npm - favacli - Versions diffs - 0.0.13 → 0.0.15 - Mend

favacli 0.0.13 → 0.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/build/commands/export/text.d.mts +12 -0
package/build/commands/export/text.mjs +118 -0
package/build/commands/sync/resilver.d.mts +10 -0
package/build/commands/sync/resilver.mjs +24 -0
package/build/main.mjs +5 -1
package/build/utils/loadVault.mjs +25 -2
package/package.json +2 -2

package/build/commands/export/text.d.mts ADDED Viewed

@@ -0,0 +1,12 @@
+import BaseCommand from '../../BaseCommand.mjs';
+declare class ExportTextCommand extends BaseCommand {
+    static paths: string[][];
+    requireTwoFaLib: boolean;
+    pathOption: string | undefined;
+    passphraseSource: string | undefined;
+    static usage: import("clipanion").Usage;
+    exec(): Promise<{
+        success: boolean;
+    }>;
+}
+export default ExportTextCommand;

package/build/commands/export/text.mjs ADDED Viewed

@@ -0,0 +1,118 @@
+import fs from 'node:fs/promises';
+import { Option } from 'clipanion';
+import * as t from 'typanion';
+import keytar from 'keytar';
+import BaseCommand from '../../BaseCommand.mjs';
+import { password, input } from '@inquirer/prompts';
+class ExportTextCommand extends BaseCommand {
+    constructor() {
+        super(...arguments);
+        this.requireTwoFaLib = true;
+        this.pathOption = Option.String('--path', {
+            description: 'File path for the export, if not set will output to stdout',
+        });
+        this.passphraseSource = Option.String('--passphrase-source', {
+            description: 'Source of passphrase, either "stdin" or "stored"',
+            validator: t.isEnum(['stdin', 'stored']),
+        });
+    }
+    static { this.paths = [['export', 'text']]; }
+    static { this.usage = BaseCommand.Usage({
+        category: 'Export',
+        description: 'Export 2FA entries as plain text',
+        details: `
+      This command exports your 2FA entries as a plain text file.
+      You can specify a file path for the export using the --path flag.
+      You can specify the passphrase source with --passphrase-source flag:
+      - "stdin": You'll be prompted to enter a passphrase
+      - "stored": Will use the previously stored passphrase, if none is found, will be promted for a passphrase
+      If no passphrase source is specified, it will export without encryption (no passphrase).
+      WARNING: Exporting your 2FA secrets in plain text (without passphrase) is not secure.
+    `,
+        examples: [
+            ['Export entries as unencrypted text (UNSECURE)', 'export text'],
+            ['Export to specific file', 'export text --path=/path/to/export.txt'],
+            [
+                'Export using stored passphrase',
+                'export text --passphrase-source=stored',
+            ],
+            [
+                'Export with manual passphrase entry',
+                'export text --passphrase-source=stdin',
+            ],
+        ],
+    }); }
+    async exec() {
+        const entriesCount = this.twoFaLib.vault.listEntries().length;
+        // Get passphrase based on source
+        let passphrase = undefined;
+        // If passphrase source is "stored", try to get from keytar without prompting
+        if (this.passphraseSource === 'stored') {
+            try {
+                passphrase = await keytar.getPassword('favacli', 'export-passphrase');
+                if (!passphrase) {
+                    this.context.stderr.write('No stored passphrase found. Please enter a passphrase to store.\n');
+                    passphrase = await password({
+                        message: 'Enter passphrase to store and use for encryption:',
+                    });
+                    // Store the passphrase for future use
+                    await keytar.setPassword('favacli', 'export-passphrase', passphrase);
+                    this.context.stdout.write('Passphrase stored.\n');
+                }
+            }
+            catch (error) {
+                if (error instanceof Error) {
+                    this.context.stderr.write(`Failed to access stored passphrase: ${error.message}}\n`);
+                }
+                else {
+                    this.context.stderr.write(`Failed to access stored passphrase: Unknown error\n`);
+                }
+                return { success: false };
+            }
+        }
+        // Default behavior or explicit "stdin"
+        else if (this.passphraseSource === 'stdin') {
+            passphrase = await password({
+                message: 'Enter passphrase to use for encryption:',
+            });
+        }
+        // Add warning and confirmation if no passphrase is provided
+        else if (!this.passphraseSource) {
+            this.context.stderr.write('WARNING: You are about to export 2FA secrets in plain text without encryption.\n');
+            this.context.stderr.write('This is NOT SECURE and could expose your 2FA secrets if the file is accessed by others.\n');
+            const confirm = await input({
+                message: 'Type "unsecure" to acknowldge you understand the risks and to proceed with unencrypted export:',
+            });
+            if (confirm !== 'unsecure') {
+                this.context.stderr.write('Export cancelled.\n');
+                return { success: false };
+            }
+        }
+        const content = await this.twoFaLib.exportImport.exportEntries('text', passphrase, true);
+        if (this.pathOption) {
+            try {
+                await fs.writeFile(this.pathOption, content);
+                this.context.stdout.write(`Successfully exported ${entriesCount} entries to ${this.pathOption}\n`);
+                return { success: true };
+            }
+            catch (error) {
+                if (error instanceof Error) {
+                    this.context.stderr.write(`Failed to export: ${error.message}\n`);
+                }
+                else {
+                    this.context.stderr.write('Failed to export: Unknown error\n');
+                }
+                return { success: false };
+            }
+        }
+        else {
+            this.context.stdout.write(content);
+            return { success: true };
+        }
+    }
+}
+export default ExportTextCommand;

package/build/commands/sync/resilver.d.mts ADDED Viewed

@@ -0,0 +1,10 @@
+import BaseCommand from '../../BaseCommand.mjs';
+declare class ResilverCommand extends BaseCommand {
+    static paths: string[][];
+    requireTwoFaLib: boolean;
+    static usage: import("clipanion").Usage;
+    exec(): Promise<{
+        success: boolean;
+    }>;
+}
+export default ResilverCommand;

package/build/commands/sync/resilver.mjs ADDED Viewed

@@ -0,0 +1,24 @@
+import BaseCommand from '../../BaseCommand.mjs';
+class ResilverCommand extends BaseCommand {
+    constructor() {
+        super(...arguments);
+        this.requireTwoFaLib = true;
+    }
+    static { this.paths = [['sync', 'resilver']]; }
+    static { this.usage = BaseCommand.Usage({
+        category: 'Sync',
+        description: 'Resilver a vault',
+        details: `This command allows you to resync a vault to the server. This is useful if some devices have become desynced.`,
+        examples: [['Resilver a vault', 'sync resilver']],
+    }); }
+    async exec() {
+        if (!this.twoFaLib.sync) {
+            throw new Error('No server url set');
+        }
+        this.twoFaLib.sync.requestResilver();
+        // TODO: do this based on events
+        await new Promise((resolve) => setTimeout(resolve, 5000));
+        return { success: true };
+    }
+}
+export default ResilverCommand;

package/build/main.mjs CHANGED Viewed

@@ -7,6 +7,8 @@ import EntriesListCommand from './commands/entries/list.mjs';
 import EntriesSearchCommand from './commands/entries/search.mjs';
 import SyncSetServerUrlCommand from './commands/sync/setServerUrl.mjs';
 import SyncConnect from './commands/sync/connect.mjs';
+import SyncResilver from './commands/sync/resilver.mjs';
+import ExportTextCommand from './commands/export/text.mjs';
 // check node version
 const nodeRuntimeMajorVersion = parseInt(process.version.split('.')[0]);
 if (nodeRuntimeMajorVersion < 20) {
@@ -16,7 +18,7 @@ const [, , ...args] = process.argv;
 const cli = new Cli({
     binaryLabel: 'FavaCli',
     binaryName: `favacli`,
-    binaryVersion: '0.0.12',
+    binaryVersion: '0.0.15',
 });
 cli.register(VaultCreateCommand);
 cli.register(VaultDeleteCommand);
@@ -25,5 +27,7 @@ cli.register(EntriesListCommand);
 cli.register(EntriesSearchCommand);
 cli.register(SyncSetServerUrlCommand);
 cli.register(SyncConnect);
+cli.register(SyncResilver);
+cli.register(ExportTextCommand);
 cli.register(Builtins.HelpCommand);
 void cli.runExit(args);

package/build/utils/loadVault.mjs CHANGED Viewed

@@ -7,8 +7,31 @@ const twoFaLibVaultCreationUtils = getTwoFaLibVaultCreationUtils(cryptoLib, 'cli
 const loadVault = async (vaultData, settings, verbose = false) => {
     const passphrase = (await keytar.getPassword('favacli', 'vault-passphrase'));
     const twoFaLib = await twoFaLibVaultCreationUtils.loadTwoFaLibFromLockedRepesentation(vaultData, passphrase);
-    twoFaLib.addEventListener(TwoFaLibEvent.Changed, (ev) => {
-        return fs.writeFile(settings.vaultLocation, ev.detail.newLockedRepresentationString);
+    twoFaLib.addEventListener(TwoFaLibEvent.Changed, async (ev) => {
+        const tempFile = `${settings.vaultLocation}.tmp`;
+        const backupFile = `${settings.vaultLocation}.backup`;
+        try {
+            // Write to temporary file first, so we don't have to worry about partial writes
+            await fs.writeFile(tempFile, ev.detail.newLockedRepresentationString);
+            // Create backup of existing vault if it exists
+            try {
+                await fs.copyFile(settings.vaultLocation, backupFile);
+            }
+            catch (err) {
+                // If the error is not because the original file doesn't exist yet, throw it
+                if (err instanceof Error && 'code' in err && err.code !== 'ENOENT')
+                    throw err;
+            }
+            // Atomically rename temp file to target file
+            await fs.rename(tempFile, settings.vaultLocation);
+        }
+        catch (error) {
+            // Clean up temp file if something went wrong
+            await fs.unlink(tempFile).catch((err) => {
+                console.error('Failed to clean up temp file:', err);
+            });
+            throw error;
+        }
     });
     twoFaLib.addEventListener(TwoFaLibEvent.Log, (ev) => {
         if (ev.detail.severity !== 'info' || verbose) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "favacli",
-  "version": "0.0.13",
+  "version": "0.0.15",
   "description": "",
   "type": "module",
   "author": "",
@@ -10,7 +10,7 @@
     "bufferutil": "^4.0.8",
     "clipanion": "^4.0.0-rc.4",
     "env-paths": "^3.0.0",
-    "favalib": "^0.0.4",
+    "favalib": "^0.0.5",
     "keytar": "^7.9.0",
     "node-loader": "^2.0.0",
     "ts-loader": "^9.5.1",