open-wadah 1.0.2 → 1.0.3

package/README.md

@@ -20,6 +20,9 @@ wadah signup
 wadah login
 ```
 
+`wadah login` uses browser sign-in by default.  
+Use `wadah login --password` for terminal email/password.
+
 3. Use the CLI:
 
 ```bash
@@ -50,3 +53,5 @@ Or pass per command:
 ```bash
 wadah --api http://127.0.0.1:3001 open
 ```
+
+For production, use your real API URL (for example `https://api.openwadah.com`) instead of localhost.

package/cli.js

@@ -5,6 +5,7 @@ import fetch from 'node-fetch'
 import Conf from 'conf'
 import { input, password as promptPassword } from '@inquirer/prompts'
 import { webcrypto } from 'node:crypto'
+import { spawn } from 'node:child_process'
 
 const randomUUID = () => webcrypto.randomUUID()
 let runtimeApiBase = null
@@ -188,6 +189,31 @@ function fail(message) {
   process.exitCode = 1
 }
 
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms))
+}
+
+function openBrowser(url) {
+  let cmd
+  let args
+  if (process.platform === 'darwin') {
+    cmd = 'open'
+    args = [url]
+  } else if (process.platform === 'win32') {
+    cmd = 'cmd'
+    args = ['/c', 'start', '', url]
+  } else {
+    cmd = 'xdg-open'
+    args = [url]
+  }
+  return new Promise((resolve) => {
+    const child = spawn(cmd, args, { stdio: 'ignore', detached: true })
+    child.on('error', () => resolve(false))
+    child.unref()
+    resolve(true)
+  })
+}
+
 // ── program ───────────────────────────────────────────────────────────────────
 
 program
@@ -205,11 +231,76 @@ program.hook('preAction', (_, actionCommand) => {
 
 program
   .command('login')
-  .description('Sign in as a human user (email + password)')
+  .description('Sign in as a human user (browser flow by default)')
   .option('--api-url <url>', 'Override API base URL and save it')
+  .option('--password', 'Use terminal email/password instead of browser login')
+  .option('--no-browser', "Don't auto-open browser; print URL only")
   .action(async (opts) => {
     if (opts.apiUrl) conf.set('api_url', opts.apiUrl.trim().replace(/\/$/, ''))
 
+    // Browser-based login (device flow) is default so password managers can autofill.
+    if (!opts.password) {
+      try {
+        const startRes = await fetch(`${getApiBase()}/api/auth/device/start`, {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ client: 'open-wadah-cli' }),
+        })
+        const startBody = await startRes.json().catch(() => ({}))
+        if (!startRes.ok) throw new Error(startBody.error ?? 'Could not start browser login')
+
+        const verificationUrl = startBody.verification_uri_complete ?? startBody.verification_uri
+        const pollEveryMs = Math.max(1000, Number(startBody.interval ?? 2) * 1000)
+        const deadline = Date.now() + Math.max(60, Number(startBody.expires_in ?? 600)) * 1000
+
+        console.log(chalk.bold('\nOpen Wadah — Browser sign in\n'))
+        console.log(chalk.gray(`  1) Open this URL and sign in:`))
+        console.log(`  ${chalk.bold(verificationUrl)}`)
+        if (startBody.user_code) console.log(chalk.gray(`  2) If asked, enter code: ${startBody.user_code}`))
+        console.log(chalk.gray('  3) Return here — login completes automatically.\n'))
+
+        if (opts.browser) {
+          const opened = await openBrowser(verificationUrl)
+          if (opened) console.log(chalk.gray('  Browser opened.\n'))
+          else console.log(chalk.yellow('  Could not open browser automatically. Open the URL manually.\n'))
+        }
+
+        while (Date.now() < deadline) {
+          const pollRes = await fetch(`${getApiBase()}/api/auth/device/poll`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ device_code: startBody.device_code }),
+          })
+          const pollBody = await pollRes.json().catch(() => ({}))
+
+          if (pollRes.ok && pollBody.access_token) {
+            conf.set('access_token',  pollBody.access_token)
+            conf.set('refresh_token', pollBody.refresh_token)
+            conf.set('token_expires', pollBody.expires_at)
+            conf.set('user_email',    pollBody.user?.email ?? null)
+            conf.set('user_id',       pollBody.user?.id ?? null)
+            console.log(chalk.green(`\n✓ Signed in${pollBody.user?.email ? ` as ${pollBody.user.email}` : ''}\n`))
+            return
+          }
+
+          const pending = pollRes.status === 428 || pollBody.error === 'authorization_pending'
+          if (!pending) {
+            if (pollRes.status === 410 || pollBody.error === 'expired_token') {
+              throw new Error('Browser login expired. Please run wadah login again.')
+            }
+            throw new Error(pollBody.error ?? 'Browser login failed')
+          }
+          await sleep(pollEveryMs)
+        }
+
+        throw new Error('Browser login timed out. Please run wadah login again.')
+      } catch (err) {
+        console.error(chalk.red(`\n✗ ${err.message}\n`))
+        process.exit(1)
+      }
+      return
+    }
+
     console.log(chalk.bold('\nOpen Wadah — Sign in\n'))
     const email = await input({ message: 'Email:' })
     const pass  = await promptPassword({ message: 'Password:' })

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "open-wadah",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Open Wadah CLI — shared task board for humans and agents",
   "type": "module",
   "bin": {