open-wadah 1.0.0

package/cli.js

@@ -0,0 +1,579 @@
+#!/usr/bin/env node
+import { program } from 'commander'
+import chalk from 'chalk'
+import fetch from 'node-fetch'
+import Conf from 'conf'
+import { input, password as promptPassword } from '@inquirer/prompts'
+import { webcrypto } from 'node:crypto'
+
+const randomUUID = () => webcrypto.randomUUID()
+
+// ── config ────────────────────────────────────────────────────────────────────
+
+const conf = new Conf({ projectName: 'open-wadah' })
+
+function getApiBase() {
+  return (
+    (process.env.TASK_MANAGER_API_URL ?? '').trim() ||
+    conf.get('api_url') ||
+    'http://localhost:3001'
+  )
+}
+
+function getAuthToken() {
+  if (process.env.TASK_MANAGER_TOKEN) return process.env.TASK_MANAGER_TOKEN
+  return conf.get('access_token') ?? null
+}
+
+function authHeaders() {
+  const token = getAuthToken()
+  return {
+    'Content-Type': 'application/json',
+    ...(token ? { Authorization: `Bearer ${token}` } : {}),
+  }
+}
+
+// ── token refresh ─────────────────────────────────────────────────────────────
+
+async function refreshAccessToken() {
+  const refreshToken = conf.get('refresh_token')
+  if (!refreshToken) return false
+  try {
+    const res  = await fetch(`${getApiBase()}/api/auth/refresh`, {
+      method:  'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body:    JSON.stringify({ refresh_token: refreshToken }),
+    })
+    if (!res.ok) return false
+    const data = await res.json()
+    conf.set('access_token',   data.access_token)
+    conf.set('refresh_token',  data.refresh_token)
+    conf.set('token_expires',  data.expires_at)
+    return true
+  } catch {
+    return false
+  }
+}
+
+async function ensureAuth() {
+  if (process.env.TASK_MANAGER_TOKEN) return   // agent token, no refresh needed
+  const expires = conf.get('token_expires')
+  // Refresh if within 5 minutes of expiry or already expired
+  if (expires && Date.now() > (expires * 1000) - 300_000) {
+    await refreshAccessToken()
+  }
+}
+
+// ── http ──────────────────────────────────────────────────────────────────────
+
+async function api(path, options = {}, retry = true) {
+  await ensureAuth()
+  const url = `${getApiBase()}${path}`
+  const res = await fetch(url, { headers: authHeaders(), ...options })
+
+  // If 401 and we have a refresh token, try once more
+  if (res.status === 401 && retry && !process.env.TASK_MANAGER_TOKEN) {
+    const refreshed = await refreshAccessToken()
+    if (refreshed) return api(path, options, false)
+  }
+
+  const body = await res.json().catch(() => ({}))
+  if (!res.ok) throw new Error(body.error ?? body.message ?? res.statusText)
+  return body
+}
+
+// ── formatting ────────────────────────────────────────────────────────────────
+
+function formatDate(ts) {
+  if (!ts) return '—'
+  const d     = new Date(ts)
+  const today = new Date(); today.setHours(0, 0, 0, 0)
+  const day   = new Date(d); day.setHours(0, 0, 0, 0)
+  const diff  = Math.round((day - today) / 86400000)
+  if (diff === 0)  return chalk.yellow('Today')
+  if (diff < 0)   return chalk.red(`${Math.abs(diff)}d overdue`)
+  if (diff === 1) return chalk.green('Tomorrow')
+  if (diff <= 7)  return chalk.green(`${diff}d`)
+  return d.toLocaleDateString()
+}
+
+function printTaskList(tasks, state) {
+  const bucketMap   = Object.fromEntries(state.buckets.map((b)  => [b.id, b.title]))
+  const assigneeMap = Object.fromEntries(state.assignees.map((a) => [a.id, a.name]))
+  const boardMap    = Object.fromEntries(state.boards.map((b)   => [b.id, b.name]))
+
+  console.log()
+  if (tasks.length === 0) {
+    console.log(chalk.gray('  No tasks.\n'))
+    return
+  }
+  tasks.forEach((t) => {
+    const bucket    = bucketMap[t.bucketId]     ?? '—'
+    const assignee  = assigneeMap[t.assigneeId] ?? 'Unassigned'
+    const requester = t.requestedById ? assigneeMap[t.requestedById] : null
+    const board     = boardMap[t.boardId]       ?? '—'
+    const id        = t.id.slice(0, 8)
+
+    console.log(`  ${chalk.bold(t.title)}`)
+    console.log(chalk.gray(
+      `  ${id}  ·  ${board} / ${bucket}  ·  ${assignee}` +
+      (requester ? `  ← ${requester}` : '') +
+      (t.dueDate ? `  ·  ${formatDate(t.dueDate)}` : '') +
+      (t.tags?.length ? `  ·  #${t.tags.join(' #')}` : '')
+    ))
+    console.log()
+  })
+}
+
+function handleError(err) {
+  const msg = err.message ?? ''
+  if (
+    msg.includes('401') ||
+    msg.toLowerCase().includes('missing token') ||
+    msg.toLowerCase().includes('invalid token') ||
+    msg.toLowerCase().includes('not authenticated')
+  ) {
+    console.error(chalk.red('\n✗ Not authenticated.'))
+    console.error(chalk.gray('  Humans:  wadah login'))
+    console.error(chalk.gray('  Agents:  TASK_MANAGER_TOKEN=<token> wadah open\n'))
+  } else {
+    console.error(chalk.red(`\n✗ ${msg}\n`))
+  }
+  process.exit(1)
+}
+
+async function resolveMyAssigneeId(state) {
+  try {
+    const me = await api('/api/auth/me')
+    const userId = me.user?.id
+    // Match by user_id field on assignee (if backend returns it)
+    const byUserId = state.assignees.find((a) => a.user_id === userId)
+    if (byUserId) return byUserId.id
+  } catch {}
+  // Fallback: 'Me' assignee
+  return state.assignees.find((a) => a.name === 'Me')?.id ?? null
+}
+
+function findAssignee(assignees, name) {
+  const q = name.toLowerCase()
+  return assignees.find((a) => a.name.toLowerCase().includes(q)) ?? null
+}
+
+// ── program ───────────────────────────────────────────────────────────────────
+
+program
+  .name('tm')
+  .description('Open Wadah CLI — shared task board for humans and agents')
+  .version('1.0.0')
+
+// ── tm login ──────────────────────────────────────────────────────────────────
+
+program
+  .command('login')
+  .description('Sign in as a human user (email + password)')
+  .option('--api-url <url>', 'Override API base URL and save it')
+  .action(async (opts) => {
+    if (opts.apiUrl) conf.set('api_url', opts.apiUrl.trim().replace(/\/$/, ''))
+
+    console.log(chalk.bold('\nOpen Wadah — Sign in\n'))
+    const email = await input({ message: 'Email:' })
+    const pass  = await promptPassword({ message: 'Password:' })
+
+    try {
+      const data = await fetch(`${getApiBase()}/api/auth/login`, {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body:    JSON.stringify({ email, password: pass }),
+      })
+      const body = await data.json()
+      if (!data.ok) throw new Error(body.error ?? 'Login failed')
+
+      conf.set('access_token',  body.access_token)
+      conf.set('refresh_token', body.refresh_token)
+      conf.set('token_expires', body.expires_at)
+      conf.set('user_email',    body.user.email)
+      conf.set('user_id',       body.user.id)
+      console.log(chalk.green(`\n✓ Signed in as ${body.user.email}\n`))
+    } catch (err) {
+      console.error(chalk.red(`\n✗ ${err.message}\n`))
+      process.exit(1)
+    }
+  })
+
+// ── tm signup ─────────────────────────────────────────────────────────────────
+
+program
+  .command('signup')
+  .description('Create a new account')
+  .option('--api-url <url>', 'Override API base URL and save it')
+  .action(async (opts) => {
+    if (opts.apiUrl) conf.set('api_url', opts.apiUrl.trim().replace(/\/$/, ''))
+
+    console.log(chalk.bold('\nOpen Wadah — Create account\n'))
+    const name  = await input({ message: 'Name:' })
+    const email = await input({ message: 'Email:' })
+    const pass  = await promptPassword({ message: 'Password (min 6 chars):' })
+
+    try {
+      // Sign up
+      const signupRes  = await fetch(`${getApiBase()}/api/auth/signup`, {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body:    JSON.stringify({ name, email, password: pass }),
+      })
+      const signupBody = await signupRes.json()
+      if (!signupRes.ok) throw new Error(signupBody.error ?? 'Signup failed')
+
+      // Auto login
+      const loginRes  = await fetch(`${getApiBase()}/api/auth/login`, {
+        method:  'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body:    JSON.stringify({ email, password: pass }),
+      })
+      const loginBody = await loginRes.json()
+      if (!loginRes.ok) throw new Error(loginBody.error ?? 'Login after signup failed')
+
+      conf.set('access_token',  loginBody.access_token)
+      conf.set('refresh_token', loginBody.refresh_token)
+      conf.set('token_expires', loginBody.expires_at)
+      conf.set('user_email',    loginBody.user.email)
+      conf.set('user_id',       loginBody.user.id)
+      console.log(chalk.green(`\n✓ Account created and signed in as ${email}\n`))
+    } catch (err) {
+      console.error(chalk.red(`\n✗ ${err.message}\n`))
+      process.exit(1)
+    }
+  })
+
+// ── tm logout ─────────────────────────────────────────────────────────────────
+
+program
+  .command('logout')
+  .description('Sign out and clear stored credentials')
+  .action(() => {
+    conf.delete('access_token')
+    conf.delete('refresh_token')
+    conf.delete('token_expires')
+    conf.delete('user_email')
+    conf.delete('user_id')
+    console.log(chalk.green('✓ Signed out\n'))
+  })
+
+// ── tm whoami ─────────────────────────────────────────────────────────────────
+
+program
+  .command('whoami')
+  .description('Show current identity and workspace')
+  .action(async () => {
+    if (process.env.TASK_MANAGER_TOKEN) {
+      console.log(chalk.bold('\nAgent') + '  (TASK_MANAGER_TOKEN)')
+    } else {
+      const email = conf.get('user_email')
+      if (!email) {
+        console.log(chalk.gray('\nNot signed in.  Run: tm login\n'))
+        return
+      }
+      try {
+        const me = await api('/api/auth/me')
+        const ws = me.workspaces?.[0]
+        console.log()
+        console.log(chalk.bold(me.user.email))
+        if (ws) console.log(chalk.gray(`Workspace: ${ws.name}  (${ws.role})`))
+        console.log(chalk.gray(`API:       ${getApiBase()}`))
+        console.log()
+      } catch {
+        console.log(chalk.gray(`\n${email}  (token may be expired — run: tm login)\n`))
+      }
+    }
+  })
+
+// ── tm open ───────────────────────────────────────────────────────────────────
+
+program
+  .command('open')
+  .description('List open tasks assigned to me')
+  .option('--all',                    'Show all tasks in the workspace')
+  .option('--assignee <name>',        'Filter by assignee name')
+  .option('--requested-by <name>',    'Filter by requester name')
+  .option('--board <name>',           'Filter by board name')
+  .option('--completed',              'Show completed tasks instead')
+  .action(async (opts) => {
+    try {
+      const state = await api('/api/state')
+      let tasks = state.tasks.filter((t) => !!t.completed === !!opts.completed)
+
+      if (!opts.all && !opts.assignee) {
+        const myId = await resolveMyAssigneeId(state)
+        if (myId) tasks = tasks.filter((t) => t.assigneeId === myId)
+      }
+      if (opts.assignee) {
+        const a = findAssignee(state.assignees, opts.assignee)
+        if (!a) return console.error(chalk.red(`\n✗ Assignee not found: ${opts.assignee}\n`))
+        tasks = tasks.filter((t) => t.assigneeId === a.id)
+      }
+      if (opts.requestedBy) {
+        const a = findAssignee(state.assignees, opts.requestedBy)
+        if (!a) return console.error(chalk.red(`\n✗ Assignee not found: ${opts.requestedBy}\n`))
+        tasks = tasks.filter((t) => t.requestedById === a.id)
+      }
+      if (opts.board) {
+        const b = state.boards.find((b) => b.name.toLowerCase().includes(opts.board.toLowerCase()))
+        if (b) tasks = tasks.filter((t) => t.boardId === b.id)
+      }
+
+      printTaskList(tasks, state)
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm requested ──────────────────────────────────────────────────────────────
+
+program
+  .command('requested')
+  .description('List open tasks you requested (assigned to others / agents)')
+  .action(async () => {
+    try {
+      const state = await api('/api/state')
+      const myId  = await resolveMyAssigneeId(state)
+      const tasks = state.tasks.filter((t) => t.requestedById === myId && !t.completed)
+      printTaskList(tasks, state)
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm add ────────────────────────────────────────────────────────────────────
+
+program
+  .command('add <title>')
+  .description('Create a new task')
+  .option('--assignee <name>',  'Assign to a person or agent')
+  .option('--bucket <name>',    'Column name (default: first column)')
+  .option('--board <name>',     'Board name (default: current board)')
+  .option('--due <YYYY-MM-DD>', 'Due date')
+  .option('--repo <owner/repo>','GitHub repo')
+  .option('--url <url>',        'Issue / PR URL')
+  .option('--notes <text>',     'Notes')
+  .action(async (title, opts) => {
+    try {
+      const state = await api('/api/state')
+      const myId  = await resolveMyAssigneeId(state)
+
+      let assigneeId    = myId
+      let requestedById = null
+
+      if (opts.assignee) {
+        const a = findAssignee(state.assignees, opts.assignee)
+        if (!a) return console.error(chalk.red(`\n✗ Assignee not found: ${opts.assignee}\n`))
+        assigneeId    = a.id
+        requestedById = myId
+      }
+
+      const bucket = opts.bucket
+        ? state.buckets.find((b) => b.title.toLowerCase().includes(opts.bucket.toLowerCase()))
+        : state.buckets[0]
+
+      const board = opts.board
+        ? state.boards.find((b) => b.name.toLowerCase().includes(opts.board.toLowerCase()))
+        : state.boards.find((b) => b.id === state.currentBoardId) ?? state.boards[0]
+
+      const task = await api('/api/tasks', {
+        method: 'POST',
+        body:   JSON.stringify({
+          title,
+          bucketId:     bucket?.id,
+          boardId:      board?.id,
+          assigneeId,
+          requestedById,
+          dueDate:      opts.due ? new Date(opts.due).getTime() : null,
+          repo:         opts.repo   ?? null,
+          contextUrl:   opts.url    ?? null,
+          notes:        opts.notes  ?? '',
+        }),
+      })
+
+      const assigneeName = state.assignees.find((a) => a.id === task.assigneeId)?.name ?? 'Unassigned'
+      console.log(chalk.green('\n✓ Created') + `  ${chalk.bold(task.title)}`)
+      console.log(chalk.gray(`  ID: ${task.id}  ·  Assigned to: ${assigneeName}\n`))
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm complete ───────────────────────────────────────────────────────────────
+
+program
+  .command('complete <id>')
+  .description('Mark a task as complete')
+  .action(async (id) => {
+    try {
+      const task = await api(`/api/tasks/${id}`, {
+        method: 'PATCH',
+        body:   JSON.stringify({ completed: true }),
+      })
+      console.log(chalk.green('\n✓ Completed') + `  ${chalk.bold(task.title)}\n`)
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm reopen ─────────────────────────────────────────────────────────────────
+
+program
+  .command('reopen <id>')
+  .description('Reopen a completed task')
+  .action(async (id) => {
+    try {
+      const task = await api(`/api/tasks/${id}`, {
+        method: 'PATCH',
+        body:   JSON.stringify({ completed: false }),
+      })
+      console.log(chalk.green('\n✓ Reopened') + `  ${chalk.bold(task.title)}\n`)
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm assign ─────────────────────────────────────────────────────────────────
+
+program
+  .command('assign <id>')
+  .description('Reassign a task to another person or agent')
+  .requiredOption('--to <name>', 'Assignee name')
+  .action(async (id, opts) => {
+    try {
+      const state = await api('/api/state')
+      const a     = findAssignee(state.assignees, opts.to)
+      if (!a) return console.error(chalk.red(`\n✗ Assignee not found: ${opts.to}\n`))
+
+      const myId = await resolveMyAssigneeId(state)
+      const task  = await api(`/api/tasks/${id}`, {
+        method: 'PATCH',
+        body:   JSON.stringify({ assigneeId: a.id, requestedById: myId }),
+      })
+      console.log(chalk.green('\n✓ Assigned') + `  ${chalk.bold(task.title)} → ${a.name}\n`)
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm delete ─────────────────────────────────────────────────────────────────
+
+program
+  .command('delete <id>')
+  .description('Delete a task')
+  .action(async (id) => {
+    try {
+      const task = await api(`/api/tasks/${id}`)
+      await api(`/api/tasks/${id}`, { method: 'DELETE' })
+      console.log(chalk.green('\n✓ Deleted') + `  ${chalk.bold(task.title)}\n`)
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm view ───────────────────────────────────────────────────────────────────
+
+program
+  .command('view <id>')
+  .description('View full details of a task')
+  .action(async (id) => {
+    try {
+      const [task, state] = await Promise.all([api(`/api/tasks/${id}`), api('/api/state')])
+      const assignee  = state.assignees.find((a) => a.id === task.assigneeId)?.name  ?? 'Unassigned'
+      const requester = state.assignees.find((a) => a.id === task.requestedById)?.name ?? null
+      const bucket    = state.buckets.find((b)   => b.id === task.bucketId)?.title    ?? '—'
+      const board     = state.boards.find((b)    => b.id === task.boardId)?.name      ?? '—'
+
+      console.log()
+      console.log(chalk.bold(task.title) + (task.completed ? chalk.green('  ✓ done') : ''))
+      console.log(chalk.gray(`  ID:        ${task.id}`))
+      console.log(chalk.gray(`  Board:     ${board} / ${bucket}`))
+      console.log(chalk.gray(`  Assigned:  ${assignee}`))
+      if (requester) console.log(chalk.gray(`  Requested: ${requester}`))
+      if (task.dueDate) console.log(chalk.gray(`  Due:       ${formatDate(task.dueDate)}`))
+      if (task.repo) console.log(chalk.gray(`  Repo:      ${task.repo}`))
+      if (task.contextUrl) console.log(chalk.gray(`  Link:      ${task.contextUrl}`))
+      if (task.tags?.length) console.log(chalk.gray(`  Tags:      #${task.tags.join('  #')}`))
+      if (task.description) { console.log(); console.log(`  ${task.description}`) }
+      if (task.notes) { console.log(chalk.gray('\n  Notes:')); console.log(`  ${task.notes}`) }
+      if (task.subtasks?.length) {
+        console.log(chalk.gray('\n  Subtasks:'))
+        task.subtasks.forEach((s) => {
+          console.log(`    ${s.completed ? chalk.green('✓') : '○'}  ${s.title}`)
+        })
+      }
+      if (task.comments?.length) {
+        console.log(chalk.gray('\n  Comments:'))
+        task.comments.forEach((c) => {
+          console.log(`    ${chalk.gray(new Date(c.createdAt).toLocaleString())}  ${c.text}`)
+        })
+      }
+      console.log()
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm comment ────────────────────────────────────────────────────────────────
+
+program
+  .command('comment <id> <text>')
+  .description('Add a comment to a task')
+  .action(async (id, text) => {
+    try {
+      const task    = await api(`/api/tasks/${id}`)
+      const comment = { id: randomUUID(), text, createdAt: Date.now() }
+      await api(`/api/tasks/${id}`, {
+        method: 'PATCH',
+        body:   JSON.stringify({ comments: [...(task.comments ?? []), comment] }),
+      })
+      console.log(chalk.green('\n✓ Comment added\n'))
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm boards ─────────────────────────────────────────────────────────────────
+
+program
+  .command('boards')
+  .description('List all boards')
+  .action(async () => {
+    try {
+      const state = await api('/api/state')
+      console.log()
+      state.boards.forEach((b) => {
+        const open = state.tasks.filter((t) => t.boardId === b.id && !t.completed).length
+        const done = state.tasks.filter((t) => t.boardId === b.id &&  t.completed).length
+        console.log(`  ${chalk.bold(b.name)}  ${chalk.gray(`${open} open · ${done} done`)}`)
+      })
+      console.log()
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm invite ─────────────────────────────────────────────────────────────────
+
+program
+  .command('invite')
+  .description('Generate a workspace invite link')
+  .option('--email <email>', 'Email address to invite')
+  .option('--role <role>',   'Role: member or agent  (default: member)', 'member')
+  .action(async (opts) => {
+    try {
+      const data = await api('/api/workspace/invite', {
+        method: 'POST',
+        body:   JSON.stringify({ email: opts.email, role: opts.role }),
+      })
+      console.log(chalk.green('\n✓ Invite created'))
+      console.log(`  ${chalk.bold(data.link)}`)
+      if (opts.email) console.log(chalk.gray(`  For: ${opts.email}  (${opts.role})`))
+      console.log(chalk.gray('  Expires in 7 days\n'))
+    } catch (err) { handleError(err) }
+  })
+
+// ── tm config ─────────────────────────────────────────────────────────────────
+
+program
+  .command('config')
+  .description('Show or set CLI configuration')
+  .option('--api-url <url>', 'Set API base URL')
+  .action((opts) => {
+    if (opts.apiUrl) {
+      conf.set('api_url', opts.apiUrl.trim().replace(/\/$/, ''))
+      console.log(chalk.green(`\n✓ API URL set to ${opts.apiUrl}\n`))
+      return
+    }
+    console.log()
+    console.log(chalk.bold('CLI config'))
+    console.log(chalk.gray(`  API URL:      ${getApiBase()}`))
+    console.log(chalk.gray(`  Signed in as: ${conf.get('user_email') ?? '—'}`))
+    console.log(chalk.gray(`  Agent mode:   ${process.env.TASK_MANAGER_TOKEN ? 'yes (TASK_MANAGER_TOKEN set)' : 'no'}`))
+    console.log(chalk.gray(`  Config file:  ${conf.path}`))
+    console.log()
+  })
+
+program.parse()

package/package.json

@@ -0,0 +1,20 @@
+{
+  "name": "open-wadah",
+  "version": "1.0.0",
+  "description": "Open Wadah CLI — shared task board for humans and agents",
+  "type": "module",
+  "bin": {
+    "wadah": "cli.js",
+    "ow": "cli.js"
+  },
+  "scripts": {
+    "start": "node cli.js"
+  },
+  "dependencies": {
+    "chalk": "^5.4.1",
+    "commander": "^13.1.0",
+    "conf": "^13.1.0",
+    "inquirer": "^12.5.0",
+    "node-fetch": "^3.3.2"
+  }
+}