camstack 0.7.0 → 0.7.2

package/dist/cli.js

@@ -376,11 +376,23 @@ function resolveSessionFile(serverUrl) {
   if (files.length === 0) return null;
   return files.map((f) => ({ f, mtime: fs3.statSync(f).mtimeMs })).sort((a, b) => b.mtime - a.mtime)[0].f;
 }
+function isSessionFile(value) {
+  if (value === null || typeof value !== "object") return false;
+  const v = value;
+  if (typeof v.server !== "string") return false;
+  if (typeof v.username !== "string") return false;
+  if (typeof v.token !== "string") return false;
+  if (typeof v.tokenId !== "string") return false;
+  if (typeof v.createdAt !== "number") return false;
+  if (!Array.isArray(v.scopes)) return false;
+  return true;
+}
 function loadSession(serverUrl) {
   const file = resolveSessionFile(serverUrl);
   if (!file) return null;
   try {
-    return JSON.parse(fs3.readFileSync(file, "utf8"));
+    const parsed = JSON.parse(fs3.readFileSync(file, "utf8"));
+    return isSessionFile(parsed) ? parsed : null;
   } catch {
     return null;
   }
@@ -526,20 +538,55 @@ async function resolveServerInteractive(presetNamespace) {
   probeSpinner.stop(`Reachable at https://${probed.address}:${probed.port}`);
   return `https://${probed.address}:${probed.port}`;
 }
+var BACK_SENTINEL = "__back__";
+async function askWithBack(label, defaultValue) {
+  const v = await askText(`${label} (or type :back)`, defaultValue);
+  return v.trim() === ":back" || v.trim() === ":b" ? BACK_SENTINEL : v;
+}
+async function askPasswordWithBack() {
+  const v = await askPassword("Password (or type :back to change username)");
+  return v.trim() === ":back" || v.trim() === ":b" ? BACK_SENTINEL : v;
+}
 async function loginCommand(opts) {
   clack.intro("camstack login");
-  let server = opts.server;
-  if (!server) {
-    server = await resolveServerInteractive(opts.namespace);
-  } else {
-    clack.log.info(`Server: ${server}`);
+  let step = opts.server ? "username" : "server";
+  let server = opts.server ?? "";
+  let username = opts.username ?? "";
+  let password2 = opts.password ?? "";
+  if (opts.server) clack.log.info(`Server: ${opts.server}`);
+  while (step !== "password" || !password2) {
+    if (step === "server") {
+      server = await resolveServerInteractive(opts.namespace);
+      step = "username";
+      continue;
+    }
+    if (step === "username") {
+      const result2 = opts.username && !username ? opts.username : await askWithBack("Username", username || "admin");
+      if (result2 === BACK_SENTINEL) {
+        if (opts.server) {
+          clack.log.warn("Server was passed via --server; nothing to go back to. Re-enter username.");
+          continue;
+        }
+        step = "server";
+        continue;
+      }
+      username = result2;
+      step = "password";
+      continue;
+    }
+    const result = opts.password && !password2 ? opts.password : await askPasswordWithBack();
+    if (result === BACK_SENTINEL) {
+      step = "username";
+      continue;
+    }
+    password2 = result;
+    break;
   }
-  const username = opts.username ?? await askText("Username", "admin");
   const MAX_ATTEMPTS = 3;
-  let password2 = opts.password ?? await askPassword("Password");
   let attempt = 1;
   let jwt;
   let displayName;
+  let userId;
   while (true) {
     const authSpinner = clack.spinner();
     authSpinner.start(`Authenticating as ${username}${attempt > 1 ? ` (attempt ${attempt}/${MAX_ATTEMPTS})` : ""}`);
@@ -552,6 +599,7 @@ async function loginCommand(opts) {
       );
       jwt = login.token;
       displayName = login.user.username;
+      userId = login.user.id;
       authSpinner.stop(`Authenticated as ${displayName}`);
       break;
     } catch (err) {
@@ -578,13 +626,18 @@ async function loginCommand(opts) {
     }
   }
   const mintSpinner = clack.spinner();
-  mintSpinner.start("Creating upload-only scoped token");
+  mintSpinner.start("Creating scoped token (upload + log streaming)");
   const tokenName = opts.tokenName ?? `camstack-cli@${os2.hostname()}`;
-  const scopes = [{ type: "route-prefix", target: "/api/addons/upload" }];
+  const scopes = [
+    { type: "route-prefix", target: "/api/addons/upload" },
+    { type: "route-prefix", target: "/trpc/addons.onAddonLogs" },
+    { type: "route-prefix", target: "/trpc/addons.getLogs" },
+    { type: "route-prefix", target: "/trpc/addons.list" }
+  ];
   const created = await callTrpcMutation(
     `${server}/trpc/userManagement.createScopedToken?batch=1`,
     `Bearer ${jwt}`,
-    { name: tokenName, scopes },
+    { userId, name: tokenName, scopes },
     isCreateScopedTokenPayload
   );
   const scopedToken = created.token;
@@ -626,18 +679,52 @@ async function logoutCommand(opts) {
   clearSession(session.server);
   clack.outro(`\u2713 Logged out of ${session.server}`);
 }
-function whoamiCommand(opts) {
+async function whoamiCommand(opts) {
   const session = loadSession(opts.server);
   if (!session) {
     console.log(`[camstack] Not logged in${opts.server ? ` to ${opts.server}` : ""}.`);
     process.exit(1);
   }
-  console.log(`[camstack] Active session:`);
+  console.log(`[camstack] Active session (local cache):`);
   console.log(`  server:    ${session.server}`);
   console.log(`  username:  ${session.username}`);
   console.log(`  token:     ${session.token.slice(0, 12)}\u2026 (id: ${session.tokenId})`);
   console.log(`  scopes:    ${session.scopes.map((s) => `${s.type}:${s.target}`).join(", ")}`);
   console.log(`  createdAt: ${new Date(session.createdAt).toISOString()}`);
+  console.log("");
+  console.log(`[camstack] Pinging ${session.server}/api/auth/whoami\u2026`);
+  try {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), 3e3);
+    const res = await fetch(`${session.server}/api/auth/whoami`, {
+      headers: { Authorization: `Bearer ${session.token}` },
+      signal: controller.signal
+    });
+    clearTimeout(timer);
+    if (res.status === 401) {
+      console.error(`[camstack] \u2717 Token rejected by server (revoked / expired). Run \`camstack login\` to refresh.`);
+      process.exit(2);
+    }
+    if (!res.ok) {
+      const body = await res.text().catch(() => "");
+      console.error(`[camstack] \u2717 Server returned ${res.status}: ${body.slice(0, 160)}`);
+      process.exit(2);
+    }
+    const json = await res.json();
+    console.log(`[camstack] \u2713 Token valid on server.`);
+    console.log(`  kind:     ${json.kind ?? "unknown"}`);
+    if (json.userId) console.log(`  userId:   ${json.userId}`);
+    if (json.username) console.log(`  username: ${json.username}`);
+    if (Array.isArray(json.scopes)) {
+      const scopeList = json.scopes.map((s) => `${s.type}:${s.target}`).join(", ");
+      console.log(`  scopes:   ${scopeList}`);
+    }
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    console.error(`[camstack] \u26A0 Could not reach server: ${msg}`);
+    console.error(`[camstack]   The local cache may be stale. Try \`camstack login\` once the server is reachable.`);
+    process.exit(2);
+  }
 }
 
 // src/commands/update.ts
@@ -1234,7 +1321,7 @@ async function runLogout(args) {
   const server = stringOpt(parsed.values, "server") ?? process.env.CAMSTACK_SERVER ?? "https://localhost:4443";
   await logoutCommand({ server });
 }
-function runWhoami(args) {
+async function runWhoami(args) {
   const parsed = parseSubcommandArgs(args, {
     server: { type: "string", short: "s" }
   }, false);
@@ -1243,7 +1330,7 @@ function runWhoami(args) {
     return;
   }
   const server = stringOpt(parsed.values, "server");
-  whoamiCommand(server ? { server } : {});
+  await whoamiCommand(server ? { server } : {});
 }
 async function runDeploy(args) {
   const parsed = parseSubcommandArgs(args, {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "camstack",
-  "version": "0.7.0",
+  "version": "0.7.2",
   "description": "CLI tool for managing and running CamStack server",
   "keywords": [
     "camstack",