PyPI - aline-ai - Versions diffs - 0.5.12__py3-none-any.whl → 0.5.13__py3-none-any.whl - Mend

aline-ai 0.5.12py3-none-any.whl → 0.5.13py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

{aline_ai-0.5.12.dist-info → aline_ai-0.5.13.dist-info}/METADATA +1 -1
{aline_ai-0.5.12.dist-info → aline_ai-0.5.13.dist-info}/RECORD +20 -18
realign/__init__.py +1 -1
realign/auth.py +539 -0
realign/cli.py +23 -1
realign/commands/auth.py +242 -0
realign/commands/export_shares.py +44 -21
realign/commands/import_shares.py +10 -10
realign/commands/init.py +10 -33
realign/commands/watcher.py +11 -16
realign/config.py +12 -29
realign/dashboard/widgets/config_panel.py +177 -1
realign/db/base.py +28 -11
realign/db/schema.py +102 -15
realign/db/sqlite_db.py +108 -58
realign/watcher_core.py +1 -9
{aline_ai-0.5.12.dist-info → aline_ai-0.5.13.dist-info}/WHEEL +0 -0
{aline_ai-0.5.12.dist-info → aline_ai-0.5.13.dist-info}/entry_points.txt +0 -0
{aline_ai-0.5.12.dist-info → aline_ai-0.5.13.dist-info}/licenses/LICENSE +0 -0
{aline_ai-0.5.12.dist-info → aline_ai-0.5.13.dist-info}/top_level.txt +0 -0

realign/commands/auth.py ADDED Viewed

@@ -0,0 +1,242 @@
+#!/usr/bin/env python3
+"""
+Authentication commands for Aline CLI.
+Commands:
+- aline login   - Login via web browser
+- aline logout  - Clear local credentials
+- aline whoami  - Show current login status
+"""
+import sys
+from typing import Optional
+try:
+    from rich.console import Console
+    from rich.prompt import Prompt
+    RICH_AVAILABLE = True
+except ImportError:
+    RICH_AVAILABLE = False
+from ..auth import (
+    is_logged_in,
+    get_current_user,
+    load_credentials,
+    save_credentials,
+    clear_credentials,
+    open_login_page,
+    validate_cli_token,
+    find_free_port,
+    start_callback_server,
+    HTTPX_AVAILABLE,
+)
+from ..config import ReAlignConfig
+from ..logging_config import setup_logger
+logger = setup_logger("realign.commands.auth", "auth.log")
+if RICH_AVAILABLE:
+    console = Console()
+else:
+    console = None
+def login_command() -> int:
+    """
+    Login to Aline via web browser.
+    Opens the web login page with automatic callback - no manual token copy needed.
+    Returns:
+        0 on success, 1 on error
+    """
+    # Check dependencies
+    if not HTTPX_AVAILABLE:
+        print("Error: httpx package not installed", file=sys.stderr)
+        print("Install it with: pip install httpx", file=sys.stderr)
+        return 1
+    # Check if already logged in
+    credentials = load_credentials()
+    if credentials and is_logged_in():
+        if console:
+            console.print(f"[yellow]Already logged in as {credentials.email}[/yellow]")
+            console.print("Run 'aline logout' first if you want to switch accounts.")
+        else:
+            print(f"Already logged in as {credentials.email}")
+            print("Run 'aline logout' first if you want to switch accounts.")
+        return 0
+    # Start local callback server
+    port = find_free_port()
+    if console:
+        console.print("[cyan]Opening browser for login...[/cyan]")
+        console.print("[dim]Waiting for authentication...[/dim]\n")
+    else:
+        print("Opening browser for login...")
+        print("Waiting for authentication...\n")
+    # Open browser with callback URL
+    login_url = open_login_page(callback_port=port)
+    if console:
+        console.print(f"[dim]If browser doesn't open, visit:[/dim]")
+        console.print(f"[link={login_url}]{login_url}[/link]\n")
+    else:
+        print(f"If browser doesn't open, visit:")
+        print(f"{login_url}\n")
+    # Wait for callback with token
+    cli_token, error = start_callback_server(port, timeout=300)
+    if error:
+        if console:
+            console.print(f"[red]Error: {error}[/red]")
+        else:
+            print(f"Error: {error}", file=sys.stderr)
+        return 1
+    if not cli_token:
+        if console:
+            console.print("[red]Error: No token received[/red]")
+            console.print("Please try again with 'aline login'")
+        else:
+            print("Error: No token received", file=sys.stderr)
+            print("Please try again with 'aline login'")
+        return 1
+    # Validate token
+    if console:
+        console.print("[cyan]Validating token...[/cyan]")
+    else:
+        print("Validating token...")
+    credentials = validate_cli_token(cli_token)
+    if not credentials:
+        if console:
+            console.print("[red]Error: Invalid or expired token[/red]")
+            console.print("Please try again with 'aline login'")
+        else:
+            print("Error: Invalid or expired token", file=sys.stderr)
+            print("Please try again with 'aline login'")
+        return 1
+    # Save credentials
+    if not save_credentials(credentials):
+        if console:
+            console.print("[red]Error: Failed to save credentials[/red]")
+        else:
+            print("Error: Failed to save credentials", file=sys.stderr)
+        return 1
+    # Sync Supabase uid to local config
+    # This ensures all new Events/Sessions/Turns use the same uid as shares
+    try:
+        config = ReAlignConfig.load()
+        old_uid = config.uid
+        config.uid = credentials.user_id
+        # Use email as user_name if not already set
+        if not config.user_name:
+            config.user_name = credentials.email.split("@")[0]  # Use email prefix as username
+        config.save()
+        logger.info(f"Synced Supabase uid to config: {credentials.user_id[:8]}... (was: {old_uid[:8] if old_uid else 'not set'}...)")
+        # V18: Upsert user info to users table
+        try:
+            from ..db import get_database
+            db = get_database()
+            db.upsert_user(config.uid, config.user_name)
+        except Exception as e:
+            logger.debug(f"Failed to upsert user to users table: {e}")
+    except Exception as e:
+        # Non-fatal: continue even if config sync fails
+        logger.warning(f"Failed to sync uid to config: {e}")
+    # Success
+    if console:
+        console.print(f"\n[green]Login successful![/green]")
+        console.print(f"Logged in as: [bold]{credentials.email}[/bold]")
+        if credentials.provider and credentials.provider != "email":
+            console.print(f"Provider: {credentials.provider}")
+        console.print(f"[dim]User ID synced to local config[/dim]")
+    else:
+        print(f"\nLogin successful!")
+        print(f"Logged in as: {credentials.email}")
+        if credentials.provider and credentials.provider != "email":
+            print(f"Provider: {credentials.provider}")
+        print("User ID synced to local config")
+    logger.info(f"Login successful for {credentials.email}")
+    return 0
+def logout_command() -> int:
+    """
+    Logout from Aline and clear local credentials.
+    Returns:
+        0 on success, 1 on error
+    """
+    credentials = load_credentials()
+    if not credentials:
+        if console:
+            console.print("[yellow]Not currently logged in.[/yellow]")
+        else:
+            print("Not currently logged in.")
+        return 0
+    email = credentials.email
+    if not clear_credentials():
+        if console:
+            console.print("[red]Error: Failed to clear credentials[/red]")
+        else:
+            print("Error: Failed to clear credentials", file=sys.stderr)
+        return 1
+    if console:
+        console.print(f"[green]Logged out successfully.[/green]")
+        console.print(f"Cleared credentials for: {email}")
+    else:
+        print("Logged out successfully.")
+        print(f"Cleared credentials for: {email}")
+    logger.info(f"Logout successful for {email}")
+    return 0
+def whoami_command() -> int:
+    """
+    Display current login status.
+    Returns:
+        0 if logged in, 1 if not logged in
+    """
+    credentials = get_current_user()
+    if not credentials:
+        if console:
+            console.print("[yellow]Not logged in.[/yellow]")
+            console.print("Run 'aline login' to authenticate.")
+        else:
+            print("Not logged in.")
+            print("Run 'aline login' to authenticate.")
+        return 1
+    if console:
+        console.print(f"[green]Logged in as:[/green] [bold]{credentials.email}[/bold]")
+        console.print(f"[dim]User ID:[/dim] {credentials.user_id}")
+        if credentials.provider:
+            console.print(f"[dim]Provider:[/dim] {credentials.provider}")
+        console.print(f"[dim]Token expires:[/dim] {credentials.expires_at.strftime('%Y-%m-%d %H:%M:%S UTC')}")
+    else:
+        print(f"Logged in as: {credentials.email}")
+        print(f"User ID: {credentials.user_id}")
+        if credentials.provider:
+            print(f"Provider: {credentials.provider}")
+        print(f"Token expires: {credentials.expires_at.strftime('%Y-%m-%d %H:%M:%S UTC')}")
+    return 0

realign/commands/export_shares.py CHANGED Viewed

@@ -25,6 +25,7 @@ from typing import Any, List, Dict, Optional, Tuple, Set, Callable
 from ..logging_config import setup_logger
 from ..db.base import SessionRecord, TurnRecord
 from ..llm_client import call_llm, extract_json
+from ..auth import get_auth_headers, is_logged_in
 logger = setup_logger("realign.commands.export_shares", "export_shares.log")
@@ -177,9 +178,9 @@ class ExportableSession:
     last_activity_at: Optional[datetime]  # Last activity time
     turn_count: int  # Number of turns in session
     turns: List[TurnRecord]  # List of turns
-    # V9: creator information
-    creator_name: Optional[str] = None  # Username who created the session
-    creator_id: Optional[str] = None  # User UUID
+    # V18: user identity
+    created_by: Optional[str] = None  # Creator UID
+    shared_by: Optional[str] = None  # Sharer UID
 def get_sessions_for_export(
@@ -215,8 +216,8 @@ def get_sessions_for_export(
                 last_activity_at=session.last_activity_at,
                 turn_count=len(turns),
                 turns=turns,
-                creator_name=session.creator_name,
-                creator_id=session.creator_id,
+                created_by=session.created_by,
+                shared_by=session.shared_by,
             )
         )
@@ -298,8 +299,8 @@ def build_exportable_sessions_from_records(
                 last_activity_at=session.last_activity_at,
                 turn_count=len(turns),
                 turns=turns,
-                creator_name=session.creator_name,
-                creator_id=session.creator_id,
+                created_by=session.created_by,
+                shared_by=session.shared_by,
             )
         )
     return exportable
@@ -803,8 +804,8 @@ def build_enhanced_conversation_data(
             full_event.created_at.isoformat() if full_event.created_at else None
         )
         event_data["metadata"] = full_event.metadata or {}
-        event_data["creator_name"] = full_event.creator_name
-        event_data["creator_id"] = full_event.creator_id
+        event_data["created_by"] = full_event.created_by
+        event_data["shared_by"] = full_event.shared_by
     # Build sessions data with turn structure
     sessions_data = []
@@ -867,13 +868,11 @@ def build_enhanced_conversation_data(
                 ),
                 "model_name": turn.model_name,
                 "git_commit_hash": turn.git_commit_hash,
-                "creator_name": turn.creator_name,
-                "creator_id": turn.creator_id,
                 "messages": messages,  # Structured messages for this turn
             }
             turns_data.append(turn_data)
-        # Build session data (V9: includes creator fields)
+        # Build session data (V18: created_by/shared_by)
         session_data = {
             "session_id": session.session_id,
             "session_type": session.session_type,
@@ -884,8 +883,8 @@ def build_enhanced_conversation_data(
             "last_activity_at": (
                 session.last_activity_at.isoformat() if session.last_activity_at else None
             ),
-            "creator_name": session.creator_name,
-            "creator_id": session.creator_id,
+            "created_by": session.created_by,
+            "shared_by": session.shared_by,
             "turns": turns_data,
         }
         sessions_data.append(session_data)
@@ -1688,9 +1687,13 @@ def _standard_upload(
         if ui_metadata:
             payload["ui_metadata"] = ui_metadata
+        # Include auth headers for Bearer token authentication
+        headers = get_auth_headers()
         response = httpx.post(
             f"{backend_url}/api/share/create",
             json=payload,
+            headers=headers,
             timeout=30.0,
         )
         response.raise_for_status()
@@ -1705,12 +1708,14 @@ def _upload_chunks_and_complete(
     upload_id: str,
     backend_url: str,
     progress_callback: Optional[Callable] = None,
+    auth_headers: Optional[Dict[str, str]] = None,
 ) -> None:
     """
     Helper function to upload chunks and complete the upload.
     Can be run in background thread.
     """
     total_chunks = len(chunks)
+    headers = auth_headers or {}
     # Upload each chunk
     for i, chunk in enumerate(chunks):
@@ -1727,6 +1732,7 @@ def _upload_chunks_and_complete(
             response = httpx.post(
                 f"{backend_url}/api/share/chunk/upload",
                 json=chunk_payload,
+                headers=headers,
                 timeout=60.0,  # Longer timeout for chunk uploads
             )
             response.raise_for_status()
@@ -1748,6 +1754,7 @@ def _upload_chunks_and_complete(
         response = httpx.post(
             f"{backend_url}/api/share/chunk/complete",
             json={"upload_id": upload_id},
+            headers=headers,
             timeout=60.0,
         )
         response.raise_for_status()
@@ -1806,6 +1813,9 @@ def _chunked_upload(
     if progress_callback:
         progress_callback(0, total_chunks + 2, "Initializing chunked upload...")
+    # Get auth headers for Bearer token authentication
+    auth_headers = get_auth_headers()
     # Step 1: Initialize upload session (now returns share_url immediately)
     try:
         init_payload = {
@@ -1823,6 +1833,7 @@ def _chunked_upload(
         response = httpx.post(
             f"{backend_url}/api/share/chunk/init",
             json=init_payload,
+            headers=auth_headers,
             timeout=30.0,
         )
         response.raise_for_status()
@@ -1847,7 +1858,7 @@ def _chunked_upload(
         # but user already has the share URL displayed
         thread = threading.Thread(
             target=_upload_chunks_and_complete,
-            args=(chunks, upload_id, backend_url, None),  # No callback in background
+            args=(chunks, upload_id, backend_url, None, auth_headers),  # No callback in background
             daemon=False,  # Important: let thread complete before process exits
         )
         thread.start()
@@ -1862,7 +1873,7 @@ def _chunked_upload(
         }
     # Foreground mode: upload chunks synchronously
-    _upload_chunks_and_complete(chunks, upload_id, backend_url, progress_callback)
+    _upload_chunks_and_complete(chunks, upload_id, backend_url, progress_callback, auth_headers)
     return {
         "share_id": share_id,
@@ -1917,11 +1928,13 @@ def upload_to_backend_unencrypted(
     else:
         logger.info(f"Payload size ({payload_size / 1024:.2f}KB), using standard upload")
         print(f"📤 Using standard upload...")
-        # Standard upload
+        # Standard upload with auth headers
         try:
+            headers = get_auth_headers()
             response = httpx.post(
                 f"{backend_url}/api/share/create",
                 json=full_payload,
+                headers=headers,
                 timeout=30.0,
             )
             response.raise_for_status()
@@ -1975,6 +1988,9 @@ def _chunked_upload_unencrypted(
     if progress_callback:
         progress_callback(0, total_chunks + 2, "Initializing chunked upload...")
+    # Get auth headers for Bearer token authentication
+    auth_headers = get_auth_headers()
     # Step 1: Initialize upload session (now returns share_url immediately)
     try:
         init_payload = {
@@ -1988,6 +2004,7 @@ def _chunked_upload_unencrypted(
         response = httpx.post(
             f"{backend_url}/api/share/chunk/init",
             json=init_payload,
+            headers=auth_headers,
             timeout=30.0,
         )
         response.raise_for_status()
@@ -2012,7 +2029,7 @@ def _chunked_upload_unencrypted(
         # but user already has the share URL displayed
         thread = threading.Thread(
             target=_upload_chunks_and_complete,
-            args=(chunks, upload_id, backend_url, None),  # No callback in background
+            args=(chunks, upload_id, backend_url, None, auth_headers),  # No callback in background
             daemon=False,  # Important: let thread complete before process exits
         )
         thread.start()
@@ -2027,7 +2044,7 @@ def _chunked_upload_unencrypted(
         }
     # Foreground mode: upload chunks synchronously
-    _upload_chunks_and_complete(chunks, upload_id, backend_url, progress_callback)
+    _upload_chunks_and_complete(chunks, upload_id, backend_url, progress_callback, auth_headers)
     return {
         "share_id": share_id,
@@ -3036,16 +3053,22 @@ def export_shares_interactive_command(
     # Check dependencies
     if not CRYPTO_AVAILABLE:
         if not json_output:
-            print("❌ Error: cryptography package not installed", file=sys.stderr)
+            print("Error: cryptography package not installed", file=sys.stderr)
             print("Install it with: pip install cryptography", file=sys.stderr)
         return 1
     if not HTTPX_AVAILABLE:
         if not json_output:
-            print("❌ Error: httpx package not installed", file=sys.stderr)
+            print("Error: httpx package not installed", file=sys.stderr)
             print("Install it with: pip install httpx", file=sys.stderr)
         return 1
+    # Check authentication - require login to create shares
+    if not is_logged_in():
+        if not json_output:
+            print("Error: Not logged in. Please run 'aline login' first.", file=sys.stderr)
+        return 1
     # Get backend URL
     if backend_url is None:
         # Try to load from config

realign/commands/import_shares.py CHANGED Viewed

@@ -288,8 +288,9 @@ def import_v2_data(
             slack_message=None,
             share_url=share_url,
             commit_hashes=[],
-            creator_name=event_data.get("creator_name"),  # V9: preserve creator info
-            creator_id=event_data.get("creator_id"),
+            # V18: user identity (with backward compatibility for old format)
+            created_by=event_data.get("created_by") or event_data.get("uid") or event_data.get("creator_id"),
+            shared_by=config.uid,  # Current user is the importer
         )
         # Use sync_events for both create and update (upsert behavior)
@@ -393,8 +394,9 @@ def import_session_with_turns(
             summary_status="completed",
             summary_locked_until=None,
             summary_error=None,
-            creator_name=session_data.get("creator_name"),  # V9: preserve creator info
-            creator_id=session_data.get("creator_id"),
+            # V18: user identity (with backward compatibility for old format)
+            created_by=session_data.get("created_by") or session_data.get("uid") or session_data.get("creator_id"),
+            shared_by=config.uid,  # Current user is the importer
         )
         if existing_session and force:
@@ -423,8 +425,8 @@ def import_session_with_turns(
                     summary_status = ?,
                     summary_locked_until = ?,
                     summary_error = ?,
-                    creator_name = ?,
-                    creator_id = ?
+                    created_by = ?,
+                    shared_by = ?
                 WHERE id = ?
             """,
                 (
@@ -434,8 +436,8 @@ def import_session_with_turns(
                     session.summary_status,
                     session.summary_locked_until,
                     session.summary_error,
-                    session.creator_name,
-                    session.creator_id,
+                    session.created_by,
+                    session.shared_by,
                     session.id,
                 ),
             )
@@ -473,8 +475,6 @@ def import_session_with_turns(
             timestamp=parse_datetime(turn_data.get("timestamp")) or datetime.now(),
             created_at=datetime.now(),
             git_commit_hash=turn_data.get("git_commit_hash"),
-            creator_name=turn_data.get("creator_name"),  # V9: preserve creator info
-            creator_id=turn_data.get("creator_id"),
         )
         # Store turn content (JSONL)

realign/commands/init.py CHANGED Viewed

@@ -9,7 +9,6 @@ from rich.console import Console
 from ..config import (
     ReAlignConfig,
     get_default_config_content,
-    generate_user_id,
     generate_random_username,
 )
@@ -647,45 +646,23 @@ def init_global(
         # Load config
         config = ReAlignConfig.load()
-        # User identity setup (V9)
-        if not config.user_id:
+        # User identity setup (V17: uid from Supabase login)
+        if not config.uid:
             console.print("\n[bold blue]═══ User Identity Setup ═══[/bold blue]")
             console.print(
-                "ReAlign needs to identify you for tracking session ownership.\n"
+                "Aline requires login for user identification.\n"
             )
-            # Generate user UUID (based on MAC address)
-            config.user_id = generate_user_id()
-            console.print(f"Generated user ID: [cyan]{config.user_id[:8]}...[/cyan]\n")
-            # Prompt user for username
-            try:
-                from rich.prompt import Prompt
-                user_input = Prompt.ask(
-                    "[cyan]Enter your username (or press Enter for auto-generated)[/cyan]",
-                    default="",
-                )
-            except ImportError:
-                user_input = input(
-                    "Enter your username (or press Enter for auto-generated): "
-                ).strip()
-            if user_input:
-                config.user_name = user_input
-            else:
-                # Auto-generate username
+            console.print(
+                "[yellow]Run 'aline login' to authenticate with your account.[/yellow]\n"
+            )
+            # If user_name is also not set, generate a temporary one
+            if not config.user_name:
                 config.user_name = generate_random_username()
+                config.save()
                 console.print(
-                    f"Auto-generated username: [yellow]{config.user_name}[/yellow]"
+                    f"Auto-generated username: [yellow]{config.user_name}[/yellow] (will update on login)\n"
                 )
-            # Save config with user identity
-            config.save()
-            console.print(
-                f"[green]✓[/green] User identity saved: [bold]{config.user_name}[/bold] ([dim]{config.user_id[:8]}...[/dim])\n"
-            )
         # Initialize database
         db_path = Path(config.sqlite_db_path).expanduser()
         db_path.parent.mkdir(parents=True, exist_ok=True)

realign/commands/watcher.py CHANGED Viewed

@@ -1012,7 +1012,7 @@ def _get_imported_sessions(db, exclude_session_ids: set) -> list:
                     "session_file": None,  # No file for imported sessions
                     "session_title": session.session_title,
                     "session_summary": session.session_summary,
-                    "creator_name": session.creator_name,
+                    "created_by": session.created_by,
                 }
             )
@@ -1226,7 +1226,7 @@ def _get_session_tracking_status_batch(
         if record and status in ("partial", "tracked"):
             info["session_title"] = record.session_title
             info["session_summary"] = record.session_summary
-            info["creator_name"] = record.creator_name
+            info["created_by"] = record.created_by
         session_infos.append(info)
@@ -1526,7 +1526,7 @@ def watcher_session_list_command(
                     "last_activity": info["last_activity"].isoformat(),
                     "session_title": info.get("session_title"),
                     "session_summary": info.get("session_summary"),
-                    "creator_name": info.get("creator_name"),
+                    "created_by": info.get("created_by"),
                     "session_file": (
                         str(info.get("session_file")) if info.get("session_file") else None
                     ),
@@ -1622,14 +1622,12 @@ def watcher_session_list_command(
                 title_str = info.get("session_title") or "-"
                 title_str = title_str.strip()
-            # V9: Display creator (truncate if too long)
+            # V18: Display created_by UID (truncate if too long)
             creator_display = "-"
             if info["status"] in ("partial", "tracked"):
-                creator_name = info.get("creator_name")
-                if creator_name:
-                    creator_display = creator_name
-                    if len(creator_display) > 10:
-                        creator_display = creator_display[:10] + "..."
+                created_by = info.get("created_by")
+                if created_by:
+                    creator_display = created_by[:8] + "..."
             # Truncate project name
             project_name = info["project_name"]
@@ -1851,8 +1849,7 @@ def watcher_event_generate_command(session_selector: str, show_sessions: bool =
             updated_at=now,
             metadata={},
             commit_hashes=[],
-            creator_name=config.user_name,
-            creator_id=config.user_id,
+            created_by=config.uid,
         )
         # Save to database
@@ -2117,7 +2114,7 @@ def watcher_event_list_command(
                     "id": event.id,
                     "title": event.title,
                     "description": event.description,
-                    "creator_name": event.creator_name,
+                    "created_by": event.created_by,
                     "generated_by": generated_by,
                     "session_count": session_count,
                     "session_ids": session_ids,
@@ -2177,10 +2174,8 @@ def watcher_event_list_command(
             else:
                 share_link_display = "[dim]-[/dim]"
-            # V9: Display creator (truncate if too long)
-            creator_display = event.creator_name or "-"
-            if creator_display and len(creator_display) > 12:
-                creator_display = creator_display[:12] + "..."
+            # V18: Display created_by UID (truncate)
+            creator_display = (event.created_by[:8] + "...") if event.created_by else "-"
             table.add_row(
                 str(idx),

aline-ai 0.5.12__py3-none-any.whl → 0.5.13__py3-none-any.whl

aline-ai 0.5.12py3-none-any.whl → 0.5.13py3-none-any.whl