polydev-ai 1.9.12 → 1.9.13

package/mcp/stdio-wrapper.js

@@ -476,27 +476,37 @@ Token will be saved automatically after login.`
   async handleLoginTool(params, id) {
     const crypto = require('crypto');
     
-    // Check if already authenticated
+    // Check if already authenticated - verify with server first
     if (this.isAuthenticated && this.userToken) {
-      return {
-        jsonrpc: '2.0',
-        id,
-        result: {
-          content: [{
-            type: 'text',
-            text: `ALREADY AUTHENTICATED
+      console.error('[Polydev] Token exists locally, verifying with server...');
+      const isValid = await this.verifyTokenWithServer();
+      
+      if (isValid) {
+        return {
+          jsonrpc: '2.0',
+          id,
+          result: {
+            content: [{
+              type: 'text',
+              text: `ALREADY AUTHENTICATED
 =====================
 
-Your token is configured and ready.
+Your token is configured and verified.
 
 Available commands:
   /polydev:ask   Query multiple AI models
   /polydev:auth  Check status & credits
 
 To re-login: npx polydev-ai`
-          }]
-        }
-      };
+            }]
+          }
+        };
+      }
+      
+      // Token is invalid/expired - clear state and proceed with login
+      console.error('[Polydev] Token invalid/expired, proceeding with re-authentication...');
+      this.isAuthenticated = false;
+      this.userToken = null;
     }
     
     // Generate unique session ID for polling-based auth
@@ -620,6 +630,115 @@ Dashboard: https://polydev.ai/dashboard`
     }
   }
 
+  /**
+   * Verify the current token is valid by checking with the server
+   * Returns true if valid, false if invalid/expired
+   * On network error, returns true (don't block for transient issues)
+   */
+  async verifyTokenWithServer() {
+    if (!this.userToken) return false;
+    try {
+      const response = await fetch('https://www.polydev.ai/api/auth/status', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'Authorization': `Bearer ${this.userToken}`,
+          'User-Agent': 'polydev-stdio-wrapper/1.0.0'
+        }
+      });
+      if (!response.ok) {
+        console.error(`[Polydev] Token verification failed: ${response.status}`);
+        return false;
+      }
+      return true;
+    } catch (error) {
+      // Network error - assume valid to avoid blocking on transient issues
+      console.error('[Polydev] Token verification network error (assuming valid):', error.message);
+      return true;
+    }
+  }
+
+  /**
+   * Trigger re-authentication by opening browser and starting polling
+   * Used when token is detected as invalid/expired
+   * @param {*} id - JSON-RPC request id
+   * @param {string} reason - Human-readable reason for re-auth
+   * @returns {object} JSON-RPC response
+   */
+  async triggerReAuth(id, reason = 'Token invalid or expired') {
+    const crypto = require('crypto');
+    const sessionId = crypto.randomBytes(32).toString('hex');
+
+    // Clear local auth state
+    this.isAuthenticated = false;
+    this.userToken = null;
+
+    try {
+      const createResponse = await fetch(`https://www.polydev.ai/api/auth/cli-session/${sessionId}`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' }
+      });
+
+      if (!createResponse.ok) {
+        return {
+          jsonrpc: '2.0',
+          id,
+          result: {
+            content: [{
+              type: 'text',
+              text: `${reason}\n\nCould not initiate re-authentication. Please run:\n  npx polydev-ai`
+            }],
+            isError: true
+          }
+        };
+      }
+
+      const authUrl = `https://polydev.ai/auth?session_id=${sessionId}&redirect=ide-plugin&auto=true`;
+
+      console.error(`[Polydev] Opening browser for re-authentication...`);
+      this.openBrowser(authUrl).catch(() => {
+        console.error('[Polydev] Could not open browser for re-authentication');
+      });
+
+      this.savePendingSession(sessionId);
+      this.startLoginPolling(sessionId);
+
+      return {
+        jsonrpc: '2.0',
+        id,
+        result: {
+          content: [{
+            type: 'text',
+            text: `RE-AUTHENTICATION REQUIRED
+==========================
+
+${reason}
+
+A browser window is opening to re-authenticate.
+
+If it doesn't open, visit:
+  ${authUrl}
+
+Once you sign in, your token will be updated automatically.`
+          }]
+        }
+      };
+    } catch (error) {
+      const cause = error.cause ? ` (${error.cause.code || error.cause.message || error.cause})` : '';
+      return {
+        jsonrpc: '2.0',
+        id,
+        result: {
+          content: [{
+            type: 'text',
+            text: `${reason}\n\nCould not reach server: ${error.message}${cause}\nPlease run: npx polydev-ai`
+          }],
+          isError: true
+        }
+      };
+    }
+  }
+
   /**
    * Poll for login session completion
    * @param {string} sessionId - The session ID to poll
@@ -808,24 +927,9 @@ Configure: https://polydev.ai/dashboard/models`
           }
         };
       } else {
-        return {
-          jsonrpc: '2.0',
-          id,
-          result: {
-            content: [{
-              type: 'text',
-              text: `POLYDEV STATUS
-==============
-
-Token invalid or expired.
-
-Please re-login:
-  1. Use the "login" tool
-  2. Or run: npx polydev-ai login`
-            }],
-            isError: true
-          }
-        };
+        // Token invalid/expired - auto-trigger re-authentication
+        console.error('[Polydev] Auth status: token invalid/expired, auto-triggering re-auth...');
+        return await this.triggerReAuth(id, 'Token invalid or expired.');
       }
     } catch (error) {
       return {
@@ -1228,6 +1332,12 @@ Error: ${error.message}`
         const errorText = await response.text();
         console.error(`[Stdio Wrapper] Remote server error: ${response.status} - ${errorText}`);
 
+        // Handle 401 specifically - token expired/invalid, trigger re-auth
+        if (response.status === 401) {
+          console.error('[Polydev] Remote API returned 401, auto-triggering re-authentication...');
+          return await this.triggerReAuth(request.id, 'Authentication expired. Re-authenticating...');
+        }
+
         return {
           jsonrpc: '2.0',
           id: request.id,
@@ -1282,6 +1392,13 @@ Error: ${error.message}`
       // 3. Combines results
       const result = await this.localSendCliPrompt(params.arguments);
       
+      // Check if result indicates auth failure (from forwardToRemoteServer 401 handling)
+      const resultText = result.content || this.formatCliResponse(result);
+      if (result.result?.content?.[0]?.text?.includes('RE-AUTHENTICATION REQUIRED')) {
+        // Auth failure already handled with re-auth response - pass through
+        return result;
+      }
+      
       return {
         jsonrpc: '2.0',
         id,
@@ -1289,7 +1406,7 @@ Error: ${error.message}`
           content: [
             {
               type: 'text',
-              text: result.content || this.formatCliResponse(result)
+              text: resultText
             }
           ]
         }
@@ -1297,6 +1414,14 @@ Error: ${error.message}`
 
     } catch (error) {
       console.error(`[Stdio Wrapper] get_perspectives error:`, error);
+      
+      // Check if error is auth-related
+      const errMsg = (error.message || '').toLowerCase();
+      if (errMsg.includes('401') || errMsg.includes('unauthorized') || errMsg.includes('auth') || errMsg.includes('token')) {
+        console.error('[Polydev] Perspectives auth error, auto-triggering re-authentication...');
+        return await this.triggerReAuth(id, 'Authentication expired. Re-authenticating...');
+      }
+      
       return {
         jsonrpc: '2.0',
         id,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "polydev-ai",
-  "version": "1.9.12",
+  "version": "1.9.13",
   "engines": {
     "node": ">=20.x <=22.x"
   },