nexusforge-cli 1.0.0

package/src/services/auth.ts

@@ -0,0 +1,222 @@
+/**
+ * NexusForge CLI Authentication Service
+ *
+ * Handles device authorization flow (like Claude Code):
+ * 1. CLI requests device code
+ * 2. CLI displays verification URL
+ * 3. User opens URL in browser and authorizes
+ * 4. CLI polls for authorization
+ * 5. CLI saves token on success
+ */
+
+import open from 'open';
+import ora from 'ora';
+import { style, displaySystemMessage } from '../utils/theme.js';
+import * as config from '../utils/config.js';
+import type { DeviceCodeResponse, DeviceAuthStatus } from '../types/index.js';
+
+const POLL_INTERVAL_MS = 5000; // 5 seconds
+const MAX_POLL_ATTEMPTS = 180; // 15 minutes max
+
+/**
+ * Start the device authorization flow
+ */
+export async function startDeviceAuth(): Promise<boolean> {
+  const apiUrl = config.getApiUrl();
+
+  console.log('');
+  displaySystemMessage('Starting authentication...', 'info');
+  console.log('');
+
+  try {
+    // Step 1: Request device code
+    const deviceCodeResponse = await requestDeviceCode(apiUrl);
+
+    // Step 2: Display verification URL
+    console.log(style.divider());
+    console.log('');
+    console.log(style.assistant('  To authenticate, open this URL in your browser:'));
+    console.log('');
+    console.log(style.prompt(`  ${deviceCodeResponse.verification_uri_complete}`));
+    console.log('');
+    console.log(style.muted(`  Or go to ${deviceCodeResponse.verification_uri}`));
+    console.log(style.muted(`  and enter code: ${style.prompt(deviceCodeResponse.user_code)}`));
+    console.log('');
+    console.log(style.divider());
+    console.log('');
+
+    // Try to open browser automatically
+    try {
+      await open(deviceCodeResponse.verification_uri_complete);
+      displaySystemMessage('Browser opened automatically', 'info');
+    } catch {
+      displaySystemMessage('Could not open browser. Please copy the URL above.', 'warning');
+    }
+
+    console.log('');
+
+    // Step 3: Poll for authorization
+    const spinner = ora({
+      text: 'Waiting for authorization...',
+      color: 'cyan',
+    }).start();
+
+    const authResult = await pollForAuthorization(
+      apiUrl,
+      deviceCodeResponse.device_code,
+      deviceCodeResponse.interval * 1000,
+      spinner,
+    );
+
+    if (authResult) {
+      spinner.succeed(style.success('Authenticated successfully!'));
+
+      // Save auth data
+      config.saveAuth({
+        accessToken: authResult.access_token!,
+        refreshToken: authResult.refresh_token,
+        userId: authResult.user?.id,
+        username: authResult.user?.username,
+        email: authResult.user?.email,
+      });
+
+      console.log('');
+      displaySystemMessage(`Welcome, ${authResult.user?.username || 'user'}!`, 'success');
+      console.log('');
+
+      return true;
+    } else {
+      spinner.fail(style.error('Authentication failed or timed out'));
+      return false;
+    }
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+    displaySystemMessage(`Authentication error: ${errorMessage}`, 'error');
+    return false;
+  }
+}
+
+/**
+ * Request a device code from the API
+ */
+async function requestDeviceCode(apiUrl: string): Promise<DeviceCodeResponse> {
+  const response = await fetch(`${apiUrl}/cli/auth/device`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify({ client_id: 'nexusforge-cli' }),
+  });
+
+  if (!response.ok) {
+    throw new Error(`Failed to get device code: ${response.statusText}`);
+  }
+
+  return response.json() as Promise<DeviceCodeResponse>;
+}
+
+/**
+ * Poll for authorization status
+ */
+async function pollForAuthorization(
+  apiUrl: string,
+  deviceCode: string,
+  intervalMs: number,
+  spinner: ReturnType<typeof ora>,
+): Promise<DeviceAuthStatus | null> {
+  let attempts = 0;
+
+  while (attempts < MAX_POLL_ATTEMPTS) {
+    attempts++;
+
+    await sleep(intervalMs);
+
+    try {
+      const response = await fetch(`${apiUrl}/cli/auth/device/${deviceCode}`);
+
+      if (!response.ok) {
+        continue;
+      }
+
+      const status = await response.json() as DeviceAuthStatus;
+
+      switch (status.status) {
+        case 'authorized':
+          return status;
+
+        case 'denied':
+          spinner.fail(style.error('Authorization denied by user'));
+          return null;
+
+        case 'expired':
+          spinner.fail(style.error('Authorization code expired'));
+          return null;
+
+        case 'pending':
+          // Keep polling
+          spinner.text = `Waiting for authorization... (${Math.floor(attempts * intervalMs / 1000)}s)`;
+          break;
+      }
+    } catch {
+      // Network error, keep trying
+      spinner.text = 'Waiting for authorization... (connection issue, retrying)';
+    }
+  }
+
+  return null;
+}
+
+/**
+ * Check if current token is valid
+ */
+export async function checkAuth(): Promise<boolean> {
+  const token = config.getAccessToken();
+
+  if (!token) {
+    return false;
+  }
+
+  const apiUrl = config.getApiUrl();
+
+  try {
+    // Try to get user info with current token
+    const response = await fetch(`${apiUrl}/auth/me`, {
+      headers: {
+        Authorization: `Bearer ${token}`,
+      },
+    });
+
+    return response.ok;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Logout - clear stored credentials
+ */
+export function logout(): void {
+  config.clearAuth();
+  displaySystemMessage('Logged out successfully', 'success');
+}
+
+/**
+ * Get current user info
+ */
+export function getCurrentUser(): { username?: string; email?: string } | null {
+  if (!config.isAuthenticated()) {
+    return null;
+  }
+
+  return {
+    username: config.get('username'),
+    email: config.get('email'),
+  };
+}
+
+/**
+ * Sleep helper
+ */
+function sleep(ms: number): Promise<void> {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}

package/src/services/executor.ts

@@ -0,0 +1,250 @@
+/**
+ * NexusForge CLI Command Executor
+ *
+ * Executes shell commands and streams output.
+ * Provides Claude Code-like command execution capabilities.
+ */
+
+import { spawn, exec } from 'child_process';
+import { promisify } from 'util';
+import { style, displaySystemMessage } from '../utils/theme.js';
+import * as api from './api.js';
+import type { CommandResult } from '../types/index.js';
+
+const execAsync = promisify(exec);
+
+// Dangerous commands that should be blocked or warned
+const DANGEROUS_COMMANDS = [
+  'rm -rf /',
+  'rm -rf ~',
+  'rm -rf *',
+  'mkfs',
+  ':(){:|:&};:',
+  'dd if=/dev/zero',
+  'chmod -R 777 /',
+  '> /dev/sda',
+];
+
+const DANGEROUS_PATTERNS = [
+  /rm\s+-rf\s+\/(?!\w)/,
+  /curl.*\|.*(?:bash|sh)/,
+  /wget.*\|.*(?:bash|sh)/,
+  />\s*\/dev\/sd/,
+];
+
+/**
+ * Check if a command is potentially dangerous
+ */
+export function isDangerous(command: string): boolean {
+  const normalizedCmd = command.toLowerCase().trim();
+
+  // Check exact matches
+  if (DANGEROUS_COMMANDS.some((dangerous) => normalizedCmd.includes(dangerous))) {
+    return true;
+  }
+
+  // Check patterns
+  return DANGEROUS_PATTERNS.some((pattern) => pattern.test(command));
+}
+
+/**
+ * Execute a command and return the result
+ */
+export async function executeCommand(
+  command: string,
+  cwd?: string,
+): Promise<CommandResult> {
+  const startTime = Date.now();
+  const workingDir = cwd || process.cwd();
+
+  try {
+    const { stdout, stderr } = await execAsync(command, {
+      cwd: workingDir,
+      timeout: 300000, // 5 minute timeout
+      maxBuffer: 10 * 1024 * 1024, // 10MB buffer
+    });
+
+    const duration = Date.now() - startTime;
+
+    // Log to API (fire and forget)
+    api.logCommandExecution({
+      command,
+      workingDirectory: workingDir,
+      exitCode: 0,
+      output: stdout.substring(0, 1000),
+      duration,
+    }).catch(() => {});
+
+    return {
+      command,
+      exitCode: 0,
+      stdout,
+      stderr,
+      duration,
+    };
+  } catch (error: unknown) {
+    const duration = Date.now() - startTime;
+    const execError = error as { code?: number; stdout?: string; stderr?: string };
+
+    // Log to API
+    api.logCommandExecution({
+      command,
+      workingDirectory: workingDir,
+      exitCode: execError.code || 1,
+      output: execError.stderr?.substring(0, 1000),
+      duration,
+    }).catch(() => {});
+
+    return {
+      command,
+      exitCode: execError.code || 1,
+      stdout: execError.stdout || '',
+      stderr: execError.stderr || (error instanceof Error ? error.message : 'Unknown error'),
+      duration,
+    };
+  }
+}
+
+/**
+ * Execute a command with streaming output
+ */
+export async function executeCommandStream(
+  command: string,
+  cwd?: string,
+  onStdout?: (data: string) => void,
+  onStderr?: (data: string) => void,
+): Promise<CommandResult> {
+  const startTime = Date.now();
+  const workingDir = cwd || process.cwd();
+
+  return new Promise((resolve) => {
+    // Determine shell based on platform
+    const shell = process.platform === 'win32' ? 'cmd.exe' : '/bin/bash';
+    const shellArgs = process.platform === 'win32' ? ['/c', command] : ['-c', command];
+
+    const child = spawn(shell, shellArgs, {
+      cwd: workingDir,
+      env: process.env,
+    });
+
+    let stdout = '';
+    let stderr = '';
+
+    child.stdout.on('data', (data: Buffer) => {
+      const text = data.toString();
+      stdout += text;
+      if (onStdout) {
+        onStdout(text);
+      }
+    });
+
+    child.stderr.on('data', (data: Buffer) => {
+      const text = data.toString();
+      stderr += text;
+      if (onStderr) {
+        onStderr(text);
+      }
+    });
+
+    child.on('close', (code) => {
+      const duration = Date.now() - startTime;
+      const exitCode = code ?? 0;
+
+      // Log to API
+      api.logCommandExecution({
+        command,
+        workingDirectory: workingDir,
+        exitCode,
+        output: stdout.substring(0, 1000),
+        duration,
+      }).catch(() => {});
+
+      resolve({
+        command,
+        exitCode,
+        stdout,
+        stderr,
+        duration,
+      });
+    });
+
+    child.on('error', (error) => {
+      const duration = Date.now() - startTime;
+
+      resolve({
+        command,
+        exitCode: 1,
+        stdout: '',
+        stderr: error.message,
+        duration,
+      });
+    });
+  });
+}
+
+/**
+ * Display command result in terminal
+ */
+export function displayCommandResult(result: CommandResult): void {
+  console.log('');
+  console.log(style.muted(`$ ${result.command}`));
+  console.log('');
+
+  if (result.stdout) {
+    console.log(result.stdout);
+  }
+
+  if (result.stderr && result.exitCode !== 0) {
+    console.log(style.error(result.stderr));
+  }
+
+  const statusColor = result.exitCode === 0 ? 'success' : 'error';
+  displaySystemMessage(
+    `Exit code: ${result.exitCode} (${result.duration}ms)`,
+    statusColor,
+  );
+  console.log('');
+}
+
+/**
+ * Parse AI response for executable commands
+ */
+export function parseCommandsFromResponse(content: string): string[] {
+  const commands: string[] = [];
+
+  // Match code blocks with bash/shell/sh language
+  const codeBlockRegex = /```(?:bash|shell|sh|zsh|terminal)\n([\s\S]*?)```/g;
+  let match;
+
+  while ((match = codeBlockRegex.exec(content)) !== null) {
+    const code = match[1].trim();
+    // Split by newlines and filter empty lines
+    const lines = code.split('\n').filter((line) => {
+      const trimmed = line.trim();
+      // Skip comments and empty lines
+      return trimmed && !trimmed.startsWith('#');
+    });
+    commands.push(...lines);
+  }
+
+  return commands;
+}
+
+/**
+ * Get current working directory
+ */
+export function getCwd(): string {
+  return process.cwd();
+}
+
+/**
+ * Change working directory
+ */
+export function changeCwd(path: string): boolean {
+  try {
+    process.chdir(path);
+    return true;
+  } catch {
+    return false;
+  }
+}

package/src/types/index.ts

@@ -0,0 +1,104 @@
+/**
+ * NexusForge CLI Type Definitions
+ */
+
+// Configuration stored in ~/.nexusforge/config.json
+export interface CLIConfig {
+  apiUrl: string;
+  accessToken?: string;
+  refreshToken?: string;
+  userId?: number;
+  username?: string;
+  email?: string;
+  defaultModel: string;
+  theme: 'dark' | 'light';
+  autoExecute: boolean;
+}
+
+// Device authorization flow
+export interface DeviceCodeResponse {
+  device_code: string;
+  user_code: string;
+  verification_uri: string;
+  verification_uri_complete: string;
+  expires_in: number;
+  interval: number;
+}
+
+export interface DeviceAuthStatus {
+  status: 'pending' | 'authorized' | 'expired' | 'denied';
+  access_token?: string;
+  refresh_token?: string;
+  token_type?: string;
+  expires_in?: number;
+  user?: {
+    id: number;
+    username: string;
+    email: string;
+  };
+}
+
+// Session management
+export interface CLISession {
+  session_id: string;
+  session_token: string;
+  conversation_id: string;
+  expires_at: string;
+  user_id: number;
+  sync_command: string;
+}
+
+// Chat messages
+export interface ChatMessage {
+  role: 'user' | 'assistant' | 'system';
+  content: string;
+  timestamp?: string;
+}
+
+export interface ChatResponse {
+  conversation_id: string;
+  message: ChatMessage;
+  suggested_actions?: SuggestedAction[];
+}
+
+// Suggested actions from AI
+export interface SuggestedAction {
+  type: 'command' | 'file_edit' | 'file_create' | 'file_read';
+  description: string;
+  command?: string;
+  path?: string;
+  content?: string;
+  diff?: string;
+}
+
+// File context for AI
+export interface FileContext {
+  path: string;
+  content: string;
+  language?: string;
+}
+
+// WebSocket message types
+export interface WSMessage {
+  type: 'message' | 'chunk' | 'done' | 'error' | 'ping' | 'pong';
+  content?: string;
+  conversation_id?: string;
+  message?: string;
+}
+
+// Slash command
+export interface SlashCommand {
+  name: string;
+  description: string;
+  aliases?: string[];
+  handler: (args: string[]) => Promise<void>;
+}
+
+// Command execution result
+export interface CommandResult {
+  command: string;
+  exitCode: number;
+  stdout: string;
+  stderr: string;
+  duration: number;
+}