npm - phewsh - Versions diffs - 0.5.0 → 0.5.2 - Mend

phewsh 0.5.0 → 0.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/commands/login.js CHANGED Viewed

@@ -53,6 +53,37 @@ async function main() {
     return;
   }
+  // --token: paste a JWT obtained from phewsh.com/intent settings
+  if (args.includes('--token')) {
+    const tokenIdx = args.indexOf('--token');
+    const jwt = args[tokenIdx + 1];
+    if (!jwt) {
+      console.log('\n  Usage: phewsh login --token <jwt-from-web>\n');
+      console.log('  Get your token at phewsh.com/intent → Settings → CLI Access\n');
+      process.exit(1);
+    }
+    // Decode JWT payload (no verification needed — Supabase will validate on API calls)
+    try {
+      const payload = JSON.parse(Buffer.from(jwt.split('.')[1], 'base64url').toString());
+      const config = loadConfig() || {};
+      saveConfig({
+        ...config,
+        userId: payload.sub,
+        email: payload.email || config.email || '',
+        supabaseUserId: payload.sub,
+        supabaseAccessToken: jwt,
+        supabaseRefreshToken: config.supabaseRefreshToken || null,
+      });
+      console.log(`\n  ✓ Logged in as ${payload.email || payload.sub}`);
+      console.log('  ✓ Cloud sync enabled\n');
+      console.log('  Note: web tokens expire in ~1 hour. Run `phewsh login --refresh` if sync fails.\n');
+    } catch {
+      console.error('\n  Invalid token. Copy it from phewsh.com/intent → Settings → CLI Access.\n');
+      process.exit(1);
+    }
+    return;
+  }
   if (args.includes('--set-key')) {
     const config = loadConfig() || {};
     const { ask, close } = createPrompter();
@@ -109,16 +140,26 @@ async function main() {
     process.exit(1);
   }
-  console.log(`  Check ${email} for a 6-digit code.\n`);
-  const token = await ask('  Verification code\n  > ');
+  console.log(`  Check ${email} — look for a 6-digit code.`);
+  console.log(`  (It may arrive as a link — if so, visit phewsh.com/intent to log in there first,`);
+  console.log(`   then run: phewsh login --from-web to save that session.)\n`);
+  const token = await ask('  6-digit code\n  > ');
   console.log('');
+  if (!token || token.length < 4) {
+    close();
+    console.log('\n  No code entered. If you received a link, log in at phewsh.com/intent\n  then run `phewsh login --status` after logging in via web.\n');
+    process.exit(1);
+  }
   let session;
   try {
     session = await verifyOtp(email, token);
   } catch (err) {
     close();
-    console.error('\n  Verification failed:', err.message, '\n');
+    console.error('\n  Verification failed:', err.message);
+    console.error('  If you received a link instead of a code, ask your admin to enable');
+    console.error('  Email OTP in the Supabase dashboard (Authentication → Email).\n');
     process.exit(1);
   }

package/lib/supabase.js CHANGED Viewed

@@ -20,9 +20,14 @@ async function req(path, options = {}, accessToken = null) {
 // Send magic link / OTP to email
 async function sendOtp(email) {
+  // redirect_to ensures magic links (if project uses them) land on /intent, not root
   const res = await req('/auth/v1/otp', {
     method: 'POST',
-    body: JSON.stringify({ email, create_user: true }),
+    body: JSON.stringify({
+      email,
+      create_user: true,
+      options: { redirect_to: 'https://phewsh.com/intent' },
+    }),
   });
   return res.ok;
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "phewsh",
-  "version": "0.5.0",
+  "version": "0.5.2",
   "description": "Turn intent into action. Structure your thinking, execute your next step.",
   "bin": {
     "phewsh": "bin/phewsh.js"