npm - troxy-cli - Versions diffs - 1.2.0 → 1.2.2 - Mend

troxy-cli 1.2.0 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/bin/troxy.js CHANGED Viewed

@@ -2,8 +2,7 @@
 import { runInit }                     from '../src/init.js';
 import { runUninstall }                from '../src/uninstall.js';
 import { runMcp }                      from '../src/mcp-server.js';
-import { runLogin, clearSession, requireKey } from '../src/auth.js';
-import { runCards }                    from '../src/cards.js';
+import { runLogin, clearSession, requireKey, getKeySource } from '../src/auth.js';
 import { runPolicies }                 from '../src/policies.js';
 import { runMcps }                     from '../src/mcps.js';
 import { runActivity }                 from '../src/activity.js';
@@ -26,6 +25,26 @@ for (let i = 0; i < allArgs.length; i++) {
   }
 }
+try { await _run(); } catch (err) { _handleError(err); }
+function _handleError(err) {
+  if (err.code === 'UNAUTHORIZED') {
+    const source = getKeySource();
+    if (source === 'config') {
+      console.error('\n  API key revoked or invalid.');
+      console.error('  Your saved key is no longer accepted by Troxy.');
+      console.error('  Run: npx troxy init --key <new-key>  to reconnect.\n');
+    } else {
+      console.error('\n  API key invalid or revoked.');
+      console.error('  Check the key in your Troxy dashboard → Connections.\n');
+    }
+  } else {
+    console.error(`\n  Error: ${err.message}\n`);
+  }
+  process.exit(1);
+}
+async function _run() {
 switch (command) {
   // ── Setup ─────────────────────────────────────────────────────
   case 'init':
@@ -37,6 +56,22 @@ switch (command) {
     break;
   // ── Auth ──────────────────────────────────────────────────────
+  case 'connect': {
+    const k = flags.key;
+    if (!k || !k.startsWith('txy-')) {
+      console.error('\n  Usage: troxy connect --key txy-...\n');
+      process.exit(1);
+    }
+    // Validate key before saving
+    process.stdout.write('\n  Validating key... ');
+    await api.agentStatus(k);
+    console.log('✓');
+    const { saveConfig } = await import('../src/config.js');
+    saveConfig({ apiKey: k });
+    console.log('  Key saved to ~/.troxy/config.json\n');
+    break;
+  }
   case 'login':
     await runLogin(flags);
     break;
@@ -52,10 +87,6 @@ switch (command) {
     break;
   // ── Resources (read-only: --key or saved config; write: login) ─
-  case 'cards':
-    await runCards(positional, flags);
-    break;
   case 'policies':
     await runPolicies(positional, flags);
     break;
@@ -98,11 +129,10 @@ switch (command) {
   // ── Shorthand: troxy list [resource] ──────────────────────────
   case 'list':
-    if (!sub || sub === 'cards')    { await runCards(['list'], flags);    break; }
-    if (sub === 'policies')         { await runPolicies(['list'], flags); break; }
+    if (!sub || sub === 'policies') { await runPolicies(['list'], flags); break; }
     if (sub === 'mcps')             { await runMcps(['list'], flags);     break; }
     if (sub === 'activity')         { await runActivity(flags);           break; }
-    console.error(`  Unknown resource: ${sub}. Try: cards, policies, mcps, activity\n`);
+    console.error(`  Unknown resource: ${sub}. Try: policies, mcps, activity\n`);
     process.exit(1);
   // ── Status ────────────────────────────────────────────────────
@@ -114,11 +144,15 @@ switch (command) {
     // If we have a key, show enriched status
     try {
-      const apiKey = requireKey(flags);
-      const data   = await api.agentStatus(apiKey);
+      const apiKey  = requireKey(flags);
+      const source  = getKeySource();
+      const data    = await api.agentStatus(apiKey);
       const { token, account } = data;
+      const keyNote = source === 'config'
+        ? '(saved — run `troxy init` to change)'
+        : source === 'env' ? '(from TROXY_API_KEY env)' : '(passed via --key)';
       console.log(`
-  Token:    ${token.prefix}  (${token.name})
+  Key:      ${token.prefix}  ${keyNote}
   MCP:      ${token.connected ? '● connected' : '○ offline'}  last seen ${token.last_seen}
   Fallback: ${token.default_action}
@@ -128,7 +162,7 @@ switch (command) {
     Requests 24h:     ${account.requests_24h}
     Default action:   ${account.default_action}
 `);
-    } catch { console.log(); }
+    } catch (err) { if (err.code === 'UNAUTHORIZED') throw err; console.log(); }
     // Version check
     try {
@@ -152,31 +186,30 @@ switch (command) {
     console.log(`
   Troxy — AI payment control
-  Read-only commands work with just an API key (--key txy-... or TROXY_API_KEY env).
-  Write commands (create/delete/enable/disable) require: npx troxy login
+  First time on a machine?  Run: npx troxy init --key <api-key>
+  This saves your key to ~/.troxy/config.json — no need to pass --key again.
   Setup
-    troxy init --key <api-key>        Initialize agent on this machine
-    troxy uninstall                   Remove Troxy from this machine
-    troxy login                       Log in for write access
-    troxy logout                      Clear session
-    troxy status [--key <key>]        API health + account summary
-  Inspect (API key only — works from EC2)
-    troxy policies list [--key]       All policies with scope + conditions
-    troxy policies describe --name "X" [--key]
-    troxy mcps list [--key]           All MCP connections + status
-    troxy cards list [--key]          Cards with budget usage
-    troxy activity [--key] [--limit 50] [--mine]   Recent decisions
-    troxy insights [--key] [--period 7]             Spend stats
-  Manage (requires login)
+    troxy connect --key <api-key>  Save API key (CLI only — no MCP setup)
+    troxy init --key <api-key>     Full setup: save key + configure MCP
+    troxy uninstall                Remove Troxy from this machine
+    troxy status                   API health + which key is in use
+  Inspect  (uses saved key — no flags needed after init)
+    troxy policies list
+    troxy policies describe --name "Block Amazon"
+    troxy mcps list
+    troxy activity [--limit 50] [--mine]
+    troxy insights [--period 7]
+  Manage  (requires: npx troxy login)
     troxy policies create --name "X" --action BLOCK --field amount --operator gte --value 500
     troxy policies enable  --name "X"
     troxy policies disable --name "X"
     troxy policies delete  --name "X"
-    troxy cards create --name "Personal" [--budget 500]
-    troxy cards delete --name "Personal"
+  Override key for a single command:  --key txy-...
 `);
     process.exit(command ? 1 : 0);
 }
+} // end _run

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "troxy-cli",
-  "version": "1.2.0",
+  "version": "1.2.2",
   "description": "AI payment control — protect your agent's payments with policies",
   "type": "module",
   "bin": {
@@ -19,6 +19,12 @@
     "bin/",
     "src/"
   ],
-  "keywords": ["mcp", "ai", "payments", "policy", "agents"],
+  "keywords": [
+    "mcp",
+    "ai",
+    "payments",
+    "policy",
+    "agents"
+  ],
   "license": "MIT"
 }

package/src/api.js CHANGED Viewed

@@ -14,7 +14,11 @@ async function request(method, path, { apiKey, jwt, body } = {}) {
   });
   const data = await res.json();
-  if (!res.ok) throw new Error(data?.error || `HTTP ${res.status}`);
+  if (!res.ok) {
+    const err = new Error(data?.error || `HTTP ${res.status}`);
+    if (res.status === 401) err.code = 'UNAUTHORIZED';
+    throw err;
+  }
   return data;
 }

package/src/auth.js CHANGED Viewed

@@ -33,17 +33,32 @@ export function requireJwt() {
   return session.jwt;
 }
+// Tracks how the last key was resolved — read by bin/troxy.js error handler
+let _lastKeySource = null;
+export function getKeySource() { return _lastKeySource; }
 /**
- * Resolve API key: --key flag → TROXY_API_KEY env → saved config.
+ * Resolve API key: --key flag → TROXY_API_KEY env → saved config (~/.troxy/config.json).
  * Exits with a helpful message if nothing is found.
  */
 export function requireKey(flags = {}) {
-  const key = flags.key || process.env.TROXY_API_KEY || loadConfig()?.apiKey;
-  if (!key) {
-    console.error('\n  No API key found. Pass --key txy-... or run: npx troxy init\n');
-    process.exit(1);
+  if (flags.key) {
+    _lastKeySource = 'flag';
+    return flags.key;
+  }
+  if (process.env.TROXY_API_KEY) {
+    _lastKeySource = 'env';
+    return process.env.TROXY_API_KEY;
+  }
+  const saved = loadConfig()?.apiKey;
+  if (saved) {
+    _lastKeySource = 'config';
+    return saved;
   }
-  return key;
+  console.error('\n  No API key found.');
+  console.error('  Run: npx troxy init --key txy-...  to connect this machine.\n');
+  process.exit(1);
 }
 function loadConfig() {

package/src/policies.js CHANGED Viewed

@@ -3,7 +3,12 @@ import { requireJwt, requireKey } from './auth.js';
 import { table }             from './print.js';
 const DECISION_ICON = { ALLOW: '✓', BLOCK: '✗', ESCALATE: '⏳', NOTIFY: '~', TIERED: '⊕' };
-const SCOPE_COLOR   = { 'all MCPs': 'all MCPs', 'this MCP': '→ me', 'other MCPs': 'other' };
+function _scope(p) {
+  if (p.global !== false) return 'all MCPs';
+  if (p.mcps && p.mcps.length > 0) return p.mcps.map(m => m.name || m.token_prefix || 'MCP').join(', ');
+  return 'no MCPs applied';
+}
 export async function runPolicies([sub, ...args], flags) {
   // Read-only subcommands work with just an API key
@@ -23,7 +28,7 @@ export async function runPolicies([sub, ...args], flags) {
             p.priority,
             p.name,
             p.action,
-            SCOPE_COLOR[p.scope] || p.scope,
+            _scope(p),
             p.enabled ? 'enabled' : 'disabled',
             _condSummary(p),
             p.applies_to_me ? '✓' : '—',