securenow 6.0.2 → 6.1.0

package/cli/apps.js

@@ -0,0 +1,585 @@
+'use strict';
+
+const { api, requireAuth } = require('./client');
+const config = require('./config');
+const ui = require('./ui');
+
+const FREE_TRIAL_URL = 'https://freetrial.securenow.ai:4318';
+const DOMAIN_REGEX = /^(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$/;
+
+function instanceUrl(inst) {
+  if (!inst) return FREE_TRIAL_URL;
+  return `${inst.protocol || 'https'}://${inst.host}:4318`;
+}
+
+async function fetchInstanceMap() {
+  try {
+    const data = await api.get('/instances');
+    const instances = data.instances || [];
+    const map = {};
+    for (const inst of instances) {
+      map[inst._id] = inst;
+    }
+    return map;
+  } catch {
+    return {};
+  }
+}
+
+async function list(args, flags) {
+  requireAuth();
+  const s = ui.spinner('Fetching applications');
+
+  try {
+    const [appData, instMap] = await Promise.all([
+      api.get('/applications'),
+      fetchInstanceMap(),
+    ]);
+    const apps = appData.applications || [];
+    s.stop(`Found ${apps.length} application${apps.length !== 1 ? 's' : ''}`);
+    console.log('');
+
+    if (flags.json) {
+      const enriched = apps.map(app => ({
+        ...app,
+        instanceUrl: instanceUrl(app.instanceId ? instMap[app.instanceId] : null),
+      }));
+      ui.json(enriched);
+      return;
+    }
+
+    const defaultApp = config.getDefaultApp();
+    const rows = apps.map(app => {
+      const inst = app.instanceId ? instMap[app.instanceId] : null;
+      const url = instanceUrl(inst);
+      const instLabel = inst ? `${inst.name} ${ui.c.dim(url)}` : `${ui.c.green('Free Trial')} ${ui.c.dim(url)}`;
+      return [
+        app.name + (app.key === defaultApp ? ui.c.cyan(' (default)') : ''),
+        ui.c.dim(app.key),
+        instLabel,
+        ui.timeAgo(app.createdAt),
+      ];
+    });
+
+    ui.table(['Name', 'Key', 'Instance', 'Created'], rows);
+    console.log('');
+
+    if (apps.length > 0) {
+      console.log(`  ${ui.c.bold('Add to your .env:')}`);
+      const first = apps.find(a => a.key === defaultApp) || apps[0];
+      const firstInst = first.instanceId ? instMap[first.instanceId] : null;
+      console.log(`    SECURENOW_APPID=${first.key}`);
+      console.log(`    SECURENOW_INSTANCE=${instanceUrl(firstInst)}`);
+      console.log('');
+    }
+
+    if (!defaultApp && apps.length > 0) {
+      ui.info(`Tip: Set a default app with ${ui.c.bold('securenow config set defaultApp <key>')}`);
+      console.log('');
+    }
+  } catch (err) {
+    s.fail('Failed to fetch applications');
+    throw err;
+  }
+}
+
+async function create(args, flags) {
+  requireAuth();
+
+  let name = args[0];
+  if (!name) {
+    name = await ui.prompt('Application name');
+    if (!name) {
+      ui.error('Application name is required');
+      process.exit(1);
+    }
+  }
+
+  const body = { name };
+  if (flags.hosts) {
+    body.hosts = flags.hosts.split(',').map(h => h.trim());
+  }
+
+  if (flags.instance) {
+    body.instanceId = flags.instance;
+  } else if (process.stdin.isTTY) {
+    body.instanceId = await pickInstance();
+  }
+
+  const selectedInstanceId = body.instanceId;
+
+  const s = ui.spinner(`Creating application "${name}"`);
+  try {
+    const result = await api.post('/applications', body);
+    const app = result.application || result;
+    s.stop(`Application created`);
+
+    let inst = null;
+    if (selectedInstanceId) {
+      try {
+        const instData = await api.get(`/instances/${selectedInstanceId}`);
+        inst = instData.instance || null;
+      } catch {}
+    }
+    const envUrl = instanceUrl(inst);
+
+    console.log('');
+    ui.keyValue([
+      ['Name', app.name],
+      ['Key', ui.c.green(ui.c.bold(app.key))],
+      ['ID', ui.c.dim(app._id)],
+      ['Instance', inst ? `${inst.name} ${ui.c.dim(`(${envUrl})`)}` : `${ui.c.green('Free Trial')} ${ui.c.dim(`(${envUrl})`)}`],
+      ['Hosts', app.hosts?.length ? app.hosts.join(', ') : ui.c.dim('none')],
+    ]);
+
+    console.log('');
+    console.log(`  ${ui.c.bold('Add to your .env.local:')}`);
+    console.log('');
+    console.log(`    SECURENOW_APPID=${app.key}`);
+    console.log(`    SECURENOW_INSTANCE=${envUrl}`);
+    console.log('');
+    ui.info(`Set as default: ${ui.c.bold(`securenow config set defaultApp ${app.key}`)}`);
+    console.log('');
+
+    if (flags.json) {
+      ui.json({ ...app, instanceUrl: envUrl });
+    }
+
+    if (app.hosts && app.hosts.length > 0) {
+      await offerSubdomainDiscovery(app.hosts, selectedInstanceId, flags);
+    }
+  } catch (err) {
+    s.fail('Failed to create application');
+    throw err;
+  }
+}
+
+async function pickInstance() {
+  const s = ui.spinner('Loading instances');
+  let instances = [];
+  try {
+    const data = await api.get('/instances');
+    instances = data.instances || [];
+    s.stop('Instances loaded');
+  } catch {
+    s.stop('Could not load instances');
+    return null;
+  }
+
+  const FREE_TRIAL_LABEL = `${ui.c.green('Free Trial')} ${ui.c.dim('— SecureNow managed instance (no setup needed)')}`;
+
+  const choices = [{ label: FREE_TRIAL_LABEL, value: null }];
+
+  for (const inst of instances) {
+    const status = inst.status === 'active' ? ui.c.green('●') : ui.c.red('●');
+    const apps = inst.linkedApps ? ui.c.dim(` (${inst.linkedApps} app${inst.linkedApps !== 1 ? 's' : ''})`) : '';
+    choices.push({
+      label: `${status} ${inst.name}${apps} ${ui.c.dim(`[${inst._id}]`)}`,
+      value: inst._id,
+    });
+  }
+
+  const appUrl = config.getAppUrl();
+  choices.push({
+    label: `${ui.c.cyan('+')} Create a new instance ${ui.c.dim('(opens browser)')}`,
+    value: '__new__',
+  });
+
+  const selected = await ui.select('Which instance should this app use?', choices);
+
+  if (selected === '__new__') {
+    const url = `${appUrl}/dashboard/settings/instances`;
+    ui.info(`Opening ${ui.c.underline(url)}`);
+    openBrowser(url);
+    ui.info('Create your instance in the browser, then run this command again.');
+    process.exit(0);
+  }
+
+  return selected;
+}
+
+function openBrowser(url) {
+  const { execFileSync } = require('child_process');
+  try {
+    if (process.platform === 'darwin') execFileSync('open', [url], { stdio: 'ignore' });
+    else if (process.platform === 'win32') execFileSync('cmd', ['/c', 'start', '', url], { stdio: 'ignore' });
+    else execFileSync('xdg-open', [url], { stdio: 'ignore' });
+  } catch {
+    ui.warn(`Could not open browser. Visit: ${url}`);
+  }
+}
+
+async function info(args, flags) {
+  requireAuth();
+
+  const id = args[0];
+  if (!id) {
+    ui.error('Application ID is required. Usage: securenow apps info <id>');
+    process.exit(1);
+  }
+
+  const s = ui.spinner('Fetching application details');
+  try {
+    const data = await api.get(`/applications/${id}`);
+    const app = data.application || data;
+
+    let inst = null;
+    if (app.instanceId) {
+      try {
+        const instData = await api.get(`/instances/${app.instanceId}`);
+        inst = instData.instance || null;
+      } catch {}
+    }
+    const envUrl = instanceUrl(inst);
+    s.stop('Application details loaded');
+
+    if (flags.json) {
+      ui.json({ ...app, instanceUrl: envUrl });
+      return;
+    }
+
+    console.log('');
+    ui.heading(app.name);
+    console.log('');
+    ui.keyValue([
+      ['Key', ui.c.bold(app.key)],
+      ['ID', ui.c.dim(app._id)],
+      ['Instance', inst ? `${inst.name} ${ui.c.dim(`(${envUrl})`)}` : `${ui.c.green('Free Trial')} ${ui.c.dim(`(${envUrl})`)}`],
+      ['Hosts', app.hosts?.length ? app.hosts.join(', ') : ui.c.dim('none')],
+      ['Created', app.createdAt ? new Date(app.createdAt).toLocaleString() : '—'],
+      ['Updated', app.updatedAt ? new Date(app.updatedAt).toLocaleString() : '—'],
+    ]);
+
+    console.log('');
+    console.log(`  ${ui.c.bold('Environment variables:')}`);
+    console.log(`    SECURENOW_APPID=${app.key}`);
+    console.log(`    SECURENOW_INSTANCE=${envUrl}`);
+    console.log('');
+  } catch (err) {
+    s.fail('Failed to fetch application');
+    throw err;
+  }
+}
+
+async function remove(args, flags) {
+  requireAuth();
+
+  const id = args[0];
+  if (!id) {
+    ui.error('Application ID is required. Usage: securenow apps delete <id>');
+    process.exit(1);
+  }
+
+  if (!flags.force && !flags.yes) {
+    const ok = await ui.confirm('Are you sure you want to delete this application?');
+    if (!ok) {
+      ui.info('Cancelled');
+      return;
+    }
+  }
+
+  const s = ui.spinner('Deleting application');
+  try {
+    await api.delete(`/applications/${id}`);
+    s.stop('Application deleted');
+  } catch (err) {
+    s.fail('Failed to delete application');
+    throw err;
+  }
+}
+
+async function setDefault(args) {
+  const key = args[0];
+  if (!key) {
+    ui.error('App key is required. Usage: securenow apps default <key>');
+    process.exit(1);
+  }
+  config.setConfigValue('defaultApp', key);
+  ui.success(`Default application set to ${ui.c.bold(key)}`);
+}
+
+function extractRootDomains(hosts) {
+  const domains = new Set();
+  for (const host of hosts || []) {
+    let cleaned = host.trim().toLowerCase();
+    try {
+      if (cleaned.startsWith('http://') || cleaned.startsWith('https://')) {
+        cleaned = new URL(cleaned).hostname;
+      }
+    } catch {}
+    if (DOMAIN_REGEX.test(cleaned)) {
+      const parts = cleaned.split('.');
+      const root = parts.length > 2 ? parts.slice(-2).join('.') : cleaned;
+      domains.add(root);
+    }
+  }
+  return [...domains];
+}
+
+async function offerSubdomainDiscovery(hosts, instanceId, flags) {
+  if (!process.stdin.isTTY) return;
+
+  const domains = extractRootDomains(hosts);
+  if (domains.length === 0) return;
+
+  const shouldDiscover = await ui.confirm(
+    `Domain${domains.length > 1 ? 's' : ''} detected (${domains.join(', ')}). Discover subdomains and add them as apps?`
+  );
+  if (!shouldDiscover) return;
+
+  await discoverAndAdd(domains, instanceId, flags);
+}
+
+async function discoverAndAdd(domains, instanceId, flags) {
+  const s = ui.spinner(`Scanning ${domains.length} domain${domains.length > 1 ? 's' : ''} for subdomains`);
+
+  let allSubdomains = [];
+  try {
+    for (const domain of domains) {
+      s.update(`Scanning ${domain}...`);
+      const result = await api.get(`/subdomains`, { query: { domain } });
+      if (result.success && result.subdomains) {
+        allSubdomains.push(...result.subdomains);
+      }
+    }
+    s.stop(`Found ${allSubdomains.length} subdomain${allSubdomains.length !== 1 ? 's' : ''}`);
+  } catch (err) {
+    s.fail('Failed to discover subdomains');
+    throw err;
+  }
+
+  if (allSubdomains.length === 0) {
+    ui.info('No subdomains found.');
+    return;
+  }
+
+  // Filter out subdomains already registered as apps
+  let existingHosts;
+  try {
+    const appData = await api.get('/applications');
+    const apps = appData.applications || [];
+    existingHosts = new Set(apps.flatMap(a => (a.hosts || []).map(h => h.toLowerCase())));
+  } catch {
+    existingHosts = new Set();
+  }
+
+  const newSubdomains = allSubdomains.filter(
+    (s) => !existingHosts.has(s.subdomain.toLowerCase())
+  );
+
+  if (newSubdomains.length === 0) {
+    ui.info('All discovered subdomains are already registered as apps.');
+    return;
+  }
+
+  console.log('');
+  ui.info(`${newSubdomains.length} new subdomain${newSubdomains.length !== 1 ? 's' : ''} found (${allSubdomains.length - newSubdomains.length} already tracked):`);
+
+  if (flags && flags.json) {
+    ui.json(newSubdomains);
+    return;
+  }
+
+  const choices = newSubdomains.map((sub) => ({
+    label: sub.subdomain,
+    detail: `IP: ${sub.ip || 'none'}${sub.cloudflare ? ' · Cloudflare' : ''}`,
+    value: sub.subdomain,
+  }));
+
+  const selected = await ui.multiSelect(
+    'Which subdomains should be added as monitored apps?',
+    choices
+  );
+
+  if (selected.length === 0) {
+    ui.info('No subdomains selected.');
+    return;
+  }
+
+  const createSpinner = ui.spinner(`Creating ${selected.length} application${selected.length !== 1 ? 's' : ''}`);
+  try {
+    const result = await api.post('/applications/bulk', {
+      subdomains: selected,
+      instanceId: instanceId || null,
+    });
+    const count = result.count || selected.length;
+    createSpinner.stop(`Created ${count} application${count !== 1 ? 's' : ''}`);
+
+    console.log('');
+    if (result.applications) {
+      const rows = result.applications.map((app) => [
+        app.name,
+        ui.c.dim(app.key),
+        app.hosts?.join(', ') || '',
+      ]);
+      ui.table(['Name', 'Key', 'Hosts'], rows);
+    }
+    console.log('');
+  } catch (err) {
+    createSpinner.fail('Failed to create applications');
+    throw err;
+  }
+}
+
+async function discover(args, flags) {
+  requireAuth();
+
+  const appId = args[0];
+  let domains = [];
+  let instanceId = null;
+
+  if (appId) {
+    const s = ui.spinner('Fetching application');
+    try {
+      const data = await api.get(`/applications/${appId}`);
+      const app = data.application || data;
+      s.stop(`Application: ${app.name}`);
+      domains = extractRootDomains(app.hosts);
+      instanceId = app.instanceId;
+    } catch (err) {
+      s.fail('Failed to fetch application');
+      throw err;
+    }
+  } else if (flags.domain) {
+    domains = flags.domain.split(',').map(d => d.trim());
+  } else {
+    const domain = await ui.prompt('Domain to scan (e.g. example.com)');
+    if (!domain) {
+      ui.error('Domain is required');
+      process.exit(1);
+    }
+    domains = domain.split(',').map(d => d.trim());
+  }
+
+  if (domains.length === 0) {
+    ui.error('No domains found in application hosts. Specify a domain with --domain');
+    process.exit(1);
+  }
+
+  if (flags.instance) {
+    instanceId = flags.instance;
+  }
+
+  await discoverAndAdd(domains, instanceId, flags);
+}
+
+async function scan(args, flags) {
+  requireAuth();
+  const s = ui.spinner('Running subdomain discovery across all applications');
+
+  try {
+    const appData = await api.get('/applications');
+    const apps = appData.applications || [];
+
+    const allDomains = new Set();
+    let firstInstanceId = null;
+    for (const app of apps) {
+      const roots = extractRootDomains(app.hosts);
+      for (const r of roots) allDomains.add(r);
+      if (!firstInstanceId && app.instanceId) firstInstanceId = app.instanceId;
+    }
+
+    if (allDomains.size === 0) {
+      s.stop('No domains found across your applications');
+      ui.info('Add domains to your application hosts first, then run this command again.');
+      return;
+    }
+
+    s.update(`Found ${allDomains.size} unique domain${allDomains.size !== 1 ? 's' : ''}, scanning...`);
+
+    const existingHosts = new Set(
+      apps.flatMap((a) => (a.hosts || []).map((h) => h.toLowerCase()))
+    );
+
+    let totalNew = 0;
+    let totalCreated = 0;
+    const allNew = [];
+
+    for (const domain of allDomains) {
+      s.update(`Scanning ${domain}...`);
+      try {
+        const result = await api.get('/subdomains', { query: { domain } });
+        if (result.success && result.subdomains) {
+          const newSubs = result.subdomains.filter(
+            (sub) => !existingHosts.has(sub.subdomain.toLowerCase())
+          );
+          totalNew += newSubs.length;
+          allNew.push(...newSubs);
+          for (const sub of newSubs) {
+            existingHosts.add(sub.subdomain.toLowerCase());
+          }
+        }
+      } catch {
+        ui.warn(`Failed to scan ${domain}`);
+      }
+    }
+
+    s.stop(`Scanned ${allDomains.size} domain${allDomains.size !== 1 ? 's' : ''}, found ${totalNew} new subdomain${totalNew !== 1 ? 's' : ''}`);
+
+    if (totalNew === 0) {
+      ui.success('All subdomains are already tracked. Nothing to add.');
+      return;
+    }
+
+    if (flags.yes || flags.force) {
+      const createSpinner = ui.spinner(`Creating ${totalNew} application${totalNew !== 1 ? 's' : ''}`);
+      try {
+        const subdomainNames = allNew.map((s) => s.subdomain);
+        const result = await api.post('/applications/bulk', {
+          subdomains: subdomainNames,
+          instanceId: firstInstanceId || null,
+        });
+        totalCreated = result.count || subdomainNames.length;
+        createSpinner.stop(`Created ${totalCreated} application${totalCreated !== 1 ? 's' : ''}`);
+      } catch (err) {
+        createSpinner.fail('Failed to create applications');
+        throw err;
+      }
+    } else if (process.stdin.isTTY) {
+      const choices = allNew.map((sub) => ({
+        label: sub.subdomain,
+        detail: `IP: ${sub.ip || 'none'}${sub.cloudflare ? ' · Cloudflare' : ''}`,
+        value: sub.subdomain,
+      }));
+
+      const selected = await ui.multiSelect(
+        'Which subdomains should be added as monitored apps?',
+        choices
+      );
+
+      if (selected.length === 0) {
+        ui.info('No subdomains selected.');
+        return;
+      }
+
+      const createSpinner = ui.spinner(`Creating ${selected.length} application${selected.length !== 1 ? 's' : ''}`);
+      try {
+        const result = await api.post('/applications/bulk', {
+          subdomains: selected,
+          instanceId: firstInstanceId || null,
+        });
+        totalCreated = result.count || selected.length;
+        createSpinner.stop(`Created ${totalCreated} application${totalCreated !== 1 ? 's' : ''}`);
+      } catch (err) {
+        createSpinner.fail('Failed to create applications');
+        throw err;
+      }
+    } else {
+      console.log('');
+      for (const sub of allNew) {
+        console.log(`  ${sub.subdomain} ${ui.c.dim(`(IP: ${sub.ip || 'none'})`)}`);
+      }
+      console.log('');
+      ui.info(`Run with --yes to auto-create all ${totalNew} apps.`);
+    }
+
+    if (flags.json) {
+      ui.json({ domainsScanned: allDomains.size, newSubdomains: totalNew, appsCreated: totalCreated });
+    }
+  } catch (err) {
+    s.fail('Subdomain scan failed');
+    throw err;
+  }
+}
+
+module.exports = { list, create, info, remove, setDefault, discover, scan };