mobbdev 1.1.40 → 1.1.41

package/dist/args/commands/upload_ai_blame.mjs

@@ -1371,15 +1371,141 @@ import { withFile } from "tmp-promise";
 import z26 from "zod";
 
 // src/commands/handleMobbLogin.ts
-import crypto from "crypto";
-import os from "os";
 import chalk2 from "chalk";
 import Debug6 from "debug";
-import open from "open";
 
-// src/constants.ts
+// src/utils/dirname.ts
+import fs from "fs";
+import path from "path";
+import { fileURLToPath } from "url";
+function getModuleRootDir() {
+  let manifestDir = getDirName();
+  for (let i = 0; i < 10; i++) {
+    const manifestPath = path.join(manifestDir, "package.json");
+    if (fs.existsSync(manifestPath)) {
+      return manifestDir;
+    }
+    manifestDir = path.join(manifestDir, "..");
+  }
+  throw new Error("Cannot locate package.json file");
+}
+function getDirName() {
+  if (typeof __filename !== "undefined") {
+    return path.dirname(__filename);
+  } else {
+    try {
+      const getImportMetaUrl = new Function("return import.meta.url");
+      const importMetaUrl = getImportMetaUrl();
+      return path.dirname(fileURLToPath(importMetaUrl));
+    } catch (e) {
+      try {
+        const err = new Error();
+        const stack = err.stack || "";
+        const match = stack.match(/file:\/\/[^\s)]+/);
+        if (match) {
+          const fileUrl = match[0];
+          return path.dirname(fileURLToPath(fileUrl));
+        }
+      } catch {
+      }
+      throw new Error("Unable to determine directory name in this environment");
+    }
+  }
+}
+
+// src/utils/keypress.ts
+import readline from "readline";
+async function keypress() {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  return new Promise((resolve) => {
+    rl.question("", (answer) => {
+      rl.close();
+      process.stderr.moveCursor(0, -1);
+      process.stderr.clearLine(1);
+      resolve(answer);
+    });
+  });
+}
+
+// src/utils/spinner.ts
+import {
+  createSpinner as _createSpinner
+} from "nanospinner";
+function printToStdError(opts) {
+  if (opts?.text) console.error(opts.text);
+}
+var mockSpinner = {
+  success: (opts) => {
+    printToStdError(opts);
+    return mockSpinner;
+  },
+  error: (opts) => {
+    printToStdError(opts);
+    return mockSpinner;
+  },
+  warn: (opts) => {
+    printToStdError(opts);
+    return mockSpinner;
+  },
+  stop: (opts) => {
+    printToStdError(opts);
+    return mockSpinner;
+  },
+  start: (opts) => {
+    printToStdError(opts);
+    return mockSpinner;
+  },
+  update: (opts) => {
+    printToStdError(opts);
+    return mockSpinner;
+  },
+  reset: () => mockSpinner,
+  clear: () => mockSpinner,
+  spin: () => mockSpinner
+};
+function Spinner({ ci = false } = {}) {
+  return {
+    createSpinner: (text, options) => ci ? mockSpinner : _createSpinner(text, options)
+  };
+}
+
+// src/utils/check_node_version.ts
 import fs2 from "fs";
 import path2 from "path";
+import semver from "semver";
+function getPackageJson() {
+  return JSON.parse(
+    fs2.readFileSync(path2.join(getModuleRootDir(), "package.json"), "utf8")
+  );
+}
+var packageJson = getPackageJson();
+if (!semver.satisfies(process.version, packageJson.engines.node)) {
+  console.error(
+    `
+\u26A0\uFE0F ${packageJson.name} requires node version ${packageJson.engines.node}, but running ${process.version}.`
+  );
+  process.exit(1);
+}
+
+// src/utils/gitUtils.ts
+import simpleGit from "simple-git";
+
+// src/utils/index.ts
+var sleep = (ms = 2e3) => new Promise((r) => setTimeout(r, ms));
+var CliError = class extends Error {
+};
+
+// src/commands/AuthManager.ts
+import crypto from "crypto";
+import os from "os";
+import open from "open";
+
+// src/constants.ts
+import fs3 from "fs";
+import path3 from "path";
 import chalk from "chalk";
 import Debug from "debug";
 import * as dotenv from "dotenv";
@@ -3481,56 +3607,17 @@ var ScmType = /* @__PURE__ */ ((ScmType2) => {
   return ScmType2;
 })(ScmType || {});
 
-// src/utils/dirname.ts
-import fs from "fs";
-import path from "path";
-import { fileURLToPath } from "url";
-function getModuleRootDir() {
-  let manifestDir = getDirName();
-  for (let i = 0; i < 10; i++) {
-    const manifestPath = path.join(manifestDir, "package.json");
-    if (fs.existsSync(manifestPath)) {
-      return manifestDir;
-    }
-    manifestDir = path.join(manifestDir, "..");
-  }
-  throw new Error("Cannot locate package.json file");
-}
-function getDirName() {
-  if (typeof __filename !== "undefined") {
-    return path.dirname(__filename);
-  } else {
-    try {
-      const getImportMetaUrl = new Function("return import.meta.url");
-      const importMetaUrl = getImportMetaUrl();
-      return path.dirname(fileURLToPath(importMetaUrl));
-    } catch (e) {
-      try {
-        const err = new Error();
-        const stack = err.stack || "";
-        const match = stack.match(/file:\/\/[^\s)]+/);
-        if (match) {
-          const fileUrl = match[0];
-          return path.dirname(fileURLToPath(fileUrl));
-        }
-      } catch {
-      }
-      throw new Error("Unable to determine directory name in this environment");
-    }
-  }
-}
-
 // src/constants.ts
 var debug = Debug("mobbdev:constants");
-var runtimeConfigPath = path2.join(
+var runtimeConfigPath = path3.join(
   getModuleRootDir(),
   "out",
   "runtime.config.json"
 );
-if (fs2.existsSync(runtimeConfigPath)) {
+if (fs3.existsSync(runtimeConfigPath)) {
   try {
     const runtimeConfig = JSON.parse(
-      fs2.readFileSync(runtimeConfigPath, "utf-8")
+      fs3.readFileSync(runtimeConfigPath, "utf-8")
     );
     Object.assign(process.env, runtimeConfig);
     debug("Loaded runtime config from %s", runtimeConfigPath);
@@ -3538,7 +3625,7 @@ if (fs2.existsSync(runtimeConfigPath)) {
     debug("Failed to load runtime config: %o", e);
   }
 }
-dotenv.config({ path: path2.join(getModuleRootDir(), ".env") });
+dotenv.config({ path: path3.join(getModuleRootDir(), ".env") });
 var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
 var DEFAULT_WEB_APP_URL = "https://app.mobb.ai";
 var scmFriendlyText = {
@@ -3635,91 +3722,6 @@ var ScanContext = {
   BUGSY: "BUGSY"
 };
 
-// src/utils/keypress.ts
-import readline from "readline";
-async function keypress() {
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout
-  });
-  return new Promise((resolve) => {
-    rl.question("", (answer) => {
-      rl.close();
-      process.stderr.moveCursor(0, -1);
-      process.stderr.clearLine(1);
-      resolve(answer);
-    });
-  });
-}
-
-// src/utils/spinner.ts
-import {
-  createSpinner as _createSpinner
-} from "nanospinner";
-function printToStdError(opts) {
-  if (opts?.text) console.error(opts.text);
-}
-var mockSpinner = {
-  success: (opts) => {
-    printToStdError(opts);
-    return mockSpinner;
-  },
-  error: (opts) => {
-    printToStdError(opts);
-    return mockSpinner;
-  },
-  warn: (opts) => {
-    printToStdError(opts);
-    return mockSpinner;
-  },
-  stop: (opts) => {
-    printToStdError(opts);
-    return mockSpinner;
-  },
-  start: (opts) => {
-    printToStdError(opts);
-    return mockSpinner;
-  },
-  update: (opts) => {
-    printToStdError(opts);
-    return mockSpinner;
-  },
-  reset: () => mockSpinner,
-  clear: () => mockSpinner,
-  spin: () => mockSpinner
-};
-function Spinner({ ci = false } = {}) {
-  return {
-    createSpinner: (text, options) => ci ? mockSpinner : _createSpinner(text, options)
-  };
-}
-
-// src/utils/check_node_version.ts
-import fs3 from "fs";
-import path3 from "path";
-import semver from "semver";
-function getPackageJson() {
-  return JSON.parse(
-    fs3.readFileSync(path3.join(getModuleRootDir(), "package.json"), "utf8")
-  );
-}
-var packageJson = getPackageJson();
-if (!semver.satisfies(process.version, packageJson.engines.node)) {
-  console.error(
-    `
-\u26A0\uFE0F ${packageJson.name} requires node version ${packageJson.engines.node}, but running ${process.version}.`
-  );
-  process.exit(1);
-}
-
-// src/utils/gitUtils.ts
-import simpleGit from "simple-git";
-
-// src/utils/index.ts
-var sleep = (ms = 2e3) => new Promise((r) => setTimeout(r, ms));
-var CliError = class extends Error {
-};
-
 // src/utils/subscribe/subscribe.ts
 import { createClient } from "graphql-ws";
 import WebsocketNode from "isomorphic-ws";
@@ -6493,10 +6495,174 @@ function getConfigStore() {
 }
 var configStore = getConfigStore();
 
-// src/commands/handleMobbLogin.ts
-var debug7 = Debug6("mobbdev:commands");
+// src/commands/AuthManager.ts
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
 var LOGIN_CHECK_DELAY = 5 * 1e3;
+var AuthManager = class {
+  constructor(webAppUrl, apiUrl) {
+    __publicField(this, "publicKey");
+    __publicField(this, "privateKey");
+    __publicField(this, "loginId");
+    __publicField(this, "gqlClient");
+    __publicField(this, "currentBrowserUrl");
+    __publicField(this, "authenticated", null);
+    __publicField(this, "resolvedWebAppUrl");
+    __publicField(this, "resolvedApiUrl");
+    this.resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
+    this.resolvedApiUrl = apiUrl || API_URL;
+  }
+  openUrlInBrowser() {
+    if (this.currentBrowserUrl) {
+      open(this.currentBrowserUrl);
+      return true;
+    }
+    return false;
+  }
+  async waitForAuthentication() {
+    let newApiToken = null;
+    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
+      newApiToken = await this.getApiToken();
+      if (newApiToken) {
+        break;
+      }
+      await sleep(LOGIN_CHECK_DELAY);
+    }
+    if (!newApiToken) {
+      return false;
+    }
+    this.gqlClient = new GQLClient({
+      apiKey: newApiToken,
+      type: "apiKey",
+      apiUrl: this.resolvedApiUrl
+    });
+    const loginSuccess = await this.gqlClient.validateUserToken();
+    if (loginSuccess) {
+      configStore.set("apiToken", newApiToken);
+      this.authenticated = true;
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Checks if the user is already authenticated
+   */
+  async isAuthenticated() {
+    if (this.authenticated === null) {
+      const result = await this.checkAuthentication();
+      this.authenticated = result.isAuthenticated;
+    }
+    return this.authenticated;
+  }
+  /**
+   * Private function to check if the user is authenticated with the server
+   */
+  async checkAuthentication(apiKey) {
+    try {
+      if (!this.gqlClient) {
+        this.gqlClient = this.getGQLClient(apiKey);
+      }
+      const isConnected = await this.gqlClient.verifyApiConnection();
+      if (!isConnected) {
+        return {
+          isAuthenticated: false,
+          message: "Failed to connect to Mobb server"
+        };
+      }
+      const userVerify = await this.gqlClient.validateUserToken();
+      if (!userVerify) {
+        return {
+          isAuthenticated: false,
+          message: "User token validation failed"
+        };
+      }
+    } catch (error) {
+      return {
+        isAuthenticated: false,
+        message: error instanceof Error ? error.message : "Unknown authentication error"
+      };
+    }
+    return { isAuthenticated: true, message: "Successfully authenticated" };
+  }
+  /**
+   * Generates a login URL for manual authentication
+   */
+  async generateLoginUrl(loginContext) {
+    try {
+      if (!this.gqlClient) {
+        this.gqlClient = this.getGQLClient();
+      }
+      const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
+        modulusLength: 2048
+      });
+      this.publicKey = publicKey;
+      this.privateKey = privateKey;
+      this.loginId = await this.gqlClient.createCliLogin({
+        publicKey: this.publicKey.export({ format: "pem", type: "pkcs1" }).toString()
+      });
+      const webLoginUrl = `${this.resolvedWebAppUrl}/cli-login`;
+      const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, this.loginId, os.hostname(), loginContext) : `${webLoginUrl}/${this.loginId}?hostname=${os.hostname()}`;
+      this.currentBrowserUrl = browserUrl;
+      return browserUrl;
+    } catch (error) {
+      console.error("Failed to generate login URL:", error);
+      return null;
+    }
+  }
+  /**
+   * Retrieves and decrypts the API token after authentication
+   */
+  async getApiToken() {
+    if (!this.gqlClient || !this.loginId || !this.privateKey) {
+      return null;
+    }
+    const encryptedApiToken = await this.gqlClient.getEncryptedApiToken({
+      loginId: this.loginId
+    });
+    if (encryptedApiToken) {
+      return crypto.privateDecrypt(
+        this.privateKey,
+        Buffer.from(encryptedApiToken, "base64")
+      ).toString("utf-8");
+    }
+    return null;
+  }
+  /**
+   * Gets the current GQL client (if authenticated)
+   */
+  getGQLClient(inputApiKey) {
+    if (this.gqlClient === void 0) {
+      this.gqlClient = new GQLClient({
+        apiKey: inputApiKey || configStore.get("apiToken") || "",
+        type: "apiKey",
+        apiUrl: this.resolvedApiUrl
+      });
+    }
+    return this.gqlClient;
+  }
+  /**
+   * Assigns a GQL client instance to the AuthManager, and resets auth state
+   * @param gqlClient The GQL client instance to set
+   */
+  setGQLClient(gqlClient) {
+    this.gqlClient = gqlClient;
+    this.cleanup();
+  }
+  /**
+   * Cleans up any active login session
+   */
+  cleanup() {
+    this.publicKey = void 0;
+    this.privateKey = void 0;
+    this.loginId = void 0;
+    this.authenticated = null;
+    this.currentBrowserUrl = null;
+  }
+};
+
+// src/commands/handleMobbLogin.ts
+var debug7 = Debug6("mobbdev:commands");
+var LOGIN_MAX_WAIT2 = 10 * 60 * 1e3;
+var LOGIN_CHECK_DELAY2 = 5 * 1e3;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk2.bgBlue(
   "press any key to continue"
 )};`;
@@ -6511,11 +6677,8 @@ async function getAuthenticatedGQLClient({
     apiUrl || "undefined",
     webAppUrl || "undefined"
   );
-  let gqlClient = new GQLClient({
-    apiKey: inputApiKey || configStore.get("apiToken") || "",
-    type: "apiKey",
-    apiUrl
-  });
+  const authManager = new AuthManager(webAppUrl, apiUrl);
+  let gqlClient = authManager.getGQLClient(inputApiKey);
   gqlClient = await handleMobbLogin({
     inGqlClient: gqlClient,
     skipPrompts: isSkipPrompts,
@@ -6532,35 +6695,28 @@ async function handleMobbLogin({
   webAppUrl,
   loginContext
 }) {
-  const resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
-  const resolvedApiUrl = apiUrl || API_URL;
   debug7(
     "handleMobbLogin: resolved URLs - apiUrl=%s (from param: %s), webAppUrl=%s (from param: %s)",
-    resolvedApiUrl,
     apiUrl || "fallback",
-    resolvedWebAppUrl,
+    apiUrl || "fallback",
+    webAppUrl || "fallback",
     webAppUrl || "fallback"
   );
   const { createSpinner } = Spinner({ ci: skipPrompts });
-  const isConnected = await inGqlClient.verifyApiConnection();
-  if (!isConnected) {
-    createSpinner().start().error({
-      text: "\u{1F513} Connection to Mobb: failed to connect to the Mobb server"
-    });
-    throw new CliError(
-      "Connection to Mobb: failed to connect to the Mobb server"
-    );
+  const authManager = new AuthManager(webAppUrl, apiUrl);
+  authManager.setGQLClient(inGqlClient);
+  try {
+    const isAuthenticated = await authManager.isAuthenticated();
+    if (isAuthenticated) {
+      createSpinner().start().success({
+        text: `\u{1F513} Login to Mobb succeeded. Already authenticated`
+      });
+      return authManager.getGQLClient();
+    }
+  } catch (error) {
+    debug7("Authentication check failed:", error);
   }
-  createSpinner().start().success({
-    text: `\u{1F513} Connection to Mobb: succeeded`
-  });
-  const userVerify = await inGqlClient.validateUserToken();
-  if (userVerify) {
-    createSpinner().start().success({
-      text: `\u{1F513} Login to Mobb succeeded. ${typeof userVerify === "string" ? `Logged in as ${userVerify}` : ""}`
-    });
-    return inGqlClient;
-  } else if (apiKey) {
+  if (apiKey) {
     createSpinner().start().error({
       text: "\u{1F513} Login to Mobb failed: The provided API key does not match any configured API key on the system"
     });
@@ -6576,57 +6732,32 @@ async function handleMobbLogin({
   loginSpinner.update({
     text: "\u{1F513} Waiting for Mobb login..."
   });
-  const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
-    modulusLength: 2048
-  });
-  const loginId = await inGqlClient.createCliLogin({
-    publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
-  });
-  const webLoginUrl = `${resolvedWebAppUrl}/cli-login`;
-  const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, loginId, os.hostname(), loginContext) : `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
-  !skipPrompts && console.log(
-    `If the page does not open automatically, kindly access it through ${browserUrl}.`
-  );
-  await open(browserUrl);
-  let newApiToken = null;
-  for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
-    const encryptedApiToken = await inGqlClient.getEncryptedApiToken({
-      loginId
-    });
-    loginSpinner.spin();
-    if (encryptedApiToken) {
-      debug7("encrypted API token received %s", encryptedApiToken);
-      newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
-      debug7("API token decrypted");
-      break;
+  try {
+    const loginUrl = await authManager.generateLoginUrl(loginContext);
+    if (!loginUrl) {
+      loginSpinner.error({
+        text: "Failed to generate login URL"
+      });
+      throw new CliError("Failed to generate login URL");
+    }
+    !skipPrompts && console.log(
+      `If the page does not open automatically, kindly access it through ${loginUrl}.`
+    );
+    authManager.openUrlInBrowser();
+    const authSuccess = await authManager.waitForAuthentication();
+    if (!authSuccess) {
+      loginSpinner.error({
+        text: "Login timeout error"
+      });
+      throw new CliError("Login timeout error");
     }
-    await sleep(LOGIN_CHECK_DELAY);
-  }
-  if (!newApiToken) {
-    loginSpinner.error({
-      text: "Login timeout error"
-    });
-    throw new CliError();
-  }
-  const newGqlClient = new GQLClient({
-    apiKey: newApiToken,
-    type: "apiKey",
-    apiUrl: resolvedApiUrl
-  });
-  const loginSuccess = await newGqlClient.validateUserToken();
-  if (loginSuccess) {
-    debug7(`set api token ${newApiToken}`);
-    configStore.set("apiToken", newApiToken);
     loginSpinner.success({
-      text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
-    });
-  } else {
-    loginSpinner.error({
-      text: "Something went wrong, API token is invalid."
+      text: `\u{1F513} Login to Mobb successful!`
     });
-    throw new CliError();
+    return authManager.getGQLClient();
+  } finally {
+    authManager.cleanup();
   }
-  return newGqlClient;
 }
 
 // src/args/commands/upload_ai_blame.ts

package/dist/index.mjs

@@ -11587,10 +11587,12 @@ import tmp2 from "tmp";
 import { z as z29 } from "zod";
 
 // src/commands/handleMobbLogin.ts
-import crypto from "crypto";
-import os from "os";
 import chalk3 from "chalk";
 import Debug6 from "debug";
+
+// src/commands/AuthManager.ts
+import crypto from "crypto";
+import os from "os";
 import open from "open";
 
 // src/features/analysis/graphql/gql.ts
@@ -12346,10 +12348,174 @@ function getConfigStore() {
 }
 var configStore = getConfigStore();
 
-// src/commands/handleMobbLogin.ts
-var debug7 = Debug6("mobbdev:commands");
+// src/commands/AuthManager.ts
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
 var LOGIN_CHECK_DELAY = 5 * 1e3;
+var AuthManager = class {
+  constructor(webAppUrl, apiUrl) {
+    __publicField(this, "publicKey");
+    __publicField(this, "privateKey");
+    __publicField(this, "loginId");
+    __publicField(this, "gqlClient");
+    __publicField(this, "currentBrowserUrl");
+    __publicField(this, "authenticated", null);
+    __publicField(this, "resolvedWebAppUrl");
+    __publicField(this, "resolvedApiUrl");
+    this.resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
+    this.resolvedApiUrl = apiUrl || API_URL;
+  }
+  openUrlInBrowser() {
+    if (this.currentBrowserUrl) {
+      open(this.currentBrowserUrl);
+      return true;
+    }
+    return false;
+  }
+  async waitForAuthentication() {
+    let newApiToken = null;
+    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
+      newApiToken = await this.getApiToken();
+      if (newApiToken) {
+        break;
+      }
+      await sleep(LOGIN_CHECK_DELAY);
+    }
+    if (!newApiToken) {
+      return false;
+    }
+    this.gqlClient = new GQLClient({
+      apiKey: newApiToken,
+      type: "apiKey",
+      apiUrl: this.resolvedApiUrl
+    });
+    const loginSuccess = await this.gqlClient.validateUserToken();
+    if (loginSuccess) {
+      configStore.set("apiToken", newApiToken);
+      this.authenticated = true;
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Checks if the user is already authenticated
+   */
+  async isAuthenticated() {
+    if (this.authenticated === null) {
+      const result = await this.checkAuthentication();
+      this.authenticated = result.isAuthenticated;
+    }
+    return this.authenticated;
+  }
+  /**
+   * Private function to check if the user is authenticated with the server
+   */
+  async checkAuthentication(apiKey) {
+    try {
+      if (!this.gqlClient) {
+        this.gqlClient = this.getGQLClient(apiKey);
+      }
+      const isConnected = await this.gqlClient.verifyApiConnection();
+      if (!isConnected) {
+        return {
+          isAuthenticated: false,
+          message: "Failed to connect to Mobb server"
+        };
+      }
+      const userVerify = await this.gqlClient.validateUserToken();
+      if (!userVerify) {
+        return {
+          isAuthenticated: false,
+          message: "User token validation failed"
+        };
+      }
+    } catch (error) {
+      return {
+        isAuthenticated: false,
+        message: error instanceof Error ? error.message : "Unknown authentication error"
+      };
+    }
+    return { isAuthenticated: true, message: "Successfully authenticated" };
+  }
+  /**
+   * Generates a login URL for manual authentication
+   */
+  async generateLoginUrl(loginContext) {
+    try {
+      if (!this.gqlClient) {
+        this.gqlClient = this.getGQLClient();
+      }
+      const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
+        modulusLength: 2048
+      });
+      this.publicKey = publicKey;
+      this.privateKey = privateKey;
+      this.loginId = await this.gqlClient.createCliLogin({
+        publicKey: this.publicKey.export({ format: "pem", type: "pkcs1" }).toString()
+      });
+      const webLoginUrl = `${this.resolvedWebAppUrl}/cli-login`;
+      const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, this.loginId, os.hostname(), loginContext) : `${webLoginUrl}/${this.loginId}?hostname=${os.hostname()}`;
+      this.currentBrowserUrl = browserUrl;
+      return browserUrl;
+    } catch (error) {
+      console.error("Failed to generate login URL:", error);
+      return null;
+    }
+  }
+  /**
+   * Retrieves and decrypts the API token after authentication
+   */
+  async getApiToken() {
+    if (!this.gqlClient || !this.loginId || !this.privateKey) {
+      return null;
+    }
+    const encryptedApiToken = await this.gqlClient.getEncryptedApiToken({
+      loginId: this.loginId
+    });
+    if (encryptedApiToken) {
+      return crypto.privateDecrypt(
+        this.privateKey,
+        Buffer.from(encryptedApiToken, "base64")
+      ).toString("utf-8");
+    }
+    return null;
+  }
+  /**
+   * Gets the current GQL client (if authenticated)
+   */
+  getGQLClient(inputApiKey) {
+    if (this.gqlClient === void 0) {
+      this.gqlClient = new GQLClient({
+        apiKey: inputApiKey || configStore.get("apiToken") || "",
+        type: "apiKey",
+        apiUrl: this.resolvedApiUrl
+      });
+    }
+    return this.gqlClient;
+  }
+  /**
+   * Assigns a GQL client instance to the AuthManager, and resets auth state
+   * @param gqlClient The GQL client instance to set
+   */
+  setGQLClient(gqlClient) {
+    this.gqlClient = gqlClient;
+    this.cleanup();
+  }
+  /**
+   * Cleans up any active login session
+   */
+  cleanup() {
+    this.publicKey = void 0;
+    this.privateKey = void 0;
+    this.loginId = void 0;
+    this.authenticated = null;
+    this.currentBrowserUrl = null;
+  }
+};
+
+// src/commands/handleMobbLogin.ts
+var debug7 = Debug6("mobbdev:commands");
+var LOGIN_MAX_WAIT2 = 10 * 60 * 1e3;
+var LOGIN_CHECK_DELAY2 = 5 * 1e3;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk3.bgBlue(
   "press any key to continue"
 )};`;
@@ -12364,11 +12530,8 @@ async function getAuthenticatedGQLClient({
     apiUrl || "undefined",
     webAppUrl || "undefined"
   );
-  let gqlClient = new GQLClient({
-    apiKey: inputApiKey || configStore.get("apiToken") || "",
-    type: "apiKey",
-    apiUrl
-  });
+  const authManager = new AuthManager(webAppUrl, apiUrl);
+  let gqlClient = authManager.getGQLClient(inputApiKey);
   gqlClient = await handleMobbLogin({
     inGqlClient: gqlClient,
     skipPrompts: isSkipPrompts,
@@ -12385,35 +12548,28 @@ async function handleMobbLogin({
   webAppUrl,
   loginContext
 }) {
-  const resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
-  const resolvedApiUrl = apiUrl || API_URL;
   debug7(
     "handleMobbLogin: resolved URLs - apiUrl=%s (from param: %s), webAppUrl=%s (from param: %s)",
-    resolvedApiUrl,
     apiUrl || "fallback",
-    resolvedWebAppUrl,
+    apiUrl || "fallback",
+    webAppUrl || "fallback",
     webAppUrl || "fallback"
   );
   const { createSpinner: createSpinner5 } = Spinner({ ci: skipPrompts });
-  const isConnected = await inGqlClient.verifyApiConnection();
-  if (!isConnected) {
-    createSpinner5().start().error({
-      text: "\u{1F513} Connection to Mobb: failed to connect to the Mobb server"
-    });
-    throw new CliError(
-      "Connection to Mobb: failed to connect to the Mobb server"
-    );
+  const authManager = new AuthManager(webAppUrl, apiUrl);
+  authManager.setGQLClient(inGqlClient);
+  try {
+    const isAuthenticated = await authManager.isAuthenticated();
+    if (isAuthenticated) {
+      createSpinner5().start().success({
+        text: `\u{1F513} Login to Mobb succeeded. Already authenticated`
+      });
+      return authManager.getGQLClient();
+    }
+  } catch (error) {
+    debug7("Authentication check failed:", error);
   }
-  createSpinner5().start().success({
-    text: `\u{1F513} Connection to Mobb: succeeded`
-  });
-  const userVerify = await inGqlClient.validateUserToken();
-  if (userVerify) {
-    createSpinner5().start().success({
-      text: `\u{1F513} Login to Mobb succeeded. ${typeof userVerify === "string" ? `Logged in as ${userVerify}` : ""}`
-    });
-    return inGqlClient;
-  } else if (apiKey) {
+  if (apiKey) {
     createSpinner5().start().error({
       text: "\u{1F513} Login to Mobb failed: The provided API key does not match any configured API key on the system"
     });
@@ -12429,57 +12585,32 @@ async function handleMobbLogin({
   loginSpinner.update({
     text: "\u{1F513} Waiting for Mobb login..."
   });
-  const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
-    modulusLength: 2048
-  });
-  const loginId = await inGqlClient.createCliLogin({
-    publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
-  });
-  const webLoginUrl = `${resolvedWebAppUrl}/cli-login`;
-  const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, loginId, os.hostname(), loginContext) : `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
-  !skipPrompts && console.log(
-    `If the page does not open automatically, kindly access it through ${browserUrl}.`
-  );
-  await open(browserUrl);
-  let newApiToken = null;
-  for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
-    const encryptedApiToken = await inGqlClient.getEncryptedApiToken({
-      loginId
-    });
-    loginSpinner.spin();
-    if (encryptedApiToken) {
-      debug7("encrypted API token received %s", encryptedApiToken);
-      newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
-      debug7("API token decrypted");
-      break;
+  try {
+    const loginUrl = await authManager.generateLoginUrl(loginContext);
+    if (!loginUrl) {
+      loginSpinner.error({
+        text: "Failed to generate login URL"
+      });
+      throw new CliError("Failed to generate login URL");
+    }
+    !skipPrompts && console.log(
+      `If the page does not open automatically, kindly access it through ${loginUrl}.`
+    );
+    authManager.openUrlInBrowser();
+    const authSuccess = await authManager.waitForAuthentication();
+    if (!authSuccess) {
+      loginSpinner.error({
+        text: "Login timeout error"
+      });
+      throw new CliError("Login timeout error");
     }
-    await sleep(LOGIN_CHECK_DELAY);
-  }
-  if (!newApiToken) {
-    loginSpinner.error({
-      text: "Login timeout error"
-    });
-    throw new CliError();
-  }
-  const newGqlClient = new GQLClient({
-    apiKey: newApiToken,
-    type: "apiKey",
-    apiUrl: resolvedApiUrl
-  });
-  const loginSuccess = await newGqlClient.validateUserToken();
-  if (loginSuccess) {
-    debug7(`set api token ${newApiToken}`);
-    configStore.set("apiToken", newApiToken);
     loginSpinner.success({
-      text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
-    });
-  } else {
-    loginSpinner.error({
-      text: "Something went wrong, API token is invalid."
+      text: `\u{1F513} Login to Mobb successful!`
     });
-    throw new CliError();
+    return authManager.getGQLClient();
+  } finally {
+    authManager.cleanup();
   }
-  return newGqlClient;
 }
 
 // src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
@@ -14046,7 +14177,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
       `If the page does not open automatically, kindly access it through ${scmAuthUrl2}.`
     );
     await open3(scmAuthUrl2);
-    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
+    for (let i = 0; i < LOGIN_MAX_WAIT2 / LOGIN_CHECK_DELAY2; i++) {
       const userInfo2 = await gqlClient.getUserInfo();
       if (!userInfo2) {
         throw new CliError2("User info not found");
@@ -14065,7 +14196,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
         return tokenInfo2.accessToken;
       }
       scmSpinner.spin();
-      await sleep(LOGIN_CHECK_DELAY);
+      await sleep(LOGIN_CHECK_DELAY2);
     }
     scmSpinner.error({
       text: `${scmName} login timeout error`

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.1.40",
+  "version": "1.1.41",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",