vesper-wizard 2.0.2 → 2.0.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vesper-wizard",
-  "version": "2.0.2",
+  "version": "2.0.4",
   "description": "Zero-friction setup wizard for Vesper — local MCP server, unified dataset API, and agent auto-config in 60 seconds",
   "bin": {
     "vesper-wizard": "wizard.js"

package/wizard.js

@@ -10,6 +10,9 @@ const path = require('path');
 const os = require('os');
 const crypto = require('crypto');
 const { execSync, spawnSync } = require('child_process');
+const http = require('http');
+const https = require('https');
+const readline = require('readline');
 
 // ── Paths ────────────────────────────────────────────────────
 const HOME = os.homedir();
@@ -54,6 +57,171 @@ function yellow(text) { return `\x1b[33m${text}\x1b[0m`; }
 function red(text) { return `\x1b[31m${text}\x1b[0m`; }
 function magenta(text) { return `\x1b[35m${text}\x1b[0m`; }
 
+// ── Vesper API URL resolution ────────────────────────────────
+const VESPER_API_URL = process.env.VESPER_API_URL || '';
+const DEFAULT_VESPER_API_CANDIDATES = [
+  'http://localhost:3000',
+  'http://127.0.0.1:3000',
+  'https://vesper.dev',
+];
+
+// ── Device Auth Helpers ──────────────────────────────────────
+function httpJson(method, url, body) {
+  return new Promise((resolve, reject) => {
+    const parsed = new URL(url);
+    const lib = parsed.protocol === 'https:' ? https : http;
+    const opts = {
+      method,
+      hostname: parsed.hostname,
+      port: parsed.port || (parsed.protocol === 'https:' ? 443 : 80),
+      path: parsed.pathname + parsed.search,
+      headers: { 'Content-Type': 'application/json' },
+    };
+    const req = lib.request(opts, (res) => {
+      let data = '';
+      res.on('data', (chunk) => (data += chunk));
+      res.on('end', () => {
+        try { resolve({ status: res.statusCode, body: JSON.parse(data) }); }
+        catch { resolve({ status: res.statusCode, body: data }); }
+      });
+    });
+    req.on('error', reject);
+    if (body) req.write(JSON.stringify(body));
+    req.end();
+  });
+}
+
+async function canReachDeviceAuth(baseUrl) {
+  try {
+    const res = await httpJson('POST', `${baseUrl}/api/auth/device/start`);
+    return res.status === 201 && !!res.body && !!res.body.code;
+  } catch {
+    return false;
+  }
+}
+
+async function resolveVesperApiBaseUrl() {
+  const candidates = VESPER_API_URL
+    ? [VESPER_API_URL]
+    : DEFAULT_VESPER_API_CANDIDATES;
+
+  for (const candidate of candidates) {
+    if (await canReachDeviceAuth(candidate)) {
+      return candidate;
+    }
+  }
+
+  return null;
+}
+
+function openBrowser(url) {
+  try {
+    if (process.platform === 'win32') {
+      spawnSync('cmd', ['/c', 'start', '', url], { stdio: 'ignore' });
+    } else if (process.platform === 'darwin') {
+      spawnSync('open', [url], { stdio: 'ignore' });
+    } else {
+      spawnSync('xdg-open', [url], { stdio: 'ignore' });
+    }
+  } catch { /* browser open is best-effort */ }
+}
+
+function askYesNo(question) {
+  return new Promise((resolve) => {
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    rl.question(`  ${question} ${dim('[Y/n]')} `, (answer) => {
+      rl.close();
+      resolve(!answer || answer.toLowerCase().startsWith('y'));
+    });
+  });
+}
+
+async function deviceAuthFlow() {
+  console.log(`\n  ${cyan('■')} ${bold('Device Authentication')}`);
+  console.log(`  ${dim('Link your CLI to a Vesper account for cloud features\n')}`);
+
+  const resolvedApiBaseUrl = await resolveVesperApiBaseUrl();
+  if (!resolvedApiBaseUrl) {
+    console.log(`  ${red('✗')} ${red('Could not reach any Vesper auth endpoint.')}`);
+    console.log(`      ${dim('Tried:')} ${dim((VESPER_API_URL ? [VESPER_API_URL] : DEFAULT_VESPER_API_CANDIDATES).join(', '))}`);
+    console.log(`      ${dim('If your landing app is running locally, start it on http://localhost:3000 or set VESPER_API_URL.')}`);
+    console.log(`      ${dim('Falling back to local-only mode.\n')}`);
+    return null;
+  }
+
+  console.log(`  ${dim('Auth endpoint:')} ${dim(resolvedApiBaseUrl)}\n`);
+
+  // Step 1: Call /api/auth/device/start
+  process.stdout.write(`  ${dim('Requesting device code...')}`);
+  let startRes;
+  try {
+    startRes = await httpJson('POST', `${resolvedApiBaseUrl}/api/auth/device/start`);
+  } catch (err) {
+    console.log(` ${red('✗')}`);
+    console.log(`      ${red('Could not reach Vesper API at')} ${dim(resolvedApiBaseUrl)}`);
+    console.log(`      ${dim('Falling back to local-only mode.\n')}`);
+    return null;
+  }
+
+  if (startRes.status !== 201 || !startRes.body.code) {
+    console.log(` ${red('✗')}`);
+    console.log(`      ${red('Unexpected response:')} ${dim(JSON.stringify(startRes.body))}`);
+    return null;
+  }
+
+  const { code, loginUrl } = startRes.body;
+  console.log(` ${green('✓')}\n`);
+
+  // Step 2: Display code and open browser
+  console.log(`  ┌───────────────────────────────────────────────┐`);
+  console.log(`  │                                               │`);
+  console.log(`  │   ${bold('Your device code:')}  ${cyan(bold(code))}              │`);
+  console.log(`  │                                               │`);
+  console.log(`  │   ${dim('Open this URL to sign in:')}                   │`);
+  console.log(`  │   ${cyan(loginUrl.padEnd(41))}│`);
+  console.log(`  │                                               │`);
+  console.log(`  └───────────────────────────────────────────────┘\n`);
+
+  openBrowser(loginUrl);
+  console.log(`  ${dim('Browser opened automatically.')}`);
+  console.log(`  ${dim('Waiting for you to sign in...')}\n`);
+
+  // Step 3: Poll until confirmed or expired
+  const POLL_INTERVAL = 3000; // 3 seconds
+  const MAX_POLLS = 200;      // 10 min max (200 × 3s)
+  let polls = 0;
+  const spinner = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏'];
+
+  while (polls < MAX_POLLS) {
+    polls++;
+    const frame = spinner[polls % spinner.length];
+    process.stdout.write(`\r  ${cyan(frame)} Polling... (${polls})`);
+
+    try {
+      const pollRes = await httpJson('GET', `${resolvedApiBaseUrl}/api/auth/device/poll?code=${code}`);
+
+      if (pollRes.body.status === 'confirmed' && pollRes.body.apiKey) {
+        process.stdout.write(`\r  ${green('✓')} Device authenticated!            \n`);
+        console.log(`      ${dim('Email:')} ${pollRes.body.email || 'linked'}`);
+        return pollRes.body.apiKey;
+      }
+
+      if (pollRes.body.status === 'expired') {
+        process.stdout.write(`\r  ${red('✗')} Device code expired.             \n`);
+        console.log(`      ${dim('Run the wizard again to get a new code.')}`);
+        return null;
+      }
+    } catch {
+      // Network hiccup — keep polling
+    }
+
+    await new Promise((r) => setTimeout(r, POLL_INTERVAL));
+  }
+
+  process.stdout.write(`\r  ${red('✗')} Timed out waiting for authentication.\n`);
+  return null;
+}
+
 function printBanner() {
   console.log(`
 ${dim('─────────────────────────────────────────────────')}
@@ -182,21 +350,50 @@ async function main() {
   ensureDir(path.join(VESPER_DIR, 'datasets'));
   console.log(` ${green('✓')}`);
 
-  // ─── Step 2: Generate local API key ────────────────────────
-  process.stdout.write(`  ${dim('[')}${cyan('2/6')}${dim(']')} Generating local API key...`);
+  // ─── Step 2: Authenticate (device flow or local key) ──────
+  console.log(`\n  ${dim('[')}${cyan('2/6')}${dim(']')} Authentication`);
+
   const existing = readToml(CONFIG_TOML);
-  const localKey = existing.api_key || generateLocalKey();
-  const configData = { ...existing, api_key: localKey };
-  writeToml(CONFIG_TOML, configData);
-  console.log(` ${green('✓')}`);
-  console.log(`      ${dim('Key:')} ${dim(localKey.slice(0, 20) + '...')}  ${dim('→')} ${dim(CONFIG_TOML)}`);
+  let localKey = existing.api_key || '';
+  let authMode = existing.auth_mode || '';
+
+  // If already has a cloud key, skip
+  if (localKey && !localKey.startsWith('vesper_sk_local_')) {
+    console.log(`      ${green('✓')} Cloud API key already configured`);
+    console.log(`      ${dim('Key:')} ${dim(localKey.slice(0, 24) + '...')}  ${dim('→')} ${dim(CONFIG_TOML)}`);
+  } else {
+    // Offer device auth
+    const wantsDevice = await askYesNo(`${cyan('→')} Link to a Vesper account? (enables cloud sync & team features)`);
+
+    if (wantsDevice) {
+      const cloudKey = await deviceAuthFlow();
+      if (cloudKey) {
+        localKey = cloudKey;
+        authMode = 'cloud';
+      } else {
+        // Fall back to local key
+        if (!localKey) localKey = generateLocalKey();
+        authMode = 'local_unified';
+        console.log(`\n      ${yellow('⚠')} Using local-only key. Run the wizard again anytime to link an account.`);
+      }
+    } else {
+      if (!localKey) localKey = generateLocalKey();
+      authMode = 'local_unified';
+      console.log(`      ${green('✓')} Local-only key generated`);
+    }
+
+    const configData = { ...existing, api_key: localKey, auth_mode: authMode };
+    writeToml(CONFIG_TOML, configData);
+    console.log(`      ${dim('Key:')} ${dim(localKey.slice(0, 24) + '...')}  ${dim('→')} ${dim(CONFIG_TOML)}`);
+  }
 
   // ─── Step 3: Local vault initialization ────────────────────
   process.stdout.write(`\n  ${dim('[')}${cyan('3/6')}${dim(']')} Initializing local credentials vault...`);
-  configData.auth_mode = configData.auth_mode || 'local_unified';
-  writeToml(CONFIG_TOML, configData);
+  const vaultData = readToml(CONFIG_TOML);
+  if (!vaultData.auth_mode) vaultData.auth_mode = 'local_unified';
+  writeToml(CONFIG_TOML, vaultData);
   console.log(` ${green('✓')}`);
-  console.log(`      ${dim('Mode:')} ${dim('single local Vesper key (no external keys required)')}`);
+  console.log(`      ${dim('Mode:')} ${dim(vaultData.auth_mode === 'cloud' ? 'cloud (linked to Vesper account)' : 'single local Vesper key (no external keys required)')}`);
 
   // ─── Step 4: Install @vespermcp/mcp-server ─────────────────
   console.log(`\n  ${dim('[')}${cyan('4/6')}${dim(']')} Installing Vesper MCP server...`);
@@ -208,7 +405,7 @@ async function main() {
     });
     console.log(`      ${green('✓')} @vespermcp/mcp-server installed`);
   } catch {
-    console.log(`      ${yellow('⚠')} Could not auto-install — run manually: npx @vespermcp/mcp-server --setup`);
+    console.log(`      ${yellow('⚠')} Could not auto-install — run manually: npx -y @vespermcp/mcp-server@latest --setup`);
   }
 
   // ─── Step 5: Auto-configure all detected IDEs ──────────────
@@ -251,19 +448,24 @@ async function main() {
   console.log(`      ${configuredAgents.length > 0 ? green('✓') : yellow('⚠')} MCP agents            ${dim(configuredAgents.length + ' configured')}`);
 
   // ─── Final Summary ─────────────────────────────────────────
+  const finalConfig = readToml(CONFIG_TOML);
+  const isCloud = finalConfig.auth_mode === 'cloud';
   console.log(`
 ${dim('═════════════════════════════════════════════════')}
 
   ${green(bold('✓ Vesper is ready!'))}
 
-  ${bold('Your local API key:')}
-  ${cyan(localKey)}
+  ${bold(isCloud ? 'Your cloud API key:' : 'Your local API key:')}
+  ${cyan(finalConfig.api_key || localKey)}
+
+  ${bold('Auth mode:')}
+  ${dim(isCloud ? '☁  Cloud (linked to Vesper account)' : '🔑 Local-only (key never leaves your machine)')}
 
   ${bold('Config file:')}
   ${dim(CONFIG_TOML)}
 
   ${bold('What just happened:')}
-  ${dim('1.')} Generated a local API key (never leaves your machine)
+  ${dim('1.')} ${isCloud ? 'Linked to your Vesper cloud account' : 'Generated a local API key (never leaves your machine)'}
   ${dim('2.')} Initialized local credentials vault
   ${dim('3.')} Auto-configured MCP for ${configuredAgents.length > 0 ? configuredAgents.join(', ') : 'detected agents'}
   ${dim('4.')} Vesper server ready on stdio transport