kahunas-cli 1.0.6 → 1.2.0

package/README.md

@@ -13,18 +13,12 @@ pnpm install
 pnpm build
 ```
 
-2) Log in once (opens a browser):
+2) Fetch data (browser login runs automatically on first run, headless by default):
 
 ```bash
-pnpm kahunas -- auth login
-```
-
-3) Fetch data:
-
-```bash
-pnpm kahunas -- checkins list
-pnpm kahunas -- workout list
-pnpm kahunas -- workout pick
+pnpm kahunas checkins list
+pnpm kahunas workout list
+pnpm kahunas workout pick
 ```
 
 You can also run without installing globally:
@@ -36,19 +30,6 @@ npx kahunas-cli workout events
 
 ## Commands
 
-### Auth
-
-- `kahunas auth login`
-  - Opens a browser, lets you log in, and saves the `auth-user-token`.
-- `kahunas auth status`
-  - Checks whether the stored token is valid.
-- `kahunas auth show`
-  - Prints the stored token.
-
-Tokens are saved to:
-
-- `~/.config/kahunas/config.json`
-
 ### Check-ins
 
 - `kahunas checkins list`
@@ -74,88 +55,86 @@ Tokens are saved to:
 If the API list is missing a program you see in the web UI, run:
 
 ```bash
-pnpm kahunas -- workout sync
+pnpm kahunas sync
 ```
 
-This opens a browser, you log in, then navigate to your workouts page. After you press Enter, the CLI captures the workout list from network responses and writes a cache:
+Or:
+
+```bash
+pnpm kahunas workout sync
+```
+
+This runs a browser session (headless by default). You log in, then navigate to your workouts page. After you press Enter, the CLI captures the workout list from network responses and writes a cache:
 
 - `~/.config/kahunas/workouts.json`
 
 `workout list`, `workout pick`, and `workout latest` automatically merge the API list with this cache.
 Raw output (`--raw`) prints the API response only.
 
-### Workout events (dates)
-
-To see when workouts happened, the calendar endpoint returns log events with timestamps. By default each event is summarized into a human-friendly structure (total volume sets, exercises, supersets). Use `--full` to return the full program payload (best effort; falls back to cached summary if needed).
+If you add `~/.config/kahunas/auth.json`, the browser flow will attempt an automatic login and open your workouts page before capturing. Example:
 
-```bash
-pnpm kahunas -- workout events --user <user-uuid>
+```json
+{
+  "email": "you@example.com",
+  "password": "your-password"
+}
 ```
 
-Or via pnpm:
+Keep this file private; it contains credentials.
 
-```bash
-pnpm kahunas -- workout events
-```
+Optional fields:
+
+- `username` (use instead of `email`)
+- `loginPath` (default: `/dashboard`)
 
-Default timezone is `Europe/London`. Override with `--timezone`.
+If auto-capture does not find workouts, the CLI falls back to the manual prompt.
+
+### Workout events (dates)
 
-You can filter by program or workout UUID:
+To see when workouts happened, the calendar endpoint returns log events with timestamps. The CLI returns the latest event summarized into a human-friendly structure (total volume sets, exercises, supersets). Use `--full` to return the full program payload (best effort; falls back to cached summary if needed).
 
 ```bash
-pnpm kahunas -- workout events --program <program-uuid>
-pnpm kahunas -- workout events --workout <workout-uuid>
+pnpm kahunas workout events
 ```
 
-Use `--minimal` to return the raw event objects without program enrichment. Use `--full` to return the full enriched output. Use `--latest` for only the most recent event, or `--limit N` for the most recent N events. Use `--debug-preview` to log where preview HTML was discovered (stderr only).
+Use `--minimal` to return the raw event objects without program enrichment. Use `--full` for full enriched output. Use `--debug-preview` to log where preview HTML was discovered (stderr only).
 
-If the user UUID is missing, `workout events` will attempt to discover it from check-ins and save it. You can also set it directly:
-
-- `KAHUNAS_USER_UUID=...`
-- `--user <uuid>`
+If the user UUID is missing, `workout events` will attempt to discover it from check-ins and save it.
 
 ### Workout preview server
 
 Run a local dev server to preview workouts in a browser:
 
 ```bash
-pnpm kahunas -- workout serve
+pnpm kahunas serve
 ```
 
-The HTML page is available at `http://127.0.0.1:3000` and the JSON endpoint is at `http://127.0.0.1:3000/api/workout`.
-The JSON response matches the CLI output for `workout events --latest`, so there is only one data shape to maintain.
-
-Options:
+Or:
 
 ```bash
-pnpm kahunas -- workout serve --program <program-uuid>
-pnpm kahunas -- workout serve --workout <workout-uuid>
-pnpm kahunas -- workout serve --limit 3
+pnpm kahunas workout serve
 ```
 
+The HTML page is available at `http://127.0.0.1:3000` and the JSON endpoint is at `http://127.0.0.1:3000/api/workout`.
+The JSON response matches the CLI output for `workout events`, so there is only one data shape to maintain.
+
 Use `?day=<index>` to switch the selected workout day tab in the browser.
 
 ## Auto-login
 
-Most commands auto-login by default if a token is missing or expired. To disable:
+Most commands auto-login if a token is missing or expired. This runs a browser session and saves session details in `~/.config/kahunas/config.json` (headless by default). If `~/.config/kahunas/auth.json` is present, the login step is automated.
 
-```bash
-pnpm kahunas -- checkins list --no-auto-login
-```
+## Debug logging
 
-## Flags
+Set `debug` to `true` in `~/.config/kahunas/config.json` to enable extra logs on stderr (includes workout preview debug output).
 
-- `--raw` prints raw API responses (no formatting).
-- `--headless` runs Playwright without a visible browser window.
+## Headless mode
+
+Set `headless` to `false` in `~/.config/kahunas/config.json` to show the Playwright browser. Defaults to `true`.
 
-## Environment variables
+## Flags
 
-- `KAHUNAS_TOKEN`
-- `KAHUNAS_CSRF`
-- `KAHUNAS_CSRF_COOKIE`
-- `KAHUNAS_COOKIE`
-- `KAHUNAS_WEB_BASE_URL`
-- `KAHUNAS_USER_UUID`
+- `--raw` prints raw API responses (no formatting).
 
 ## Playwright
 
@@ -184,5 +163,4 @@ pnpm publish
 ## Notes
 
 - This CLI uses the same APIs the web app uses; tokens can expire quickly.
-- `auth login` is the most reliable way to refresh the token.
-- `workout events` relies on session cookies captured during `auth login`.
+- Re-run any command (or `workout sync`) to refresh login when needed.

package/dist/cli.js

@@ -68,17 +68,13 @@ function isFlagEnabled(options, name) {
 	const value = options[name];
 	return value === "true" || value === "1" || value === "yes";
 }
-function shouldAutoLogin(options, defaultValue) {
-	if (isFlagEnabled(options, "auto-login")) return true;
-	if (isFlagEnabled(options, "no-auto-login")) return false;
-	return defaultValue;
-}
 
 //#endregion
 //#region src/config.ts
 const DEFAULT_BASE_URL = "https://api.kahunas.io";
 const DEFAULT_WEB_BASE_URL = "https://kahunas.io";
 const CONFIG_PATH = node_path.join(node_os.homedir(), ".config", "kahunas", "config.json");
+const AUTH_PATH = node_path.join(node_os.homedir(), ".config", "kahunas", "auth.json");
 const WORKOUT_CACHE_PATH = node_path.join(node_os.homedir(), ".config", "kahunas", "workouts.json");
 function readConfig() {
 	if (!node_fs.existsSync(CONFIG_PATH)) return {};
@@ -89,6 +85,15 @@ function readConfig() {
 		throw new Error(`Invalid JSON in ${CONFIG_PATH}.`);
 	}
 }
+function readAuthConfig() {
+	if (!node_fs.existsSync(AUTH_PATH)) return;
+	const raw = node_fs.readFileSync(AUTH_PATH, "utf-8");
+	try {
+		return JSON.parse(raw);
+	} catch {
+		throw new Error(`Invalid JSON in ${AUTH_PATH}.`);
+	}
+}
 function writeConfig(config) {
 	const dir = node_path.dirname(CONFIG_PATH);
 	node_fs.mkdirSync(dir, { recursive: true });
@@ -113,26 +118,26 @@ function writeWorkoutCache(plans) {
 	node_fs.writeFileSync(WORKOUT_CACHE_PATH, `${JSON.stringify(cache, null, 2)}\n`, "utf-8");
 	return cache;
 }
-function resolveToken(options, config) {
-	return options.token ?? process.env.KAHUNAS_TOKEN ?? config.token;
+function resolveToken(_, config) {
+	return config.token;
 }
-function resolveCsrfToken(options, config) {
-	return options.csrf ?? process.env.KAHUNAS_CSRF ?? config.csrfToken;
+function resolveCsrfToken(_, config) {
+	return config.csrfToken;
 }
-function resolveCsrfCookie(options, config) {
-	return options["csrf-cookie"] ?? process.env.KAHUNAS_CSRF_COOKIE ?? config.csrfCookie;
+function resolveCsrfCookie(_, config) {
+	return config.csrfCookie;
 }
-function resolveAuthCookie(options, config) {
-	return options.cookie ?? process.env.KAHUNAS_COOKIE ?? config.authCookie;
+function resolveAuthCookie(_, config) {
+	return config.authCookie;
 }
-function resolveUserUuid(options, config) {
-	return options.user ?? process.env.KAHUNAS_USER_UUID ?? config.userUuid;
+function resolveUserUuid(_, config) {
+	return config.userUuid;
 }
 function resolveBaseUrl(options, config) {
-	return options["base-url"] ?? config.baseUrl ?? DEFAULT_BASE_URL;
+	return config.baseUrl ?? DEFAULT_BASE_URL;
 }
 function resolveWebBaseUrl(options, config) {
-	return options["web-base-url"] ?? process.env.KAHUNAS_WEB_BASE_URL ?? config.webBaseUrl ?? DEFAULT_WEB_BASE_URL;
+	return config.webBaseUrl ?? DEFAULT_WEB_BASE_URL;
 }
 
 //#endregion
@@ -172,6 +177,29 @@ function isLikelyLoginHtml(text) {
 	if (!trimmed.startsWith("<")) return false;
 	return trimmed.includes("login to your account") || trimmed.includes("welcome back") || trimmed.includes("<title>kahunas");
 }
+function extractJwtExpiry(token) {
+	const parts = token.split(".");
+	if (parts.length < 2) return;
+	const payload = decodeBase64Url(parts[1]);
+	if (!payload) return;
+	try {
+		const data = JSON.parse(payload);
+		if (typeof data.exp !== "number" || !Number.isFinite(data.exp)) return;
+		return (/* @__PURE__ */ new Date(data.exp * 1e3)).toISOString();
+	} catch {
+		return;
+	}
+}
+function decodeBase64Url(value) {
+	const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
+	const padding = normalized.length % 4;
+	const padded = padding === 0 ? normalized : normalized + "=".repeat(4 - padding);
+	try {
+		return Buffer.from(padded, "base64").toString("utf-8");
+	} catch {
+		return;
+	}
+}
 
 //#endregion
 //#region src/http.ts
@@ -249,6 +277,20 @@ async function fetchAuthToken(csrfToken, cookieHeader, webBaseUrl) {
 	};
 }
 
+//#endregion
+//#region src/output.ts
+function printResponse(response, rawOutput) {
+	if (rawOutput) {
+		console.log(response.text);
+		return;
+	}
+	if (response.json !== void 0) {
+		console.log(JSON.stringify(response.json, null, 2));
+		return;
+	}
+	console.log(response.text);
+}
+
 //#endregion
 //#region src/responses.ts
 function isTokenExpiredResponse(payload) {
@@ -273,12 +315,6 @@ function extractUserUuidFromCheckins(payload) {
 
 //#endregion
 //#region src/utils.ts
-function parseNumber$1(value, fallback) {
-	if (!value) return fallback;
-	const parsed = Number.parseInt(value, 10);
-	if (Number.isNaN(parsed)) return fallback;
-	return parsed;
-}
 function askQuestion(prompt) {
 	return new Promise((resolve) => {
 		const rl = node_readline.createInterface({
@@ -294,6 +330,10 @@ function askQuestion(prompt) {
 function waitForEnter(prompt) {
 	return askQuestion(prompt).then(() => void 0);
 }
+function debugLog(enabled, message) {
+	if (!enabled) return;
+	console.error(`[debug] ${message}`);
+}
 
 //#endregion
 //#region src/workouts.ts
@@ -401,9 +441,178 @@ function buildWorkoutPlanIndex(plans) {
 
 //#endregion
 //#region src/auth.ts
+const LOGIN_SELECTORS = {
+	username: [
+		"input[name=\"email\"]",
+		"input[id=\"email\"]",
+		"input[type=\"email\"]",
+		"input[autocomplete=\"email\"]",
+		"input[autocomplete=\"username\"]",
+		"input[name=\"username\"]",
+		"input[id=\"username\"]",
+		"input[placeholder*=\"email\" i]",
+		"input[placeholder*=\"username\" i]",
+		"input[type=\"text\"]"
+	],
+	password: [
+		"input[name=\"password\"]",
+		"input[id=\"password\"]",
+		"input[type=\"password\"]",
+		"input[autocomplete=\"current-password\"]"
+	],
+	submit: [
+		"button[type=\"submit\"]",
+		"input[type=\"submit\"]",
+		"button:has-text(\"Log in\")",
+		"button:has-text(\"Login\")",
+		"button:has-text(\"Sign in\")",
+		"button:has-text(\"Continue\")"
+	]
+};
+const PASSWORD_SELECTOR = LOGIN_SELECTORS.password.join(", ");
+const WORKOUT_NAV_SELECTORS = [
+	"#client-workout_plan-view-button",
+	".select-client-action[data-action=\"workout_program\"]",
+	"[data-action=\"workout_program\"]"
+];
+const WORKOUT_NAV_QUERY_SELECTORS = [
+	"#client-workout_plan-view-button",
+	".select-client-action[data-action=\"workout_program\"]",
+	"[data-action=\"workout_program\"]",
+	"a.nav-link",
+	"button"
+];
+function normalizePath(pathname) {
+	if (pathname.startsWith("/")) return pathname;
+	return `/${pathname}`;
+}
+function resolveStoredAuth() {
+	const auth = readAuthConfig();
+	if (!auth) return;
+	const login = auth.username ?? auth.email;
+	if (!login || !auth.password) throw new Error(`Invalid auth.json at ${AUTH_PATH}. Expected \"username\" or \"email\" and \"password\".`);
+	return {
+		login,
+		password: auth.password,
+		loginPath: auth.loginPath
+	};
+}
+async function isSelectorVisible(page, selector) {
+	try {
+		return await page.isVisible(selector);
+	} catch {
+		return false;
+	}
+}
+async function findVisibleSelector(page, selectors) {
+	for (const selector of selectors) if (await isSelectorVisible(page, selector)) return selector;
+}
+async function waitForAnyVisibleSelector(page, selectors, timeoutMs) {
+	const combined = selectors.join(", ");
+	try {
+		await page.waitForSelector(combined, {
+			state: "visible",
+			timeout: timeoutMs
+		});
+		return true;
+	} catch {
+		return false;
+	}
+}
+async function waitForAnySelectorMatch(page, selectors, timeoutMs) {
+	const started = Date.now();
+	while (Date.now() - started < timeoutMs) {
+		for (const selector of selectors) if (await page.$(selector)) return true;
+		await page.waitForTimeout(300);
+	}
+	return false;
+}
+async function waitForPasswordFieldGone(page, timeoutMs) {
+	const started = Date.now();
+	while (Date.now() - started < timeoutMs) {
+		if (!await isSelectorVisible(page, PASSWORD_SELECTOR)) return true;
+		await page.waitForTimeout(500);
+	}
+	return false;
+}
+async function attemptAutoLogin(page, auth, debug) {
+	if (!await waitForAnyVisibleSelector(page, LOGIN_SELECTORS.password, 5e3)) {
+		debugLog(debug, "Login form not detected; skipping auto-login.");
+		return false;
+	}
+	const usernameSelector = await findVisibleSelector(page, LOGIN_SELECTORS.username);
+	const passwordSelector = await findVisibleSelector(page, LOGIN_SELECTORS.password);
+	if (!passwordSelector) return false;
+	if (usernameSelector) await page.fill(usernameSelector, auth.login);
+	await page.fill(passwordSelector, auth.password);
+	const submitSelector = await findVisibleSelector(page, LOGIN_SELECTORS.submit);
+	if (submitSelector) await page.click(submitSelector);
+	else await page.press(passwordSelector, "Enter");
+	await page.waitForTimeout(1500);
+	debugLog(debug, "Submitted login form.");
+	return true;
+}
+async function waitForPlans(plans, timeoutMs) {
+	const started = Date.now();
+	while (Date.now() - started < timeoutMs) {
+		if (plans.length > 0) return true;
+		await new Promise((resolve) => setTimeout(resolve, 250));
+	}
+	return plans.length > 0;
+}
+async function clickWorkoutNav(page, debug) {
+	for (const selector of WORKOUT_NAV_SELECTORS) {
+		const locator = page.locator(selector).first();
+		if (await locator.count() === 0) continue;
+		try {
+			await locator.scrollIntoViewIfNeeded();
+		} catch {}
+		try {
+			await locator.click({
+				timeout: 2e3,
+				force: true
+			});
+			debugLog(debug, `Clicked workout nav selector: ${selector}`);
+			return true;
+		} catch {}
+	}
+	try {
+		return await page.evaluate((selectors) => {
+			const resolveCandidates = (sel) => Array.from(document.querySelectorAll(sel)).filter((node) => node instanceof HTMLElement);
+			const candidates = selectors.flatMap(resolveCandidates);
+			const byAction = candidates.find((node) => node.dataset.action === "workout_program");
+			const byText = candidates.find((node) => /workout/i.test(node.textContent ?? ""));
+			const target = byAction ?? byText;
+			if (!target) return false;
+			target.dispatchEvent(new MouseEvent("click", {
+				bubbles: true,
+				cancelable: true,
+				view: window
+			}));
+			target.click();
+			return true;
+		}, WORKOUT_NAV_QUERY_SELECTORS);
+	} catch {
+		return false;
+	}
+}
+async function triggerWorkoutCapture(page, webOrigin, plans, debug) {
+	if (plans.length > 0) return true;
+	if (!await waitForAnySelectorMatch(page, WORKOUT_NAV_SELECTORS, 12e3)) {
+		debugLog(debug, "Workout nav not detected.");
+		return false;
+	}
+	if (!await clickWorkoutNav(page, debug)) debugLog(debug, "Workout nav click failed.");
+	await page.waitForTimeout(1e3);
+	await waitForPlans(plans, 8e3);
+	debugLog(debug, `Workout capture plans=${plans.length}`);
+	return plans.length > 0;
+}
 async function captureWorkoutsFromBrowser(options, config) {
 	const webBaseUrl = resolveWebBaseUrl(options, config);
-	const headless = isFlagEnabled(options, "headless");
+	const headless = config.headless ?? true;
+	const debug = config.debug === true;
+	const storedAuth = resolveStoredAuth();
 	const browser = await (await import("playwright")).chromium.launch({ headless });
 	const context = await browser.newContext();
 	const plans = [];
@@ -438,8 +647,14 @@ async function captureWorkoutsFromBrowser(options, config) {
 	try {
 		const page = await context.newPage();
 		const webOrigin = new URL(webBaseUrl).origin;
-		await page.goto(`${webOrigin}/dashboard`, { waitUntil: "domcontentloaded" });
-		await waitForEnter("Log in, open your workouts page, then press Enter to capture...");
+		const startPath = storedAuth?.loginPath ? normalizePath(storedAuth.loginPath) : "/dashboard";
+		await page.goto(new URL(startPath, webOrigin).toString(), { waitUntil: "domcontentloaded" });
+		debugLog(debug, `Opened ${startPath}`);
+		if (storedAuth) {
+			debugLog(debug, "auth.json detected; attempting auto-login.");
+			if (await attemptAutoLogin(page, storedAuth, debug)) await waitForPasswordFieldGone(page, 15e3);
+			if (!await triggerWorkoutCapture(page, webOrigin, plans, debug)) await waitForEnter("Log in, open your workouts page, then press Enter to capture...");
+		} else await waitForEnter("Log in, open your workouts page, then press Enter to capture...");
 		const cookies = await context.cookies(webOrigin);
 		cookieHeader = cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join("; ");
 		csrfCookie = cookies.find((cookie) => cookie.name === "csrf_kahunas_cookie_token")?.value;
@@ -459,7 +674,9 @@ async function captureWorkoutsFromBrowser(options, config) {
 }
 async function loginWithBrowser(options, config) {
 	const webBaseUrl = resolveWebBaseUrl(options, config);
-	const headless = isFlagEnabled(options, "headless");
+	const headless = config.headless ?? true;
+	const debug = config.debug === true;
+	const storedAuth = resolveStoredAuth();
 	const browser = await (await import("playwright")).chromium.launch({ headless });
 	const context = await browser.newContext();
 	let observedToken;
@@ -473,8 +690,15 @@ async function loginWithBrowser(options, config) {
 	try {
 		const page = await context.newPage();
 		const webOrigin = new URL(webBaseUrl).origin;
-		await page.goto(`${webOrigin}/dashboard`, { waitUntil: "domcontentloaded" });
-		await waitForEnter("Finish logging in, then press Enter to continue...");
+		const startPath = storedAuth?.loginPath ? normalizePath(storedAuth.loginPath) : "/dashboard";
+		await page.goto(new URL(startPath, webOrigin).toString(), { waitUntil: "domcontentloaded" });
+		debugLog(debug, `Opened ${startPath}`);
+		if (storedAuth) {
+			debugLog(debug, "auth.json detected; attempting auto-login.");
+			if (await attemptAutoLogin(page, storedAuth, debug)) {
+				if (!await waitForPasswordFieldGone(page, 15e3)) await waitForEnter("Finish logging in, then press Enter to continue...");
+			}
+		} else await waitForEnter("Finish logging in, then press Enter to continue...");
 		if (!observedToken) {
 			await page.reload({ waitUntil: "domcontentloaded" });
 			await page.waitForTimeout(1500);
@@ -495,7 +719,7 @@ async function loginWithBrowser(options, config) {
 		const csrfToken = csrfCookie ?? resolveCsrfToken(options, config);
 		let raw;
 		if (!observedToken) {
-			if (!csrfToken) throw new Error("Missing CSRF token after login. Try again or provide --csrf.");
+			if (!csrfToken) throw new Error("Missing CSRF token after login. Try again or run 'kahunas workout sync'.");
 			if (!cookieHeader) throw new Error("Missing cookies after login. Try again.");
 			const { token: extractedToken, raw: fetchedRaw } = await fetchAuthToken(csrfToken, cookieHeader, webBaseUrl);
 			recordToken(extractedToken);
@@ -516,10 +740,14 @@ async function loginWithBrowser(options, config) {
 }
 async function loginAndPersist(options, config, outputMode) {
 	const result = await loginWithBrowser(options, config);
+	const tokenUpdatedAt = (/* @__PURE__ */ new Date()).toISOString();
+	const tokenExpiresAt = extractJwtExpiry(result.token) ?? null;
 	const nextConfig = {
 		...config,
 		token: result.token,
-		webBaseUrl: result.webBaseUrl
+		webBaseUrl: result.webBaseUrl,
+		tokenUpdatedAt,
+		tokenExpiresAt
 	};
 	if (result.csrfToken) nextConfig.csrfToken = result.csrfToken;
 	if (result.cookieHeader) nextConfig.authCookie = result.cookieHeader;
@@ -533,120 +761,7 @@ async function loginAndPersist(options, config, outputMode) {
 //#endregion
 //#region src/usage.ts
 function printUsage() {
-	console.log(`kahunas - CLI for Kahunas API\n\nUsage:\n  kahunas auth set <token> [--base-url URL] [--csrf CSRF] [--web-base-url URL] [--cookie COOKIE] [--csrf-cookie VALUE]\n  kahunas auth token [--csrf CSRF] [--cookie COOKIE] [--csrf-cookie VALUE] [--web-base-url URL] [--raw]\n  kahunas auth login [--web-base-url URL] [--headless] [--raw]\n  kahunas auth status [--token TOKEN] [--base-url URL] [--auto-login] [--headless]\n  kahunas auth show\n  kahunas checkins list [--page N] [--rpp N] [--token TOKEN] [--base-url URL] [--raw] [--no-auto-login] [--headless]\n  kahunas workout list [--page N] [--rpp N] [--token TOKEN] [--base-url URL] [--raw] [--no-auto-login] [--headless]\n  kahunas workout pick [--page N] [--rpp N] [--token TOKEN] [--base-url URL] [--raw] [--no-auto-login] [--headless]\n  kahunas workout latest [--token TOKEN] [--base-url URL] [--raw] [--no-auto-login] [--headless]\n  kahunas workout events [--user UUID] [--timezone TZ] [--program UUID] [--workout UUID] [--minimal] [--full] [--latest] [--limit N] [--debug-preview] [--raw] [--no-auto-login] [--headless]\n  kahunas workout serve [--host HOST] [--port N] [--timezone TZ] [--program UUID] [--workout UUID] [--limit N] [--cache-ttl MS] [--no-auto-login] [--headless]\n  kahunas workout sync [--headless]\n  kahunas workout program <id> [--csrf CSRF] [--token TOKEN] [--base-url URL] [--raw] [--no-auto-login] [--headless]\n\nEnv:\n  KAHUNAS_TOKEN=...\n  KAHUNAS_CSRF=...\n  KAHUNAS_CSRF_COOKIE=...\n  KAHUNAS_COOKIE=...\n  KAHUNAS_WEB_BASE_URL=...\n  KAHUNAS_USER_UUID=...\n\nConfig:\n  ${CONFIG_PATH}`);
-}
-
-//#endregion
-//#region src/commands/auth.ts
-async function handleAuth(positionals, options) {
-	const action = positionals[0];
-	if (!action || action === "help") {
-		printUsage();
-		return;
-	}
-	if (action === "set") {
-		const token = positionals[1] ?? options.token;
-		if (!token) throw new Error("Missing token for auth set.");
-		const config = readConfig();
-		const baseUrl = resolveBaseUrl(options, config);
-		const csrfToken = resolveCsrfToken(options, config);
-		const webBaseUrl = resolveWebBaseUrl(options, config);
-		const authCookie = resolveAuthCookie(options, config);
-		const csrfCookie = resolveCsrfCookie(options, config);
-		writeConfig({
-			...config,
-			token,
-			baseUrl,
-			csrfToken,
-			webBaseUrl,
-			authCookie,
-			csrfCookie
-		});
-		console.log(`Saved token to ${CONFIG_PATH}`);
-		return;
-	}
-	if (action === "token") {
-		const config = readConfig();
-		const csrfToken = resolveCsrfToken(options, config);
-		if (!csrfToken) throw new Error("Missing CSRF token. Provide --csrf or set KAHUNAS_CSRF.");
-		const webBaseUrl = resolveWebBaseUrl(options, config);
-		const authCookie = resolveAuthCookie(options, config);
-		const csrfCookie = resolveCsrfCookie(options, config);
-		const cookieHeader = authCookie ?? `csrf_kahunas_cookie_token=${csrfCookie ?? csrfToken}`;
-		const rawOutput = isFlagEnabled(options, "raw");
-		const { token: extractedToken, raw } = await fetchAuthToken(csrfToken, cookieHeader, webBaseUrl);
-		const token = extractedToken && isLikelyAuthToken(extractedToken) ? extractedToken : void 0;
-		if (rawOutput) {
-			console.log(raw);
-			return;
-		}
-		if (!token) {
-			console.log(raw);
-			return;
-		}
-		const nextConfig = {
-			...config,
-			token,
-			csrfToken,
-			webBaseUrl
-		};
-		if (authCookie) nextConfig.authCookie = authCookie;
-		if (csrfCookie) nextConfig.csrfCookie = csrfCookie;
-		writeConfig(nextConfig);
-		console.log(token);
-		return;
-	}
-	if (action === "login") {
-		await loginAndPersist(options, readConfig(), isFlagEnabled(options, "raw") ? "raw" : "token");
-		return;
-	}
-	if (action === "status") {
-		const config = readConfig();
-		const autoLogin = shouldAutoLogin(options, false);
-		let token = resolveToken(options, config);
-		if (!token) if (autoLogin) token = await loginAndPersist(options, config, "silent");
-		else throw new Error("Missing auth token. Set KAHUNAS_TOKEN or run 'kahunas auth login'.");
-		const baseUrl = resolveBaseUrl(options, config);
-		let response = await postJson("/api/v2/checkin/list", token, baseUrl, {
-			page: 1,
-			rpp: 1
-		});
-		if (autoLogin && isTokenExpiredResponse(response.json)) {
-			token = await loginAndPersist(options, config, "silent");
-			response = await postJson("/api/v2/checkin/list", token, baseUrl, {
-				page: 1,
-				rpp: 1
-			});
-		}
-		if (!response.ok) throw new Error(`HTTP ${response.status}: ${response.text}`);
-		if (response.json === void 0) {
-			console.log("unknown");
-			return;
-		}
-		console.log(isTokenExpiredResponse(response.json) ? "expired" : "valid");
-		return;
-	}
-	if (action === "show") {
-		const config = readConfig();
-		if (!config.token) throw new Error("No token saved. Use 'kahunas auth set <token>' or set KAHUNAS_TOKEN.");
-		console.log(config.token);
-		return;
-	}
-	throw new Error(`Unknown auth action: ${action}`);
-}
-
-//#endregion
-//#region src/output.ts
-function printResponse(response, rawOutput) {
-	if (rawOutput) {
-		console.log(response.text);
-		return;
-	}
-	if (response.json !== void 0) {
-		console.log(JSON.stringify(response.json, null, 2));
-		return;
-	}
-	console.log(response.text);
+	console.log(`kahunas - CLI for Kahunas API\n\nUsage:\n  kahunas checkins list [--raw]\n  kahunas workout list [--raw]\n  kahunas workout pick [--raw]\n  kahunas workout latest [--raw]\n  kahunas workout events [--minimal] [--full] [--debug-preview] [--raw]\n  kahunas workout serve\n  kahunas serve\n  kahunas workout sync\n  kahunas sync\n  kahunas workout program <id> [--raw]\n\nConfig:\n  ${CONFIG_PATH}`);
 }
 
 //#endregion
@@ -659,19 +774,17 @@ async function handleCheckins(positionals, options) {
 	}
 	if (action !== "list") throw new Error(`Unknown checkins action: ${action}`);
 	const config = readConfig();
-	const autoLogin = shouldAutoLogin(options, true);
 	let token = resolveToken(options, config);
-	if (!token) if (autoLogin) token = await loginAndPersist(options, config, "silent");
-	else throw new Error("Missing auth token. Set KAHUNAS_TOKEN or run 'kahunas auth login'.");
+	if (!token) token = await loginAndPersist(options, config, "silent");
 	const baseUrl = resolveBaseUrl(options, config);
-	const page = parseNumber$1(options.page, 1);
-	const rpp = parseNumber$1(options.rpp, 12);
+	const page = 1;
+	const rpp = 12;
 	const rawOutput = isFlagEnabled(options, "raw");
 	let response = await postJson("/api/v2/checkin/list", token, baseUrl, {
 		page,
 		rpp
 	});
-	if (autoLogin && isTokenExpiredResponse(response.json)) {
+	if (isTokenExpiredResponse(response.json)) {
 		token = await loginAndPersist(options, config, "silent");
 		response = await postJson("/api/v2/checkin/list", token, baseUrl, {
 			page,
@@ -1822,16 +1935,15 @@ async function handleWorkout(positionals, options) {
 		return;
 	}
 	const config = readConfig();
-	const autoLogin = shouldAutoLogin(options, true);
+	const debug = config.debug === true;
+	const autoLogin = true;
 	let token = resolveToken(options, config);
 	const ensureToken = async () => {
-		if (!token) if (autoLogin) token = await loginAndPersist(options, config, "silent");
-		else throw new Error("Missing auth token. Set KAHUNAS_TOKEN or run 'kahunas auth login'.");
+		if (!token) token = await loginAndPersist(options, config, "silent");
 		return token;
 	};
 	let webLoginInFlight = null;
 	const ensureWebLogin = async () => {
-		if (!autoLogin) return;
 		if (!webLoginInFlight) webLoginInFlight = loginAndPersist(options, config, "silent").then(() => void 0).finally(() => {
 			webLoginInFlight = null;
 		});
@@ -1839,16 +1951,15 @@ async function handleWorkout(positionals, options) {
 	};
 	const baseUrl = resolveBaseUrl(options, config);
 	const rawOutput = isFlagEnabled(options, "raw");
-	const page = parseNumber$1(options.page, 1);
-	const rpp = parseNumber$1(options.rpp, 12);
-	const listRpp = action === "latest" && options.rpp === void 0 ? 100 : rpp;
+	const page = 1;
+	const listRpp = action === "latest" ? 100 : 12;
 	const fetchList = async () => {
 		await ensureToken();
 		const url = new URL("/api/v1/workoutprogram", baseUrl);
-		if (page) url.searchParams.set("page", String(page));
+		url.searchParams.set("page", String(page));
 		if (listRpp) url.searchParams.set("rpp", String(listRpp));
 		let response = await getWithAuth(url.pathname + url.search, token, baseUrl);
-		if (autoLogin && isTokenExpiredResponse(response.json)) {
+		if (isTokenExpiredResponse(response.json)) {
 			token = await loginAndPersist(options, config, "silent");
 			response = await getWithAuth(url.pathname + url.search, token, baseUrl);
 		}
@@ -1864,7 +1975,7 @@ async function handleWorkout(positionals, options) {
 	const fetchWorkoutEventsPayload = async () => {
 		const baseWebUrl = resolveWebBaseUrl(options, config);
 		const webOrigin = new URL(baseWebUrl).origin;
-		const timezone = options.timezone ?? process.env.TZ ?? Intl.DateTimeFormat().resolvedOptions().timeZone ?? "Europe/London";
+		const timezone = process.env.TZ ?? Intl.DateTimeFormat().resolvedOptions().timeZone ?? "Europe/London";
 		let userUuid = resolveUserUuid(options, config);
 		if (!userUuid) try {
 			await ensureToken();
@@ -1872,7 +1983,7 @@ async function handleWorkout(positionals, options) {
 				page: 1,
 				rpp: 1
 			});
-			if (autoLogin && isTokenExpiredResponse(checkinsResponse.json)) {
+			if (isTokenExpiredResponse(checkinsResponse.json)) {
 				token = await loginAndPersist(options, config, "silent");
 				checkinsResponse = await postJson("/api/v2/checkin/list", token, baseUrl, {
 					page: 1,
@@ -1890,7 +2001,7 @@ async function handleWorkout(positionals, options) {
 				}
 			}
 		} catch {}
-		if (!userUuid) throw new Error("Missing user uuid. Use --user or run 'kahunas checkins list' once.");
+		if (!userUuid) throw new Error("Missing user uuid. Run 'kahunas checkins list' or 'kahunas workout sync' once.");
 		if (userUuid !== config.userUuid) writeConfig({
 			...config,
 			userUuid
@@ -1909,13 +2020,13 @@ async function handleWorkout(positionals, options) {
 			effectiveCsrfToken = csrfCookie ?? csrfToken$1;
 			cookieHeader = authCookie ?? (effectiveCsrfToken ? `csrf_kahunas_cookie_token=${effectiveCsrfToken}` : void 0);
 		}
-		if (!effectiveCsrfToken) throw new Error("Missing CSRF token. Run 'kahunas auth login' and try again.");
-		if (!cookieHeader) throw new Error("Missing cookies. Run 'kahunas auth login' and try again.");
+		if (!effectiveCsrfToken) throw new Error("Missing CSRF token. Run 'kahunas workout sync' and try again.");
+		if (!cookieHeader) throw new Error("Missing cookies. Run 'kahunas workout sync' and try again.");
 		const url = new URL(`/coach/clients/calendar/getEvent/${userUuid}`, webOrigin);
 		url.searchParams.set("timezone", timezone);
 		const body = new URLSearchParams();
 		body.set("csrf_kahunas_token", effectiveCsrfToken);
-		body.set("filter", options.filter ?? "");
+		body.set("filter", "");
 		let response = await fetch(url.toString(), {
 			method: "POST",
 			headers: {
@@ -1930,7 +2041,7 @@ async function handleWorkout(positionals, options) {
 		});
 		let text = await response.text();
 		if (!response.ok) throw new Error(`HTTP ${response.status}: ${text}`);
-		if (autoLogin && isLikelyLoginHtml(text)) {
+		if (isLikelyLoginHtml(text)) {
 			await ensureWebLogin();
 			const refreshed = readConfig();
 			csrfToken$1 = resolveCsrfToken(options, refreshed);
@@ -1938,7 +2049,7 @@ async function handleWorkout(positionals, options) {
 			authCookie = resolveAuthCookie(options, refreshed);
 			effectiveCsrfToken = csrfCookie ?? csrfToken$1;
 			cookieHeader = authCookie ?? (effectiveCsrfToken ? `csrf_kahunas_cookie_token=${effectiveCsrfToken}` : void 0);
-			if (!effectiveCsrfToken || !cookieHeader) throw new Error("Login required. Run 'kahunas auth login' and try again.");
+			if (!effectiveCsrfToken || !cookieHeader) throw new Error("Login required. Run 'kahunas workout sync' and try again.");
 			const retry = await fetch(url.toString(), {
 				method: "POST",
 				headers: {
@@ -1970,7 +2081,7 @@ async function handleWorkout(positionals, options) {
 			listUrl.searchParams.set("page", "1");
 			listUrl.searchParams.set("rpp", "100");
 			let listResponse = await getWithAuth(listUrl.pathname + listUrl.search, token, baseUrl);
-			if (autoLogin && isTokenExpiredResponse(listResponse.json)) {
+			if (isTokenExpiredResponse(listResponse.json)) {
 				token = await loginAndPersist(options, config, "silent");
 				listResponse = await getWithAuth(listUrl.pathname + listUrl.search, token, baseUrl);
 			}
@@ -1990,7 +2101,7 @@ async function handleWorkout(positionals, options) {
 			try {
 				await ensureToken();
 				let responseProgram$1 = await fetchWorkoutProgram(token, baseUrl, programId$1, effectiveCsrfToken);
-				if (autoLogin && isTokenExpiredResponse(responseProgram$1.json)) {
+				if (isTokenExpiredResponse(responseProgram$1.json)) {
 					token = await loginAndPersist(options, config, "silent");
 					responseProgram$1 = await fetchWorkoutProgram(token, baseUrl, programId$1, effectiveCsrfToken);
 				}
@@ -2068,7 +2179,7 @@ async function handleWorkout(positionals, options) {
 		if (!chosen.uuid) throw new Error("Selected workout is missing a uuid.");
 		const csrfToken$1 = resolveCsrfToken(options, config);
 		let responseProgram$1 = await fetchWorkoutProgram(await ensureToken(), baseUrl, chosen.uuid, csrfToken$1);
-		if (autoLogin && isTokenExpiredResponse(responseProgram$1.json)) {
+		if (isTokenExpiredResponse(responseProgram$1.json)) {
 			token = await loginAndPersist(options, config, "silent");
 			responseProgram$1 = await fetchWorkoutProgram(token, baseUrl, chosen.uuid, csrfToken$1);
 		}
@@ -2084,7 +2195,7 @@ async function handleWorkout(positionals, options) {
 		if (!chosen || !chosen.uuid) throw new Error("Latest workout is missing a uuid.");
 		const csrfToken$1 = resolveCsrfToken(options, config);
 		let responseProgram$1 = await fetchWorkoutProgram(await ensureToken(), baseUrl, chosen.uuid, csrfToken$1);
-		if (autoLogin && isTokenExpiredResponse(responseProgram$1.json)) {
+		if (isTokenExpiredResponse(responseProgram$1.json)) {
 			token = await loginAndPersist(options, config, "silent");
 			responseProgram$1 = await fetchWorkoutProgram(token, baseUrl, chosen.uuid, csrfToken$1);
 		}
@@ -2095,8 +2206,8 @@ async function handleWorkout(positionals, options) {
 	if (action === "events") {
 		const minimal = isFlagEnabled(options, "minimal");
 		const full = isFlagEnabled(options, "full");
-		const debugPreview = isFlagEnabled(options, "debug-preview");
-		const limit = isFlagEnabled(options, "latest") || isFlagEnabled(options, "last") ? 1 : parseNumber$1(options.limit, 0);
+		const debugPreview = isFlagEnabled(options, "debug-preview") || debug;
+		const limit = 1;
 		const { text, payload, timezone } = await fetchWorkoutEventsPayload();
 		if (rawOutput) {
 			console.log(text);
@@ -2106,7 +2217,7 @@ async function handleWorkout(positionals, options) {
 			console.log(text);
 			return;
 		}
-		const sorted = sortWorkoutEvents(filterWorkoutEvents(payload, options.program, options.workout));
+		const sorted = sortWorkoutEvents(filterWorkoutEvents(payload));
 		const limited = limit > 0 ? sorted.slice(-limit) : sorted;
 		if (minimal) {
 			console.log(JSON.stringify(limited, null, 2));
@@ -2121,7 +2232,7 @@ async function handleWorkout(positionals, options) {
 			const match = findWorkoutPreviewHtmlMatch(record) ?? (program ? findWorkoutPreviewHtmlMatch(program) : void 0);
 			const dayIndex = resolveWorkoutEventDayIndex(entry, program);
 			const source = match ? match.source : "not_found";
-			console.error(`debug-preview event=${eventId} program=${programUuid ?? "unknown"} day_index=${dayIndex ?? "none"} source=${source}`);
+			debugLog(true, `preview event=${eventId} program=${programUuid ?? "unknown"} day_index=${dayIndex ?? "none"} source=${source}`);
 		}
 		if (full) {
 			const enriched = enrichWorkoutEvents(limited, programDetails);
@@ -2130,27 +2241,27 @@ async function handleWorkout(positionals, options) {
 		}
 		const formatted = formatWorkoutEventsOutput(limited, programDetails, {
 			timezone,
-			program: options.program,
-			workout: options.workout
+			program: void 0,
+			workout: void 0
 		});
 		console.log(JSON.stringify(formatted, null, 2));
 		return;
 	}
 	if (action === "serve") {
-		const host = options.host ?? "127.0.0.1";
-		const port = parseNumber$1(options.port, 3e3);
-		const limit = parseNumber$1(options.limit, 1);
-		const cacheTtlMs = parseNumber$1(options["cache-ttl"], 3e4);
+		const host = "127.0.0.1";
+		const port = 3e3;
+		const limit = 1;
+		const cacheTtlMs = 3e4;
 		const loadSummary = async () => {
 			const { text, payload, timezone } = await fetchWorkoutEventsPayload();
 			if (!Array.isArray(payload)) throw new Error(`Unexpected calendar response: ${text.slice(0, 200)}`);
-			const sorted = sortWorkoutEvents(filterWorkoutEvents(payload, options.program, options.workout));
+			const sorted = sortWorkoutEvents(filterWorkoutEvents(payload));
 			const bounded = limit > 0 ? sorted.slice(-limit) : sorted;
 			const programDetails = await buildProgramDetails(sorted);
 			const formatted = formatWorkoutEventsOutput(bounded, programDetails, {
 				timezone,
-				program: options.program,
-				workout: options.workout
+				program: void 0,
+				workout: void 0
 			});
 			const summary = formatted.events[0];
 			const programUuid = summary?.program?.uuid ?? (bounded[0] && typeof bounded[0] === "object" ? bounded[0].program : void 0);
@@ -2221,8 +2332,15 @@ async function handleWorkout(positionals, options) {
 				res.end(error instanceof Error ? error.message : "Server error");
 			}
 		}).listen(port, host, () => {
+			const cache = readWorkoutCache();
+			const freshConfig = readConfig();
+			const lastSync = cache?.updatedAt ?? "none";
+			const tokenExpiry = freshConfig.tokenExpiresAt ?? "unknown";
 			console.log(`Local workout server running at http://${host}:${port}`);
 			console.log(`JSON endpoint at http://${host}:${port}/api/workout`);
+			console.log(`Config: ${CONFIG_PATH}`);
+			console.log(`Last workout sync: ${lastSync}`);
+			console.log(`Token expiry: ${tokenExpiry}`);
 		});
 		return;
 	}
@@ -2252,7 +2370,7 @@ async function handleWorkout(positionals, options) {
 	const ensuredToken = await ensureToken();
 	const csrfToken = resolveCsrfToken(options, config);
 	let responseProgram = await fetchWorkoutProgram(ensuredToken, baseUrl, programId, csrfToken);
-	if (autoLogin && isTokenExpiredResponse(responseProgram.json)) {
+	if (isTokenExpiredResponse(responseProgram.json)) {
 		token = await loginAndPersist(options, config, "silent");
 		responseProgram = await fetchWorkoutProgram(token, baseUrl, programId, csrfToken);
 	}
@@ -2271,12 +2389,15 @@ async function main() {
 	const command = positionals[0];
 	const rest = positionals.slice(1);
 	switch (command) {
-		case "auth":
-			await handleAuth(rest, options);
-			return;
 		case "checkins":
 			await handleCheckins(rest, options);
 			return;
+		case "sync":
+			await handleWorkout(["sync", ...rest], options);
+			return;
+		case "serve":
+			await handleWorkout(["serve", ...rest], options);
+			return;
 		case "workout":
 			await handleWorkout(rest, options);
 			return;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kahunas-cli",
-  "version": "1.0.6",
+  "version": "1.2.0",
   "description": "",
   "main": "dist/cli.js",
   "bin": {