npm - cyymall-cli - Versions diffs - 0.1.6 → 0.1.8 - Mend

cyymall-cli 0.1.6 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md CHANGED Viewed

@@ -57,6 +57,7 @@ npm publish --otp=123456
 cyy config path
 cyy auth send-code --phone <mobile>
 cyy auth login --phone <mobile> --code <sms>
+cyy auth import --token <appToken> [--member-id <id>] [--shop-id <id>] [--site-id <id>]
 cyy auth whoami
 cyy shop list
 cyy shop sites --shop-id <门店ID>
@@ -70,14 +71,28 @@ cyy serve --port 8787
 ## Session vs bootstrap env
-**After `cyy auth login` succeeds**, the CLI reads the session token from **`data.token`** or **`data.appToken`** (plus optional **`shopId` / `siteId` / `versionCode` / `loginId`->`memberId`** when present) and saves them under **`~/.cyymall/config.json`**. If the API omits `shopId`/`siteId`, previously saved or bootstrap values are kept where applicable.
-后续 **`api call`、`product search`、`order quick`** 等命令都会从该文件加载并组装 Header，正常情况下不再需要设置 `CYY_BOOTSTRAP_*`。
+**After `cyy auth login` or `cyy auth import` succeeds**, session fields live under **`~/.cyymall/config.json`** (`token`, `member_id`, `shop_id`, `site_id`, `version_code`, …). **`api call`、`product search`、`order quick`** 等命令读取**有效会话**：先合并配置文件，再用下表 `CYY_*` 覆盖（适合 Gateway / MCP 子进程注入、不落盘）。
-**`CYY_BOOTSTRAP_*` 仅用于「尚未登录」时**（例如第一次调用 `/app/auth/ua/registerMember/v2` 本身需要的网关 Header）。若你的环境里登录接口在未带 shop/token 时会被网关拒绝，再按需配置这些变量；**登录成功后的业务请求一律优先使用配置文件里的会话字段**。
+**External token (skip SMS login):**
+```bash
+cyy auth import --token "<appToken>" --member-id "<id>" --shop-id "<id>"
+# or ephemeral for one process:
+export CYY_TOKEN="<appToken>"
+export CYY_SHOP_ID="<id>"
+```
+**`CYY_BOOTSTRAP_*` 仅用于「尚未登录」时**（无 saved token 且无 `CYY_TOKEN`）。已登录时业务请求优先使用配置文件 + `CYY_TOKEN` 等会话变量。
 | Variable | Purpose |
 |----------|---------|
 | `CYY_BASE_URL` | Override API host (default `https://dhcmall.ifoodbuy.com`) |
+| `CYY_TOKEN` | Session token for current process (overrides saved config) |
+| `CYY_MEMBER_ID` | Override `member_id` header |
+| `CYY_SHOP_ID` | Override `shop_id` header |
+| `CYY_SITE_ID` | Override `site_id` header |
+| `CYY_VERSION_CODE` | Override `version_code` header |
+| `CYY_PHONE` | Optional label in config display |
 | `CYY_ENCRYPT_OFF` | `1` / `true`: disable hybrid crypto (plaintext `sendCodeV2`) |
 | `CYY_ENCRYPT_DEBUG` | `1` / `true`: print RSA/AES diagnostics for hybrid decrypt failures |
 | `CYY_BOOTSTRAP_TOKEN` | Optional - **only before login**, gateway may expect placeholder token |
@@ -92,4 +107,4 @@ cyy serve --port 8787
 ## Implementation phases
-See [`../README_CLI.md`](../README_CLI.md) for staged rollout and acceptance notes.
+See [`../README_CLI.md`](../README_CLI.md) for staged rollout and acceptance notes.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "cyymall-cli",
-  "version": "0.1.6",
+  "version": "0.1.8",
   "description": "CyyMall / 菜洋洋商城 API CLI (per app-api-cli-spec)",
   "bin": {
     "cyy": "bin/cyy.js"

package/src/Untitled ADDED Viewed

	@@ -0,0 +1 @@
1	+ shop

package/src/cli.js CHANGED Viewed

@@ -4,6 +4,7 @@ const path = require("path");
 const pkg = require(path.join(__dirname, "..", "package.json"));
 const config = require("./config");
+const http = require("./http");
 const apiCall = require("./commands/apiCall");
 const auth = require("./commands/auth");
 const product = require("./commands/product");
@@ -31,14 +32,26 @@ cfgCmd
 cfgCmd
   .command("show")
-  .description("Show config (token masked)")
+  .description("Show config (token masked); includes effective session and env overrides")
   .action(() => {
-    const c = config.loadConfig();
-    if (!c) {
+    const file = config.loadConfig();
+    const session = config.getSession();
+    const envOverrides = config.getEnvSessionOverrideKeys();
+    if (!config.hasAuthToken(session) && !file) {
       console.log(JSON.stringify({ loggedIn: false }, null, 2));
       return;
     }
-    const masked = { ...c, token: config.maskToken(String(c.token || "")) };
+    const masked = {
+      loggedIn: config.hasAuthToken(session),
+      saved: file
+        ? { ...file, token: config.maskToken(String(file.token || "")) }
+        : null,
+      effective: {
+        ...session,
+        token: config.maskToken(String(session.token || "")),
+      },
+      envOverrides: envOverrides.length ? envOverrides : undefined,
+    };
     console.log(JSON.stringify(masked, null, 2));
   });
@@ -92,6 +105,32 @@ authCmd
     await auth.whoami();
   });
+authCmd
+  .command("import")
+  .description(
+    "Import external session token into ~/.cyymall/config.json (skip SMS login); optional --no-verify",
+  )
+  .option("--token <t>", "App session token (appToken / Authorization value)")
+  .option("--token-file <file>", "Read token from UTF-8 file (e.g. secret mount)")
+  .option("--member-id <id>", "memberId header")
+  .option("--shop-id <id>", "shopId header")
+  .option("--site-id <id>", "siteId header (default 1 if omitted and not in saved config)")
+  .option("--version-code <n>", "version-code header")
+  .option("--phone <p>", "Optional phone label for config display")
+  .option("--no-verify", "Save without calling GET /member/getInfo/V2")
+  .action(async (opts) => {
+    await auth.importSession({
+      token: opts.token,
+      tokenFile: opts.tokenFile,
+      memberId: opts.memberId,
+      shopId: opts.shopId,
+      siteId: opts.siteId,
+      versionCode: opts.versionCode,
+      phone: opts.phone,
+      noVerify: Boolean(opts.noVerify),
+    });
+  });
 const prod = program.command("product").description("Product helpers");
 prod

package/src/commands/apiCall.js CHANGED Viewed

@@ -74,7 +74,7 @@ async function executeApiCall(opts) {
   let headers = {};
   if (!noAuth) {
-    const cfg = config.loadConfig();
+    const cfg = config.getSession();
     headers = /** @type {Record<string,string>} */ (
       http.buildAuthHeaders(cfg)
     );

package/src/commands/auth.js CHANGED Viewed

@@ -1,5 +1,6 @@
 "use strict";
+const fs = require("fs");
 const crypto = require("crypto");
 const readline = require("readline/promises");
 const { stdin: input, stdout: output } = require("process");
@@ -258,12 +259,89 @@ async function login(phone, code) {
   await loginWithCode(phone, smsCode);
 }
-async function whoami() {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in. Run: cyy auth login --phone ...");
+/**
+ * Persist an externally supplied session (Native App / Gateway token), skipping SMS login.
+ * @param {object} opts
+ * @param {string} [opts.token]
+ * @param {string} [opts.tokenFile]
+ * @param {string} [opts.memberId]
+ * @param {string} [opts.shopId]
+ * @param {string} [opts.siteId]
+ * @param {string} [opts.versionCode]
+ * @param {string} [opts.phone]
+ * @param {boolean} [opts.noVerify]
+ */
+async function importSession(opts) {
+  let token = opts.token != null ? String(opts.token).trim() : "";
+  if (!token && opts.tokenFile) {
+    token = fs.readFileSync(opts.tokenFile, "utf8").trim();
+  }
+  if (!token) {
+    console.error("cyy: --token or --token-file is required");
     process.exit(1);
   }
+  const prev = config.loadConfig() || {};
+  const saved = {
+    ...prev,
+    token,
+    member_id:
+      opts.memberId != null && String(opts.memberId).trim() !== ""
+        ? String(opts.memberId).trim()
+        : String(prev.member_id || ""),
+    shop_id:
+      opts.shopId != null && String(opts.shopId).trim() !== ""
+        ? String(opts.shopId).trim()
+        : String(prev.shop_id || ""),
+    site_id:
+      opts.siteId != null && String(opts.siteId).trim() !== ""
+        ? String(opts.siteId).trim()
+        : String(prev.site_id || "1"),
+    version_code: String(
+      opts.versionCode != null && String(opts.versionCode).trim() !== ""
+        ? opts.versionCode
+        : prev.version_code ?? http.DEFAULT_VERSION,
+    ),
+    phone:
+      opts.phone != null && String(opts.phone).trim() !== ""
+        ? String(opts.phone).trim()
+        : String(prev.phone || ""),
+    login_time: Math.floor(Date.now() / 1000),
+    session_source: "import",
+  };
+  config.saveConfig(saved);
+  if (opts.noVerify) {
+    const traceId = buildTraceId();
+    console.log(
+      JSON.stringify(
+        {
+          success: true,
+          code: "OK",
+          message: "session imported (not verified)",
+          data: {
+            phone: saved.phone,
+            member_id: saved.member_id,
+            shop_id: saved.shop_id,
+            site_id: saved.site_id,
+            version_code: saved.version_code,
+            token_preview: config.maskToken(saved.token),
+          },
+          traceId,
+        },
+        null,
+        2,
+      ),
+    );
+    process.exit(0);
+  }
+  await whoami();
+}
+async function whoami() {
+  const cfg = config.requireAuthSession();
   const url = http.moduleUrl("DEFAULT", "/member/getInfo/V2");
   const headers = /** @type {Record<string,string>} */ (http.buildAuthHeaders(cfg));
   delete headers["Content-Type"];
@@ -291,4 +369,4 @@ async function whoami() {
   process.exit(success ? 0 : 2);
 }
-module.exports = { login, loginWithCode, sendCode, whoami };
+module.exports = { login, loginWithCode, sendCode, whoami, importSession };

package/src/commands/cart.js CHANGED Viewed

@@ -10,11 +10,7 @@ const biz = require("../biz");
  * @param {{ bodyFile?: string, bodyJson?: string }} opts
  */
 async function add(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   let raw = opts.bodyJson;
   if (opts.bodyFile) {

package/src/commands/order.js CHANGED Viewed

@@ -28,11 +28,7 @@ function envelope(success, message, data, exitCode) {
  * @param {{ bodyFile?: string, bodyJson?: string }} opts
  */
 async function preSettle(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   let raw = opts.bodyJson;
   if (opts.bodyFile) raw = fs.readFileSync(opts.bodyFile, "utf8");
   if (!raw) {
@@ -54,11 +50,7 @@ async function preSettle(opts) {
  * @param {{ bodyFile?: string, bodyJson?: string }} opts
  */
 async function confirm(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   let raw = opts.bodyJson;
   if (opts.bodyFile) raw = fs.readFileSync(opts.bodyFile, "utf8");
   if (!raw) {
@@ -77,11 +69,7 @@ async function confirm(opts) {
 }
 async function payUrl(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const orderId = opts.orderId;
   if (!orderId) {
     console.error("cyy: --order-id required");
@@ -118,11 +106,7 @@ async function payUrl(opts) {
  * @param {object} opts
  */
 async function quick(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const keyword = opts.keyword;
   const quantity = Number(opts.quantity || 1);
@@ -329,11 +313,7 @@ async function quick(opts) {
  * @param {{ page?: string, pageSize?: string, status?: string, shopId?: string, objectCode?: string, all?: boolean, shopKeyword?: string }} opts
  */
 async function list(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const shopId = opts.shopId != null && opts.shopId !== "" ? Number(opts.shopId) : Number(cfg.shop_id);
   if (!Number.isFinite(shopId)) {
     console.error("cyy: shopId missing (set shop_id in config or pass --shop-id)");
@@ -371,11 +351,7 @@ async function list(opts) {
  * @param {{ orderId?: string, childId?: string }} opts
  */
 async function cancel(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in.");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const orderId = opts.orderId;
   if (!orderId) {
     console.error("cyy: --order-id required");

package/src/commands/product.js CHANGED Viewed

@@ -9,11 +9,7 @@ const biz = require("../biz");
  * @param {object} opts
  */
 async function search(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in. Run: cyy auth login");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const shopId = Number(opts.shopId ?? cfg.shop_id);
   const siteId = Number(opts.siteId ?? cfg.site_id);

package/src/commands/shop.js CHANGED Viewed

@@ -28,11 +28,7 @@ function envelope(success, message, upstream, exitCode) {
  * @param {{ page?: string, pageSize?: string, name?: string, objectCode?: string }} opts
  */
 async function list(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in. Run: cyy auth login");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const body = JSON.stringify({
     pageNum: Number(opts.page || 1),
@@ -62,11 +58,7 @@ async function list(opts) {
  * @param {{ shopId?: string, siteName?: string }} opts
  */
 async function sites(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in. Run: cyy auth login");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const shopId = opts.shopId ?? cfg.shop_id;
   if (shopId === undefined || shopId === null || String(shopId).trim() === "") {
@@ -179,11 +171,7 @@ async function shopIdBelongsToMember(cfg, shopId) {
  * @param {{ shopId?: string }} opts
  */
 async function useShop(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in. Run: cyy auth login");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const shopId = opts.shopId;
   if (shopId === undefined || shopId === null || String(shopId).trim() === "") {
     console.error("cyy: shop use requires --shop-id");
@@ -229,11 +217,7 @@ async function useShop(opts) {
  * @param {{ siteId?: string }} opts
  */
 async function useSite(opts) {
-  const cfg = config.loadConfig();
-  if (!cfg?.token) {
-    console.error("cyy: not logged in. Run: cyy auth login");
-    process.exit(1);
-  }
+  const cfg = config.requireAuthSession();
   const shopId = cfg.shop_id;
   if (shopId === undefined || shopId === null || String(shopId).trim() === "") {
     console.error("cyy: no shop_id in session; run: cyy shop use --shop-id <id>");

package/src/config.js CHANGED Viewed

@@ -4,7 +4,7 @@ const fs = require("fs");
 const path = require("path");
 const os = require("os");
-const DEFAULT_BASE_URL = "https://dhcmall.ifoodbuy.com";
+const DEFAULT_BASE_URL = "https://yunping.ifoodbuy.com/";
 /** BuildConfig-style module prefixes (app-api-cli-spec §1.2) */
 const MODULE_MAP = {
@@ -69,9 +69,71 @@ function maskToken(t) {
   return `${t.slice(0, 8)}...${t.slice(-4)}`;
 }
+/** Env keys that override ~/.cyymall/config.json for the current process (ephemeral). */
+const SESSION_ENV_KEYS = [
+  ["token", "CYY_TOKEN"],
+  ["member_id", "CYY_MEMBER_ID"],
+  ["shop_id", "CYY_SHOP_ID"],
+  ["site_id", "CYY_SITE_ID"],
+  ["version_code", "CYY_VERSION_CODE"],
+  ["phone", "CYY_PHONE"],
+];
+/**
+ * Effective session: saved config merged with CYY_* env overrides (env wins when set).
+ * @returns {Record<string, unknown>}
+ */
+function getSession() {
+  const file = loadConfig() || {};
+  /** @type {Record<string, unknown>} */
+  const merged = { ...file };
+  for (const [field, envKey] of SESSION_ENV_KEYS) {
+    const v = process.env[envKey];
+    if (v != null && String(v).trim() !== "") {
+      merged[field] = String(v).trim();
+    }
+  }
+  return merged;
+}
+/**
+ * @param {Record<string, unknown>|null|undefined} [session]
+ */
+function hasAuthToken(session) {
+  const s = session ?? getSession();
+  const t = s?.token;
+  return t != null && String(t).trim() !== "";
+}
+/**
+ * @returns {Record<string, unknown>}
+ */
+function requireAuthSession() {
+  if (!hasAuthToken()) {
+    console.error(
+      "cyy: not logged in. Use one of: cyy auth login --phone ... | cyy auth import --token ... | CYY_TOKEN=...",
+    );
+    process.exit(1);
+  }
+  return getSession();
+}
+/** Names of CYY_* env vars currently overriding saved config. */
+function getEnvSessionOverrideKeys() {
+  const active = [];
+  for (const [, envKey] of SESSION_ENV_KEYS) {
+    const v = process.env[envKey];
+    if (v != null && String(v).trim() !== "") {
+      active.push(envKey);
+    }
+  }
+  return active;
+}
 module.exports = {
   DEFAULT_BASE_URL,
   MODULE_MAP,
+  SESSION_ENV_KEYS,
   getBaseUrl,
   getConfigDir,
   getConfigPath,
@@ -79,4 +141,8 @@ module.exports = {
   loadConfig,
   saveConfig,
   maskToken,
+  getSession,
+  hasAuthToken,
+  requireAuthSession,
+  getEnvSessionOverrideKeys,
 };

package/src/http.js CHANGED Viewed

@@ -46,8 +46,7 @@ function buildAuthHeaders(cfg) {
 /** Headers for unauthenticated calls (e.g. login) — still need default shop/site for gateway */
 function buildDefaultHeaders() {
-  const cfg = config.loadConfig();
-  return buildAuthHeaders(cfg);
+  return buildAuthHeaders(config.getSession());
 }
 /**