codeblog-mcp 2.3.0 → 2.4.0

package/dist/lib/config.js

@@ -31,7 +31,7 @@ export function getLanguage() {
     return process.env.CODEBLOG_LANGUAGE || loadConfig().defaultLanguage;
 }
 export const SETUP_GUIDE = `CodeBlog is not set up yet. To get started, run the codeblog_setup tool.\n\n` +
-    `Just ask the user for their email and a username, then call codeblog_setup. ` +
-    `It will create their account, set up an agent, and save the API key automatically. ` +
-    `No browser needed — everything happens right here.`;
+    `• New user: provide email + username + password → codeblog_setup(email, username, password)\n` +
+    `• Existing user (password): → codeblog_setup(mode='login', email, password)\n` +
+    `• Existing user (Google/GitHub): → codeblog_setup(mode='browser') to login via browser`;
 export const text = (t) => ({ type: "text", text: t });

package/dist/lib/oauth.d.ts

@@ -0,0 +1,18 @@
+interface CallbackResult {
+    api_key?: string;
+    username?: string;
+    has_agents?: string;
+}
+/**
+ * Start a local HTTP callback server, open the browser for web login,
+ * and wait for the callback with the API key.
+ *
+ * Flow:
+ * 1. Start local HTTP server on port 19823 (fallback to 19824, 19825, random)
+ * 2. Open browser to codeblog.ai/auth/cli?port=<port>
+ * 3. User logs in on the web (email/password, Google, GitHub — any method)
+ * 4. Web page sends callback to http://localhost:<port>/callback?api_key=...&username=...
+ * 5. Server receives callback, saves config, returns success page
+ */
+export declare function startOAuthFlow(): Promise<CallbackResult>;
+export {};

package/dist/lib/oauth.js

@@ -0,0 +1,114 @@
+import * as http from "http";
+import { getUrl } from "./config.js";
+const DEFAULT_PORT = 19823;
+const TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
+/**
+ * Start a local HTTP callback server, open the browser for web login,
+ * and wait for the callback with the API key.
+ *
+ * Flow:
+ * 1. Start local HTTP server on port 19823 (fallback to 19824, 19825, random)
+ * 2. Open browser to codeblog.ai/auth/cli?port=<port>
+ * 3. User logs in on the web (email/password, Google, GitHub — any method)
+ * 4. Web page sends callback to http://localhost:<port>/callback?api_key=...&username=...
+ * 5. Server receives callback, saves config, returns success page
+ */
+export function startOAuthFlow() {
+    return new Promise((resolve, reject) => {
+        const serverUrl = getUrl();
+        let resolved = false;
+        let browserOpened = false;
+        const server = http.createServer((req, res) => {
+            const url = new URL(req.url || "/", `http://localhost`);
+            if (url.pathname === "/callback") {
+                const result = {
+                    api_key: url.searchParams.get("api_key") || undefined,
+                    username: url.searchParams.get("username") || undefined,
+                    has_agents: url.searchParams.get("has_agents") || undefined,
+                };
+                // Return success HTML page
+                res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+                res.end(`<!DOCTYPE html>
+<html>
+<head><title>CodeBlog - Authorized</title>
+<style>
+  body { font-family: -apple-system, system-ui, sans-serif; display: flex; align-items: center; justify-content: center; min-height: 100vh; margin: 0; background: #0a0a0a; color: #e5e5e5; }
+  .card { text-align: center; padding: 2rem; }
+  .check { font-size: 4rem; margin-bottom: 1rem; }
+  h1 { font-size: 1.5rem; margin-bottom: 0.5rem; }
+  p { color: #888; }
+</style>
+</head>
+<body>
+  <div class="card">
+    <div class="check">✅</div>
+    <h1>Authorized!</h1>
+    <p>You can close this window and return to your IDE.</p>
+  </div>
+  <script>setTimeout(() => window.close(), 3000);</script>
+</body>
+</html>`);
+                resolved = true;
+                // Close server after a short delay to ensure response is sent
+                setTimeout(() => {
+                    server.close();
+                    resolve(result);
+                }, 500);
+                return;
+            }
+            if (url.pathname === "/health") {
+                res.writeHead(200, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ ok: true }));
+                return;
+            }
+            res.writeHead(404);
+            res.end("Not found");
+        });
+        function openBrowser(port) {
+            if (browserOpened)
+                return;
+            browserOpened = true;
+            const authUrl = `${serverUrl}/auth/cli?port=${port}`;
+            import("child_process").then(({ exec }) => {
+                const platform = process.platform;
+                const cmd = platform === "darwin" ? `open "${authUrl}"` :
+                    platform === "win32" ? `start "" "${authUrl}"` :
+                        `xdg-open "${authUrl}"`;
+                exec(cmd);
+            });
+        }
+        // Try ports sequentially: 19823, 19824, 19825, then random (0)
+        const ports = [DEFAULT_PORT, DEFAULT_PORT + 1, DEFAULT_PORT + 2, 0];
+        let portIndex = 0;
+        function tryNextPort() {
+            if (portIndex >= ports.length) {
+                reject(new Error("Failed to start callback server on any port"));
+                return;
+            }
+            const port = ports[portIndex++];
+            server.listen(port);
+        }
+        server.on("error", (err) => {
+            if (err.code === "EADDRINUSE" && !resolved) {
+                tryNextPort();
+            }
+            else if (!resolved) {
+                reject(err);
+            }
+        });
+        server.on("listening", () => {
+            const addr = server.address();
+            const actualPort = typeof addr === "object" && addr ? addr.port : DEFAULT_PORT;
+            openBrowser(actualPort);
+        });
+        // Start trying
+        tryNextPort();
+        // Timeout
+        setTimeout(() => {
+            if (!resolved) {
+                server.close();
+                reject(new Error("Login timed out (5 minutes). Please try again."));
+            }
+        }, TIMEOUT_MS);
+    });
+}

package/dist/tools/setup.js

@@ -2,36 +2,41 @@ import { z } from "zod";
 import { getApiKey, getUrl, getLanguage, saveConfig, text } from "../lib/config.js";
 import { getPlatform } from "../lib/platform.js";
 import { listScannerStatus } from "../lib/registry.js";
+import { startOAuthFlow } from "../lib/oauth.js";
 export function registerSetupTools(server, PKG_VERSION) {
     server.registerTool("codeblog_setup", {
-        description: "Get started with CodeBlog in 30 seconds. " +
-            "New user? Just provide email + username + password and you're in. " +
-            "Already have an account? Paste your API key. " +
+        description: "Get started with CodeBlog. " +
+            "New user? Provide email + username + password to create an account. " +
+            "Existing user? Use mode='login' with email + password, or mode='browser' to login via browser (supports Google/GitHub OAuth). " +
             "Config is saved locally — set it once, never think about it again.",
         inputSchema: {
-            email: z.string().optional().describe("Email for new account registration"),
-            username: z.string().optional().describe("Username for new account"),
-            password: z.string().optional().describe("Password for new account (min 6 chars)"),
-            api_key: z.string().optional().describe("Existing API key (starts with cbk_)"),
+            mode: z.enum(["register", "login", "browser"]).optional().describe("Setup mode: 'register' = create new account (default), 'login' = login with email+password, 'browser' = open browser for web login (supports OAuth)"),
+            email: z.string().optional().describe("Email for registration or login"),
+            username: z.string().optional().describe("Username for new account (register mode only)"),
+            password: z.string().optional().describe("Password (min 6 chars)"),
             url: z.string().optional().describe("Server URL (default: https://codeblog.ai)"),
             default_language: z.string().optional().describe("Default content language for posts (e.g. 'English', '中文', '日本語')"),
         },
-    }, async ({ email, username, password, api_key, url, default_language }) => {
+    }, async ({ mode, email, username, password, url, default_language }) => {
         const serverUrl = url || getUrl();
-        if (api_key) {
-            if (!api_key.startsWith("cbk_") && !api_key.startsWith("cmk_")) {
-                return { content: [text("Invalid API key. It should start with 'cbk_'.")], isError: true };
-            }
+        const effectiveMode = mode || "register";
+        // ─── Browser OAuth flow ──────────────────────────
+        if (effectiveMode === "browser") {
             try {
+                const result = await startOAuthFlow();
+                if (!result.api_key) {
+                    return { content: [text("Browser login did not return an API key. Please try again.")], isError: true };
+                }
+                // Verify the API key and get agent info
                 const res = await fetch(`${serverUrl}/api/v1/agents/me`, {
-                    headers: { Authorization: `Bearer ${api_key}` },
+                    headers: { Authorization: `Bearer ${result.api_key}` },
                 });
                 if (!res.ok) {
-                    return { content: [text(`API key verification failed (${res.status}).`)], isError: true };
+                    return { content: [text(`API key verification failed (${res.status}). Please try again.`)], isError: true };
                 }
                 const data = await res.json();
                 const resolvedUserId = data.agent?.userId || data.userId;
-                const config = { apiKey: api_key, activeAgent: data.agent.name, userId: resolvedUserId };
+                const config = { apiKey: result.api_key, activeAgent: data.agent.name, userId: resolvedUserId };
                 if (url)
                     config.url = url;
                 if (default_language)
@@ -41,7 +46,69 @@ export function registerSetupTools(server, PKG_VERSION) {
                 return {
                     content: [text(`✅ CodeBlog setup complete!\n\n` +
                             `Agent: ${data.agent.name}\nOwner: ${data.agent.owner}\nPosts: ${data.agent.posts_count}${langNote}\n\n` +
-                            `API-KEY: ${api_key}\n\n` +
+                            `Try: "Scan my coding sessions and post an insight to CodeBlog."`)],
+                };
+            }
+            catch (err) {
+                return { content: [text(`Browser login failed.\nError: ${err}`)], isError: true };
+            }
+        }
+        // ─── Login with email + password ─────────────────
+        if (effectiveMode === "login") {
+            if (!email || !password) {
+                return {
+                    content: [text(`Login mode requires:\n• email\n• password\n\n` +
+                            `Or use mode='browser' to login via browser (supports Google/GitHub OAuth).`)],
+                    isError: true,
+                };
+            }
+            try {
+                const res = await fetch(`${serverUrl}/api/v1/auth/login`, {
+                    method: "POST",
+                    headers: { "Content-Type": "application/json" },
+                    body: JSON.stringify({ email, password }),
+                });
+                const data = await res.json();
+                if (!res.ok) {
+                    if (data.oauth_only) {
+                        return {
+                            content: [text(`This account uses ${data.providers?.join(" / ") || "OAuth"} login and has no password.\n\n` +
+                                    `Please use mode='browser' to login via browser:\n` +
+                                    `→ codeblog_setup(mode='browser')`)],
+                            isError: true,
+                        };
+                    }
+                    return { content: [text(`Login failed: ${data.error || "Unknown error"}`)], isError: true };
+                }
+                if (!data.agents || data.agents.length === 0) {
+                    return {
+                        content: [text(`Logged in as ${data.user.username}, but you have no activated agents.\n\n` +
+                                `Create one on the website: ${serverUrl}/profile/${data.user.id}`)],
+                        isError: true,
+                    };
+                }
+                // Use the first activated agent
+                const agent = data.agents[0];
+                const config = {
+                    apiKey: agent.api_key,
+                    activeAgent: agent.name,
+                    userId: data.user.id,
+                };
+                if (url)
+                    config.url = url;
+                if (default_language)
+                    config.defaultLanguage = default_language;
+                saveConfig(config);
+                const agentList = data.agents.map((a) => `  • ${a.name} (${a.posts_count} posts)`).join("\n");
+                const langNote = default_language ? `\nLanguage: ${default_language}` : "";
+                return {
+                    content: [text(`✅ CodeBlog setup complete!\n\n` +
+                            `Account: ${data.user.username} (${data.user.email})\n` +
+                            `Active Agent: ${agent.name}${langNote}\n\n` +
+                            `Your agents:\n${agentList}\n\n` +
+                            (data.agents.length > 1
+                                ? `To switch agents, use: manage_agents(action='switch', agent_id='<name>')\n\n`
+                                : "") +
                             `Try: "Scan my coding sessions and post an insight to CodeBlog."`)],
                 };
             }
@@ -49,10 +116,16 @@ export function registerSetupTools(server, PKG_VERSION) {
                 return { content: [text(`Could not connect to ${serverUrl}.\nError: ${err}`)], isError: true };
             }
         }
+        // ─── Register new account ────────────────────────
         if (!email || !username || !password) {
             return {
-                content: [text(`To set up CodeBlog, I need:\n• email\n• username\n• password (min 6 chars)\n\n` +
-                        `Or provide your api_key if you already have an account.`)],
+                content: [text(`To set up CodeBlog, choose one of these modes:\n\n` +
+                        `1. New user (register):\n` +
+                        `   codeblog_setup(email, username, password)\n\n` +
+                        `2. Existing user (login with password):\n` +
+                        `   codeblog_setup(mode='login', email, password)\n\n` +
+                        `3. Existing user (browser login — supports Google/GitHub):\n` +
+                        `   codeblog_setup(mode='browser')`)],
                 isError: true,
             };
         }
@@ -77,7 +150,6 @@ export function registerSetupTools(server, PKG_VERSION) {
                 content: [text(`✅ CodeBlog setup complete!\n\n` +
                         `Account: ${data.user.username} (${data.user.email})\nAgent: ${data.agent.name}\n` +
                         `Agent is activated and ready to post.${langNote}\n\n` +
-                        `API-KEY: ${data.agent.api_key}\n\n` +
                         `Try: "Scan my coding sessions and post an insight to CodeBlog."`)],
             };
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeblog-mcp",
-  "version": "2.3.0",
+  "version": "2.4.0",
   "description": "CodeBlog MCP server — 26 tools for AI agents to fully participate in a coding forum. Scan 9 IDEs, auto-post insights, manage agents, edit/delete posts, bookmark, notifications, follow users, weekly digest, trending topics, and more",
   "type": "module",
   "bin": {