npm - vigthoria-cli - Versions diffs - 1.9.8 → 1.9.10 - Mend

vigthoria-cli 1.9.8 → 1.9.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -99,7 +99,7 @@ If you see `ENOTFOUND registry.npmjs.org`, try these solutions:
 4. **Direct tarball download:**
    ```bash
    # Download directly
-   npm install -g https://coder.vigthoria.io/releases/vigthoria-cli-1.9.8.tgz
+   npm install -g https://coder.vigthoria.io/releases/vigthoria-cli-1.9.10.tgz
    ```
 5. **Use Git clone method (no npm registry needed):**

package/dist/utils/api.d.ts CHANGED Viewed

@@ -200,6 +200,7 @@ export declare class APIClient {
     private ws;
     private vigFlowTokens;
     private _httpsAgent;
+    private lastChatTransportErrors;
     constructor(config: Config, logger: Logger);
     /**
      * Destroy keep-alive sockets so the Node.js event loop can drain
@@ -217,12 +218,12 @@ export declare class APIClient {
     private getAccessToken;
     /**
      * Validate the current auth token against the Coder API.
-     * Returns { valid: true } when the server accepts the token,
-     * { valid: false, error } when the token is rejected (401/403),
-     * and { valid: true } when the server is unreachable (network error)
-     * so that offline/degraded scenarios don't block the user.
+     * By default this fails open on network errors to keep offline commands usable.
      */
-    validateToken(): Promise<{
+    validateToken(options?: {
+        allowNetworkFailOpen?: boolean;
+        enforceTokenShape?: boolean;
+    }): Promise<{
         valid: boolean;
         error?: string;
     }>;

package/dist/utils/api.js CHANGED Viewed

@@ -207,6 +207,7 @@ class APIClient {
     ws = null;
     vigFlowTokens = new Map();
     _httpsAgent = null;
+    lastChatTransportErrors = [];
     constructor(config, logger) {
         this.config = config;
         this.logger = logger;
@@ -461,17 +462,25 @@ class APIClient {
     }
     /**
      * Validate the current auth token against the Coder API.
-     * Returns { valid: true } when the server accepts the token,
-     * { valid: false, error } when the token is rejected (401/403),
-     * and { valid: true } when the server is unreachable (network error)
-     * so that offline/degraded scenarios don't block the user.
+     * By default this fails open on network errors to keep offline commands usable.
      */
-    async validateToken() {
+    async validateToken(options = {}) {
+        const allowNetworkFailOpen = options.allowNetworkFailOpen !== false;
+        const enforceTokenShape = options.enforceTokenShape !== false;
+        const explicitEnvToken = Boolean(process.env.VIGTHORIA_TOKEN || process.env.VIGTHORIA_AUTH_TOKEN);
         const token = this.getAccessToken();
         if (!token) {
             return { valid: false, error: 'No auth token configured. Run: vigthoria login' };
         }
-        const explicitEnvToken = Boolean(process.env.VIGTHORIA_TOKEN || process.env.VIGTHORIA_AUTH_TOKEN);
+        // Fast-fail obviously malformed ENV override tokens so invalid-token checks
+        // don't get masked by unrelated transport outages. Persisted login tokens may
+        // be non-JWT in some deployments and must still be gateway-validated server-side.
+        if (enforceTokenShape && explicitEnvToken) {
+            const looksLikeJwt = token.split('.').length === 3;
+            if (!looksLikeJwt || token.length < 40) {
+                return { valid: false, error: 'Auth token expired or invalid. Run: vigthoria login' };
+            }
+        }
         const headers = {
             Authorization: `Bearer ${token}`,
             Cookie: `vigthoria-auth-token=${token}`,
@@ -487,18 +496,32 @@ class APIClient {
             if (r.status === 'fulfilled')
                 return { valid: true };
         }
-        for (const r of results) {
-            if (r.status === 'rejected') {
-                const err = r.reason;
-                if (err.response?.status === 401 || err.response?.status === 403) {
-                    return { valid: false, error: 'Auth token expired or invalid. Run: vigthoria login' };
-                }
-                if (err instanceof CLIError && err.category === 'auth') {
-                    return { valid: false, error: 'Auth token expired or invalid. Run: vigthoria login' };
+        const sawUnauthorized = results.some((r) => r.status === 'rejected' && ((r.reason?.response?.status === 401) || (r.reason?.response?.status === 403) || (r.reason instanceof CLIError && r.reason.category === 'auth')));
+        if (sawUnauthorized) {
+            // For persisted CLI sessions, attempt one refresh before failing auth.
+            if (!explicitEnvToken) {
+                const refreshed = await this.refreshToken();
+                if (refreshed) {
+                    const retryToken = this.getAccessToken();
+                    if (retryToken) {
+                        const retryHeaders = {
+                            Authorization: `Bearer ${retryToken}`,
+                            Cookie: `vigthoria-auth-token=${retryToken}`,
+                        };
+                        const retryResults = await Promise.allSettled([
+                            axios_1.default.get(`${canonicalBaseUrl}/api/user/profile`, { timeout: 5000, headers: retryHeaders, httpsAgent: this._httpsAgent ?? undefined }),
+                            axios_1.default.get(`${canonicalBaseUrl}/api/user/subscription`, { timeout: 5000, headers: retryHeaders, httpsAgent: this._httpsAgent ?? undefined }),
+                        ]);
+                        for (const rr of retryResults) {
+                            if (rr.status === 'fulfilled')
+                                return { valid: true };
+                        }
+                    }
                 }
             }
+            return { valid: false, error: 'Auth token expired or invalid. Run: vigthoria login' };
         }
-        if (explicitEnvToken) {
+        if (explicitEnvToken || !allowNetworkFailOpen) {
             return { valid: false, error: 'Auth token expired or invalid. Run: vigthoria login' };
         }
         // Both unreachable — don't assume the stored token is bad when running offline.
@@ -958,6 +981,8 @@ class APIClient {
         if (authToken) {
             headers.Authorization = `Bearer ${authToken}`;
             headers.Cookie = `vigthoria-auth-token=${authToken}`;
+            headers['X-Vigthoria-Token'] = authToken;
+            headers['X-Auth-Token'] = authToken;
         }
         return headers;
     }
@@ -2987,8 +3012,12 @@ document.addEventListener('DOMContentLoaded', () => {
             && !process.env.VIGTHORIA_AUTH_TOKEN
             && Boolean(this.config.get('authToken'));
         if (onlyUnauthorizedErrors && usingStoredConfigToken) {
-            this.config.clearAuth();
-            throw new Error('V3 agent authentication failed. The stored CLI login token is invalid or expired. Run vigthoria login again.');
+            const gatewayTokenCheck = await this.validateToken({ allowNetworkFailOpen: true, enforceTokenShape: true });
+            if (!gatewayTokenCheck.valid) {
+                this.config.clearAuth();
+                throw new Error('V3 agent authentication failed. The stored CLI login token is invalid or expired. Run vigthoria login again.');
+            }
+            throw new Error('V3 agent authentication failed at the V3 service layer while your gateway login token is still valid. Please retry shortly.');
         }
         if (preferLocalV3
             && !this.hasAgentWorkspaceOutput(executionContext)
@@ -3212,6 +3241,7 @@ document.addEventListener('DOMContentLoaded', () => {
      * NO localhost fallbacks - CLI is for external users, not server-side!
      */
     async chat(messages, model, useLocal = false) {
+        this.lastChatTransportErrors = [];
         const resolvedModel = this.resolveModelId(model);
         const candidateModels = this.isCloudModelId(resolvedModel) && !this.canUseCloudModel()
             ? [this.getSelfHostedFallbackModelId(resolvedModel, model)]
@@ -3230,12 +3260,16 @@ document.addEventListener('DOMContentLoaded', () => {
             }
         }
         // No more localhost fallbacks - CLI is for external users!
-        throw new CLIError('AI service unavailable. Please check your internet connection or try again later.', 'model_backend');
+        const detail = this.lastChatTransportErrors.length > 0
+            ? ` Tried routes: ${this.lastChatTransportErrors.slice(0, 4).join(' | ')}`
+            : '';
+        throw new CLIError(`AI service unavailable. Please check your internet connection or try again later.${detail}`, 'model_backend');
     }
     shouldSkipCloudRoutes(resolvedModel) {
         return this.shouldSimulateCloudFailure() && this.isCloudModelId(resolvedModel);
     }
     async tryChatWithModel(messages, resolvedModel, requestedModel) {
+        const routeFailures = [];
         const preferSelfHostedFirst = this.isSelfHostedPreferredModel(resolvedModel, requestedModel);
         if (preferSelfHostedFirst) {
             const selfHostedResponse = await this.trySelfHostedChatWithModel(messages, resolvedModel, requestedModel);
@@ -3276,6 +3310,7 @@ document.addEventListener('DOMContentLoaded', () => {
             catch (error) {
                 const errMsg = error.response?.data?.error || error.message || 'Unknown error';
                 this.logger.debug(`Direct Vigthoria Models API failed for ${resolvedModel}: ${errMsg}`);
+                routeFailures.push(`models:${String(errMsg).slice(0, 120)}`);
             }
         }
         else {
@@ -3310,6 +3345,7 @@ document.addEventListener('DOMContentLoaded', () => {
             catch (error) {
                 const errMsg = error.response?.data?.error || error.message || 'Unknown error';
                 this.logger.debug(`Vigthoria Cloud API failed for ${resolvedModel}: ${errMsg}`);
+                routeFailures.push(`coder:${String(errMsg).slice(0, 120)}`);
             }
             try {
                 this.logger.debug(`Canonical Vigthoria Cloud fallback: ${resolvedModel}`);
@@ -3339,6 +3375,7 @@ document.addEventListener('DOMContentLoaded', () => {
             catch (error) {
                 const errMsg = error.response?.data?.error || error.message || 'Unknown error';
                 this.logger.debug(`Canonical Vigthoria Cloud fallback failed for ${resolvedModel}: ${errMsg}`);
+                routeFailures.push(`coder-canonical:${String(errMsg).slice(0, 120)}`);
             }
         }
         if (!preferSelfHostedFirst) {
@@ -3347,6 +3384,9 @@ document.addEventListener('DOMContentLoaded', () => {
                 return selfHostedResponse;
             }
         }
+        if (routeFailures.length > 0) {
+            this.lastChatTransportErrors = routeFailures;
+        }
         return null;
     }
     async trySelfHostedChatWithModel(messages, resolvedModel, requestedModel) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "vigthoria-cli",
-  "version": "1.9.8",
+  "version": "1.9.10",
   "description": "Vigthoria Coder CLI - AI-powered terminal coding assistant",
   "main": "dist/index.js",
   "files": [