kahunas-cli 1.2.0 → 1.4.0

package/README.md

@@ -1,77 +1,17 @@
 # Kahunas CLI
 
-A TypeScript CLI for Kahunas (kahunas.io) to fetch check-ins and workouts.
-
-![Kahunas CLI screenshot](https://unpkg.com/kahunas-cli@latest/ai-screenshot.png)
+Fetch workouts from Kahunas and preview them locally.
 
 ## Quick start
 
-1) Install dependencies and build:
+1) Install and build:
 
 ```bash
 pnpm install
 pnpm build
 ```
 
-2) Fetch data (browser login runs automatically on first run, headless by default):
-
-```bash
-pnpm kahunas checkins list
-pnpm kahunas workout list
-pnpm kahunas workout pick
-```
-
-You can also run without installing globally:
-
-```bash
-npx kahunas-cli checkins list
-npx kahunas-cli workout events
-```
-
-## Commands
-
-### Check-ins
-
-- `kahunas checkins list`
-  - Lists recent check-ins.
-
-### Workouts
-
-- `kahunas workout list`
-  - Lists workout programs.
-- `kahunas workout pick`
-  - Shows a numbered list and lets you choose a program.
-- `kahunas workout latest`
-  - Loads the most recently updated program.
-- `kahunas workout events`
-  - Lists workout log events with dates and a human-friendly workout summary (from the calendar endpoint).
-- `kahunas workout serve`
-  - Starts a local dev server with a workout preview page and a JSON endpoint that matches the CLI output.
-- `kahunas workout program <id>`
-  - Fetches a program by UUID.
-
-### Workout sync (browser capture)
-
-If the API list is missing a program you see in the web UI, run:
-
-```bash
-pnpm kahunas sync
-```
-
-Or:
-
-```bash
-pnpm kahunas workout sync
-```
-
-This runs a browser session (headless by default). You log in, then navigate to your workouts page. After you press Enter, the CLI captures the workout list from network responses and writes a cache:
-
-- `~/.config/kahunas/workouts.json`
-
-`workout list`, `workout pick`, and `workout latest` automatically merge the API list with this cache.
-Raw output (`--raw`) prints the API response only.
-
-If you add `~/.config/kahunas/auth.json`, the browser flow will attempt an automatic login and open your workouts page before capturing. Example:
+2) Optional: add auto-login credentials at `~/.config/kahunas/auth.json`:
 
 ```json
 {
@@ -80,87 +20,17 @@ If you add `~/.config/kahunas/auth.json`, the browser flow will attempt an autom
 }
 ```
 
-Keep this file private; it contains credentials.
-
-Optional fields:
-
-- `username` (use instead of `email`)
-- `loginPath` (default: `/dashboard`)
-
-If auto-capture does not find workouts, the CLI falls back to the manual prompt.
-
-### Workout events (dates)
-
-To see when workouts happened, the calendar endpoint returns log events with timestamps. The CLI returns the latest event summarized into a human-friendly structure (total volume sets, exercises, supersets). Use `--full` to return the full program payload (best effort; falls back to cached summary if needed).
-
-```bash
-pnpm kahunas workout events
-```
-
-Use `--minimal` to return the raw event objects without program enrichment. Use `--full` for full enriched output. Use `--debug-preview` to log where preview HTML was discovered (stderr only).
-
-If the user UUID is missing, `workout events` will attempt to discover it from check-ins and save it.
-
-### Workout preview server
-
-Run a local dev server to preview workouts in a browser:
+3) Sync workouts, then run the preview server:
 
 ```bash
+pnpm kahunas sync
 pnpm kahunas serve
 ```
 
-Or:
-
-```bash
-pnpm kahunas workout serve
-```
-
-The HTML page is available at `http://127.0.0.1:3000` and the JSON endpoint is at `http://127.0.0.1:3000/api/workout`.
-The JSON response matches the CLI output for `workout events`, so there is only one data shape to maintain.
-
-Use `?day=<index>` to switch the selected workout day tab in the browser.
-
-## Auto-login
-
-Most commands auto-login if a token is missing or expired. This runs a browser session and saves session details in `~/.config/kahunas/config.json` (headless by default). If `~/.config/kahunas/auth.json` is present, the login step is automated.
-
-## Debug logging
-
-Set `debug` to `true` in `~/.config/kahunas/config.json` to enable extra logs on stderr (includes workout preview debug output).
-
-## Headless mode
-
-Set `headless` to `false` in `~/.config/kahunas/config.json` to show the Playwright browser. Defaults to `true`.
+Open `http://127.0.0.1:3000`.
 
-## Flags
-
-- `--raw` prints raw API responses (no formatting).
-
-## Playwright
-
-If Playwright did not download a browser during install:
-
-```bash
-pnpm exec playwright install chromium
-```
-
-## Testing
-
-Run the unit tests with:
-
-```bash
-pnpm test
-```
-
-## Publishing
-
-The npm package is built from `dist/cli.js`. Publishing runs the build automatically:
-
-```bash
-pnpm publish
-```
+If `auth.json` is missing, `sync` will prompt for credentials and save them after a successful login.
 
-## Notes
+## Advanced usage
 
-- This CLI uses the same APIs the web app uses; tokens can expire quickly.
-- Re-run any command (or `workout sync`) to refresh login when needed.
+See `docs/advanced.md` for all commands, flags, and configuration options.

package/dist/cli.js

@@ -6,6 +6,7 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __commonJSMin = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
 var __copyProps = (to, from, except, desc) => {
 	if (from && typeof from === "object" || typeof from === "function") {
 		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
@@ -94,6 +95,11 @@ function readAuthConfig() {
 		throw new Error(`Invalid JSON in ${AUTH_PATH}.`);
 	}
 }
+function writeAuthConfig(auth) {
+	const dir = node_path.dirname(AUTH_PATH);
+	node_fs.mkdirSync(dir, { recursive: true });
+	node_fs.writeFileSync(AUTH_PATH, `${JSON.stringify(auth, null, 2)}\n`, "utf-8");
+}
 function writeConfig(config) {
 	const dir = node_path.dirname(CONFIG_PATH);
 	node_fs.mkdirSync(dir, { recursive: true });
@@ -190,6 +196,14 @@ function extractJwtExpiry(token) {
 		return;
 	}
 }
+const DEFAULT_TOKEN_TTL_MS = 7200 * 1e3;
+function resolveTokenExpiry(token, tokenUpdatedAt) {
+	const jwtExpiry = extractJwtExpiry(token);
+	if (jwtExpiry) return jwtExpiry;
+	const updatedAt = Date.parse(tokenUpdatedAt);
+	if (!Number.isFinite(updatedAt)) return;
+	return new Date(updatedAt + DEFAULT_TOKEN_TTL_MS).toISOString();
+}
 function decodeBase64Url(value) {
 	const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
 	const padding = normalized.length % 4;
@@ -313,13 +327,108 @@ function extractUserUuidFromCheckins(payload) {
 	return typeof candidate === "string" ? candidate : void 0;
 }
 
+//#endregion
+//#region node_modules/.pnpm/picocolors@1.1.1/node_modules/picocolors/picocolors.js
+var require_picocolors = /* @__PURE__ */ __commonJSMin(((exports, module) => {
+	let p = process || {}, argv = p.argv || [], env = p.env || {};
+	let isColorSupported = !(!!env.NO_COLOR || argv.includes("--no-color")) && (!!env.FORCE_COLOR || argv.includes("--color") || p.platform === "win32" || (p.stdout || {}).isTTY && env.TERM !== "dumb" || !!env.CI);
+	let formatter = (open, close, replace = open) => (input) => {
+		let string = "" + input, index = string.indexOf(close, open.length);
+		return ~index ? open + replaceClose(string, close, replace, index) + close : open + string + close;
+	};
+	let replaceClose = (string, close, replace, index) => {
+		let result = "", cursor = 0;
+		do {
+			result += string.substring(cursor, index) + replace;
+			cursor = index + close.length;
+			index = string.indexOf(close, cursor);
+		} while (~index);
+		return result + string.substring(cursor);
+	};
+	let createColors = (enabled = isColorSupported) => {
+		let f = enabled ? formatter : () => String;
+		return {
+			isColorSupported: enabled,
+			reset: f("\x1B[0m", "\x1B[0m"),
+			bold: f("\x1B[1m", "\x1B[22m", "\x1B[22m\x1B[1m"),
+			dim: f("\x1B[2m", "\x1B[22m", "\x1B[22m\x1B[2m"),
+			italic: f("\x1B[3m", "\x1B[23m"),
+			underline: f("\x1B[4m", "\x1B[24m"),
+			inverse: f("\x1B[7m", "\x1B[27m"),
+			hidden: f("\x1B[8m", "\x1B[28m"),
+			strikethrough: f("\x1B[9m", "\x1B[29m"),
+			black: f("\x1B[30m", "\x1B[39m"),
+			red: f("\x1B[31m", "\x1B[39m"),
+			green: f("\x1B[32m", "\x1B[39m"),
+			yellow: f("\x1B[33m", "\x1B[39m"),
+			blue: f("\x1B[34m", "\x1B[39m"),
+			magenta: f("\x1B[35m", "\x1B[39m"),
+			cyan: f("\x1B[36m", "\x1B[39m"),
+			white: f("\x1B[37m", "\x1B[39m"),
+			gray: f("\x1B[90m", "\x1B[39m"),
+			bgBlack: f("\x1B[40m", "\x1B[49m"),
+			bgRed: f("\x1B[41m", "\x1B[49m"),
+			bgGreen: f("\x1B[42m", "\x1B[49m"),
+			bgYellow: f("\x1B[43m", "\x1B[49m"),
+			bgBlue: f("\x1B[44m", "\x1B[49m"),
+			bgMagenta: f("\x1B[45m", "\x1B[49m"),
+			bgCyan: f("\x1B[46m", "\x1B[49m"),
+			bgWhite: f("\x1B[47m", "\x1B[49m"),
+			blackBright: f("\x1B[90m", "\x1B[39m"),
+			redBright: f("\x1B[91m", "\x1B[39m"),
+			greenBright: f("\x1B[92m", "\x1B[39m"),
+			yellowBright: f("\x1B[93m", "\x1B[39m"),
+			blueBright: f("\x1B[94m", "\x1B[39m"),
+			magentaBright: f("\x1B[95m", "\x1B[39m"),
+			cyanBright: f("\x1B[96m", "\x1B[39m"),
+			whiteBright: f("\x1B[97m", "\x1B[39m"),
+			bgBlackBright: f("\x1B[100m", "\x1B[49m"),
+			bgRedBright: f("\x1B[101m", "\x1B[49m"),
+			bgGreenBright: f("\x1B[102m", "\x1B[49m"),
+			bgYellowBright: f("\x1B[103m", "\x1B[49m"),
+			bgBlueBright: f("\x1B[104m", "\x1B[49m"),
+			bgMagentaBright: f("\x1B[105m", "\x1B[49m"),
+			bgCyanBright: f("\x1B[106m", "\x1B[49m"),
+			bgWhiteBright: f("\x1B[107m", "\x1B[49m")
+		};
+	};
+	module.exports = createColors();
+	module.exports.createColors = createColors;
+}));
+
+//#endregion
+//#region src/logger.ts
+var import_picocolors = /* @__PURE__ */ __toESM(require_picocolors());
+function formatLabel(label, color) {
+	return import_picocolors.default.bold(color(label));
+}
+function logInfo(message) {
+	console.log(`${formatLabel("info", import_picocolors.default.cyan)} ${message}`);
+}
+function logError(message) {
+	console.error(`${formatLabel("error", import_picocolors.default.red)} ${message}`);
+}
+function logDebug(enabled, message) {
+	if (!enabled) return;
+	console.error(`${formatLabel("debug", import_picocolors.default.gray)} ${message}`);
+}
+function logPlain(message) {
+	console.log(message);
+}
+function formatHeading(message) {
+	return import_picocolors.default.bold(message);
+}
+function formatDim(message) {
+	return import_picocolors.default.dim(message);
+}
+
 //#endregion
 //#region src/utils.ts
-function askQuestion(prompt) {
+function askQuestion(prompt, output = process.stdout) {
 	return new Promise((resolve) => {
 		const rl = node_readline.createInterface({
 			input: process.stdin,
-			output: process.stdout
+			output
 		});
 		rl.question(prompt, (answer) => {
 			rl.close();
@@ -327,12 +436,29 @@ function askQuestion(prompt) {
 		});
 	});
 }
-function waitForEnter(prompt) {
-	return askQuestion(prompt).then(() => void 0);
+function waitForEnter(prompt, output = process.stdout) {
+	return askQuestion(prompt, output).then(() => void 0);
+}
+function askHiddenQuestion(prompt, output = process.stderr) {
+	return new Promise((resolve) => {
+		const rl = node_readline.createInterface({
+			input: process.stdin,
+			output,
+			terminal: true
+		});
+		const writable = rl;
+		const originalWrite = writable._writeToOutput.bind(rl);
+		writable._writeToOutput = (value) => {
+			if (value.includes("\n") || value.includes("\r")) originalWrite(value);
+		};
+		rl.question(prompt, (answer) => {
+			rl.close();
+			resolve(answer.trim());
+		});
+	});
 }
 function debugLog(enabled, message) {
-	if (!enabled) return;
-	console.error(`[debug] ${message}`);
+	logDebug(enabled, message);
 }
 
 //#endregion
@@ -486,8 +612,11 @@ function normalizePath(pathname) {
 	if (pathname.startsWith("/")) return pathname;
 	return `/${pathname}`;
 }
-function resolveStoredAuth() {
-	const auth = readAuthConfig();
+function normalizeToken(token) {
+	return token.trim().replace(/^"(.*)"$/, "$1").replace(/^'(.*)'$/, "$1").replace(/^bearer\s+/i, "");
+}
+function resolveStoredAuth(override) {
+	const auth = override ?? readAuthConfig();
 	if (!auth) return;
 	const login = auth.username ?? auth.email;
 	if (!login || !auth.password) throw new Error(`Invalid auth.json at ${AUTH_PATH}. Expected \"username\" or \"email\" and \"password\".`);
@@ -608,11 +737,11 @@ async function triggerWorkoutCapture(page, webOrigin, plans, debug) {
 	debugLog(debug, `Workout capture plans=${plans.length}`);
 	return plans.length > 0;
 }
-async function captureWorkoutsFromBrowser(options, config) {
+async function captureWorkoutsFromBrowser(options, config, authOverride) {
 	const webBaseUrl = resolveWebBaseUrl(options, config);
 	const headless = config.headless ?? true;
 	const debug = config.debug === true;
-	const storedAuth = resolveStoredAuth();
+	const storedAuth = resolveStoredAuth(authOverride);
 	const browser = await (await import("playwright")).chromium.launch({ headless });
 	const context = await browser.newContext();
 	const plans = [];
@@ -620,7 +749,8 @@ async function captureWorkoutsFromBrowser(options, config) {
 	let observedToken;
 	const recordToken = (candidate) => {
 		if (!candidate || observedToken) return;
-		if (isLikelyAuthToken(candidate)) observedToken = candidate;
+		const normalized = normalizeToken(candidate);
+		if (isLikelyAuthToken(normalized)) observedToken = normalized;
 	};
 	const recordPlans = (incoming) => {
 		for (const plan of incoming) {
@@ -659,6 +789,13 @@ async function captureWorkoutsFromBrowser(options, config) {
 		cookieHeader = cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join("; ");
 		csrfCookie = cookies.find((cookie) => cookie.name === "csrf_kahunas_cookie_token")?.value;
 		csrfToken = csrfCookie ?? resolveCsrfToken(options, config);
+		if (!observedToken && csrfToken && cookieHeader) try {
+			const { token: fetchedToken } = await fetchAuthToken(csrfToken, cookieHeader, webBaseUrl);
+			recordToken(fetchedToken);
+			debugLog(debug, "Fetched auth token via /get-token.");
+		} catch (error) {
+			debugLog(debug, `Failed to fetch auth token via /get-token: ${error instanceof Error ? error.message : "unknown error"}`);
+		}
 		if (plans.length === 0) await page.waitForTimeout(1500);
 	} finally {
 		await browser.close();
@@ -682,7 +819,8 @@ async function loginWithBrowser(options, config) {
 	let observedToken;
 	const recordToken = (candidate) => {
 		if (!candidate || observedToken) return;
-		if (isLikelyAuthToken(candidate)) observedToken = candidate;
+		const normalized = normalizeToken(candidate);
+		if (isLikelyAuthToken(normalized)) observedToken = normalized;
 	};
 	context.on("request", (request) => {
 		recordToken(request.headers()["auth-user-token"]);
@@ -741,7 +879,7 @@ async function loginWithBrowser(options, config) {
 async function loginAndPersist(options, config, outputMode) {
 	const result = await loginWithBrowser(options, config);
 	const tokenUpdatedAt = (/* @__PURE__ */ new Date()).toISOString();
-	const tokenExpiresAt = extractJwtExpiry(result.token) ?? null;
+	const tokenExpiresAt = resolveTokenExpiry(result.token, tokenUpdatedAt) ?? null;
 	const nextConfig = {
 		...config,
 		token: result.token,
@@ -761,7 +899,7 @@ async function loginAndPersist(options, config, outputMode) {
 //#endregion
 //#region src/usage.ts
 function printUsage() {
-	console.log(`kahunas - CLI for Kahunas API\n\nUsage:\n  kahunas checkins list [--raw]\n  kahunas workout list [--raw]\n  kahunas workout pick [--raw]\n  kahunas workout latest [--raw]\n  kahunas workout events [--minimal] [--full] [--debug-preview] [--raw]\n  kahunas workout serve\n  kahunas serve\n  kahunas workout sync\n  kahunas sync\n  kahunas workout program <id> [--raw]\n\nConfig:\n  ${CONFIG_PATH}`);
+	logPlain(`${formatHeading("kahunas - CLI for Kahunas API")}\n\nUsage:\n  kahunas checkins list [--raw]\n  kahunas workout list [--raw]\n  kahunas workout pick [--raw]\n  kahunas workout latest [--raw]\n  kahunas workout events [--minimal] [--full] [--debug-preview] [--raw]\n  kahunas workout serve\n  kahunas serve\n  kahunas workout sync\n  kahunas sync\n  kahunas workout program <id> [--raw]\n\n${formatDim("Config:")}\n  ${CONFIG_PATH}`);
 }
 
 //#endregion
@@ -2123,6 +2261,104 @@ async function handleWorkout(positionals, options) {
 		}
 		return programDetails;
 	};
+	const startWorkoutServer = async () => {
+		const host = "127.0.0.1";
+		const port = 3e3;
+		const limit = 1;
+		const cacheTtlMs = 3e4;
+		const loadSummary = async () => {
+			const { text, payload, timezone } = await fetchWorkoutEventsPayload();
+			if (!Array.isArray(payload)) throw new Error(`Unexpected calendar response: ${text.slice(0, 200)}`);
+			const sorted = sortWorkoutEvents(filterWorkoutEvents(payload));
+			const bounded = limit > 0 ? sorted.slice(-limit) : sorted;
+			const programDetails = await buildProgramDetails(sorted);
+			const formatted = formatWorkoutEventsOutput(bounded, programDetails, {
+				timezone,
+				program: void 0,
+				workout: void 0
+			});
+			const summary = formatted.events[0];
+			const programUuid = summary?.program?.uuid ?? (bounded[0] && typeof bounded[0] === "object" ? bounded[0].program : void 0);
+			return {
+				formatted,
+				days: summarizeWorkoutProgramDays(programUuid ? programDetails[programUuid] : void 0),
+				summary,
+				timezone
+			};
+		};
+		let cached;
+		let summaryInFlight = null;
+		const getSummary = async (forceRefresh) => {
+			if (!forceRefresh && cached && Date.now() - cached.fetchedAt < cacheTtlMs) return cached.data;
+			if (!forceRefresh && summaryInFlight) return summaryInFlight;
+			const pending = loadSummary().finally(() => {
+				summaryInFlight = null;
+			});
+			summaryInFlight = pending;
+			const data = await pending;
+			cached = {
+				data,
+				fetchedAt: Date.now()
+			};
+			return data;
+		};
+		(0, node_http.createServer)(async (req, res) => {
+			try {
+				const url = new URL(req.url ?? "/", `http://${host}:${port}`);
+				const wantsRefresh = url.searchParams.get("refresh") === "1";
+				if (url.pathname === "/api/workout") {
+					const data$1 = await getSummary(wantsRefresh);
+					res.statusCode = 200;
+					res.setHeader("content-type", "application/json; charset=utf-8");
+					res.setHeader("cache-control", "no-store");
+					res.end(JSON.stringify(data$1.formatted, null, 2));
+					return;
+				}
+				if (url.pathname === "/favicon.ico") {
+					res.statusCode = 204;
+					res.end();
+					return;
+				}
+				if (url.pathname !== "/") {
+					res.statusCode = 404;
+					res.end("Not found");
+					return;
+				}
+				const data = await getSummary(wantsRefresh);
+				const dayParam = url.searchParams.get("day");
+				const selectedDayIndex = resolveSelectedDayIndex(data.days, data.summary?.workout_day?.day_index, data.summary?.workout_day?.day_label, dayParam);
+				const html = renderWorkoutPage({
+					summary: data.summary,
+					days: data.days,
+					selectedDayIndex,
+					timezone: data.timezone,
+					apiPath: "/api/workout",
+					refreshPath: "/?refresh=1",
+					isLatest: limit === 1
+				});
+				res.statusCode = 200;
+				res.setHeader("content-type", "text/html; charset=utf-8");
+				res.setHeader("cache-control", "no-store");
+				res.end(html);
+			} catch (error) {
+				res.statusCode = 500;
+				res.setHeader("content-type", "text/plain; charset=utf-8");
+				res.end(error instanceof Error ? error.message : "Server error");
+			}
+		}).listen(port, host, () => {
+			const cache = readWorkoutCache();
+			const freshConfig = readConfig();
+			const lastSync = cache?.updatedAt ?? "none";
+			const tokenExpiry = freshConfig.tokenExpiresAt ?? "unknown";
+			const tokenUpdatedAt = freshConfig.tokenUpdatedAt ?? "unknown";
+			logInfo(`Local workout server running at http://${host}:${port}`);
+			logInfo(`JSON endpoint at http://${host}:${port}/api/workout`);
+			logInfo(`Config: ${CONFIG_PATH}`);
+			logInfo(`Last workout sync: ${lastSync}`);
+			logInfo(`Token expiry: ${tokenExpiry}`);
+			if (tokenExpiry === "unknown" && tokenUpdatedAt !== "unknown") logInfo(`Token updated at: ${tokenUpdatedAt}`);
+		});
+	};
 	const resolveSelectedDayIndex = (days, eventDayIndex, eventDayLabel, dayParam) => {
 		const parseOptionalInt = (value) => {
 			if (!value) return;
@@ -2167,9 +2403,9 @@ async function handleWorkout(positionals, options) {
 		if (!response.ok) throw new Error(`HTTP ${response.status}: ${response.text}`);
 		if (plans.length === 0) throw new Error("No workout programs found.");
 		if (!rawOutput) {
-			console.log("Pick a workout program:");
+			logPlain(formatHeading("Pick a workout program:"));
 			plans.forEach((plan, index) => {
-				console.log(`${index + 1}) ${formatWorkoutSummary(plan)}`);
+				logPlain(`${index + 1}) ${formatWorkoutSummary(plan)}`);
 			});
 		}
 		const answer = await askQuestion(`Enter number (1-${plans.length}): `);
@@ -2248,106 +2484,37 @@ async function handleWorkout(positionals, options) {
 		return;
 	}
 	if (action === "serve") {
-		const host = "127.0.0.1";
-		const port = 3e3;
-		const limit = 1;
-		const cacheTtlMs = 3e4;
-		const loadSummary = async () => {
-			const { text, payload, timezone } = await fetchWorkoutEventsPayload();
-			if (!Array.isArray(payload)) throw new Error(`Unexpected calendar response: ${text.slice(0, 200)}`);
-			const sorted = sortWorkoutEvents(filterWorkoutEvents(payload));
-			const bounded = limit > 0 ? sorted.slice(-limit) : sorted;
-			const programDetails = await buildProgramDetails(sorted);
-			const formatted = formatWorkoutEventsOutput(bounded, programDetails, {
-				timezone,
-				program: void 0,
-				workout: void 0
-			});
-			const summary = formatted.events[0];
-			const programUuid = summary?.program?.uuid ?? (bounded[0] && typeof bounded[0] === "object" ? bounded[0].program : void 0);
-			return {
-				formatted,
-				days: summarizeWorkoutProgramDays(programUuid ? programDetails[programUuid] : void 0),
-				summary,
-				timezone
-			};
-		};
-		let cached;
-		let summaryInFlight = null;
-		const getSummary = async (forceRefresh) => {
-			if (!forceRefresh && cached && Date.now() - cached.fetchedAt < cacheTtlMs) return cached.data;
-			if (!forceRefresh && summaryInFlight) return summaryInFlight;
-			const pending = loadSummary().finally(() => {
-				summaryInFlight = null;
-			});
-			summaryInFlight = pending;
-			const data = await pending;
-			cached = {
-				data,
-				fetchedAt: Date.now()
-			};
-			return data;
-		};
-		(0, node_http.createServer)(async (req, res) => {
-			try {
-				const url = new URL(req.url ?? "/", `http://${host}:${port}`);
-				const wantsRefresh = url.searchParams.get("refresh") === "1";
-				if (url.pathname === "/api/workout") {
-					const data$1 = await getSummary(wantsRefresh);
-					res.statusCode = 200;
-					res.setHeader("content-type", "application/json; charset=utf-8");
-					res.setHeader("cache-control", "no-store");
-					res.end(JSON.stringify(data$1.formatted, null, 2));
-					return;
-				}
-				if (url.pathname === "/favicon.ico") {
-					res.statusCode = 204;
-					res.end();
-					return;
-				}
-				if (url.pathname !== "/") {
-					res.statusCode = 404;
-					res.end("Not found");
-					return;
-				}
-				const data = await getSummary(wantsRefresh);
-				const dayParam = url.searchParams.get("day");
-				const selectedDayIndex = resolveSelectedDayIndex(data.days, data.summary?.workout_day?.day_index, data.summary?.workout_day?.day_label, dayParam);
-				const html = renderWorkoutPage({
-					summary: data.summary,
-					days: data.days,
-					selectedDayIndex,
-					timezone: data.timezone,
-					apiPath: "/api/workout",
-					refreshPath: "/?refresh=1",
-					isLatest: limit === 1
-				});
-				res.statusCode = 200;
-				res.setHeader("content-type", "text/html; charset=utf-8");
-				res.setHeader("cache-control", "no-store");
-				res.end(html);
-			} catch (error) {
-				res.statusCode = 500;
-				res.setHeader("content-type", "text/plain; charset=utf-8");
-				res.end(error instanceof Error ? error.message : "Server error");
-			}
-		}).listen(port, host, () => {
-			const cache = readWorkoutCache();
-			const freshConfig = readConfig();
-			const lastSync = cache?.updatedAt ?? "none";
-			const tokenExpiry = freshConfig.tokenExpiresAt ?? "unknown";
-			console.log(`Local workout server running at http://${host}:${port}`);
-			console.log(`JSON endpoint at http://${host}:${port}/api/workout`);
-			console.log(`Config: ${CONFIG_PATH}`);
-			console.log(`Last workout sync: ${lastSync}`);
-			console.log(`Token expiry: ${tokenExpiry}`);
-		});
+		await startWorkoutServer();
 		return;
 	}
 	if (action === "sync") {
-		const captured = await captureWorkoutsFromBrowser(options, config);
+		const authConfig = readAuthConfig();
+		const hasAuthConfig = !!authConfig && !!authConfig.password && (!!authConfig.email || !!authConfig.username);
+		const tokenUpdatedAt = config.tokenUpdatedAt ?? void 0;
+		const tokenExpiry = token && tokenUpdatedAt ? resolveTokenExpiry(token, tokenUpdatedAt) : null;
+		const hasValidToken = !!tokenExpiry && Date.now() < Date.parse(tokenExpiry);
+		let pendingAuth;
+		if (!hasValidToken && !hasAuthConfig) {
+			if (!process.stdin.isTTY) throw new Error("Missing auth credentials. Create ~/.config/kahunas/auth.json or run 'kahunas sync' in a terminal.");
+			const login = await askQuestion("Email or username: ", process.stderr);
+			if (!login) throw new Error("Missing email/username for login.");
+			const password = await askHiddenQuestion("Password: ", process.stderr);
+			if (!password) throw new Error("Missing password for login.");
+			const isEmail = login.includes("@");
+			pendingAuth = {
+				email: isEmail ? login : void 0,
+				username: isEmail ? void 0 : login,
+				password
+			};
+		}
+		const captured = await captureWorkoutsFromBrowser(options, config, pendingAuth);
 		const nextConfig = { ...config };
-		if (captured.token) nextConfig.token = captured.token;
+		if (captured.token) {
+			nextConfig.token = captured.token;
+			const tokenUpdatedAt$1 = (/* @__PURE__ */ new Date()).toISOString();
+			nextConfig.tokenUpdatedAt = tokenUpdatedAt$1;
+			nextConfig.tokenExpiresAt = resolveTokenExpiry(captured.token, tokenUpdatedAt$1) ?? null;
+		}
 		if (captured.csrfToken) nextConfig.csrfToken = captured.csrfToken;
 		if (captured.webBaseUrl) nextConfig.webBaseUrl = captured.webBaseUrl;
 		if (captured.cookieHeader) nextConfig.authCookie = captured.cookieHeader;
@@ -2362,6 +2529,13 @@ async function handleWorkout(positionals, options) {
 				path: WORKOUT_CACHE_PATH
 			}
 		}, null, 2));
+		if (pendingAuth && captured.token) {
+			writeAuthConfig(pendingAuth);
+			console.error(`Saved credentials to ${AUTH_PATH}`);
+		} else if (pendingAuth) console.error("Login was not detected; credentials were not saved.");
+		if (process.stdin.isTTY) {
+			if ((await askQuestion("Start the preview server now? (y/N): ", process.stderr)).toLowerCase().startsWith("y")) await startWorkoutServer();
+		}
 		return;
 	}
 	if (action !== "program") throw new Error(`Unknown workout action: ${action}`);
@@ -2408,8 +2582,7 @@ async function main() {
 	}
 }
 main().catch((error) => {
-	const message = error instanceof Error ? error.message : String(error);
-	console.error(message);
+	logError(error instanceof Error ? error.message : String(error));
 	process.exit(1);
 });
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kahunas-cli",
-  "version": "1.2.0",
+  "version": "1.4.0",
   "description": "",
   "main": "dist/cli.js",
   "bin": {
@@ -19,6 +19,7 @@
     "ai-screenshot.png"
   ],
   "dependencies": {
+    "picocolors": "^1.1.1",
     "playwright": "^1.49.1"
   },
   "devDependencies": {