vibefast-cli 0.1.1 → 0.1.2

package/README.md

@@ -17,8 +17,10 @@ npx vibefast-cli <command>
 ## Quick Start
 
 1. **Login with your token:**
+Use the same license key you received in your LemonSqueezy receipt:
+
 ```bash
-vf login --token YOUR_TOKEN_HERE
+vf login --token YOUR_LICENSE_KEY
 ```
 
 2. **Verify your setup:**

package/cloudflare-worker/worker.js

@@ -9,6 +9,169 @@ async function sha256(str) {
     .join("");
 }
 
+function parseEnvInt(value, fallback) {
+  const num = parseInt(value ?? "", 10);
+  return Number.isFinite(num) ? num : fallback;
+}
+
+function getDeviceLimitForVariant(variantId, env) {
+  const defaultLimit = parseEnvInt(env.LICENSE_MAX_DEVICES, 2);
+  const proId = parseEnvInt(env.VIBEFAST_PRO_ID, null);
+  const coreId = parseEnvInt(env.VIBEFAST_CORE_ID, null);
+  if (variantId === proId) {
+    return parseEnvInt(env.VIBEFAST_PRO_DEVICE_LIMIT, defaultLimit);
+  }
+  if (variantId === coreId) {
+    return parseEnvInt(env.VIBEFAST_CORE_DEVICE_LIMIT, defaultLimit);
+  }
+  return defaultLimit;
+}
+
+async function validateLicenseWithLemon(licenseKey, env) {
+  if (!env.LEMON_API_KEY) {
+    throw new Error("LEMON_API_KEY is not configured");
+  }
+
+  const storeId = parseEnvInt(env.LEMON_STORE_ID, null);
+  const productId = parseEnvInt(env.VIBEFAST_PRODUCT_ID, null);
+  const allowedVariants = [
+    parseEnvInt(env.VIBEFAST_PRO_ID, null),
+    parseEnvInt(env.VIBEFAST_CORE_ID, null),
+  ].filter((v) => Number.isInteger(v));
+
+  const res = await fetch("https://api.lemonsqueezy.com/v1/licenses/validate", {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${env.LEMON_API_KEY}`,
+      "Content-Type": "application/json",
+      Accept: "application/json",
+    },
+    body: JSON.stringify({ license_key: licenseKey }),
+  });
+
+  if (!res.ok) {
+    const detail = await res.text().catch(() => "");
+    console.error(
+      `[Worker] LemonSqueezy validation failed: ${res.status} ${res.statusText} ${detail}`
+    );
+    return {
+      ok: false,
+      status: res.status === 401 ? 401 : 502,
+      message:
+        res.status === 401
+          ? "License validation is unauthorized. Check your LemonSqueezy API key."
+          : "Unable to validate license at this time.",
+    };
+  }
+
+  const data = await res.json();
+  if (!data.valid) {
+    return {
+      ok: false,
+      status: 401,
+      message: "License key is invalid.",
+    };
+  }
+
+  const keyData = data.license_key;
+  const meta = data.meta;
+
+  if (meta.store_id !== storeId) {
+    return {
+      ok: false,
+      status: 401,
+      message: "License does not belong to this store.",
+    };
+  }
+
+  if (meta.product_id !== productId) {
+    return {
+      ok: false,
+      status: 401,
+      message: "License is for a different product.",
+    };
+  }
+
+  if (!allowedVariants.includes(meta.variant_id)) {
+    return {
+      ok: false,
+      status: 401,
+      message: "License variant is not supported.",
+    };
+  }
+
+  if (!["inactive", "active"].includes(keyData.status)) {
+    return {
+      ok: false,
+      status: 401,
+      message: `License status '${keyData.status}' is not eligible.`,
+    };
+  }
+
+  const deviceLimit = getDeviceLimitForVariant(meta.variant_id, env);
+
+  return {
+    ok: true,
+    meta,
+    licenseStatus: keyData.status,
+    variantId: meta.variant_id,
+    deviceLimit,
+  };
+}
+
+async function authorizeLicense(token, env) {
+  if (!token) {
+    return { ok: false, status: 401, message: "Missing license token." };
+  }
+
+  const validation = await validateLicenseWithLemon(token, env);
+  if (!validation.ok) {
+    return validation;
+  }
+
+  const tokenHash = await sha256(token);
+  const kvKey = `lic:${tokenHash}`;
+  const now = new Date().toISOString();
+
+  let licenseRecord = await env.LICENSES.get(kvKey, { type: "json" });
+  if (!licenseRecord) {
+    licenseRecord = {
+      status: "active",
+      devices: [],
+      max_devices: validation.deviceLimit,
+      variant_id: validation.variantId,
+      lastSeen: now,
+    };
+  } else {
+    licenseRecord.max_devices =
+      licenseRecord.max_devices || validation.deviceLimit;
+    licenseRecord.variant_id = validation.variantId;
+    licenseRecord.lastSeen = now;
+    if (!Array.isArray(licenseRecord.devices)) {
+      licenseRecord.devices = [];
+    }
+  }
+
+  await env.LICENSES.put(kvKey, JSON.stringify(licenseRecord));
+
+  return {
+    ok: true,
+    tokenHash,
+    kvKey,
+    licenseRecord,
+    deviceLimit: validation.deviceLimit,
+  };
+}
+
+async function authorizeFromHeader(request, env) {
+  const authHeader = request.headers.get("Authorization");
+  if (!authHeader?.startsWith("Bearer ")) {
+    return { ok: false, status: 401, message: "Missing authorization header." };
+  }
+  const token = authHeader.slice(7).trim();
+  return authorizeLicense(token, env);
+}
+
 // --- Utility: JSON Response Helper ---
 function json(data, status = 200) {
   return new Response(JSON.stringify(data, null, 2), {
@@ -94,19 +257,20 @@ async function handleRecipeFetch(request, env) {
       return json({ error: "Missing required fields" }, 400);
     }
 
-    // Validate token
-    const tokenHash = await sha256(token);
-    const kvKey = `lic:${tokenHash}`;
-    const license = await env.LICENSES.get(kvKey, { type: "json" });
-
-    if (!license || license.status !== "active") {
-      return json({ 
-        ok: false,
-        error: "Invalid or inactive token",
-        message: "Your license token is invalid or has been revoked."
-      }, 403);
+    const auth = await authorizeLicense(token, env);
+    if (!auth.ok) {
+      return json(
+        {
+          ok: false,
+          error: "License validation failed",
+          message: auth.message,
+        },
+        auth.status || 403
+      );
     }
 
+    const { tokenHash, kvKey, licenseRecord } = auth;
+
     // Check rate limit
     if (!checkRateLimit(tokenHash)) {
       return json({
@@ -117,19 +281,19 @@ async function handleRecipeFetch(request, env) {
     }
 
     // Enforce device slots
-    if (!license.devices.includes(device.id)) {
-      if (license.devices.length >= (license.max_devices || 2)) {
+    if (!licenseRecord.devices.includes(device.id)) {
+      if (licenseRecord.devices.length >= (licenseRecord.max_devices || 2)) {
         return json({
           ok: false,
           error: "Device limit reached",
-          message: `Maximum ${license.max_devices || 2} devices allowed. Use 'vf devices --deactivate <id>' to free a slot.`
+          message: `Maximum ${licenseRecord.max_devices || 2} devices allowed. Use 'vf devices --deactivate <id>' to free a slot.`
         }, 403);
       }
       
       // Add new device
-      license.devices.push(device.id);
-      license.lastSeen = new Date().toISOString();
-      await env.LICENSES.put(kvKey, JSON.stringify(license));
+      licenseRecord.devices.push(device.id);
+      licenseRecord.lastSeen = new Date().toISOString();
+      await env.LICENSES.put(kvKey, JSON.stringify(licenseRecord));
       console.log(`[Worker] Added device ${device.id} to license`);
     }
 
@@ -183,18 +347,9 @@ async function handleRecipeFetch(request, env) {
 // --- Handler: List Recipes ---
 async function handleRecipesList(request, env) {
   try {
-    const authHeader = request.headers.get("Authorization");
-    if (!authHeader?.startsWith("Bearer ")) {
-      return json({ error: "Missing authorization" }, 401);
-    }
-
-    const token = authHeader.slice(7);
-    const tokenHash = await sha256(token);
-    const kvKey = `lic:${tokenHash}`;
-    const license = await env.LICENSES.get(kvKey, { type: "json" });
-
-    if (!license || license.status !== "active") {
-      return json({ error: "Invalid token" }, 403);
+    const auth = await authorizeFromHeader(request, env);
+    if (!auth.ok) {
+      return json({ error: auth.message }, auth.status || 403);
     }
 
     // List all recipes from R2
@@ -232,30 +387,21 @@ async function handleRecipesList(request, env) {
 // --- Handler: List Devices ---
 async function handleDevicesList(request, env) {
   try {
-    const authHeader = request.headers.get("Authorization");
-    if (!authHeader?.startsWith("Bearer ")) {
-      return json({ error: "Missing authorization" }, 401);
-    }
-
-    const token = authHeader.slice(7);
-    const tokenHash = await sha256(token);
-    const kvKey = `lic:${tokenHash}`;
-    const license = await env.LICENSES.get(kvKey, { type: "json" });
-
-    if (!license || license.status !== "active") {
-      return json({ error: "Invalid token" }, 403);
+    const auth = await authorizeFromHeader(request, env);
+    if (!auth.ok) {
+      return json({ error: auth.message }, auth.status || 403);
     }
 
-    const devices = license.devices.map(id => ({
+    const devices = (auth.licenseRecord.devices || []).map(id => ({
       id,
       os: 'unknown',
       arch: 'unknown',
-      lastSeen: license.lastSeen || 'unknown',
+      lastSeen: auth.licenseRecord.lastSeen || 'unknown',
     }));
 
     return json({
       devices,
-      maxDevices: license.max_devices || 2,
+      maxDevices: auth.licenseRecord.max_devices || 2,
     });
 
   } catch (err) {
@@ -267,12 +413,11 @@ async function handleDevicesList(request, env) {
 // --- Handler: Deactivate Device ---
 async function handleDeviceDeactivate(request, env) {
   try {
-    const authHeader = request.headers.get("Authorization");
-    if (!authHeader?.startsWith("Bearer ")) {
-      return json({ error: "Missing authorization" }, 401);
+    const auth = await authorizeFromHeader(request, env);
+    if (!auth.ok) {
+      return json({ error: auth.message }, auth.status || 403);
     }
 
-    const token = authHeader.slice(7);
     const body = await request.json();
     const { deviceId } = body;
 
@@ -280,17 +425,10 @@ async function handleDeviceDeactivate(request, env) {
       return json({ error: "Missing deviceId" }, 400);
     }
 
-    const tokenHash = await sha256(token);
-    const kvKey = `lic:${tokenHash}`;
-    const license = await env.LICENSES.get(kvKey, { type: "json" });
-
-    if (!license || license.status !== "active") {
-      return json({ error: "Invalid token" }, 403);
-    }
-
-    // Remove device
-    license.devices = license.devices.filter(id => id !== deviceId);
-    await env.LICENSES.put(kvKey, JSON.stringify(license));
+    auth.licenseRecord.devices = (auth.licenseRecord.devices || []).filter(
+      id => id !== deviceId
+    );
+    await env.LICENSES.put(auth.kvKey, JSON.stringify(auth.licenseRecord));
 
     return json({ ok: true, message: "Device deactivated" });
 

package/dist/core/http.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../src/core/http.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC;QACX,EAAE,EAAE,MAAM,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,OAAO,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,wBAAsB,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CA0B3F;AAED,wBAAsB,WAAW,CAAC,iBAAiB,EAAE,MAAM,EAAE,QAAQ,UAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAyB9F;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAiB7D;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAa7D;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAarF"}
+{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../src/core/http.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC;QACX,EAAE,EAAE,MAAM,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,OAAO,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,wBAAsB,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CA0B3F;AAED,wBAAsB,WAAW,CAAC,iBAAiB,EAAE,MAAM,EAAE,QAAQ,UAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAyB9F;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAwB7D;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAoB7D;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAoBrF"}

package/dist/core/http.js

@@ -59,7 +59,15 @@ export async function listRecipes(token) {
             },
         });
         if (!response.ok) {
-            throw new Error(`Failed to fetch recipes: ${response.statusText}`);
+            let message = response.statusText;
+            try {
+                const body = (await response.json());
+                message = body?.error || body?.message || message;
+            }
+            catch {
+                // ignore JSON parse errors
+            }
+            throw new Error(`Failed to fetch recipes: ${message}`);
         }
         return response.json();
     }
@@ -75,7 +83,15 @@ export async function listDevices(token) {
         },
     });
     if (!response.ok) {
-        throw new Error(`Failed to fetch devices: ${response.statusText}`);
+        let message = response.statusText;
+        try {
+            const body = (await response.json());
+            message = body?.error || body?.message || message;
+        }
+        catch {
+            // ignore
+        }
+        throw new Error(`Failed to fetch devices: ${message}`);
     }
     return response.json();
 }
@@ -89,7 +105,15 @@ export async function deactivateDevice(token, deviceId) {
         body: JSON.stringify({ deviceId }),
     });
     if (!response.ok) {
-        throw new Error(`Failed to deactivate device: ${response.statusText}`);
+        let message = response.statusText;
+        try {
+            const body = (await response.json());
+            message = body?.error || body?.message || message;
+        }
+        catch {
+            // ignore
+        }
+        throw new Error(`Failed to deactivate device: ${message}`);
     }
 }
 //# sourceMappingURL=http.js.map

package/dist/core/http.js.map

@@ -1 +1 @@
-{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/core/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AA4BpC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,mDAAmD,CAAC;AAE1G,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAA2B;IAC3D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,mBAAmB,EAAE;YAC7D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SAC9B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAQ,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACzF,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK,CAAC,OAAO,IAAI,QAAQ,QAAQ,CAAC,MAAM,EAAE;aAClD,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAAkC,CAAC;IACzD,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,eAAe;YACtB,OAAO,EAAE,wBAAwB,UAAU,KAAK,GAAG,CAAC,OAAO,EAAE;SAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,iBAAyB,EAAE,QAAQ,GAAG,KAAK;IAC3E,IAAI,MAAc,CAAC;IAEnB,IAAI,QAAQ,EAAE,CAAC;QACb,qBAAqB;QACrB,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;IACpD,CAAC;SAAM,CAAC;QACN,oBAAoB;QACpB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAEhD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8BAA8B,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC;QACjD,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC;IACzD,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAC5C,MAAM,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAEjC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,mBAAmB,EAAE;YAC7D,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,eAAe,EAAE,UAAU,KAAK,EAAE;aACnC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,wBAAwB,UAAU,KAAK,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IACxE,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,mBAAmB,EAAE;QAC7D,MAAM,EAAE,KAAK;QACb,OAAO,EAAE;YACP,eAAe,EAAE,UAAU,KAAK,EAAE;SACnC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAa,EAAE,QAAgB;IACpE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,yBAAyB,EAAE;QACnE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,eAAe,EAAE,UAAU,KAAK,EAAE;YAClC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;KACnC,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,CAAC;AACH,CAAC"}
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/core/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AA4BpC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,mDAAmD,CAAC;AAE1G,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAA2B;IAC3D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,mBAAmB,EAAE;YAC7D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SAC9B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAQ,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACzF,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK,CAAC,OAAO,IAAI,QAAQ,QAAQ,CAAC,MAAM,EAAE;aAClD,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAAkC,CAAC;IACzD,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,eAAe;YACtB,OAAO,EAAE,wBAAwB,UAAU,KAAK,GAAG,CAAC,OAAO,EAAE;SAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,iBAAyB,EAAE,QAAQ,GAAG,KAAK;IAC3E,IAAI,MAAc,CAAC;IAEnB,IAAI,QAAQ,EAAE,CAAC;QACb,qBAAqB;QACrB,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;IACpD,CAAC;SAAM,CAAC;QACN,oBAAoB;QACpB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAEhD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8BAA8B,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC;QACjD,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC;IACzD,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAC5C,MAAM,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAEjC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,mBAAmB,EAAE;YAC7D,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,eAAe,EAAE,UAAU,KAAK,EAAE;aACnC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAyC,CAAC;gBAC7E,OAAO,GAAG,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,OAAO,IAAI,OAAO,CAAC;YACpD,CAAC;YAAC,MAAM,CAAC;gBACP,2BAA2B;YAC7B,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,wBAAwB,UAAU,KAAK,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IACxE,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa;IAC7C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,mBAAmB,EAAE;QAC7D,MAAM,EAAE,KAAK;QACb,OAAO,EAAE;YACP,eAAe,EAAE,UAAU,KAAK,EAAE;SACnC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,IAAI,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAyC,CAAC;YAC7E,OAAO,GAAG,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,OAAO,IAAI,OAAO,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAa,EAAE,QAAgB;IACpE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,yBAAyB,EAAE;QACnE,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,eAAe,EAAE,UAAU,KAAK,EAAE;YAClC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;KACnC,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,IAAI,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAyC,CAAC;YAC7E,OAAO,GAAG,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,OAAO,IAAI,OAAO,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,OAAO,EAAE,CAAC,CAAC;IAC7D,CAAC;AACH,CAAC"}

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "vibefast-cli",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "CLI for installing VibeFast features into your monorepo",
   "type": "module",
   "bin": {
-    "vf": "./dist/index.js"
+    "vf": "dist/index.js"
   },
   "scripts": {
     "build": "tsc",

package/scripts/sync-worker.sh

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Usage:
+#   ./scripts/sync-worker.sh
+#
+# This script guides you through updating worker secrets and deploying the
+# Cloudflare worker. It does NOT read or store your secrets; you paste them
+# interactively when prompted by wrangler.
+
+WORKER_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)/cloudflare-worker"
+
+echo "==> Switching to worker directory: ${WORKER_DIR}"
+cd "${WORKER_DIR}"
+
+echo "======== Cloudflare Worker Sync ========"
+echo "You will be prompted for the following secrets:"
+echo "  - LEMON_API_KEY (required)"
+echo "  - LEMON_STORE_ID (e.g., 190529)"
+echo "  - VIBEFAST_PRODUCT_ID (e.g., 560488)"
+echo "  - VIBEFAST_PRO_ID (e.g., 871411)"
+echo "  - VIBEFAST_CORE_ID (e.g., 871453)"
+echo "  - LICENSE_MAX_DEVICES (optional, press Enter to skip)"
+echo
+echo "None of these values are stored in this script."
+echo
+
+read -rp "Press Enter to begin entering secrets with wrangler..." _
+
+wrangler secret put LEMON_API_KEY
+# wrangler secret put LEMON_STORE_ID
+# wrangler secret put VIBEFAST_PRODUCT_ID
+# wrangler secret put VIBEFAST_PRO_ID
+# wrangler secret put VIBEFAST_CORE_ID
+
+# read -rp "Set LICENSE_MAX_DEVICES? (leave blank to skip) " DEVICE_LIMIT
+# if [[ -n "${DEVICE_LIMIT}" ]]; then
+#   echo "${DEVICE_LIMIT}" | wrangler secret put LICENSE_MAX_DEVICES
+fi
+
+echo
+echo "==> Deploying worker via wrangler..."
+wrangler deploy
+
+echo "==> Done. Worker secrets updated and deployment triggered."

package/src/core/http.ts

@@ -96,7 +96,14 @@ export async function listRecipes(token: string): Promise<any> {
     });
 
     if (!response.ok) {
-      throw new Error(`Failed to fetch recipes: ${response.statusText}`);
+      let message = response.statusText;
+      try {
+        const body = (await response.json()) as { error?: string; message?: string };
+        message = body?.error || body?.message || message;
+      } catch {
+        // ignore JSON parse errors
+      }
+      throw new Error(`Failed to fetch recipes: ${message}`);
     }
 
     return response.json();
@@ -114,7 +121,14 @@ export async function listDevices(token: string): Promise<any> {
   });
 
   if (!response.ok) {
-    throw new Error(`Failed to fetch devices: ${response.statusText}`);
+    let message = response.statusText;
+    try {
+      const body = (await response.json()) as { error?: string; message?: string };
+      message = body?.error || body?.message || message;
+    } catch {
+      // ignore
+    }
+    throw new Error(`Failed to fetch devices: ${message}`);
   }
 
   return response.json();
@@ -131,6 +145,13 @@ export async function deactivateDevice(token: string, deviceId: string): Promise
   });
 
   if (!response.ok) {
-    throw new Error(`Failed to deactivate device: ${response.statusText}`);
+    let message = response.statusText;
+    try {
+      const body = (await response.json()) as { error?: string; message?: string };
+      message = body?.error || body?.message || message;
+    } catch {
+      // ignore
+    }
+    throw new Error(`Failed to deactivate device: ${message}`);
   }
 }