nolo-cli 0.1.12 → 0.1.13

package/README.md

@@ -62,6 +62,20 @@ nolo whoami
 nolo
 ```
 
+By default, `nolo login` opens the Nolo website and waits for browser
+authorization. In SSH or browserless environments, use:
+
+```bash
+nolo login --no-browser
+```
+
+Then open the printed URL on a logged-in browser. Automation can still save a
+token directly:
+
+```bash
+nolo login --server https://nolo.chat --token <token>
+```
+
 Local repo development can still use the script bridge without `AUTH_TOKEN`.
 
 Inside the TUI, `/update` is the shortcut for the same global `nolo update`
@@ -171,3 +185,34 @@ Future product-direction examples for the broader TUI command model:
 
 See [`docs/nolo-cli-tui.md`](../../docs/nolo-cli-tui.md) for the product and
 technical direction.
+
+## Building for Publish
+
+The CLI is developed in a monorepo with workspace dependencies (`ai` and
+`connector-experimental`). To generate a publish-safe package that can be
+installed via npm outside the monorepo:
+
+```bash
+bun run build:publish
+```
+
+This creates a `dist/` directory with:
+- All source files from the `files` array in package.json
+- Inlined workspace dependencies (copied as nested directories)
+- A modified package.json with workspace dependencies stripped
+
+The `dist/` directory can be published to npm:
+
+```bash
+cd dist
+npm publish
+```
+
+Key differences between repo-local and published versions:
+- **Repo-local**: Runs from source (`packages/cli/index.ts`) with workspace
+  dependencies resolved by the monorepo
+- **Published**: Runs from dist (`dist/index.ts`) with workspace dependencies
+  inlined as nested directories
+
+Both versions use the same Bun runtime and TypeScript source files. The build
+process does not transpile; it only restructures the package for standalone use.

package/agentRuntimeCommands.ts

@@ -286,6 +286,7 @@ export async function runAgentBindCurrentCommand(
           ? existing.runtimeBinding
           : {}),
         machineId: machine.machineId,
+        ownerUserId: userId,
       },
       updatedAt: Date.now(),
     };
@@ -356,6 +357,7 @@ export async function runAgentSmokeCurrentCommand(
             ? existing.runtimeBinding
             : {}),
           machineId: machine.machineId,
+          ownerUserId: userId,
         },
         updatedAt: Date.now(),
       },

package/ai/agent/agentSlice.ts

@@ -0,0 +1,2 @@
+import { ulid } from "ulid";
+export const createAgent = () => ({ id: ulid() });

package/ai/agent.ts

@@ -0,0 +1,2 @@
+import { ulid } from "ulid";
+export const createAgent = () => ({ id: ulid() });

package/ai/index.ts

@@ -0,0 +1 @@
+export const test = 1;

package/authCommands.ts

@@ -1,6 +1,7 @@
 import { createInterface } from "node:readline/promises";
 import { stdin as input, stdout as output } from "node:process";
 import { rmSync } from "node:fs";
+import { spawn } from "node:child_process";
 
 import {
   getCurrentProfile,
@@ -8,40 +9,203 @@ import {
   loadProfileConfig,
   saveDefaultProfile,
 } from "./client/profileConfig";
+import { DEFAULT_NOLO_SERVER_URL } from "./defaultServer";
 
 function getArg(args: string[], flag: string) {
   const index = args.indexOf(flag);
   return index >= 0 ? args[index + 1] : undefined;
 }
 
-export async function runLoginCommand(args: string[]) {
-  const configPath = getDefaultProfileConfigPath();
-  const serverArg = getArg(args, "--server");
-  const tokenArg = getArg(args, "--token");
-  const rl = createInterface({ input, output });
+type LoginCommandDeps = {
+  configPath?: string;
+  fetchImpl?: typeof fetch;
+  openBrowser?: (url: string) => Promise<boolean> | boolean;
+  sleep?: (ms: number) => Promise<void>;
+  now?: () => number;
+  question?: (prompt: string) => Promise<string>;
+  output?: Pick<Console, "log">;
+  error?: Pick<Console, "error">;
+};
+
+const postJson = async (
+  fetchImpl: typeof fetch,
+  url: string,
+  body: Record<string, unknown>
+) =>
+  fetchImpl(url, {
+    method: "POST",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify(body),
+  });
+
+const defaultSleep = (ms: number) =>
+  new Promise<void>((resolve) => setTimeout(resolve, ms));
+
+const defaultOpenBrowser = async (url: string) => {
+  const command =
+    process.platform === "darwin"
+      ? "open"
+      : process.platform === "win32"
+        ? "cmd"
+        : "xdg-open";
+  const args =
+    process.platform === "win32" ? ["/c", "start", "", url] : [url];
 
   try {
-    const serverUrl = (
-      serverArg ||
-      (await rl.question("server [https://nolo.chat]: ")) ||
-      "https://nolo.chat"
-    ).replace(/\/+$/, "");
-
-    const authToken = tokenArg || (await rl.question("paste auth token: "));
-    if (!authToken.trim()) {
-      console.error("No auth token provided.");
-      return 1;
+    const child = spawn(command, args, {
+      detached: true,
+      stdio: "ignore",
+    });
+    child.unref();
+    return true;
+  } catch {
+    return false;
+  }
+};
+
+async function saveTokenLogin(args: {
+  configPath: string;
+  serverUrl: string;
+  authToken: string;
+  output: Pick<Console, "log">;
+  error: Pick<Console, "error">;
+}) {
+  if (!args.authToken.trim()) {
+    args.error.error("No auth token provided.");
+    return 1;
+  }
+
+  saveDefaultProfile(args.configPath, {
+    serverUrl: args.serverUrl,
+    authToken: args.authToken.trim(),
+  });
+  args.output.log(`Saved profile default -> ${args.serverUrl}`);
+  return 0;
+}
+
+async function runWebLogin(args: {
+  configPath: string;
+  serverUrl: string;
+  fetchImpl: typeof fetch;
+  openBrowser: (url: string) => Promise<boolean> | boolean;
+  sleep: (ms: number) => Promise<void>;
+  now: () => number;
+  output: Pick<Console, "log">;
+  error: Pick<Console, "error">;
+  noBrowser: boolean;
+}) {
+  const startResponse = await postJson(
+    args.fetchImpl,
+    `${args.serverUrl}/api/v1/users/cli-login/start`,
+    { clientName: "nolo-cli" }
+  );
+  const start = await startResponse.json().catch(() => ({} as any));
+  if (!startResponse.ok || !start?.deviceCode || !start?.verificationUriComplete) {
+    args.error.error(
+      `Failed to start web login (${startResponse.status}). Use --token to paste a token manually.`
+    );
+    return 1;
+  }
+
+  args.output.log("Open this URL to authorize nolo-cli:");
+  args.output.log(start.verificationUriComplete);
+  args.output.log(`Code: ${start.userCode}`);
+
+  if (!args.noBrowser) {
+    const opened = await args.openBrowser(start.verificationUriComplete);
+    if (!opened) {
+      args.output.log("Could not open a browser automatically. Paste the URL above.");
     }
+  }
+
+  const intervalMs = Math.max(1, Number(start.interval) || 2) * 1000;
+  const timeoutMs = Math.max(1, Number(start.expiresIn) || 600) * 1000;
+  const deadline = args.now() + timeoutMs;
+
+  while (args.now() <= deadline) {
+    const pollResponse = await postJson(
+      args.fetchImpl,
+      `${args.serverUrl}/api/v1/users/cli-login/poll`,
+      { deviceCode: start.deviceCode }
+    );
+    const poll = await pollResponse.json().catch(() => ({} as any));
+
+    if (pollResponse.status === 202) {
+      await args.sleep(intervalMs);
+      continue;
+    }
+
+    if (pollResponse.ok && poll?.token) {
+      const approvedServer =
+        typeof poll.serverUrl === "string" && poll.serverUrl.trim()
+          ? poll.serverUrl.trim().replace(/\/+$/, "")
+          : args.serverUrl;
+      return saveTokenLogin({
+        configPath: args.configPath,
+        serverUrl: approvedServer,
+        authToken: poll.token,
+        output: args.output,
+        error: args.error,
+      });
+    }
+
+    args.error.error(
+      `Web login failed: ${poll?.error || `HTTP ${pollResponse.status}`}. Use --token to paste a token manually.`
+    );
+    return 1;
+  }
 
-    saveDefaultProfile(configPath, {
+  args.error.error("Web login timed out. Run `nolo login` again or use --token.");
+  return 1;
+}
+
+export async function runLoginCommand(args: string[], deps: LoginCommandDeps = {}) {
+  const configPath = deps.configPath ?? getDefaultProfileConfigPath();
+  const serverArg = getArg(args, "--server");
+  const tokenArg = getArg(args, "--token");
+  const noBrowser = args.includes("--no-browser");
+  const outputTarget = deps.output ?? console;
+  const errorTarget = deps.error ?? console;
+  const serverUrl = (serverArg || DEFAULT_NOLO_SERVER_URL).replace(/\/+$/, "");
+
+  if (tokenArg) {
+    return saveTokenLogin({
+      configPath,
       serverUrl,
-      authToken: authToken.trim(),
+      authToken: tokenArg,
+      output: outputTarget,
+      error: errorTarget,
     });
-    console.log(`Saved profile default -> ${serverUrl}`);
-    return 0;
-  } finally {
-    rl.close();
   }
+
+  if (args.includes("--manual")) {
+    const rl = createInterface({ input, output });
+    const question = deps.question ?? ((prompt: string) => rl.question(prompt));
+    try {
+      const authToken = await question("paste auth token: ");
+      return saveTokenLogin({
+        configPath,
+        serverUrl,
+        authToken,
+        output: outputTarget,
+        error: errorTarget,
+      });
+    } finally {
+      rl.close();
+    }
+  }
+
+  return runWebLogin({
+    configPath,
+    serverUrl,
+    fetchImpl: deps.fetchImpl ?? fetch,
+    openBrowser: deps.openBrowser ?? defaultOpenBrowser,
+    sleep: deps.sleep ?? defaultSleep,
+    now: deps.now ?? Date.now,
+    output: outputTarget,
+    error: errorTarget,
+    noBrowser,
+  });
 }
 
 export function runWhoamiCommand() {

package/client/compactDialog.ts

@@ -8,10 +8,13 @@ const DB_PATH = "/api/v1/db";
 /**
  * Extract userId from a JWT-style auth token without verifying the signature.
  * Mirrors the logic of `parseToken` in `auth/token.ts` without the crypto imports.
+ * @internal - exported for testing only
  */
-function parseTokenUserId(token: string): string | null {
+export function parseTokenUserId(token: string): string | null {
   try {
-    const [payloadBase64] = token.split(".");
+    const parts = token.split(".");
+    if (parts.length < 2) return null;
+    const payloadBase64 = parts[1];
     const payload = JSON.parse(
       Buffer.from(payloadBase64, "base64").toString("utf8")
     );

package/commandRegistry.ts

@@ -73,6 +73,8 @@ export function renderHelpText() {
     "  nolo",
     "  nolo chat",
     "  nolo login",
+    "  nolo login --no-browser",
+    "  nolo login --token <auth-token>",
     "  nolo whoami",
     "  nolo connect",
     "  nolo connect --watch",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nolo-cli",
-  "version": "0.1.12",
+  "version": "0.1.13",
   "type": "module",
   "description": "Agent-first terminal workspace for Nolo",
   "bin": {