pkg-track 1.0.1 → 2.0.0

package/README.md

@@ -41,55 +41,34 @@ Interactive CLI that scans your Gmail for shipping confirmations and lets you tr
 
 ### 1. Install
 
+**From npm (recommended):**
 ```bash
 npm install -g pkg-track
 ```
 
-### 2. One-Time Gmail Setup (~5 minutes)
-
-**Quick Google Cloud setup** (sounds scary, but it's just clicking through):
-
+**From git (for development):**
 ```bash
-# 1. Create the config directory
-mkdir -p ~/.pkg-tracker
-
-# 2. Follow these steps to get your credentials:
+# Requires build tools (python, make, gcc/clang)
+npm install -g git+https://github.com/vvanessaww/pkg-track.git
 ```
 
-**Google Cloud Console** (one-time):
-1. Go to https://console.cloud.google.com/apis/credentials
-2. **Create Project** → Name: `pkg-track` (or anything) → **Create**
-3. **Enable APIs** → Search **"Gmail API"** → **Enable**
-4. **Configure Consent Screen**:
-   - User Type: **External** → **Create**
-   - App name: `pkg-track`
-   - User support email: (your email)
-   - Developer contact: (your email)
-   - **Save and Continue** (skip scopes/test users)
-5. **Credentials** → **Create Credentials** → **OAuth client ID**:
-   - Application type: **Desktop app**
-   - Name: `pkg-track`
-   - **Create**
-6. **Download JSON** (click the download icon ⬇️)
-7. **Move the file**:
-   ```bash
-   mv ~/Downloads/client_secret_*.json ~/.pkg-tracker/credentials.json
-   ```
+> ⚠️ **Installing from git requires build tools** for compiling native modules (better-sqlite3). On macOS, install Xcode Command Line Tools: `xcode-select --install`. On Ubuntu/Debian: `sudo apt-get install build-essential python3`
 
-**Why this setup?** Google requires each user to create their own OAuth app for Gmail access. This ensures your data stays private and you control the permissions. Your credentials never leave your computer.
-
-### 3. Initialize
+### 2. Initialize
 
 ```bash
 pkg init
 ```
 
-This will:
-- Open your browser for Gmail authorization
-- Save access token locally
-- Create local database
+**What happens:**
+1. Opens your browser to a secure authorization page
+2. You click "Sign in with Gmail"
+3. Grant read-only access to your Gmail
+4. Token is saved locally on your computer
+
+**That's it!** Simple one-click setup, no Google Cloud configuration needed.
 
-**That's it!** You only need to do this once.
+**Privacy:** We use read-only Gmail access (`gmail.readonly` scope). Your credentials and package data stay on your computer. You can revoke access anytime at https://myaccount.google.com/permissions
 
 ## Usage
 
@@ -247,20 +226,6 @@ If you want to stop using pkg-track:
 
 **Why it's safe:** You created the OAuth credentials yourself - it's YOUR app accessing YOUR Gmail. No one else has access.
 
-### "Gmail credentials not found"
-
-**Problem:** You see `⚠️ Gmail OAuth credentials not found.`
-
-**Solution:**
-1. Make sure you've created OAuth credentials in Google Cloud Console (see [Quick Start](#-quick-start))
-2. Download the credentials JSON file
-3. Save it to the correct location:
-   ```bash
-   mkdir -p ~/.pkg-tracker
-   mv ~/Downloads/client_secret_*.json ~/.pkg-tracker/credentials.json
-   ```
-4. Run `pkg init` again
-
 ### "Gmail not authorized"
 
 **Problem:** Error says Gmail not authorized or token missing
@@ -375,6 +340,23 @@ pkg sync
    - Visit: https://github.com/vvanessaww/pkg-track/issues
    - Include: OS, Node.js version, error message, steps to reproduce
 
+## Known Issues
+
+### npm deprecation warning during installation
+
+**What you might see:**
+```
+npm warn deprecated prebuild-install@7.1.3: No longer maintained
+```
+
+**What it means:**
+- This warning comes from a dependency (`better-sqlite3`) that we use for local database storage
+- It's a cosmetic warning and **does not affect functionality**
+- The package works perfectly fine
+- We're waiting for the upstream maintainer to update their dependencies
+
+**Action required:** None. You can safely ignore this warning.
+
 ## Roadmap
 
 - [ ] **Live tracking updates** via AfterShip/TrackingMore API

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pkg-track",
-  "version": "1.0.1",
+  "version": "2.0.0",
   "description": "Track all your packages in one place - UPS, FedEx, USPS, Amazon. Interactive CLI with Gmail integration.",
   "main": "src/index.js",
   "bin": {
@@ -8,7 +8,8 @@
   },
   "scripts": {
     "start": "node bin/cli.js",
-    "test": "node test/parser.test.js"
+    "test": "node test/parser.test.js",
+    "install": "node -e \"console.log('Installing pkg-track...')\" || true"
   },
   "keywords": [
     "package",
@@ -42,12 +43,12 @@
     "node": ">=14.0.0"
   },
   "dependencies": {
+    "better-sqlite3": "^12.6.2",
+    "chalk": "^4.1.2",
     "commander": "^11.1.0",
     "googleapis": "^128.0.0",
-    "better-sqlite3": "^9.2.2",
-    "chalk": "^4.1.2",
-    "ora": "^5.4.1",
     "inquirer": "^8.2.6",
-    "open": "^8.4.2"
+    "open": "^8.4.2",
+    "ora": "^5.4.1"
   }
 }

package/src/gmail-old.js

@@ -0,0 +1,397 @@
+const { google } = require('googleapis');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const open = require('open');
+const chalk = require('chalk');
+const ora = require('ora');
+const http = require('http');
+const url = require('url');
+const { extractTrackingNumbers, detectRetailer, extractShippedDate, extractProductDetails } = require('./parser');
+const { upsertPackage } = require('./db');
+
+const CONFIG_DIR = path.join(os.homedir(), '.pkg-tracker');
+const TOKEN_PATH = path.join(CONFIG_DIR, 'gmail-token.json');
+const CREDENTIALS_PATH = path.join(CONFIG_DIR, 'credentials.json');
+
+const SCOPES = ['https://www.googleapis.com/auth/gmail.readonly'];
+
+/**
+ * Initialize Gmail OAuth
+ */
+async function initGmail() {
+  console.log(chalk.blue('\n📧 Gmail OAuth Setup\n'));
+  console.log(chalk.gray('Secure, read-only access to scan your email for shipping confirmations'));
+  console.log(chalk.gray('Your credentials are stored locally - no data leaves your computer\n'));
+  
+  // Check if credentials exist
+  if (!fs.existsSync(CREDENTIALS_PATH)) {
+    console.log(chalk.yellow('⚠️  Gmail OAuth credentials not found.'));
+    console.log('\nTo set up Gmail access:');
+    console.log('1. Go to https://console.cloud.google.com/apis/credentials');
+    console.log('2. Create OAuth 2.0 Client ID (Desktop app)');
+    console.log('3. Download the JSON file');
+    console.log(`4. Save it as: ${CREDENTIALS_PATH}\n`);
+    
+    // Ensure directory exists with secure permissions
+    if (!fs.existsSync(CONFIG_DIR)) {
+      fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    }
+    
+    throw new Error('Please set up Gmail credentials first');
+  }
+  
+  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
+  
+  // Handle different credential formats
+  let clientInfo;
+  if (credentials.installed) {
+    clientInfo = credentials.installed;
+  } else if (credentials.web) {
+    clientInfo = credentials.web;
+  } else {
+    // Direct format (sometimes happens with newer Google Cloud Console)
+    clientInfo = credentials;
+  }
+  
+  const { client_secret, client_id, redirect_uris } = clientInfo;
+  
+  if (!client_secret || !client_id || !redirect_uris || !redirect_uris[0]) {
+    throw new Error('Invalid credentials.json format. Please download a fresh OAuth client credentials file from Google Cloud Console.');
+  }
+  
+  // Parse the redirect URI to get the port
+  const redirectUri = redirect_uris[0];
+  const redirectUrl = new URL(redirectUri);
+  const port = parseInt(redirectUrl.port) || 3000;
+  
+  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirectUri);
+  
+  // Generate auth URL
+  const authUrl = oAuth2Client.generateAuthUrl({
+    access_type: 'offline',
+    scope: SCOPES,
+  });
+  
+  console.log(chalk.blue('Opening browser for Gmail authorization...'));
+  console.log(chalk.gray(`Starting local server on port ${port}...\n`));
+  
+  // Create a promise that resolves when we get the code
+  const code = await new Promise((resolve, reject) => {
+    const server = http.createServer(async (req, res) => {
+      try {
+        console.log(chalk.gray(`Received request: ${req.url}`));
+        const queryParams = url.parse(req.url, true).query;
+        
+        if (queryParams.code) {
+          // Send success page
+          res.writeHead(200, { 'Content-Type': 'text/html' });
+          res.end(`
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <meta charset="UTF-8">
+                <title>Authorization Successful</title>
+                <style>
+                  body {
+                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+                    display: flex;
+                    align-items: center;
+                    justify-content: center;
+                    height: 100vh;
+                    margin: 0;
+                    background: #f5f5f5;
+                  }
+                  .container {
+                    text-align: center;
+                    background: white;
+                    padding: 3rem;
+                    border-radius: 12px;
+                    box-shadow: 0 4px 12px rgba(0,0,0,0.1);
+                  }
+                  h1 { color: #22c55e; margin: 0 0 1rem; }
+                  p { color: #666; margin: 0; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <h1>✓ Authorization Successful!</h1>
+                  <p>You can close this window and return to the terminal.</p>
+                </div>
+              </body>
+            </html>
+          `);
+          
+          console.log(chalk.green('\n✓ Received authorization code'));
+          
+          // Give time for response to be sent
+          setTimeout(() => {
+            server.close();
+            resolve(queryParams.code);
+          }, 100);
+        } else if (queryParams.error) {
+          res.writeHead(400, { 'Content-Type': 'text/html' });
+          res.end(`
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <meta charset="UTF-8">
+                <title>Authorization Failed</title>
+                <style>
+                  body {
+                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+                    display: flex;
+                    align-items: center;
+                    justify-content: center;
+                    height: 100vh;
+                    margin: 0;
+                    background: #f5f5f5;
+                  }
+                  .container {
+                    text-align: center;
+                    background: white;
+                    padding: 3rem;
+                    border-radius: 12px;
+                    box-shadow: 0 4px 12px rgba(0,0,0,0.1);
+                  }
+                  h1 { color: #ef4444; margin: 0 0 1rem; }
+                  p { color: #666; margin: 0; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <h1>✗ Authorization Failed</h1>
+                  <p>Error: ${queryParams.error}</p>
+                </div>
+              </body>
+            </html>
+          `);
+          
+          setTimeout(() => {
+            server.close();
+            reject(new Error(`OAuth error: ${queryParams.error}`));
+          }, 100);
+        }
+      } catch (err) {
+        server.close();
+        reject(err);
+      }
+    });
+    
+    // Handle server errors
+    server.on('error', (err) => {
+      if (err.code === 'EADDRINUSE') {
+        console.log(chalk.red(`\n✗ Port ${port} is already in use`));
+        console.log(chalk.yellow('Please close any other applications using this port and try again.\n'));
+      }
+      reject(err);
+    });
+    
+    server.listen(port, '127.0.0.1', () => {
+      console.log(chalk.green(`✓ Server listening on http://127.0.0.1:${port}`));
+      console.log(chalk.gray('Opening browser...\n'));
+      
+      // Wait a bit for server to be fully ready, then open browser
+      setTimeout(() => {
+        open(authUrl);
+      }, 500);
+    });
+    
+    // Timeout after 5 minutes
+    setTimeout(() => {
+      server.close();
+      reject(new Error('Authorization timeout - no response received after 5 minutes'));
+    }, 5 * 60 * 1000);
+  });
+  
+  const { tokens } = await oAuth2Client.getToken(code);
+  oAuth2Client.setCredentials(tokens);
+  
+  // Save token with secure permissions (user read/write only)
+  fs.writeFileSync(TOKEN_PATH, JSON.stringify(tokens), { mode: 0o600 });
+  console.log(chalk.green('\n✓ Gmail access granted and saved!'));
+}
+
+/**
+ * Get authorized Gmail client
+ */
+function getGmailClient() {
+  if (!fs.existsSync(CREDENTIALS_PATH)) {
+    throw new Error('Gmail credentials not found. Run `pkg init` first.');
+  }
+  
+  if (!fs.existsSync(TOKEN_PATH)) {
+    throw new Error('Gmail not authorized. Run `pkg init` first.');
+  }
+  
+  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
+  const tokens = JSON.parse(fs.readFileSync(TOKEN_PATH, 'utf8'));
+  
+  // Handle different credential formats
+  let clientInfo;
+  if (credentials.installed) {
+    clientInfo = credentials.installed;
+  } else if (credentials.web) {
+    clientInfo = credentials.web;
+  } else {
+    clientInfo = credentials;
+  }
+  
+  const { client_secret, client_id, redirect_uris } = clientInfo;
+  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirect_uris[0]);
+  
+  oAuth2Client.setCredentials(tokens);
+  
+  return google.gmail({ version: 'v1', auth: oAuth2Client });
+}
+
+/**
+ * Sync packages from Gmail
+ */
+async function syncPackages(days = 30) {
+  console.log(chalk.blue('\n📧 Gmail Package Scanner\n'));
+  console.log(chalk.gray('Securely scanning your Gmail for shipping confirmations...'));
+  console.log(chalk.gray(`Searching the last ${days} days for packages from UPS, FedEx, USPS, and Amazon`));
+  console.log(chalk.gray('💡 Tip: Use --days <number> to customize the date range (max 30 days)\n'));
+  
+  const spinner = ora('Scanning Gmail for shipping confirmations...').start();
+  
+  try {
+    const gmail = getGmailClient();
+    
+    // Expanded search for shipping-related emails
+    // Search both subject and body for common shipping terms
+    const query = `(
+      shipped OR 
+      "has shipped" OR 
+      tracking OR 
+      delivered OR 
+      "out for delivery" OR 
+      "order confirmation" OR 
+      "shipment confirmation" OR 
+      "your order" OR 
+      "on its way" OR 
+      "package update" OR
+      "delivery update" OR
+      "1Z" OR
+      "TBA" OR
+      "fedex" OR
+      "usps" OR
+      "ups" OR
+      "amazon"
+    ) newer_than:${days}d`.replace(/\s+/g, ' ');
+    
+    console.log(chalk.gray(`\nSearch query: ${query.substring(0, 100)}...`));
+    
+    const response = await gmail.users.messages.list({
+      userId: 'me',
+      q: query,
+      maxResults: 200, // Increased from 100
+    });
+    
+    const messages = response.data.messages || [];
+    
+    if (messages.length === 0) {
+      spinner.succeed(chalk.yellow('No shipping emails found'));
+      return;
+    }
+    
+    spinner.text = `Found ${messages.length} emails, extracting tracking numbers...`;
+    console.log(chalk.gray(`Processing ${messages.length} emails (last ${days} days)...\n`));
+    
+    let foundCount = 0;
+    let emailsWithTracking = 0;
+    const skippedEmails = [];
+    
+    for (const message of messages) {
+      const msg = await gmail.users.messages.get({
+        userId: 'me',
+        id: message.id,
+        format: 'full',
+      });
+      
+      // Extract headers
+      const headers = msg.data.payload.headers;
+      const subject = headers.find(h => h.name === 'Subject')?.value || '';
+      const from = headers.find(h => h.name === 'From')?.value || '';
+      const date = headers.find(h => h.name === 'Date')?.value || '';
+      
+      // Get email body
+      let body = '';
+      if (msg.data.payload.body.data) {
+        body = Buffer.from(msg.data.payload.body.data, 'base64').toString();
+      } else if (msg.data.payload.parts) {
+        const textPart = msg.data.payload.parts.find(p => p.mimeType === 'text/plain');
+        if (textPart && textPart.body.data) {
+          body = Buffer.from(textPart.body.data, 'base64').toString();
+        }
+      }
+      
+      // Extract tracking numbers
+      const trackingNumbers = extractTrackingNumbers(subject + ' ' + body);
+      
+      if (trackingNumbers.length > 0) {
+        emailsWithTracking++;
+        const emailData = { from, subject, body, date };
+        const retailer = detectRetailer(emailData);
+        const shippedDate = extractShippedDate(emailData);
+        const productDetails = extractProductDetails(emailData);
+        
+        // Parse email date to timestamp
+        let emailTimestamp = null;
+        try {
+          if (date) {
+            emailTimestamp = Math.floor(new Date(date).getTime() / 1000);
+          }
+        } catch (e) {
+          // Use current time if parsing fails
+          emailTimestamp = Math.floor(Date.now() / 1000);
+        }
+        
+        for (const { trackingNumber, carrier } of trackingNumbers) {
+          upsertPackage({
+            trackingNumber,
+            carrier,
+            retailer,
+            description: productDetails,
+            emailId: message.id,
+            shippedDate,
+            lastEmailDate: emailTimestamp,
+          });
+          foundCount++;
+        }
+      } else {
+        // Track emails without tracking numbers for debugging
+        skippedEmails.push({ subject, from });
+      }
+    }
+    
+    spinner.succeed(chalk.green(`✓ Found ${foundCount} tracking numbers from ${emailsWithTracking}/${messages.length} emails`));
+    
+    if (foundCount > 0) {
+      console.log(chalk.gray(`\n💡 Run ${chalk.cyan('pkg open')} to track your packages\n`));
+    }
+    
+    // Show sample of skipped emails if verbose
+    if (skippedEmails.length > 0 && skippedEmails.length < 10) {
+      console.log(chalk.yellow(`⚠️  ${skippedEmails.length} emails had no tracking numbers:`));
+      skippedEmails.forEach(({ subject, from }) => {
+        console.log(chalk.gray(`  - ${subject.substring(0, 60)}...`));
+        console.log(chalk.gray(`    from: ${from.substring(0, 40)}`));
+      });
+      console.log();
+    } else if (skippedEmails.length >= 10) {
+      console.log(chalk.gray(`${skippedEmails.length} emails had no tracking numbers (likely order confirmations)\n`));
+    }
+    
+  } catch (error) {
+    spinner.fail(chalk.red('Failed to sync'));
+    throw error;
+  }
+}
+
+module.exports = {
+  initGmail,
+  syncPackages,
+  getGmailClient,
+};

package/src/gmail.js

@@ -7,67 +7,57 @@ const chalk = require('chalk');
 const ora = require('ora');
 const http = require('http');
 const url = require('url');
+const net = require('net');
 const { extractTrackingNumbers, detectRetailer, extractShippedDate, extractProductDetails } = require('./parser');
 const { upsertPackage } = require('./db');
 
 const CONFIG_DIR = path.join(os.homedir(), '.pkg-tracker');
 const TOKEN_PATH = path.join(CONFIG_DIR, 'gmail-token.json');
-const CREDENTIALS_PATH = path.join(CONFIG_DIR, 'credentials.json');
+
+// Web-based OAuth URL
+const AUTH_WEB_URL = process.env.PKG_TRACK_AUTH_URL || 'https://pkg-track-auth.vercel.app';
 
 const SCOPES = ['https://www.googleapis.com/auth/gmail.readonly'];
 
 /**
- * Initialize Gmail OAuth
+ * Find an available port
+ */
+async function getAvailablePort() {
+  return new Promise((resolve, reject) => {
+    const server = net.createServer();
+    server.listen(0, '127.0.0.1', () => {
+      const port = server.address().port;
+      server.close(() => resolve(port));
+    });
+    server.on('error', reject);
+  });
+}
+
+/**
+ * Initialize Gmail OAuth using web-based flow
  */
 async function initGmail() {
   console.log(chalk.blue('\n📧 Gmail OAuth Setup\n'));
   console.log(chalk.gray('Secure, read-only access to scan your email for shipping confirmations'));
   console.log(chalk.gray('Your credentials are stored locally - no data leaves your computer\n'));
   
-  // Check if credentials exist
-  if (!fs.existsSync(CREDENTIALS_PATH)) {
-    console.log(chalk.yellow('⚠️  Gmail OAuth credentials not found.'));
-    console.log('\nTo set up Gmail access:');
-    console.log('1. Go to https://console.cloud.google.com/apis/credentials');
-    console.log('2. Create OAuth 2.0 Client ID (Desktop app)');
-    console.log('3. Download the JSON file');
-    console.log(`4. Save it as: ${CREDENTIALS_PATH}\n`);
-    
-    // Ensure directory exists with secure permissions
-    if (!fs.existsSync(CONFIG_DIR)) {
-      fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
-    }
-    
-    throw new Error('Please set up Gmail credentials first');
+  // Ensure config directory exists with secure permissions
+  if (!fs.existsSync(CONFIG_DIR)) {
+    fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
   }
   
-  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
-  const { client_secret, client_id, redirect_uris } = credentials.installed || credentials.web;
-  
-  // Parse the redirect URI to get the port
-  const redirectUri = redirect_uris[0];
-  const redirectUrl = new URL(redirectUri);
-  const port = parseInt(redirectUrl.port) || 3000;
-  
-  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirectUri);
-  
-  // Generate auth URL
-  const authUrl = oAuth2Client.generateAuthUrl({
-    access_type: 'offline',
-    scope: SCOPES,
-  });
+  // Start local callback server
+  const port = await getAvailablePort();
+  console.log(chalk.green(`✓ Starting local callback server on port ${port}`));
   
-  console.log(chalk.blue('Opening browser for Gmail authorization...'));
-  console.log(chalk.gray(`Starting local server on port ${port}...\n`));
-  
-  // Create a promise that resolves when we get the code
-  const code = await new Promise((resolve, reject) => {
-    const server = http.createServer(async (req, res) => {
+  const tokens = await new Promise((resolve, reject) => {
+    const server = http.createServer((req, res) => {
       try {
-        console.log(chalk.gray(`Received request: ${req.url}`));
         const queryParams = url.parse(req.url, true).query;
         
-        if (queryParams.code) {
+        if (queryParams.token) {
+          const tokens = JSON.parse(queryParams.token);
+          
           // Send success page
           res.writeHead(200, { 'Content-Type': 'text/html' });
           res.end(`
@@ -99,57 +89,22 @@ async function initGmail() {
               </head>
               <body>
                 <div class="container">
-                  <h1>✓ Authorization Successful!</h1>
+                  <h1>✓ Authorization Complete!</h1>
                   <p>You can close this window and return to the terminal.</p>
                 </div>
               </body>
             </html>
           `);
           
-          console.log(chalk.green('\n✓ Received authorization code'));
+          console.log(chalk.green('\n✓ Received authorization token'));
           
-          // Give time for response to be sent
           setTimeout(() => {
             server.close();
-            resolve(queryParams.code);
+            resolve(tokens);
           }, 100);
         } else if (queryParams.error) {
-          res.writeHead(400, { 'Content-Type': 'text/html' });
-          res.end(`
-            <!DOCTYPE html>
-            <html>
-              <head>
-                <meta charset="UTF-8">
-                <title>Authorization Failed</title>
-                <style>
-                  body {
-                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
-                    display: flex;
-                    align-items: center;
-                    justify-content: center;
-                    height: 100vh;
-                    margin: 0;
-                    background: #f5f5f5;
-                  }
-                  .container {
-                    text-align: center;
-                    background: white;
-                    padding: 3rem;
-                    border-radius: 12px;
-                    box-shadow: 0 4px 12px rgba(0,0,0,0.1);
-                  }
-                  h1 { color: #ef4444; margin: 0 0 1rem; }
-                  p { color: #666; margin: 0; }
-                </style>
-              </head>
-              <body>
-                <div class="container">
-                  <h1>✗ Authorization Failed</h1>
-                  <p>Error: ${queryParams.error}</p>
-                </div>
-              </body>
-            </html>
-          `);
+          res.writeHead(400, { 'Content-Type': 'text/plain' });
+          res.end('Authorization failed');
           
           setTimeout(() => {
             server.close();
@@ -162,20 +117,20 @@ async function initGmail() {
       }
     });
     
-    // Handle server errors
     server.on('error', (err) => {
       if (err.code === 'EADDRINUSE') {
         console.log(chalk.red(`\n✗ Port ${port} is already in use`));
-        console.log(chalk.yellow('Please close any other applications using this port and try again.\n'));
+        console.log(chalk.yellow('Please try again in a moment.\n'));
       }
       reject(err);
     });
     
     server.listen(port, '127.0.0.1', () => {
-      console.log(chalk.green(`✓ Server listening on http://127.0.0.1:${port}`));
-      console.log(chalk.gray('Opening browser...\n'));
+      console.log(chalk.blue('Opening browser for Gmail authorization...\n'));
+      
+      // Open web app with callback port
+      const authUrl = `${AUTH_WEB_URL}/?port=${port}`;
       
-      // Wait a bit for server to be fully ready, then open browser
       setTimeout(() => {
         open(authUrl);
       }, 500);
@@ -188,10 +143,7 @@ async function initGmail() {
     }, 5 * 60 * 1000);
   });
   
-  const { tokens } = await oAuth2Client.getToken(code);
-  oAuth2Client.setCredentials(tokens);
-  
-  // Save token with secure permissions (user read/write only)
+  // Save tokens with secure permissions
   fs.writeFileSync(TOKEN_PATH, JSON.stringify(tokens), { mode: 0o600 });
   console.log(chalk.green('\n✓ Gmail access granted and saved!'));
 }
@@ -200,20 +152,15 @@ async function initGmail() {
  * Get authorized Gmail client
  */
 function getGmailClient() {
-  if (!fs.existsSync(CREDENTIALS_PATH)) {
-    throw new Error('Gmail credentials not found. Run `pkg init` first.');
-  }
-  
   if (!fs.existsSync(TOKEN_PATH)) {
     throw new Error('Gmail not authorized. Run `pkg init` first.');
   }
   
-  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
   const tokens = JSON.parse(fs.readFileSync(TOKEN_PATH, 'utf8'));
   
-  const { client_secret, client_id, redirect_uris } = credentials.installed || credentials.web;
-  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirect_uris[0]);
-  
+  // Create a temporary OAuth client just for making API calls
+  // We don't need client_id/secret after we have the tokens
+  const oAuth2Client = new google.auth.OAuth2();
   oAuth2Client.setCredentials(tokens);
   
   return google.gmail({ version: 'v1', auth: oAuth2Client });
@@ -234,7 +181,6 @@ async function syncPackages(days = 30) {
     const gmail = getGmailClient();
     
     // Expanded search for shipping-related emails
-    // Search both subject and body for common shipping terms
     const query = `(
       shipped OR 
       "has shipped" OR 
@@ -255,12 +201,10 @@ async function syncPackages(days = 30) {
       "amazon"
     ) newer_than:${days}d`.replace(/\s+/g, ' ');
     
-    console.log(chalk.gray(`\nSearch query: ${query.substring(0, 100)}...`));
-    
     const response = await gmail.users.messages.list({
       userId: 'me',
       q: query,
-      maxResults: 200, // Increased from 100
+      maxResults: 200,
     });
     
     const messages = response.data.messages || [];
@@ -271,7 +215,6 @@ async function syncPackages(days = 30) {
     }
     
     spinner.text = `Found ${messages.length} emails, extracting tracking numbers...`;
-    console.log(chalk.gray(`Processing ${messages.length} emails (last ${days} days)...\n`));
     
     let foundCount = 0;
     let emailsWithTracking = 0;
@@ -318,7 +261,6 @@ async function syncPackages(days = 30) {
             emailTimestamp = Math.floor(new Date(date).getTime() / 1000);
           }
         } catch (e) {
-          // Use current time if parsing fails
           emailTimestamp = Math.floor(Date.now() / 1000);
         }
         
@@ -335,7 +277,6 @@ async function syncPackages(days = 30) {
           foundCount++;
         }
       } else {
-        // Track emails without tracking numbers for debugging
         skippedEmails.push({ subject, from });
       }
     }
@@ -346,7 +287,6 @@ async function syncPackages(days = 30) {
       console.log(chalk.gray(`\n💡 Run ${chalk.cyan('pkg open')} to track your packages\n`));
     }
     
-    // Show sample of skipped emails if verbose
     if (skippedEmails.length > 0 && skippedEmails.length < 10) {
       console.log(chalk.yellow(`⚠️  ${skippedEmails.length} emails had no tracking numbers:`));
       skippedEmails.forEach(({ subject, from }) => {