edilkamin 1.6.2 → 1.7.2

package/src/cli.ts

@@ -4,7 +4,8 @@ import readline from "readline";
 
 import { version } from "../package.json";
 import { NEW_API_URL, OLD_API_URL } from "./constants";
-import { configure, signIn } from "./library";
+import { configure, configureAmplify, getSession, signIn } from "./library";
+import { clearSession, createFileStorage } from "./token-storage";
 
 const promptPassword = (): Promise<string> => {
   const rl = readline.createInterface({
@@ -30,12 +31,16 @@ const promptPassword = (): Promise<string> => {
 
 /**
  * Adds common options (username and password) to a command.
+ * Username is optional if a session already exists.
  * @param command The command to which options should be added.
  * @returns The command with options added.
  */
 const addAuthOptions = (command: Command): Command =>
   command
-    .requiredOption("-u, --username <username>", "Username")
+    .option(
+      "-u, --username <username>",
+      "Username (optional if session exists)",
+    )
     .option("-p, --password <password>", "Password");
 
 /**
@@ -56,11 +61,12 @@ const addLegacyOption = (command: Command): Command =>
 
 /**
  * Handles common authentication and API initialization logic.
+ * Tries to use existing session first, falls back to sign-in if needed.
  * @param options The options passed from the CLI command.
  * @returns An object containing the normalized MAC, JWT token, and configured API instance.
  */
 const initializeCommand = async (options: {
-  username: string;
+  username?: string;
   password?: string;
   mac: string;
   legacy?: boolean;
@@ -71,8 +77,26 @@ const initializeCommand = async (options: {
 }> => {
   const { username, password, mac, legacy = false } = options;
   const normalizedMac = mac.replace(/:/g, "");
-  const pwd = password || (await promptPassword());
-  const jwtToken = await signIn(username, pwd, legacy);
+
+  // Initialize file storage for session persistence
+  const storage = createFileStorage();
+  configureAmplify(storage);
+
+  let jwtToken: string;
+  try {
+    // Try to get existing session first
+    jwtToken = await getSession(false, legacy);
+  } catch {
+    // No session, need to sign in
+    if (!username) {
+      throw new Error(
+        "No session found. Please provide --username to sign in.",
+      );
+    }
+    const pwd = password || (await promptPassword());
+    jwtToken = await signIn(username, pwd, legacy);
+  }
+
   const apiUrl = legacy ? OLD_API_URL : NEW_API_URL;
   const api = configure(apiUrl);
   return { normalizedMac, jwtToken, api };
@@ -85,7 +109,7 @@ const initializeCommand = async (options: {
  */
 const executeGetter = async (
   options: {
-    username: string;
+    username?: string;
     password?: string;
     mac: string;
     legacy?: boolean;
@@ -93,8 +117,8 @@ const executeGetter = async (
   getter: (
     api: ReturnType<typeof configure>,
     jwtToken: string,
-    mac: string
-  ) => Promise<unknown>
+    mac: string,
+  ) => Promise<unknown>,
 ): Promise<void> => {
   const { normalizedMac, jwtToken, api } = await initializeCommand(options);
   const result = await getter(api, jwtToken, normalizedMac);
@@ -108,7 +132,7 @@ const executeGetter = async (
  */
 const executeSetter = async (
   options: {
-    username: string;
+    username?: string;
     password?: string;
     mac: string;
     value: number;
@@ -118,8 +142,8 @@ const executeSetter = async (
     api: ReturnType<typeof configure>,
     jwtToken: string,
     mac: string,
-    value: number
-  ) => Promise<unknown>
+    value: number,
+  ) => Promise<unknown>,
 ): Promise<void> => {
   const { normalizedMac, jwtToken, api } = await initializeCommand(options);
   const result = await setter(api, jwtToken, normalizedMac, options.value);
@@ -133,14 +157,29 @@ const createProgram = (): Command => {
     .description("CLI tool for interacting with the Edilkamin API")
     .version(version);
   // Command: signIn
-  addAuthOptions(
-    program.command("signIn").description("Sign in and retrieve a JWT token")
-  ).action(async (options) => {
-    const { username, password } = options;
-    const pwd = password || (await promptPassword());
-    const jwtToken = await signIn(username, pwd);
-    console.log("JWT Token:", jwtToken);
-  });
+  program
+    .command("signIn")
+    .description("Sign in and retrieve a JWT token")
+    .requiredOption("-u, --username <username>", "Username")
+    .option("-p, --password <password>", "Password")
+    .action(async (options) => {
+      const { username, password } = options;
+      // Initialize file storage for session persistence
+      const storage = createFileStorage();
+      configureAmplify(storage);
+      const pwd = password || (await promptPassword());
+      const jwtToken = await signIn(username, pwd);
+      console.log("JWT Token:", jwtToken);
+    });
+
+  // Command: logout
+  program
+    .command("logout")
+    .description("Clear stored session")
+    .action(async () => {
+      await clearSession();
+      console.log("Session cleared successfully");
+    });
   // Generic getter commands
   [
     {
@@ -149,7 +188,7 @@ const createProgram = (): Command => {
       getter: (
         api: ReturnType<typeof configure>,
         jwtToken: string,
-        mac: string
+        mac: string,
       ) => api.deviceInfo(jwtToken, mac),
     },
     {
@@ -158,7 +197,7 @@ const createProgram = (): Command => {
       getter: (
         api: ReturnType<typeof configure>,
         jwtToken: string,
-        mac: string
+        mac: string,
       ) => api.getPower(jwtToken, mac),
     },
     {
@@ -167,7 +206,7 @@ const createProgram = (): Command => {
       getter: (
         api: ReturnType<typeof configure>,
         jwtToken: string,
-        mac: string
+        mac: string,
       ) => api.getEnvironmentTemperature(jwtToken, mac),
     },
     {
@@ -176,14 +215,14 @@ const createProgram = (): Command => {
       getter: (
         api: ReturnType<typeof configure>,
         jwtToken: string,
-        mac: string
+        mac: string,
       ) => api.getTargetTemperature(jwtToken, mac),
     },
   ].forEach(({ commandName, description, getter }) => {
     addLegacyOption(
       addMacOption(
-        addAuthOptions(program.command(commandName).description(description))
-      )
+        addAuthOptions(program.command(commandName).description(description)),
+      ),
     ).action((options) => executeGetter(options, getter));
   });
   // Generic setter commands
@@ -195,7 +234,7 @@ const createProgram = (): Command => {
         api: ReturnType<typeof configure>,
         jwtToken: string,
         mac: string,
-        value: number
+        value: number,
       ) => api.setPower(jwtToken, mac, value),
     },
     {
@@ -205,16 +244,16 @@ const createProgram = (): Command => {
         api: ReturnType<typeof configure>,
         jwtToken: string,
         mac: string,
-        value: number
+        value: number,
       ) => api.setTargetTemperature(jwtToken, mac, value),
     },
   ].forEach(({ commandName, description, setter }) => {
     addLegacyOption(
       addMacOption(
         addAuthOptions(
-          program.command(commandName).description(description)
-        ).requiredOption("-v, --value <number>", "Value to set", parseFloat)
-      )
+          program.command(commandName).description(description),
+        ).requiredOption("-v, --value <number>", "Value to set", parseFloat),
+      ),
     ).action((options) => executeSetter(options, setter));
   });
 
@@ -223,8 +262,8 @@ const createProgram = (): Command => {
     addAuthOptions(
       program
         .command("register")
-        .description("Register a device with your account")
-    )
+        .description("Register a device with your account"),
+    ),
   )
     .requiredOption("-m, --mac <macAddress>", "MAC address of the device")
     .requiredOption("-s, --serial <serialNumber>", "Device serial number")
@@ -241,8 +280,24 @@ const createProgram = (): Command => {
         legacy = false,
       } = options;
       const normalizedMac = mac.replace(/:/g, "");
-      const pwd = password || (await promptPassword());
-      const jwtToken = await signIn(username, pwd, legacy);
+
+      // Initialize file storage for session persistence
+      const storage = createFileStorage();
+      configureAmplify(storage);
+
+      let jwtToken: string;
+      try {
+        jwtToken = await getSession(false, legacy);
+      } catch {
+        if (!username) {
+          throw new Error(
+            "No session found. Please provide --username to sign in.",
+          );
+        }
+        const pwd = password || (await promptPassword());
+        jwtToken = await signIn(username, pwd, legacy);
+      }
+
       const apiUrl = legacy ? OLD_API_URL : NEW_API_URL;
       const api = configure(apiUrl);
       const result = await api.registerDevice(
@@ -250,7 +305,7 @@ const createProgram = (): Command => {
         normalizedMac,
         serial,
         name,
-        room
+        room,
       );
       console.log("Device registered successfully:");
       console.log(JSON.stringify(result, null, 2));
@@ -260,17 +315,35 @@ const createProgram = (): Command => {
   addLegacyOption(
     addMacOption(
       addAuthOptions(
-        program.command("editDevice").description("Update device name and room")
-      )
-    )
+        program
+          .command("editDevice")
+          .description("Update device name and room"),
+      ),
+    ),
   )
     .requiredOption("-n, --name <deviceName>", "Device name")
     .requiredOption("-r, --room <deviceRoom>", "Room name")
     .action(async (options) => {
       const { username, password, mac, name, room, legacy = false } = options;
       const normalizedMac = mac.replace(/:/g, "");
-      const pwd = password || (await promptPassword());
-      const jwtToken = await signIn(username, pwd, legacy);
+
+      // Initialize file storage for session persistence
+      const storage = createFileStorage();
+      configureAmplify(storage);
+
+      let jwtToken: string;
+      try {
+        jwtToken = await getSession(false, legacy);
+      } catch {
+        if (!username) {
+          throw new Error(
+            "No session found. Please provide --username to sign in.",
+          );
+        }
+        const pwd = password || (await promptPassword());
+        jwtToken = await signIn(username, pwd, legacy);
+      }
+
       const apiUrl = legacy ? OLD_API_URL : NEW_API_URL;
       const api = configure(apiUrl);
       const result = await api.editDevice(jwtToken, normalizedMac, name, room);

package/src/index.ts

@@ -2,12 +2,13 @@ import { configure } from "./library";
 
 export { decompressBuffer, isBuffer, processResponse } from "./buffer-utils";
 export { API_URL, NEW_API_URL, OLD_API_URL } from "./constants";
-export { configure, signIn } from "./library";
+export { configure, getSession, signIn } from "./library";
 export {
   serialNumberDisplay,
   serialNumberFromHex,
   serialNumberToHex,
 } from "./serial-utils";
+export { clearSession } from "./token-storage";
 export {
   BufferEncodedType,
   CommandsType,

package/src/library.test.ts

@@ -1,4 +1,5 @@
 import { strict as assert } from "assert";
+import * as amplifyAuth from "aws-amplify/auth";
 import axios from "axios";
 import pako from "pako";
 import sinon from "sinon";
@@ -10,7 +11,7 @@ import { API_URL } from "./constants";
  * Helper to create a gzip-compressed Buffer object for testing.
  */
 const createGzippedBuffer = (
-  data: unknown
+  data: unknown,
 ): { type: "Buffer"; data: number[] } => {
   const json = JSON.stringify(data);
   const compressed = pako.gzip(json);
@@ -57,7 +58,7 @@ describe("library", () => {
       const authService = createAuthService(authStub as any);
       const token = await authService.signIn(
         expectedUsername,
-        expectedPassword
+        expectedPassword,
       );
       assert.deepEqual(authStub.signOut.args, [[]]);
       assert.deepEqual(signIn.args, [
@@ -87,7 +88,7 @@ describe("library", () => {
       const token = await authService.signIn(
         expectedUsername,
         expectedPassword,
-        true // legacy mode
+        true, // legacy mode
       );
       assert.equal(token, expectedToken);
     });
@@ -114,8 +115,82 @@ describe("library", () => {
         {
           name: "AssertionError",
           message: "Sign-in failed",
-        }
+        },
+      );
+    });
+  });
+
+  describe("getSession", () => {
+    it("should return idToken by default", async () => {
+      const mockAuth = {
+        signIn: sinon.stub().resolves({ isSignedIn: true }),
+        signOut: sinon.stub().resolves(),
+        fetchAuthSession: sinon.stub().resolves({
+          tokens: {
+            idToken: { toString: () => "mock-id-token" },
+            accessToken: { toString: () => "mock-access-token" },
+          },
+        }),
+      };
+      const { getSession, signIn } = createAuthService(
+        mockAuth as unknown as typeof amplifyAuth,
+      );
+      await signIn("user", "pass");
+      const token = await getSession();
+      assert.equal(token, "mock-id-token");
+    });
+
+    it("should return accessToken when legacy=true", async () => {
+      const mockAuth = {
+        signIn: sinon.stub().resolves({ isSignedIn: true }),
+        signOut: sinon.stub().resolves(),
+        fetchAuthSession: sinon.stub().resolves({
+          tokens: {
+            idToken: { toString: () => "mock-id-token" },
+            accessToken: { toString: () => "mock-access-token" },
+          },
+        }),
+      };
+      const { getSession, signIn } = createAuthService(
+        mockAuth as unknown as typeof amplifyAuth,
+      );
+      await signIn("user", "pass");
+      const token = await getSession(false, true);
+      assert.equal(token, "mock-access-token");
+    });
+
+    it("should throw error when no session exists", async () => {
+      const mockAuth = {
+        signIn: sinon.stub().resolves({ isSignedIn: true }),
+        signOut: sinon.stub().resolves(),
+        fetchAuthSession: sinon.stub().resolves({ tokens: null }),
+      };
+      const { getSession } = createAuthService(
+        mockAuth as unknown as typeof amplifyAuth,
+      );
+      await assert.rejects(async () => getSession(), {
+        name: "AssertionError",
+        message: "No session found - please sign in first",
+      });
+    });
+
+    it("should pass forceRefresh to fetchAuthSession", async () => {
+      const mockAuth = {
+        signIn: sinon.stub().resolves({ isSignedIn: true }),
+        signOut: sinon.stub().resolves(),
+        fetchAuthSession: sinon.stub().resolves({
+          tokens: {
+            idToken: { toString: () => "mock-id-token" },
+            accessToken: { toString: () => "mock-access-token" },
+          },
+        }),
+      };
+      const { getSession, signIn } = createAuthService(
+        mockAuth as unknown as typeof amplifyAuth,
       );
+      await signIn("user", "pass");
+      await getSession(true);
+      assert.ok(mockAuth.fetchAuthSession.calledWith({ forceRefresh: true }));
     });
   });
 
@@ -278,7 +353,7 @@ describe("library", () => {
           api: ReturnType<typeof configure>,
           token: string,
           mac: string,
-          value: number
+          value: number,
         ) => api.setTargetTemperature(token, mac, value),
         payload: {
           name: "enviroment_1_temperature",
@@ -298,7 +373,7 @@ describe("library", () => {
           api,
           expectedToken,
           "mockMacAddress",
-          payload.value
+          payload.value,
         );
 
         assert.deepEqual(mockAxios.put.args, [
@@ -339,7 +414,7 @@ describe("library", () => {
         "AA:BB:CC:DD:EE:FF",
         "EDK123",
         "Test Stove",
-        "Living Room"
+        "Living Room",
       );
 
       assert.deepEqual(mockAxios.post.args, [
@@ -407,7 +482,7 @@ describe("library", () => {
         expectedToken,
         "AA:BB:CC:DD:EE:FF",
         "Updated Name",
-        "Basement"
+        "Basement",
       );
 
       assert.deepEqual(mockAxios.put.args, [
@@ -564,7 +639,7 @@ describe("library", () => {
 
       const result = await api.getEnvironmentTemperature(
         expectedToken,
-        "mockMacAddress"
+        "mockMacAddress",
       );
 
       assert.equal(result, 19);
@@ -589,7 +664,7 @@ describe("library", () => {
 
       const result = await api.getTargetTemperature(
         expectedToken,
-        "mockMacAddress"
+        "mockMacAddress",
       );
 
       assert.equal(result, 22);

package/src/library.ts

@@ -1,6 +1,7 @@
 import { strict as assert } from "assert";
 import { Amplify } from "aws-amplify";
 import * as amplifyAuth from "aws-amplify/auth";
+import { cognitoUserPoolsTokenProvider } from "aws-amplify/auth/cognito";
 import axios, { AxiosInstance } from "axios";
 
 import { processResponse } from "./buffer-utils";
@@ -31,10 +32,19 @@ let amplifyConfigured = false;
 /**
  * Configures Amplify if not already configured.
  * Uses a local flag to avoid calling getConfig() which prints a warning.
+ * @param {object} [storage] - Optional custom storage adapter for token persistence
  */
-const configureAmplify = () => {
+const configureAmplify = (storage?: {
+  setItem: (key: string, value: string) => Promise<void>;
+  getItem: (key: string) => Promise<string | null>;
+  removeItem: (key: string) => Promise<void>;
+  clear: () => Promise<void>;
+}) => {
   if (amplifyConfigured) return;
   Amplify.configure(amplifyconfiguration);
+  if (storage) {
+    cognitoUserPoolsTokenProvider.setKeyValueStorage(storage);
+  }
   amplifyConfigured = true;
 };
 
@@ -55,7 +65,7 @@ const createAuthService = (auth: typeof amplifyAuth) => {
   const signIn = async (
     username: string,
     password: string,
-    legacy: boolean = false
+    legacy: boolean = false,
   ): Promise<string> => {
     configureAmplify();
     await auth.signOut(); // Ensure the user is signed out first
@@ -70,11 +80,35 @@ const createAuthService = (auth: typeof amplifyAuth) => {
     assert.ok(tokens.idToken, "No ID token found");
     return tokens.idToken.toString();
   };
-  return { signIn };
+
+  /**
+   * Retrieves the current session, refreshing tokens if necessary.
+   * Requires a prior successful signIn() call.
+   * @param {boolean} [forceRefresh=false] - Force token refresh even if valid
+   * @param {boolean} [legacy=false] - If true, returns accessToken for legacy API
+   * @returns {Promise<string>} - The JWT token (idToken or accessToken)
+   * @throws {Error} - If no session exists (user needs to sign in)
+   */
+  const getSession = async (
+    forceRefresh: boolean = false,
+    legacy: boolean = false,
+  ): Promise<string> => {
+    configureAmplify();
+    const { tokens } = await auth.fetchAuthSession({ forceRefresh });
+    assert.ok(tokens, "No session found - please sign in first");
+    if (legacy) {
+      assert.ok(tokens.accessToken, "No access token found");
+      return tokens.accessToken.toString();
+    }
+    assert.ok(tokens.idToken, "No ID token found");
+    return tokens.idToken.toString();
+  };
+
+  return { signIn, getSession };
 };
 
 // Create the default auth service using amplifyAuth
-const { signIn } = createAuthService(amplifyAuth);
+const { signIn, getSession } = createAuthService(amplifyAuth);
 
 const deviceInfo =
   (axiosInstance: AxiosInstance) =>
@@ -91,7 +125,7 @@ const deviceInfo =
       `device/${macAddress}/info`,
       {
         headers: headers(jwtToken),
-      }
+      },
     );
     // Process response to decompress any gzipped Buffer fields
     return processResponse(response.data) as DeviceInfoType;
@@ -104,7 +138,7 @@ const mqttCommand =
     axiosInstance.put(
       "mqtt/command",
       { mac_address: macAddress, ...payload },
-      { headers: headers(jwtToken) }
+      { headers: headers(jwtToken) },
     );
 
 const setPower =
@@ -228,7 +262,7 @@ const registerDevice =
     macAddress: string,
     serialNumber: string,
     deviceName: string = "",
-    deviceRoom: string = ""
+    deviceRoom: string = "",
   ): Promise<DeviceAssociationResponse> => {
     const body: DeviceAssociationBody = {
       macAddress: macAddress.replace(/:/g, ""),
@@ -239,7 +273,7 @@ const registerDevice =
     const response = await axiosInstance.post<DeviceAssociationResponse>(
       "device",
       body,
-      { headers: headers(jwtToken) }
+      { headers: headers(jwtToken) },
     );
     return response.data;
   };
@@ -259,7 +293,7 @@ const editDevice =
     jwtToken: string,
     macAddress: string,
     deviceName: string = "",
-    deviceRoom: string = ""
+    deviceRoom: string = "",
   ): Promise<DeviceAssociationResponse> => {
     const normalizedMac = macAddress.replace(/:/g, "");
     const body: EditDeviceAssociationBody = {
@@ -269,7 +303,7 @@ const editDevice =
     const response = await axiosInstance.put<DeviceAssociationResponse>(
       `device/${normalizedMac}`,
       body,
-      { headers: headers(jwtToken) }
+      { headers: headers(jwtToken) },
     );
     return response.data;
   };
@@ -312,4 +346,11 @@ const configure = (baseURL: string = API_URL) => {
   };
 };
 
-export { configure, createAuthService, headers, signIn };
+export {
+  configure,
+  configureAmplify,
+  createAuthService,
+  getSession,
+  headers,
+  signIn,
+};