gameplatform-cli 1.0.0

package/README.md

@@ -0,0 +1,73 @@
+# gameplatform-cli
+
+Publish and monetize browser games on **GamePlatform** from your terminal.
+Designed to be driven by an AI assistant (Claude Code / Codex / Cursor): hand it
+the [onboarding runbook](https://game-platform-3eg.pages.dev/creator-onboarding.md)
+and it can do almost everything. The only human step is Stripe identity/bank
+verification (KYC).
+
+## Install
+
+```
+npm install -g gameplatform-cli
+gameplatform --help
+```
+
+Requires Node 18+.
+
+## Quick start
+
+```bash
+# 1. Log in (one time)
+gameplatform login                 # email/password
+gameplatform login --browser       # or Google
+
+# 2. Set up payouts — Stripe Connect
+gameplatform connect               # prints a URL; a HUMAN completes KYC in a browser
+gameplatform connect               # run again to confirm it says COMPLETE
+
+# 3. Publish (optionally set pricing in the same step)
+gameplatform deploy game.zip --title "My Game" --pricing paid --price 500 --agree-terms
+
+# 4. Pricing later / changes
+gameplatform pricing <game-id> --model stamina --max 3 --regen 480 --refill 100 --buyout 500
+gameplatform pricing <game-id> --model free
+
+# 5. Sales & payouts
+gameplatform earnings
+```
+
+You keep **80%** of sales (20% platform fee). Payouts run **automatically on the
+1st of each month** to your bank (sales from the last 7 days are held for refund
+protection). You never share your bank details with the platform — Stripe holds
+them.
+
+## Commands
+
+| Command | Description |
+|---|---|
+| `login [--browser]` | Authenticate |
+| `connect` | Create/check Stripe Connect; prints the KYC URL |
+| `deploy <zip> --title ... [--pricing ...] --agree-terms` | Submit a game |
+| `pricing <game-id> --model free\|paid\|stamina ...` | Set monetization (JPY) |
+| `update <game-id> <zip> --ver ...` | Submit an update |
+| `promote <game-id>` | Publish a staged version |
+| `earnings` | Sales & payout status |
+| `games` / `status` | List games / submission status |
+| `thumbnail` / `screenshot` / `video` | Upload media |
+| `delete <game-id>` | Delete a game |
+| `logout` | Clear credentials |
+
+Full docs: https://game-platform-3eg.pages.dev/developers
+
+## Notes
+
+- ZIPs must use forward-slash paths (`zip -r`, not Windows "Compress-Archive").
+  The root must contain `index.html`.
+- `--agree-terms` affirms the
+  [creator agreement](https://game-platform-3eg.pages.dev/creator-terms);
+  it is required to submit.
+
+## License
+
+MIT

package/bin/gameplatform.js

@@ -0,0 +1,118 @@
+#!/usr/bin/env node
+
+import { Command } from 'commander';
+import { loginCommand } from '../src/commands/login.js';
+import { deployCommand } from '../src/commands/deploy.js';
+import { updateCommand } from '../src/commands/update.js';
+import { promoteCommand } from '../src/commands/promote.js';
+import { gamesCommand } from '../src/commands/games.js';
+import { statusCommand } from '../src/commands/status.js';
+import { logoutCommand } from '../src/commands/logout.js';
+import { deleteCommand } from '../src/commands/delete.js';
+import { thumbnailCommand } from '../src/commands/thumbnail.js';
+import { screenshotCommand } from '../src/commands/screenshot.js';
+import { videoCommand } from '../src/commands/video.js';
+import { connectCommand, earningsCommand } from '../src/commands/connect.js';
+import { pricingCommand } from '../src/commands/pricing.js';
+
+const program = new Command();
+
+program
+  .name('gameplatform')
+  .description('Game Platform CLI — Deploy and manage your games')
+  .version('1.0.0');
+
+program
+  .command('login')
+  .description('Authenticate with Game Platform')
+  .option('--browser', 'Login via browser (Google OAuth)')
+  .action(loginCommand);
+
+program
+  .command('deploy <zip>')
+  .description('Submit a new game (optionally set pricing in the same step)')
+  .requiredOption('--title <title>', 'Game title')
+  .option('--genre <genre>', 'Game genre', 'casual')
+  .option('--description <desc>', 'Game description', '')
+  .option('--ver <ver>', 'Game version (semver, e.g. 1.0.0)', '1.0.0')
+  .option('--draft', 'Upload as draft (not public, creator-only preview)')
+  .option('--agree-terms', 'Affirm the creator agreement (required to submit)')
+  .option('--pricing <model>', 'Monetization: free | paid | stamina')
+  .option('--price <jpy>', 'Buyout price in JPY (with --pricing paid)')
+  .option('--max <n>', 'Stamina max (with --pricing stamina)')
+  .option('--regen <minutes>', 'Minutes to regenerate 1 stamina (with --pricing stamina)')
+  .option('--refill <jpy>', 'Price to buy 1 stamina refill, JPY (stamina, optional)')
+  .option('--buyout <jpy>', 'Buyout price to remove the limit, JPY (stamina, optional)')
+  .action(deployCommand);
+
+program
+  .command('update <game-id> <zip>')
+  .description('Submit a game update (version must be different from current)')
+  .requiredOption('--ver <ver>', 'New version number (must differ from current)')
+  .option('--stage', 'Upload as a creator-only preview version (public keeps the current version)')
+  .option('--confirmed', 'Confirm the pre-release checklist (required for direct publish without --stage)')
+  .action(updateCommand);
+
+program
+  .command('promote <game-id>')
+  .description('Publish the staged version to the public (staging -> current)')
+  .option('--confirmed', 'Confirm the pre-release checklist (required to publish)')
+  .action(promoteCommand);
+
+program
+  .command('connect')
+  .description('Set up / check Stripe Connect (payouts). Prints an onboarding URL for the one human KYC step.')
+  .action(connectCommand);
+
+program
+  .command('earnings')
+  .description('Show your sales and payout status')
+  .action(earningsCommand);
+
+program
+  .command('pricing <game-id>')
+  .description('Set monetization (free / buyout / stamina) in JPY')
+  .requiredOption('--model <model>', 'free | paid | stamina')
+  .option('--price <jpy>', 'Buyout price in JPY (paid)')
+  .option('--max <n>', 'Stamina max (stamina)')
+  .option('--regen <minutes>', 'Minutes to regenerate 1 stamina (stamina)')
+  .option('--refill <jpy>', 'Price to buy 1 stamina refill, JPY (stamina, optional)')
+  .option('--buyout <jpy>', 'Buyout price to remove the limit, JPY (stamina, optional)')
+  .action(pricingCommand);
+
+program
+  .command('games')
+  .description('List your games')
+  .action(gamesCommand);
+
+program
+  .command('status')
+  .description('Check submission status')
+  .action(statusCommand);
+
+program
+  .command('delete <game-id>')
+  .description('Delete your game and all its data')
+  .action(deleteCommand);
+
+program
+  .command('thumbnail <game-id> <image>')
+  .description('Upload game thumbnail (png/jpg/webp, max 2MB)')
+  .action(thumbnailCommand);
+
+program
+  .command('screenshot <game-id> <image>')
+  .description('Add a screenshot to the game gallery (png/jpg/webp, max 4MB, up to 8). Run multiple times for multiple shots.')
+  .action(screenshotCommand);
+
+program
+  .command('video <game-id> <video>')
+  .description('Upload a short preview video (mp4/webm, max 20MB) for the detail page')
+  .action(videoCommand);
+
+program
+  .command('logout')
+  .description('Clear saved credentials')
+  .action(logoutCommand);
+
+program.parse();

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "gameplatform-cli",
+  "version": "1.0.0",
+  "description": "CLI to publish and monetize browser games on GamePlatform — deploy, set pricing, connect Stripe payouts, and check earnings from the terminal (AI-assistant friendly).",
+  "type": "module",
+  "bin": {
+    "gameplatform": "./bin/gameplatform.js"
+  },
+  "files": [
+    "bin/",
+    "src/",
+    "README.md"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "keywords": [
+    "gameplatform",
+    "games",
+    "cli",
+    "publish",
+    "stripe",
+    "indie"
+  ],
+  "homepage": "https://game-platform-3eg.pages.dev/developers",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/KanW123/GamePlatform.git",
+    "directory": "cli"
+  },
+  "bugs": {
+    "url": "https://github.com/KanW123/GamePlatform/issues"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "commander": "^12.0.0",
+    "open": "^10.0.0"
+  }
+}

package/src/api.js

@@ -0,0 +1,24 @@
+import { config } from './config.js';
+import { getValidToken } from './auth.js';
+
+export async function apiRequest(path, options = {}) {
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Session expired. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  const url = `${config.API_BASE}${path}`;
+  const headers = {
+    'Authorization': `Bearer ${token}`,
+    ...options.headers,
+  };
+
+  const res = await fetch(url, { ...options, headers });
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({ error: { message: res.statusText } }));
+    throw new Error(err.error?.message || `Request failed: ${res.status}`);
+  }
+  if (res.status === 204) return null;
+  return res.json();
+}

package/src/auth.js

@@ -0,0 +1,79 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync, unlinkSync } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+import { config } from './config.js';
+
+const CRED_DIR = join(homedir(), '.gameplatform');
+const CRED_FILE = join(CRED_DIR, 'credentials.json');
+
+export function saveCredentials(session) {
+  if (!existsSync(CRED_DIR)) {
+    mkdirSync(CRED_DIR, { recursive: true });
+  }
+  const data = {
+    access_token: session.access_token,
+    refresh_token: session.refresh_token,
+    expires_at: session.expires_at || (Date.now() / 1000 + 3600),
+    user: session.user ? {
+      id: session.user.id,
+      email: session.user.email,
+      display_name: session.user.user_metadata?.display_name || session.user.email?.split('@')[0],
+    } : null,
+  };
+  writeFileSync(CRED_FILE, JSON.stringify(data, null, 2));
+}
+
+export function loadCredentials() {
+  if (!existsSync(CRED_FILE)) return null;
+  try {
+    return JSON.parse(readFileSync(CRED_FILE, 'utf-8'));
+  } catch {
+    return null;
+  }
+}
+
+export function clearCredentials() {
+  if (existsSync(CRED_FILE)) unlinkSync(CRED_FILE);
+}
+
+export async function getValidToken() {
+  const creds = loadCredentials();
+  if (!creds) return null;
+
+  // Check if token is expired (with 60s buffer)
+  const now = Date.now() / 1000;
+  if (creds.expires_at && creds.expires_at - 60 > now) {
+    return creds.access_token;
+  }
+
+  // Try refresh
+  if (creds.refresh_token) {
+    try {
+      const res = await fetch(`${config.SUPABASE_URL}/auth/v1/token?grant_type=refresh_token`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'apikey': config.SUPABASE_ANON_KEY,
+        },
+        body: JSON.stringify({ refresh_token: creds.refresh_token }),
+      });
+      if (res.ok) {
+        const data = await res.json();
+        saveCredentials(data);
+        return data.access_token;
+      }
+    } catch { /* fall through */ }
+  }
+
+  return null;
+}
+
+export async function requireAuth() {
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in or session expired. Run: gameplatform login');
+    process.exit(1);
+  }
+  const creds = loadCredentials();
+  return { ...creds, access_token: token };
+}

package/src/checklist.js

@@ -0,0 +1,15 @@
+// Pre-release checklist shown before a public release (direct publish / promote).
+// Non-interactive by design: the command refuses without --confirmed and prints
+// this list, so both humans and AI agents see it and must consciously re-run.
+export const RELEASE_CHECKLIST = [
+  'セーブ形式を変えた場合、旧セーブのマイグレーション（後方互換）に対応した',
+  '「検証版をプレイ」で自分の既存セーブが正常に読めることを確認した',
+  '起動・対戦・課金導線など主要な動作を確認した',
+];
+
+export function printReleaseChecklist(rerunCmd) {
+  console.error('\n⚠ リリース前チェック（未確認のため中止しました）');
+  for (const item of RELEASE_CHECKLIST) console.error(`  [ ] ${item}`);
+  console.error('\n※ 自動で互換性は判定できません。検証版を自分の既存セーブで起動して確認してください。');
+  console.error(`確認できたら再実行: ${rerunCmd}\n`);
+}

package/src/commands/connect.js

@@ -0,0 +1,81 @@
+import { apiRequest } from '../api.js';
+
+// `gameplatform connect` — one smart command for the whole Stripe Connect setup.
+// AI-friendly: the agent runs it, hands the printed URL to the human for the one
+// unavoidable human step (identity/bank KYC), then runs it again to confirm.
+//   - no account yet  -> creates the Express account, prints the onboarding URL
+//   - onboarding open  -> prints the resume URL
+//   - complete         -> prints status + balances
+export async function connectCommand() {
+  const status = await apiRequest('/developer/connect/status');
+
+  if (!status.connected) {
+    console.log('Stripe Connect: not set up yet. Creating your connected account...');
+    const { onboarding_url } = await apiRequest('/developer/connect/create', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: '{}',
+    });
+    printOnboarding(onboarding_url);
+    return;
+  }
+
+  if (status.onboarding_status !== 'complete') {
+    console.log('Stripe Connect: onboarding not finished yet.');
+    const { onboarding_url } = await apiRequest('/developer/connect/onboarding-link');
+    printOnboarding(onboarding_url);
+    return;
+  }
+
+  // Complete.
+  console.log(
+    `\n  Stripe Connect: COMPLETE` +
+    (status.payouts_enabled
+      ? '  (payouts enabled)'
+      : '  (payouts NOT enabled yet — open the Stripe dashboard and finish the remaining items)')
+  );
+  console.log(`  Earned   : ¥${(status.total_earned || 0).toLocaleString()}`);
+  console.log(`  Unsettled: ¥${(status.unsettled_balance || 0).toLocaleString()}  (paid out automatically on the 1st of each month)`);
+  console.log(`  Paid out : ¥${(status.total_settled || 0).toLocaleString()}`);
+  console.log(`\n  You're ready to publish. Next:  gameplatform deploy <your-game.zip> --title "..." --pricing ...\n`);
+}
+
+function printOnboarding(url) {
+  console.log('');
+  console.log('  ===================================================================');
+  console.log('  HUMAN STEP REQUIRED (an AI cannot do this — it is legal identity KYC)');
+  console.log('  Open this URL in a browser and complete identity + bank verification:');
+  console.log('');
+  console.log('     ' + url);
+  console.log('');
+  console.log('  - Already have a Stripe account? It becomes a quick "authorize".');
+  console.log('  - New to Stripe? ~5 minutes (ID + bank account).');
+  console.log('  When finished, run:  gameplatform connect   (to confirm it says COMPLETE)');
+  console.log('  ===================================================================');
+  console.log('');
+}
+
+// `gameplatform earnings` — show sales + payout status.
+export async function earningsCommand() {
+  const [status, earnings] = await Promise.all([
+    apiRequest('/developer/connect/status').catch(() => null),
+    apiRequest('/developer/earnings'),
+  ]);
+  const { total_earned = 0, total_settled = 0, unsettled_balance = 0, by_game = [] } = earnings || {};
+
+  console.log('\n  Earnings');
+  console.log('  ' + '-'.repeat(50));
+  console.log(`  Total earned : ¥${total_earned.toLocaleString()}`);
+  console.log(`  Unsettled    : ¥${unsettled_balance.toLocaleString()}  (next monthly payout; last 7 days held for refunds)`);
+  console.log(`  Paid out     : ¥${total_settled.toLocaleString()}`);
+  if (status && status.connected && !status.payouts_enabled) {
+    console.log('  ! payouts not enabled yet — run "gameplatform connect" to finish onboarding.');
+  }
+  if (by_game.length) {
+    console.log('\n  Per game:');
+    for (const g of by_game) {
+      console.log(`    ${String(g.game_id).padEnd(24)} x${g.count}   gross ¥${g.gross.toLocaleString()}   you ¥${g.net.toLocaleString()}`);
+    }
+  }
+  console.log();
+}

package/src/commands/delete.js

@@ -0,0 +1,23 @@
+import { createInterface } from 'readline';
+import { apiRequest } from '../api.js';
+
+export async function deleteCommand(gameId) {
+  // Confirm
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  const answer = await new Promise(resolve => {
+    rl.question(`Delete game "${gameId}" and all its data? This cannot be undone. (yes/no): `, resolve);
+  });
+  rl.close();
+
+  if (answer.toLowerCase() !== 'yes') {
+    console.log('Cancelled.');
+    return;
+  }
+
+  console.log(`Deleting ${gameId}...`);
+  const result = await apiRequest(`/developer/games/${encodeURIComponent(gameId)}`, {
+    method: 'DELETE',
+  });
+
+  console.log(`Deleted: ${result.game_id}`);
+}

package/src/commands/deploy.js

@@ -0,0 +1,103 @@
+import { readFileSync, statSync } from 'fs';
+import { resolve } from 'path';
+import { config } from '../config.js';
+import { getValidToken } from '../auth.js';
+
+export async function deployCommand(zipPath, options) {
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  const filePath = resolve(zipPath);
+  let stat;
+  try {
+    stat = statSync(filePath);
+  } catch {
+    console.error(`File not found: ${filePath}`);
+    process.exit(1);
+  }
+
+  if (stat.size > 50 * 1024 * 1024) {
+    console.error('ZIP file exceeds 50MB limit');
+    process.exit(1);
+  }
+
+  if (!options.title) {
+    console.error('--title is required');
+    process.exit(1);
+  }
+
+  // Creator terms consent (the API requires the current version). Passing
+  // --agree-terms affirms the creator agreement; without it we refuse.
+  if (!options.agreeTerms) {
+    console.error('クリエイター規約への同意が必要です。');
+    console.error(`規約: ${config.PLATFORM_URL}/creator-terms`);
+    console.error('内容を確認のうえ、同意して再実行してください: gameplatform deploy ... --agree-terms');
+    process.exit(1);
+  }
+
+  const fileBuffer = readFileSync(filePath);
+  const sizeMB = (stat.size / 1024 / 1024).toFixed(1);
+  console.log(`Uploading ${options.title} (${sizeMB}MB)...`);
+
+  const params = {
+    title: options.title,
+    genre: options.genre || 'casual',
+    description: options.description || '',
+    version: options.ver || '1.0.0',
+    terms_version: config.CREATOR_TERMS_VERSION,
+  };
+  if (options.draft) params.draft = 'true';
+  const qs = new URLSearchParams(params);
+
+  const res = await fetch(`${config.API_BASE}/submissions?${qs}`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/zip',
+      'Authorization': `Bearer ${token}`,
+    },
+    body: fileBuffer,
+  });
+
+  const data = await res.json();
+  if (!res.ok) {
+    console.error('Upload failed:', data.error?.message || 'Unknown error');
+    process.exit(1);
+  }
+
+  if (data.validation?.errors?.length > 0) {
+    console.error('Validation errors:');
+    data.validation.errors.forEach(e => console.error(`  - ${e}`));
+    process.exit(1);
+  }
+
+  console.log(data.draft ? 'Uploaded as draft!' : 'Published!');
+  console.log(`  Game ID: ${data.game_id || data.submission?.id}`);
+  console.log(`  Status: ${data.draft ? 'draft (preview only)' : data.published ? 'published' : data.submission?.status}`);
+
+  if (data.validation?.warnings?.length > 0) {
+    console.log('  Warnings:');
+    data.validation.warnings.forEach(w => console.log(`    - ${w}`));
+  }
+
+  // Optional: set monetization in the same step. Only works once the game row
+  // exists (direct publish). If it went to review, set it after approval with
+  // `gameplatform pricing <game-id> --model ...`.
+  if (options.pricing && options.pricing !== 'free') {
+    const gameId = data.game_id;
+    if (!gameId) {
+      console.log(`\n  承認後に価格を設定してください: gameplatform pricing <game-id> --model ${options.pricing} ...`);
+    } else {
+      try {
+        const { applyPricing } = await import('./pricing.js');
+        const res = await applyPricing(gameId, options);
+        console.log(`  Pricing: ${res.pricing}`);
+      } catch (err) {
+        console.error(`  価格未設定: ${err.message}`);
+        console.error(`  手動で: gameplatform pricing ${gameId} --model ${options.pricing} ...`);
+      }
+    }
+  }
+}

package/src/commands/games.js

@@ -0,0 +1,21 @@
+import { apiRequest } from '../api.js';
+
+export async function gamesCommand() {
+  const { games } = await apiRequest('/developer/games');
+
+  if (!games || games.length === 0) {
+    console.log('No games found. Deploy one with: gameplatform deploy <zip> --title "My Game"');
+    return;
+  }
+
+  console.log(`\n  ${'ID'.padEnd(25)} ${'TITLE'.padEnd(25)} ${'VERSION'.padEnd(10)} ${'STATUS'.padEnd(12)} GENRE`);
+  console.log('  ' + '-'.repeat(85));
+
+  for (const g of games) {
+    const status = g.taken_down_reason ? 'TAKEN DOWN' : g.status.toUpperCase();
+    console.log(
+      `  ${(g.id || '').padEnd(25)} ${(g.title || '').padEnd(25)} ${('v' + (g.current_version || '?')).padEnd(10)} ${status.padEnd(12)} ${g.genre || ''}`
+    );
+  }
+  console.log();
+}

package/src/commands/login.js

@@ -0,0 +1,191 @@
+import { createInterface } from 'readline';
+import { createServer } from 'http';
+import { config } from '../config.js';
+import { saveCredentials, loadCredentials, clearCredentials, getValidToken } from '../auth.js';
+
+export async function loginCommand(options) {
+  // Already logged in? Only short-circuit if the session is still valid/refreshable.
+  const existing = loadCredentials();
+  if (existing?.user) {
+    const token = await getValidToken(); // refreshes if possible
+    if (token) {
+      console.log(`Already logged in as ${existing.user.display_name} (${existing.user.email})`);
+      console.log('Run "gameplatform logout" first to switch accounts.');
+      return;
+    }
+    // Stored session expired and couldn't be refreshed — clear it and sign in again.
+    console.log(`Session for ${existing.user.email} expired — signing in again...`);
+    clearCredentials();
+  }
+
+  if (options.browser) {
+    await browserLogin();
+  } else {
+    await emailLogin();
+  }
+}
+
+async function emailLogin() {
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  const ask = (q) => new Promise(resolve => rl.question(q, resolve));
+
+  const email = await ask('Email: ');
+  const password = await askPassword('Password: ');
+  rl.close();
+
+  console.log('\nAuthenticating...');
+
+  const res = await fetch(`${config.SUPABASE_URL}/auth/v1/token?grant_type=password`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'apikey': config.SUPABASE_ANON_KEY,
+    },
+    body: JSON.stringify({ email, password }),
+  });
+
+  if (!res.ok) {
+    const err = await res.json().catch(() => ({}));
+    console.error('Login failed:', err.error_description || err.msg || 'Unknown error');
+    process.exit(1);
+  }
+
+  const data = await res.json();
+  saveCredentials(data);
+
+  const name = data.user?.user_metadata?.display_name || email.split('@')[0];
+  console.log(`Logged in as ${name} (${email})`);
+}
+
+async function browserLogin() {
+  const open = (await import('open')).default;
+
+  return new Promise((resolve) => {
+    const server = createServer((req, res) => {
+      const url = new URL(req.url, 'http://localhost');
+
+      if (url.pathname === '/' && req.method === 'GET') {
+        // Serve a page that extracts tokens from URL hash
+        res.writeHead(200, { 'Content-Type': 'text/html' });
+        res.end(`<!DOCTYPE html>
+<html><head><title>GamePlatform CLI</title></head>
+<body style="font-family:monospace;background:#060a10;color:#0ff;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0">
+<div style="text-align:center">
+<h2>Authenticating...</h2>
+<p id="status">Processing tokens...</p>
+<script>
+const hash = window.location.hash.substring(1);
+const params = new URLSearchParams(hash);
+const access_token = params.get('access_token');
+const refresh_token = params.get('refresh_token');
+if (access_token) {
+  fetch('/receive-token', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ access_token, refresh_token })
+  }).then(() => {
+    document.getElementById('status').textContent = 'Login successful! You can close this tab.';
+  });
+} else {
+  document.getElementById('status').textContent = 'No token received. Please try again.';
+}
+</script>
+</div></body></html>`);
+        return;
+      }
+
+      if (url.pathname === '/receive-token' && req.method === 'POST') {
+        let body = '';
+        req.on('data', (chunk) => { body += chunk; });
+        req.on('end', async () => {
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end('{"ok":true}');
+
+          try {
+            const tokens = JSON.parse(body);
+
+            // Fetch user info with the token
+            const userRes = await fetch(`${config.SUPABASE_URL}/auth/v1/user`, {
+              headers: {
+                'Authorization': `Bearer ${tokens.access_token}`,
+                'apikey': config.SUPABASE_ANON_KEY,
+              },
+            });
+            const user = userRes.ok ? await userRes.json() : null;
+
+            saveCredentials({
+              access_token: tokens.access_token,
+              refresh_token: tokens.refresh_token,
+              expires_at: Date.now() / 1000 + 3600,
+              user,
+            });
+
+            const name = user?.user_metadata?.display_name || user?.email?.split('@')[0] || 'User';
+            console.log(`\nLogged in as ${name} (${user?.email || 'unknown'})`);
+          } catch (err) {
+            console.error('\nLogin failed:', err.message);
+          }
+
+          server.close();
+          resolve();
+        });
+        return;
+      }
+
+      res.writeHead(404);
+      res.end('Not found');
+    });
+
+    server.listen(0, () => {
+      const port = server.address().port;
+      const callbackUrl = `http://localhost:${port}`;
+      const authUrl = `${config.SUPABASE_URL}/auth/v1/authorize?provider=google&redirect_to=${encodeURIComponent(callbackUrl)}`;
+
+      console.log(`Opening browser for authentication...`);
+      console.log(`If browser doesn't open, visit: ${authUrl}`);
+      open(authUrl);
+    });
+  });
+}
+
+function askPassword(prompt) {
+  return new Promise((resolve) => {
+    const stdin = process.stdin;
+
+    // If not a TTY (piped input), use readline
+    if (!stdin.isTTY) {
+      const rl = createInterface({ input: stdin, output: process.stdout });
+      rl.question(prompt, (answer) => { rl.close(); resolve(answer); });
+      return;
+    }
+
+    process.stdout.write(prompt);
+    stdin.setRawMode(true);
+    stdin.resume();
+    stdin.setEncoding('utf8');
+
+    let password = '';
+    const onData = (ch) => {
+      if (ch === '\r' || ch === '\n') {
+        stdin.setRawMode(false);
+        stdin.removeListener('data', onData);
+        stdin.pause();
+        resolve(password);
+        return;
+      }
+      if (ch === '\u0003') { // Ctrl+C
+        process.exit();
+      }
+      if (ch === '\u007f' || ch === '\b') { // Backspace
+        if (password.length > 0) {
+          password = password.slice(0, -1);
+          process.stdout.write('\b \b');
+        }
+        return;
+      }
+      password += ch;
+      process.stdout.write('*');
+    };
+    stdin.on('data', onData);
+  });
+}

package/src/commands/logout.js

@@ -0,0 +1,6 @@
+import { clearCredentials } from '../auth.js';
+
+export function logoutCommand() {
+  clearCredentials();
+  console.log('Logged out.');
+}

package/src/commands/pricing.js

@@ -0,0 +1,48 @@
+import { apiRequest } from '../api.js';
+
+// Build the pricing request body from CLI options and POST it.
+// Shared by `gameplatform pricing` and the `deploy --pricing ...` post-step.
+export async function applyPricing(gameId, options) {
+  const model = options.pricing || options.model;
+  if (!['free', 'paid', 'stamina'].includes(model)) {
+    throw new Error('--pricing/--model must be: free | paid | stamina');
+  }
+
+  const body = { model };
+  if (model === 'paid') {
+    const price = parseInt(options.price, 10);
+    if (!price || price < 50) throw new Error('paid requires --price <jpy> (>= 50)');
+    body.price_jpy = price;
+  } else if (model === 'stamina') {
+    const max = parseInt(options.max, 10);
+    const regen = parseInt(options.regen, 10);
+    if (!max || max < 1) throw new Error('stamina requires --max <n> (>= 1)');
+    if (!regen || regen < 1) throw new Error('stamina requires --regen <minutes> (>= 1)');
+    body.stamina_max = max;
+    body.stamina_regen_minutes = regen;
+    body.stamina_refill_price_jpy = options.refill ? parseInt(options.refill, 10) : 0;
+    if (options.buyout) body.price_jpy = parseInt(options.buyout, 10);
+  }
+
+  return apiRequest(`/developer/games/${gameId}/pricing`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body),
+  });
+}
+
+export async function pricingCommand(gameId, options) {
+  try {
+    const res = await applyPricing(gameId, options);
+    console.log(`Pricing set: ${gameId} -> ${res.pricing}`);
+    if (options.model === 'paid') console.log(`  Buyout: ¥${options.price}`);
+    if (options.model === 'stamina') {
+      console.log(`  Stamina: max ${options.max}, +1 every ${options.regen} min`);
+      if (options.refill) console.log(`  Refill: ¥${options.refill} per stamina`);
+      if (options.buyout) console.log(`  Buyout (remove limit): ¥${options.buyout}`);
+    }
+  } catch (err) {
+    console.error('Pricing failed:', err.message);
+    process.exit(1);
+  }
+}

package/src/commands/promote.js

@@ -0,0 +1,43 @@
+import { config } from '../config.js';
+import { getValidToken } from '../auth.js';
+import { printReleaseChecklist } from '../checklist.js';
+
+// Publish the staged version (staging_version -> current_version).
+// Gated by --confirmed: without it, print the pre-release checklist and stop.
+export async function promoteCommand(gameId, options) {
+  // Gate first, before any token/network work, so the refusal path stays sync-clean.
+  if (!options.confirmed) {
+    printReleaseChecklist(`gameplatform promote ${gameId} --confirmed`);
+    process.exit(1);
+  }
+
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  console.log(`Promoting staged version of ${gameId} to public...`);
+
+  const res = await fetch(
+    `${config.API_BASE}/developer/games/${encodeURIComponent(gameId)}/promote`,
+    {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${token}`,
+      },
+      body: '{}',
+    }
+  );
+
+  const data = await res.json();
+  if (!res.ok) {
+    console.error('Promote failed:', data.error?.message || 'Unknown error');
+    process.exit(1);
+  }
+
+  console.log('Published!');
+  console.log(`  Game: ${data.game_id}`);
+  console.log(`  Now public: v${data.version || data.current_version}`);
+}

package/src/commands/screenshot.js

@@ -0,0 +1,61 @@
+import { readFileSync, statSync } from 'fs';
+import { resolve, extname } from 'path';
+import { config } from '../config.js';
+import { getValidToken } from '../auth.js';
+
+// Upload one screenshot to a game's gallery (run multiple times for multiple shots).
+export async function screenshotCommand(gameId, imagePath) {
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  if (!gameId || !imagePath) {
+    console.error('Usage: gameplatform screenshot <game-id> <image-path>');
+    process.exit(1);
+  }
+
+  const filePath = resolve(imagePath);
+  let stat;
+  try {
+    stat = statSync(filePath);
+  } catch {
+    console.error(`File not found: ${filePath}`);
+    process.exit(1);
+  }
+
+  if (stat.size > 4 * 1024 * 1024) {
+    console.error('Screenshot must be under 4MB');
+    process.exit(1);
+  }
+
+  const ext = extname(filePath).toLowerCase();
+  const mimeMap = { '.png': 'image/png', '.jpg': 'image/jpeg', '.jpeg': 'image/jpeg', '.webp': 'image/webp' };
+  const contentType = mimeMap[ext];
+  if (!contentType) {
+    console.error('Supported formats: .png, .jpg, .jpeg, .webp');
+    process.exit(1);
+  }
+
+  const fileBuffer = readFileSync(filePath);
+  console.log(`Uploading screenshot for ${gameId}...`);
+
+  const res = await fetch(`${config.API_BASE}/developer/games/${encodeURIComponent(gameId)}/screenshots`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': contentType,
+      'Authorization': `Bearer ${token}`,
+    },
+    body: fileBuffer,
+  });
+
+  const data = await res.json();
+  if (!res.ok) {
+    console.error('Upload failed:', data.error?.message || 'Unknown error');
+    process.exit(1);
+  }
+
+  console.log(`Screenshot uploaded! (${data.screenshots.length} total)`);
+  data.screenshots.forEach((s, i) => console.log(`  ${i + 1}. ${s}`));
+}

package/src/commands/status.js

@@ -0,0 +1,22 @@
+import { apiRequest } from '../api.js';
+
+export async function statusCommand() {
+  const { submissions } = await apiRequest('/submissions/mine');
+
+  if (!submissions || submissions.length === 0) {
+    console.log('No submissions found.');
+    return;
+  }
+
+  console.log(`\n  ${'TITLE'.padEnd(25)} ${'VERSION'.padEnd(10)} ${'STATUS'.padEnd(12)} ${'DATE'.padEnd(12)} NOTES`);
+  console.log('  ' + '-'.repeat(80));
+
+  for (const s of submissions) {
+    const date = new Date(s.created_at).toLocaleDateString();
+    const notes = s.rejection_reason || (s.game_id ? `game:${s.game_id}` : '');
+    console.log(
+      `  ${(s.title || '').padEnd(25)} ${('v' + (s.version || '?')).padEnd(10)} ${(s.status || '').toUpperCase().padEnd(12)} ${date.padEnd(12)} ${notes}`
+    );
+  }
+  console.log();
+}

package/src/commands/thumbnail.js

@@ -0,0 +1,60 @@
+import { readFileSync, statSync } from 'fs';
+import { resolve, extname } from 'path';
+import { config } from '../config.js';
+import { getValidToken } from '../auth.js';
+
+export async function thumbnailCommand(gameId, imagePath) {
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  if (!gameId || !imagePath) {
+    console.error('Usage: gameplatform thumbnail <game-id> <image-path>');
+    process.exit(1);
+  }
+
+  const filePath = resolve(imagePath);
+  let stat;
+  try {
+    stat = statSync(filePath);
+  } catch {
+    console.error(`File not found: ${filePath}`);
+    process.exit(1);
+  }
+
+  if (stat.size > 2 * 1024 * 1024) {
+    console.error('Image must be under 2MB');
+    process.exit(1);
+  }
+
+  const ext = extname(filePath).toLowerCase();
+  const mimeMap = { '.png': 'image/png', '.jpg': 'image/jpeg', '.jpeg': 'image/jpeg', '.webp': 'image/webp' };
+  const contentType = mimeMap[ext];
+  if (!contentType) {
+    console.error('Supported formats: .png, .jpg, .jpeg, .webp');
+    process.exit(1);
+  }
+
+  const fileBuffer = readFileSync(filePath);
+  console.log(`Uploading thumbnail for ${gameId}...`);
+
+  const res = await fetch(`${config.API_BASE}/developer/games/${encodeURIComponent(gameId)}/thumbnail`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': contentType,
+      'Authorization': `Bearer ${token}`,
+    },
+    body: fileBuffer,
+  });
+
+  const data = await res.json();
+  if (!res.ok) {
+    console.error('Upload failed:', data.error?.message || 'Unknown error');
+    process.exit(1);
+  }
+
+  console.log('Thumbnail uploaded!');
+  console.log(`  URL: ${data.thumbnail_url}`);
+}

package/src/commands/update.js

@@ -0,0 +1,71 @@
+import { readFileSync, statSync } from 'fs';
+import { resolve } from 'path';
+import { config } from '../config.js';
+import { getValidToken } from '../auth.js';
+import { printReleaseChecklist } from '../checklist.js';
+
+export async function updateCommand(gameId, zipPath, options) {
+  if (!options.ver) {
+    console.error('--ver is required (e.g. --ver 1.1.0)');
+    process.exit(1);
+  }
+
+  // Direct publish (no --stage) goes live immediately, so require an explicit
+  // pre-release confirmation. Refuse-then-confirm keeps this non-interactive
+  // (works for humans and AI agents). --stage is safe (creator-only) → no gate.
+  // Gate first, before any token/network work, so the refusal path stays sync-clean.
+  if (!options.stage && !options.confirmed) {
+    printReleaseChecklist(`gameplatform update ${gameId} ${zipPath} --ver ${options.ver} --confirmed`);
+    console.error('（公開せず検証版だけ上げるなら --stage を使ってください）');
+    process.exit(1);
+  }
+
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  const filePath = resolve(zipPath);
+  let stat;
+  try {
+    stat = statSync(filePath);
+  } catch {
+    console.error(`File not found: ${filePath}`);
+    process.exit(1);
+  }
+
+  if (stat.size > 50 * 1024 * 1024) {
+    console.error('ZIP file exceeds 50MB limit');
+    process.exit(1);
+  }
+
+  const fileBuffer = readFileSync(filePath);
+  const sizeMB = (stat.size / 1024 / 1024).toFixed(1);
+  const stageQS = options.stage ? '&stage=true' : '';
+  console.log(`${options.stage ? 'Staging (creator-only preview)' : 'Updating'} ${gameId} to v${options.ver} (${sizeMB}MB)...`);
+
+  const res = await fetch(
+    `${config.API_BASE}/developer/games/${encodeURIComponent(gameId)}/update?version=${encodeURIComponent(options.ver)}${stageQS}`,
+    {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/zip',
+        'Authorization': `Bearer ${token}`,
+      },
+      body: fileBuffer,
+    }
+  );
+
+  const data = await res.json();
+  if (!res.ok) {
+    console.error('Update failed:', data.error?.message || 'Unknown error');
+    process.exit(1);
+  }
+
+  console.log(data.staged ? 'Staged! (creator-only preview — public still on the current version)' : 'Updated!');
+  console.log(`  Game: ${data.game_id}`);
+  console.log(`  Version: ${data.version}`);
+  console.log(`  Files: ${data.files}`);
+  if (data.staged) console.log('  Promote it from the developer dashboard when ready.');
+}

package/src/commands/video.js

@@ -0,0 +1,61 @@
+import { readFileSync, statSync } from 'fs';
+import { resolve, extname } from 'path';
+import { config } from '../config.js';
+import { getValidToken } from '../auth.js';
+
+// Upload a short preview video (mp4/webm, max 20MB) for a game's detail page.
+export async function videoCommand(gameId, videoPath) {
+  const token = await getValidToken();
+  if (!token) {
+    console.error('Not logged in. Run: gameplatform login');
+    process.exit(1);
+  }
+
+  if (!gameId || !videoPath) {
+    console.error('Usage: gameplatform video <game-id> <video-path>');
+    process.exit(1);
+  }
+
+  const filePath = resolve(videoPath);
+  let stat;
+  try {
+    stat = statSync(filePath);
+  } catch {
+    console.error(`File not found: ${filePath}`);
+    process.exit(1);
+  }
+
+  if (stat.size > 20 * 1024 * 1024) {
+    console.error('Video must be under 20MB (use a short, compressed clip)');
+    process.exit(1);
+  }
+
+  const ext = extname(filePath).toLowerCase();
+  const mimeMap = { '.mp4': 'video/mp4', '.webm': 'video/webm' };
+  const contentType = mimeMap[ext];
+  if (!contentType) {
+    console.error('Supported formats: .mp4, .webm');
+    process.exit(1);
+  }
+
+  const fileBuffer = readFileSync(filePath);
+  console.log(`Uploading preview video for ${gameId}...`);
+
+  const res = await fetch(`${config.API_BASE}/developer/games/${encodeURIComponent(gameId)}/video`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': contentType,
+      'Authorization': `Bearer ${token}`,
+    },
+    body: fileBuffer,
+  });
+
+  const data = await res.json();
+  if (!res.ok) {
+    console.error('Upload failed:', data.error?.message || 'Unknown error');
+    process.exit(1);
+  }
+
+  console.log('Preview video uploaded!');
+  console.log(`  URL: ${data.video_url}`);
+}

package/src/config.js

@@ -0,0 +1,9 @@
+export const config = {
+  API_BASE: 'https://api-gateway.ailovedirector.workers.dev',
+  SUPABASE_URL: 'https://rsjmtctxnmazzhnzfvwz.supabase.co',
+  SUPABASE_ANON_KEY: 'sb_publishable_Vn4pzBqLOPKxsvfm6GCA2g_iRoVkL-b',
+  PLATFORM_URL: 'https://game-platform-3eg.pages.dev',
+  // Must match submissions.ts / platform config CREATOR_TERMS_VERSION. Bump in
+  // all three when the creator agreement text changes (forces re-consent).
+  CREATOR_TERMS_VERSION: '2026-06-17',
+};