gitarsenal-cli 1.8.3 → 1.8.5

package/python/gitarsenal.py

@@ -22,6 +22,13 @@ except ImportError:
 except Exception as e:
     print(f"⚠️ Warning: Error setting up Modal token: {e}")
 
+# Import authentication manager
+try:
+    from auth_manager import AuthManager
+except ImportError:
+    print("⚠️ Warning: auth_manager module not found. Authentication will be disabled.")
+    AuthManager = None
+
 def check_modal_auth():
     """Check if Modal is authenticated and set up the built-in token if needed"""
     try:
@@ -112,11 +119,176 @@ def check_proxy_config():
         print(f"⚠️ Error checking proxy configuration: {e}")
         return False
 
+def _check_authentication(auth_manager):
+    """Check if user is authenticated, prompt for login if not"""
+    if auth_manager.is_authenticated():
+        user = auth_manager.get_current_user()
+        print(f"✅ Authenticated as: {user['username']}")
+        return True
+    
+    print("\n🔐 Authentication required")
+    return auth_manager.interactive_auth_flow()
+
+def _handle_auth_commands(auth_manager, args):
+    """Handle authentication-related commands"""
+    import getpass
+    
+    if args.login:
+        print("\n🔐 LOGIN")
+        username = input("Username: ").strip()
+        password = getpass.getpass("Password: ").strip()
+        if auth_manager.login_user(username, password):
+            print("✅ Login successful!")
+        else:
+            print("❌ Login failed.")
+    
+    elif args.register:
+        print("\n🔐 REGISTRATION")
+        username = input("Username (min 3 characters): ").strip()
+        email = input("Email: ").strip()
+        password = getpass.getpass("Password (min 8 characters): ").strip()
+        confirm_password = getpass.getpass("Confirm password: ").strip()
+        
+        if password != confirm_password:
+            print("❌ Passwords do not match.")
+            return
+        
+        if auth_manager.register_user(username, email, password):
+            print("✅ Registration successful!")
+            # Auto-login after registration
+            if auth_manager.login_user(username, password):
+                print("✅ Auto-login successful!")
+        else:
+            print("❌ Registration failed.")
+    
+    elif args.logout:
+        auth_manager.logout_user()
+    
+    elif args.user_info:
+        auth_manager.show_user_info()
+    
+    elif args.change_password:
+        if not auth_manager.is_authenticated():
+            print("❌ Not logged in. Please login first.")
+            return
+        
+        current_password = getpass.getpass("Current password: ").strip()
+        new_password = getpass.getpass("New password (min 8 characters): ").strip()
+        confirm_password = getpass.getpass("Confirm new password: ").strip()
+        
+        if new_password != confirm_password:
+            print("❌ New passwords do not match.")
+            return
+        
+        if auth_manager.change_password(current_password, new_password):
+            print("✅ Password changed successfully!")
+        else:
+            print("❌ Failed to change password.")
+    
+    elif args.delete_account:
+        if not auth_manager.is_authenticated():
+            print("❌ Not logged in. Please login first.")
+            return
+        
+        password = getpass.getpass("Enter your password to confirm deletion: ").strip()
+        if auth_manager.delete_account(password):
+            print("✅ Account deleted successfully!")
+        else:
+            print("❌ Failed to delete account.")
+    
+    elif args.store_api_key:
+        if not auth_manager.is_authenticated():
+            print("❌ Not logged in. Please login first.")
+            return
+        
+        service = args.store_api_key
+        api_key = getpass.getpass(f"Enter {service} API key: ").strip()
+        
+        if auth_manager.store_api_key(service, api_key):
+            print(f"✅ {service} API key stored successfully!")
+        else:
+            print(f"❌ Failed to store {service} API key.")
+    
+    elif args.auth:
+        # Interactive authentication management
+        while True:
+            print("\n" + "="*60)
+            print("🔐 AUTHENTICATION MANAGEMENT")
+            print("="*60)
+            print("1. Login")
+            print("2. Register")
+            print("3. Show user info")
+            print("4. Change password")
+            print("5. Store API key")
+            print("6. Delete account")
+            print("7. Logout")
+            print("8. Exit")
+            
+            choice = input("\nSelect an option (1-8): ").strip()
+            
+            if choice == "1":
+                username = input("Username: ").strip()
+                password = getpass.getpass("Password: ").strip()
+                auth_manager.login_user(username, password)
+            elif choice == "2":
+                username = input("Username (min 3 characters): ").strip()
+                email = input("Email: ").strip()
+                password = getpass.getpass("Password (min 8 characters): ").strip()
+                confirm_password = getpass.getpass("Confirm password: ").strip()
+                if password == confirm_password:
+                    auth_manager.register_user(username, email, password)
+                else:
+                    print("❌ Passwords do not match.")
+            elif choice == "3":
+                auth_manager.show_user_info()
+            elif choice == "4":
+                if auth_manager.is_authenticated():
+                    current_password = getpass.getpass("Current password: ").strip()
+                    new_password = getpass.getpass("New password (min 8 characters): ").strip()
+                    confirm_password = getpass.getpass("Confirm new password: ").strip()
+                    if new_password == confirm_password:
+                        auth_manager.change_password(current_password, new_password)
+                    else:
+                        print("❌ New passwords do not match.")
+                else:
+                    print("❌ Not logged in.")
+            elif choice == "5":
+                if auth_manager.is_authenticated():
+                    service = input("Service name (e.g., openai, modal): ").strip()
+                    api_key = getpass.getpass(f"Enter {service} API key: ").strip()
+                    auth_manager.store_api_key(service, api_key)
+                else:
+                    print("❌ Not logged in.")
+            elif choice == "6":
+                if auth_manager.is_authenticated():
+                    password = getpass.getpass("Enter your password to confirm deletion: ").strip()
+                    auth_manager.delete_account(password)
+                else:
+                    print("❌ Not logged in.")
+            elif choice == "7":
+                auth_manager.logout_user()
+            elif choice == "8":
+                print("👋 Goodbye!")
+                break
+            else:
+                print("❌ Invalid option. Please try again.")
+
 def main():
     """Main entry point for the GitArsenal CLI"""
     parser = argparse.ArgumentParser(description="GitArsenal CLI - Tools for AI development")
     subparsers = parser.add_subparsers(dest="command", help="Command to run")
     
+    # Authentication arguments (global)
+    parser.add_argument('--skip-auth', action='store_true', help='Skip authentication check (for development)')
+    parser.add_argument('--login', action='store_true', help='Login to GitArsenal')
+    parser.add_argument('--register', action='store_true', help='Register new account')
+    parser.add_argument('--logout', action='store_true', help='Logout from GitArsenal')
+    parser.add_argument('--user-info', action='store_true', help='Show current user information')
+    parser.add_argument('--change-password', action='store_true', help='Change password')
+    parser.add_argument('--delete-account', action='store_true', help='Delete account')
+    parser.add_argument('--store-api-key', type=str, help='Store API key for a service (e.g., openai, modal)')
+    parser.add_argument('--auth', action='store_true', help='Manage authentication (login, register, logout)')
+    
     # SSH command
     ssh_parser = subparsers.add_parser("ssh", help="Create a Modal SSH container")
     ssh_parser.add_argument("--gpu", type=str, default="A10G", help="GPU type (default: A10G)")
@@ -159,6 +331,22 @@ def main():
     # Parse arguments
     args = parser.parse_args()
     
+    # Handle authentication commands first
+    if AuthManager and (args.login or args.register or args.logout or args.user_info or 
+                       args.change_password or args.delete_account or args.store_api_key or args.auth):
+        auth_manager = AuthManager()
+        _handle_auth_commands(auth_manager, args)
+        return
+    
+    # Check authentication for main commands (unless skipped)
+    if AuthManager and not args.skip_auth and args.command:
+        auth_manager = AuthManager()
+        if not _check_authentication(auth_manager):
+            print("\n❌ Authentication required. Please login or register first.")
+            print("Use --login to login or --register to create an account.")
+            print("Use --skip-auth to bypass authentication for development.")
+            return
+    
     if args.command == "ssh":
         if args.use_proxy:
             # Use proxy service for SSH container

package/python/gitarsenal_keys.py

@@ -14,7 +14,7 @@ from credentials_manager import CredentialsManager
 def main():
     parser = argparse.ArgumentParser(description='GitArsenal Keys Management')
     parser.add_argument('command', choices=['add', 'list', 'view', 'delete'], help='Command to execute')
-    parser.add_argument('--service', help='Service name (openai, wandb, huggingface)')
+    parser.add_argument('--service', help='Service name (openai_api_key, WANDB_API_KEY, HUGGINGFACE_TOKEN, modal_token)')
     parser.add_argument('--key', help='API key (for add command)')
     
     args = parser.parse_args()
@@ -38,23 +38,30 @@ def handle_add(credentials_manager, args):
     
     if not service:
         print("❌ Service name is required. Use --service option.")
+        print("💡 Available service names:")
+        print("   openai_api_key")
+        print("   WANDB_API_KEY")
+        print("   HUGGINGFACE_TOKEN")
+        print("   modal_token")
+        print("   gitarsenal_openai_api_key")
+        print("\n💡 Example: gitarsenal keys add --service openai_api_key")
         sys.exit(1)
     
     if not key:
         # Prompt for the API key interactively
-        print(f"\n🔑 {service.upper()} API KEY REQUIRED")
+        print(f"\n🔑 {service.upper()} REQUIRED")
         print("=" * 50)
         
         # Get appropriate prompt based on service
         prompts = {
-            'openai': "Please enter your OpenAI API key:\nYou can get your API key from: https://platform.openai.com/api-keys",
-            'wandb': "Please enter your Weights & Biases API key:\nYou can get your API key from: https://wandb.ai/authorize",
-            'huggingface': "Please enter your Hugging Face token:\nYou can get your token from: https://huggingface.co/settings/tokens",
-            'gitarsenal-openai': "Please enter GitArsenal's OpenAI API key for debugging:",
-            'claude': "Please enter your Claude API key:\nYou can get your API key from: https://console.anthropic.com/"
+            'openai_api_key': "Please enter your OpenAI API key:\nYou can get your API key from: https://platform.openai.com/api-keys",
+            'WANDB_API_KEY': "Please enter your Weights & Biases API key:\nYou can get your API key from: https://wandb.ai/authorize",
+            'HUGGINGFACE_TOKEN': "Please enter your Hugging Face token:\nYou can get your token from: https://huggingface.co/settings/tokens",
+            'gitarsenal_openai_api_key': "Please enter GitArsenal's OpenAI API key for debugging:",
+            'modal_token': "Please enter your Modal token:\nYou can get your token from: https://modal.com/account/tokens"
         }
         
-        prompt = prompts.get(service, f"Please enter your {service} API key:")
+        prompt = prompts.get(service, f"Please enter your {service}:")
         print(prompt)
         print("-" * 50)
         
@@ -72,20 +79,8 @@ def handle_add(credentials_manager, args):
             print(f"❌ Error getting API key: {e}")
             sys.exit(1)
     
-    # Generate credential key from service name
-    # Convert service name to a standardized key format
-    credential_key = f"{service.replace('-', '_')}_api_key"
-    
-    # Special mappings for backward compatibility
-    special_mappings = {
-        'openai': 'openai_api_key',
-        'wandb': 'wandb_api_key', 
-        'huggingface': 'huggingface_token',
-        'gitarsenal-openai': 'gitarsenal_openai_api_key'
-    }
-    
-    # Use special mapping if it exists, otherwise use generated key
-    credential_key = special_mappings.get(service, credential_key)
+    # Use the service name directly as the credential key
+    credential_key = service
     
     # Save the credential
     credentials = credentials_manager.load_credentials()
@@ -113,10 +108,11 @@ def handle_list(credentials_manager):
     # Map credential keys to display names (for known services)
     key_mapping = {
         'openai_api_key': 'OpenAI',
-        'wandb_api_key': 'Weights & Biases',
-        'huggingface_token': 'Hugging Face',
+        'WANDB_API_KEY': 'Weights & Biases',
+        'HUGGINGFACE_TOKEN': 'Hugging Face',
         'gitarsenal_openai_api_key': 'GitArsenal OpenAI',
-        'claude_api_key': 'Claude'
+        'claude_api_key': 'Claude',
+        'modal_token': 'Modal'
     }
     
     for key, value in credentials.items():
@@ -124,14 +120,16 @@ def handle_list(credentials_manager):
         if key in key_mapping:
             display_name = key_mapping[key]
         else:
-            # Convert key back to service name for display
-            service_name = key.replace('_api_key', '').replace('_token', '').replace('_', '-')
-            display_name = service_name.title()
+            # Use the key name directly for unknown services
+            display_name = key
         
         masked_value = value[:8] + "*" * (len(value) - 12) + value[-4:] if len(value) > 12 else "*" * len(value)
         print(f"  {display_name}: {masked_value}")
     
     print(f"\n📁 Storage location: {credentials_manager.credentials_file}")
+    print("\n💡 To delete a key, use the exact service name:")
+    for key in credentials.keys():
+        print(f"   gitarsenal keys delete --service {key}")
 
 def handle_view(credentials_manager, args):
     """Handle viewing a specific API key (masked)"""
@@ -139,31 +137,26 @@ def handle_view(credentials_manager, args):
     
     if not service:
         print("❌ Service name is required. Use --service option.")
+        print("💡 Available service names:")
+        print("   openai_api_key")
+        print("   WANDB_API_KEY")
+        print("   HUGGINGFACE_TOKEN")
+        print("   modal_token")
         sys.exit(1)
     
-    # Generate credential key from service name
-    credential_key = f"{service.replace('-', '_')}_api_key"
-    
-    # Special mappings for backward compatibility
-    special_mappings = {
-        'openai': 'openai_api_key',
-        'wandb': 'wandb_api_key',
-        'huggingface': 'huggingface_token',
-        'gitarsenal-openai': 'gitarsenal_openai_api_key'
-    }
-    
-    # Use special mapping if it exists, otherwise use generated key
-    credential_key = special_mappings.get(service, credential_key)
+    # Use the service name directly as the credential key
+    credential_key = service
     credentials = credentials_manager.load_credentials()
     
     if credential_key not in credentials:
         print(f"❌ No API key found for {service}")
+        print(f"💡 Available keys: {list(credentials.keys())}")
         sys.exit(1)
     
     value = credentials[credential_key]
     masked_value = value[:8] + "*" * (len(value) - 12) + value[-4:] if len(value) > 12 else "*" * len(value)
     
-    print(f"🔑 {service.upper()} API Key:")
+    print(f"🔑 {service}:")
     print(f"  {masked_value}")
     print(f"📁 Stored in: {credentials_manager.credentials_file}")
 
@@ -173,27 +166,22 @@ def handle_delete(credentials_manager, args):
     
     if not service:
         print("❌ Service name is required. Use --service option.")
+        print("💡 Available service names:")
+        print("   openai_api_key")
+        print("   WANDB_API_KEY")
+        print("   HUGGINGFACE_TOKEN")
+        print("   modal_token")
         sys.exit(1)
     
-    # Generate credential key from service name
-    credential_key = f"{service.replace('-', '_')}_api_key"
-    
-    # Special mappings for backward compatibility
-    special_mappings = {
-        'openai': 'openai_api_key',
-        'wandb': 'wandb_api_key',
-        'huggingface': 'huggingface_token',
-        'gitarsenal-openai': 'gitarsenal_openai_api_key'
-    }
-    
-    # Use special mapping if it exists, otherwise use generated key
-    credential_key = special_mappings.get(service, credential_key)
+    # Use the service name directly as the credential key
+    credential_key = service
     success = credentials_manager.clear_credential(credential_key)
     
     if success:
         print(f"✅ API key for {service} deleted successfully")
     else:
         print(f"❌ No API key found for {service}")
+        print("💡 Use 'gitarsenal keys list' to see available keys")
 
 if __name__ == "__main__":
     main()