -60,16 +117,61 @@ async function createTempAccount() {
     }
     return { email: data.email, password: data.password, userId: data.userId };
 }
-async function signIn(email, password) {
-    const supabase = (0, supabase_js_1.createClient)(constants_js_1.SUPABASE_URL, constants_js_1.SUPABASE_ANON_KEY, {
-        auth: { persistSession: false, autoRefreshToken: false },
-    });
+async function signInWithPassword(email, password) {
+    const supabase = createSupabaseClient();
     const { data, error } = await supabase.auth.signInWithPassword({ email, password });
     if (error || !data.session) {
         throw new Error(error?.message || 'Sign-in failed');
     }
     return data.session;
 }
+async function signInWithRefreshToken(refreshToken) {
+    const supabase = createSupabaseClient();
+    const { data, error } = await supabase.auth.refreshSession({ refresh_token: refreshToken });
+    if (error || !data.session) {
+        throw new Error(error?.message || 'Token refresh failed');
+    }
+    return data.session;
+}
+async function loginFlow() {
+    console.error('\nbrandguide/AI MCP — Login\n');
+    const email = await prompt('Email: ');
+    if (!email) {
+        console.error('Email is required.');
+        process.exit(1);
+    }
+    const password = await prompt('Password: ', true);
+    if (!password) {
+        console.error('Password is required.');
+        process.exit(1);
+    }
+    try {
+        const session = await signInWithPassword(email, password);
+        const userId = session.user.id;
+        // Fetch quota info
+        const supabase = createSupabaseClient();
+        const { data: quota } = await supabase.rpc('get_remaining_questions', { p_user_id: userId });
+        const row = Array.isArray(quota) ? quota[0] : quota;
+        const tier = row?.tier || 'freemium';
+        const remaining = row?.remaining ?? 0;
+        const total = row?.total ?? 0;
+        saveCredentials({
+            email,
+            refreshToken: session.refresh_token,
+            userId,
+            tier,
+        });
+        console.error(`\nLogged in as ${email}`);
+        console.error(`Tier: ${tier} | Quota: ${remaining}/${total} remaining`);
+        console.error(`\nCredentials saved to ~/.brandguide/credentials.json`);
+        console.error(`Your subscription quota will be used for MCP queries.\n`);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : 'Login failed';
+        console.error(`\nLogin failed: ${message}\n`);
+        process.exit(1);
+    }
+}
 async function getAccessToken() {
     // Check if cached session is still valid (5 min buffer)
     if (cachedSession) {
@@ -81,22 +183,30 @@ async function getAccessToken() {
     }
     // Try stored credentials
     let creds = loadCredentials();
-    if (!creds) {
-        // Create new temp account
-        creds = await createTempAccount();
-        saveCredentials(creds);
-    }
-    try {
-        cachedSession = await signIn(creds.email, creds.password);
-        return cachedSession.access_token;
-    }
-    catch {
-        // Credentials might be stale (account deleted), create new account
-        creds = await createTempAccount();
-        saveCredentials(creds);
-        cachedSession = await signIn(creds.email, creds.password);
-        return cachedSession.access_token;
+    if (creds) {
+        try {
+            // Priority 1: Refresh token (logged-in user)
+            if (creds.refreshToken) {
+                cachedSession = await signInWithRefreshToken(creds.refreshToken);
+                // Update stored refresh token (it rotates)
+                saveCredentials({ ...creds, refreshToken: cachedSession.refresh_token });
+                return cachedSession.access_token;
+            }
+            // Priority 2: Email + password (temp account)
+            if (creds.password) {
+                cachedSession = await signInWithPassword(creds.email, creds.password);
+                return cachedSession.access_token;
+            }
+        }
+        catch {
+            // Credentials stale — fall through to create new temp account
+        }
     }
+    // Priority 3: Auto-create temp account
+    creds = await createTempAccount();
+    saveCredentials(creds);
+    cachedSession = await signInWithPassword(creds.email, creds.password);
+    return cachedSession.access_token;
 }
 function getStoredEmail() {
     const creds = loadCredentials();

package/dist/index.js

@@ -1,70 +1,81 @@
 #!/usr/bin/env node
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-const index_js_1 = require("@modelcontextprotocol/sdk/server/index.js");
-const stdio_js_1 = require("@modelcontextprotocol/sdk/server/stdio.js");
-const types_js_1 = require("@modelcontextprotocol/sdk/types.js");
-const client_js_1 = require("./client.js");
-const server = new index_js_1.Server({ name: 'brandguideai-mcp', version: '1.0.0' }, { capabilities: { tools: {} } });
-server.setRequestHandler(types_js_1.ListToolsRequestSchema, async () => ({
-    tools: [
-        {
-            name: 'search_brand_knowledge',
-            description: "Search brandguide/AI's brand strategy knowledge base — 1,000+ pages of methodology, design guidelines, and expert video transcripts. Works in Hungarian and English.",
-            inputSchema: {
-                type: 'object',
-                properties: {
-                    query: {
-                        type: 'string',
-                        description: 'Your brand strategy question',
+const auth_js_1 = require("./auth.js");
+// Handle login/logout subcommands before starting MCP server
+const command = process.argv[2];
+if (command === 'login') {
+    (0, auth_js_1.loginFlow)().then(() => process.exit(0)).catch(() => process.exit(1));
+}
+else if (command === 'logout') {
+    (0, auth_js_1.clearCredentials)();
+    console.error('Logged out. Credentials removed from ~/.brandguide/credentials.json');
+    process.exit(0);
+}
+else {
+    // Start MCP server
+    startServer();
+}
+async function startServer() {
+    const { Server } = await import('@modelcontextprotocol/sdk/server/index.js');
+    const { StdioServerTransport } = await import('@modelcontextprotocol/sdk/server/stdio.js');
+    const { CallToolRequestSchema, ListToolsRequestSchema, } = await import('@modelcontextprotocol/sdk/types.js');
+    const { searchBrandKnowledge } = await import('./client.js');
+    const server = new Server({ name: 'brandguideai-mcp', version: '1.0.2' }, { capabilities: { tools: {} } });
+    server.setRequestHandler(ListToolsRequestSchema, async () => ({
+        tools: [
+            {
+                name: 'search_brand_knowledge',
+                description: "Search brandguide/AI's brand strategy knowledge base — 1,000+ pages of methodology, design guidelines, and expert video transcripts. Works in Hungarian and English.",
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        query: {
+                            type: 'string',
+                            description: 'Your brand strategy question',
+                        },
                     },
+                    required: ['query'],
                 },
-                required: ['query'],
             },
-        },
-    ],
-}));
-server.setRequestHandler(types_js_1.CallToolRequestSchema, async (request) => {
-    if (request.params.name !== 'search_brand_knowledge') {
-        return {
-            content: [{ type: 'text', text: `Unknown tool: ${request.params.name}` }],
-            isError: true,
-        };
-    }
-    const query = String(request.params.arguments?.query || '').trim();
-    if (!query) {
-        return {
-            content: [{ type: 'text', text: 'Query is required.' }],
-            isError: true,
-        };
-    }
-    try {
-        const result = await (0, client_js_1.searchBrandKnowledge)(query);
-        if (result.quotaExceeded) {
+        ],
+    }));
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        if (request.params.name !== 'search_brand_knowledge') {
+            return {
+                content: [{ type: 'text', text: `Unknown tool: ${request.params.name}` }],
+                isError: true,
+            };
+        }
+        const query = String(request.params.arguments?.query || '').trim();
+        if (!query) {
+            return {
+                content: [{ type: 'text', text: 'Query is required.' }],
+                isError: true,
+            };
+        }
+        try {
+            const result = await searchBrandKnowledge(query);
+            if (result.quotaExceeded) {
+                return {
+                    content: [{ type: 'text', text: result.answer }],
+                };
+            }
+            const footer = result.remaining !== null && result.total !== null
+                ? `\n\n[${result.remaining}/${result.total} queries remaining]`
+                : '';
+            return {
+                content: [{ type: 'text', text: result.answer + footer }],
+            };
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : 'Unknown error';
             return {
-                content: [{ type: 'text', text: result.answer }],
+                content: [{ type: 'text', text: `Error: ${message}` }],
+                isError: true,
             };
         }
-        const footer = result.remaining !== null && result.total !== null
-            ? `\n\n[${result.remaining}/${result.total} queries remaining]`
-            : '';
-        return {
-            content: [{ type: 'text', text: result.answer + footer }],
-        };
-    }
-    catch (err) {
-        const message = err instanceof Error ? err.message : 'Unknown error';
-        return {
-            content: [{ type: 'text', text: `Error: ${message}` }],
-            isError: true,
-        };
-    }
-});
-async function main() {
-    const transport = new stdio_js_1.StdioServerTransport();
+    });
+    const transport = new StdioServerTransport();
     await server.connect(transport);
 }
-main().catch((err) => {
-    console.error('Fatal:', err);
-    process.exit(1);
-});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "brandguideai-mcp",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "brandguide/AI MCP server — brand strategy knowledge base for Claude Code, Cursor, and any MCP client",
   "main": "dist/index.js",
   "bin": {