npm - securegate-cli-tool - Versions diffs - 2.1.1 → 2.1.3 - Mend

securegate-cli-tool 2.1.1 → 2.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "securegate-cli-tool",
-    "version": "2.1.1",
+    "version": "2.1.3",
     "description": "SecureGate CLI — Secure your AI agent API keys from the terminal",
     "main": "src/index.js",
     "bin": {

package/src/commands/login.js CHANGED Viewed

@@ -98,16 +98,15 @@ async function loginCommand() {
                         // We must fetch the user profile securely given the access token
                         spinner.text = 'Verifying session...';
-                        // Set the initial auth context in the API client to make requests
-                        // We manually overwrite the globally configured client to bypass normal auth requirement
+                        // Create a minimal Supabase client for auth verification only
                         const { createClient } = require('@supabase/supabase-js');
-                        api.supabase = createClient(SUPABASE_URL, SUPABASE_ANON_KEY, {
-                            auth: { persistSession: false },
-                            global: { headers: { Authorization: `Bearer ${payload.access_token}` } }
+                        const supabaseAuth = createClient(SUPABASE_URL, SUPABASE_ANON_KEY, {
+                            auth: { persistSession: false }
                         });
-                        // Request user data using the new token to confirm it's valid and get email
-                        const { data: { user }, error } = await api.supabase.auth.getUser();
+                        // Pass the JWT directly to getUser() — this is the correct server-side pattern
+                        // It tells Supabase to verify this specific token rather than looking for a session
+                        const { data: { user }, error } = await supabaseAuth.auth.getUser(payload.access_token);
                         if (error || !user) {
                             console.error("\n[DEBUG] getUser failed:", { error, user, access_token: payload.access_token.substring(0, 15) + '...' });

package/src/config.js CHANGED Viewed

@@ -15,7 +15,7 @@ const CONFIG_FILE = path.join(CONFIG_DIR, 'config.json');
 // SecureGate uses strict Row Level Security (RLS) with no policies, meaning this key
 // CANNOT read or write any database data. It is strictly used for the login flow.
 const SUPABASE_URL = 'https://pbrmsfoowrjqsikgkijb.supabase.co';
-const SUPABASE_ANON_KEY = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InBicm1zZm9vd3JqcXNpa2draWpiIiwicm9sZSI6ImFub24iLCJpYXQiOjE3Mzg5MTg0NjcsImV4cCI6MjA1NDQ5NDQ2N30.4lGMcORfVTiRxSRcVMeuiECra3SvDpkWRMkJEiRQAS8';
+const SUPABASE_ANON_KEY = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InBicm1zZm9vd3JqcXNpa2draWpiIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzAzNjU0NjIsImV4cCI6MjA4NTk0MTQ2Mn0.XfZyEv3atJp7BMH7oQKx1T-rrP_8PLTKeyoIfvUgLks';
 // Public-facing proxy URL
 const PROXY_BASE_URL = 'https://usesecuregate.xyz/v1';