envis 0.0.1__tar.gz

envis-0.0.1/.gitignore

@@ -0,0 +1,5 @@
+node_modules
+.env
+__pycache__
+*_cache
+.env.local

envis-0.0.1/LICENSE.txt

@@ -0,0 +1,3 @@
+Copyright (c) 2026-present umairx25 <umairarhambd@gmail.com>
+
+`envis` is released under a private source-available license: you can use the SDK to integrate with the Envisible service, but the backend platform remains proprietary. 

envis-0.0.1/PKG-INFO

@@ -0,0 +1,40 @@
+Metadata-Version: 2.4
+Name: envis
+Version: 0.0.1
+Summary: Secure, simple, and powerful secret management.
+Project-URL: Homepage, https://envisible.dev
+Project-URL: Documentation, https://github.com/umairx25/envis#readme
+Project-URL: Issues, https://github.com/umairx25/envis/issues
+Project-URL: Source, https://github.com/umairx25/envis
+Author-email: Umair Arham <contact@uarham.me>
+License-Expression: MIT
+License-File: LICENSE.txt
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+
+# envis
+
+[![PyPI - Version](https://img.shields.io/pypi/v/envis.svg)](https://pypi.org/project/envis)
+[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/envis.svg)](https://pypi.org/project/envis)
+
+-----
+
+## Table of Contents
+
+- [Installation](#installation)
+- [License](#license)
+- [Contact](#contact)
+
+## Installation
+
+```console
+pip install envis
+```
+
+## License
+
+`envis` is released under a private source-available license: you can use the SDK to integrate with https://envisible.dev, but the backend platform remains proprietary. 
+
+## Contact
+- [Website](https://envisible.dev)
+- [Email](mailto:contact@uarham.me)

envis-0.0.1/README.md

@@ -0,0 +1,26 @@
+# envis
+
+[![PyPI - Version](https://img.shields.io/pypi/v/envis.svg)](https://pypi.org/project/envis)
+[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/envis.svg)](https://pypi.org/project/envis)
+
+-----
+
+## Table of Contents
+
+- [Installation](#installation)
+- [License](#license)
+- [Contact](#contact)
+
+## Installation
+
+```console
+pip install envis
+```
+
+## License
+
+`envis` is released under a private source-available license: you can use the SDK to integrate with https://envisible.dev, but the backend platform remains proprietary. 
+
+## Contact
+- [Website](https://envisible.dev)
+- [Email](mailto:contact@uarham.me)

envis-0.0.1/pyproject.toml

@@ -0,0 +1,64 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "envis"
+dynamic = ["version"]
+description = 'Secure, simple, and powerful secret management.'
+readme = "README.md"
+requires-python = ">=3.8"
+license = "MIT"
+keywords = []
+[[project.authors]]
+name = "Umair Arham"
+email = "contact@uarham.me"
+classifiers = [
+  "Development Status :: 4 - Beta",
+  "Programming Language :: Python",
+  "Programming Language :: Python :: 3.8",
+  "Programming Language :: Python :: 3.9",
+  "Programming Language :: Python :: 3.10",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
+  "Programming Language :: Python :: Implementation :: CPython",
+  "Programming Language :: Python :: Implementation :: PyPy",
+]
+dependencies = [
+  "requests>=2.31.0",
+]
+
+[project.urls]
+Homepage = "https://envisible.dev"
+Documentation = "https://github.com/umairx25/envis#readme"
+Issues = "https://github.com/umairx25/envis/issues"
+Source = "https://github.com/umairx25/envis"
+
+[tool.hatch.version]
+path = "src/envis/__about__.py"
+
+[tool.hatch.envs.types]
+extra-dependencies = [
+  "mypy>=1.0.0",
+]
+[tool.hatch.envs.types.scripts]
+check = "mypy --install-types --non-interactive {args:src/envis tests}"
+
+[tool.coverage.run]
+source_pkgs = ["envis", "tests"]
+branch = true
+parallel = true
+omit = [
+  "src/envis/__about__.py",
+]
+
+[tool.coverage.paths]
+envis = ["src/envis", "*/envis/src/envis"]
+tests = ["tests", "*/envis/tests"]
+
+[tool.coverage.report]
+exclude_lines = [
+  "no cov",
+  "if __name__ == .__main__.:",
+  "if TYPE_CHECKING:",
+]

envis-0.0.1/setup.py

@@ -0,0 +1,32 @@
+from pathlib import Path
+
+from setuptools import find_packages, setup
+
+PACKAGE_ROOT = Path(__file__).parent
+
+# Reuse the single source of truth for the package version.
+ABOUT_PATH = PACKAGE_ROOT / "src" / "envis" / "__about__.py"
+ABOUT: dict = {}
+exec(ABOUT_PATH.read_text(encoding="utf-8"), ABOUT)
+
+README_PATH = PACKAGE_ROOT / "README.md"
+LONG_DESCRIPTION = README_PATH.read_text(encoding="utf-8")
+
+setup(
+    name="envis",
+    version=ABOUT["__version__"],
+    description="Secure, simple, and powerful secret management.",
+    long_description=LONG_DESCRIPTION,
+    long_description_content_type="text/markdown",
+    author="Umair Arham",
+    author_email="contact@uarham.me",
+    url="https://github.com/umairx25/envis",
+    packages=find_packages(where="src"),
+    package_dir={"": "src"},
+    python_requires=">=3.8",
+    install_requires=[
+        "requests>=2.31.0",
+        "termcolor>=2.3.0",
+    ],
+    include_package_data=True
+)

envis-0.0.1/src/envis/__about__.py

@@ -0,0 +1,4 @@
+# SPDX-FileCopyrightText: 2026-present umairx25 <umairarhambd@gmail.com>
+#
+# SPDX-License-Identifier: MIT
+__version__ = "0.0.1"

envis-0.0.1/src/envis/__init__.py

@@ -0,0 +1,8 @@
+# SPDX-FileCopyrightText: 2026-present umairx25 <umairarhambd@gmail.com>
+#
+# SPDX-License-Identifier: MIT
+
+from .main import get, logout
+
+__all__ = ["get", "logout"]
+

envis-0.0.1/src/envis/auth.py

@@ -0,0 +1,56 @@
+from typing import Any
+import time
+import requests
+import json
+from uuid import UUID
+from .session import write_session, BASE_URL, WAIT_TIME, POLL_DELAY_SECONDS
+
+def wait_for_auth(device_id: str) -> dict[str, Any]:
+    """
+    Poll the backend until the device session is ready or the wait time expires.
+    """
+    try:
+        UUID(device_id)
+    except ValueError as exc:
+        raise RuntimeError("Device id must be a valid UUID.") from exc
+
+    url = f"{BASE_URL}/v1/auth/{device_id}"
+
+    deadline = time.monotonic() + WAIT_TIME
+    
+    while time.monotonic() < deadline:
+        try:
+            response = requests.get(url, timeout=10)
+        except requests.RequestException:
+            time.sleep(POLL_DELAY_SECONDS)
+            continue
+
+        try:
+            payload = response.json()
+        except ValueError as exc:
+            raise RuntimeError("Auth endpoint returned invalid JSON.") from exc
+
+        if response.status_code == 200 and payload.get("is_auth"):
+            session_blob = payload.get("content")
+            if not session_blob:
+                raise RuntimeError("Auth endpoint returned an empty session payload.")
+            try:
+                session = json.loads(session_blob)
+            except json.JSONDecodeError as exc:
+                raise RuntimeError("Auth endpoint returned malformed session data.") from exc
+
+            write_session(session)
+            return session
+
+        if response.status_code == 202:
+            retry_header = response.headers.get("Retry-After")
+            try:
+                delay = max(1, int(retry_header)) if retry_header else POLL_DELAY_SECONDS
+            except ValueError:
+                delay = POLL_DELAY_SECONDS
+            time.sleep(delay)
+            continue
+
+        detail = payload.get("detail") if isinstance(payload, dict) else response.text
+        status_code = response.status_code
+        raise RuntimeError(f"Auth endpoint failed ({status_code}): {detail}")

envis-0.0.1/src/envis/main.py

@@ -0,0 +1,80 @@
+from urllib.parse import urlparse
+import requests
+from .session import load_session, ensure_session, SESSION_PATH, BASE_URL
+from termcolor import colored
+
+"""
+Helpers
+"""
+
+def _extract_user_id(session: dict) -> str | None:
+    """
+    Return the Supabase user ID from the cached session, if present.
+    """
+    user = session.get("user")
+    if isinstance(user, dict):
+        user_id = user.get("id")
+        if isinstance(user_id, str) and user_id.strip():
+            return user_id
+    return None
+
+
+def _is_local_base_url(base_url: str) -> bool:
+    """
+    Determine if the API URL is targeting a local dev server.
+    """
+    parsed = urlparse(base_url)
+    host = parsed.hostname or ""
+    return host in {"localhost", "127.0.0.1", "0.0.0.0"}
+
+"""
+Main functions
+"""
+
+def logout() -> None:
+    """
+    Remove the cached session so the next call forces re-authentication.
+    """
+    if not SESSION_PATH.exists():
+        raise RuntimeError("Already logged out. Please authenticate again.")
+
+    try:
+        SESSION_PATH.unlink()
+        print(colored("Successfully logged out!", "green"))
+    except OSError as exc:
+        raise RuntimeError(f"Unable to remove session cache: {exc}") from exc
+    
+
+def get(project_id: str, secret_name: str) -> dict:
+    """
+    Fetch a secret value, enforcing that the caller has an authenticated session.
+    """
+    ensure_session()
+    session = load_session()
+    headers = {
+        "Authorization": f"Bearer {session['access_token']}",
+        "Content-Type": "application/json",
+    }
+    if _is_local_base_url(BASE_URL):
+        user_id = _extract_user_id(session)
+        if user_id:
+            headers["X-User-Id"] = user_id
+
+    url = f"{BASE_URL}/v1/projects/{project_id}/secrets/{secret_name}"
+    try:
+        resp = requests.get(url, headers=headers, timeout=10)
+        resp.raise_for_status()
+    except requests.HTTPError as exc:
+        detail = exc.response.text if exc.response is not None else str(exc)
+        raise RuntimeError(f"Failed to fetch secret ({exc.response.status_code if exc.response else 'HTTP error'}): {detail}") from exc
+    except requests.RequestException as exc:
+        raise RuntimeError(f"Failed to reach Envault API: {exc}") from exc
+
+    try:
+        res= resp.json()
+        return res["value"]
+    except ValueError:
+        text = resp.text.strip()
+        if text:
+            return {"raw": text}
+        raise RuntimeError("API returned an empty, non-JSON response when fetching secret.")

envis-0.0.1/src/envis/session.py

@@ -0,0 +1,89 @@
+from uuid import uuid4
+from pathlib import Path
+from typing import Any
+import json
+import os
+import webbrowser
+from termcolor import colored
+
+SESSION_PATH = Path.home() / ".envis" / "session.json"
+
+def _get_env_url(var_name: str, default: str) -> str:
+    """
+    Read a URL override from environment variables with a safe fallback.
+    Trailing slashes are stripped so joins don't produce double slashes.
+    """
+    value = os.getenv(var_name)
+    if not value:
+        return default
+    return value.rstrip("/")
+
+BASE_URL = _get_env_url("ENVIS_API_URL", "https://envis.onrender.com")
+FRONTEND_URL = _get_env_url("ENVIS_DASH_URL", "https://envisible.netlify.app")
+WAIT_TIME = 120
+POLL_DELAY_SECONDS = 5
+
+def load_session() -> dict:
+    """
+    Load the cached session tokens that the CLI stored after login.
+    """
+
+    if not SESSION_PATH.exists():
+        device_code = uuid4()
+        raise RuntimeError(
+            f"Not authenticated. Visit {FRONTEND_URL}/auth?device_code={device_code} to link this device."
+        )
+
+    try:
+        session = json.loads(SESSION_PATH.read_text(encoding="utf-8"))
+    except json.JSONDecodeError as exc:
+        raise RuntimeError("Session file is corrupt. Re-run `envis login`.") from exc
+
+    access_token = session.get("access_token")
+    if not access_token:
+        raise RuntimeError("Session missing access_token. Re-run `envis login`.")
+
+    return session
+
+
+def write_session(session_info: dict[str, Any]) -> None:
+    """
+    Persist the Supabase session locally so future calls can reuse it.
+    """
+    if not isinstance(session_info, dict):
+        raise RuntimeError("Session payload must be a dictionary.")
+
+    try:
+        payload = json.dumps(session_info, indent=2)
+    except (TypeError, ValueError) as exc:
+        raise RuntimeError("Session payload is not JSON serializable.") from exc
+
+    try:
+        SESSION_PATH.parent.mkdir(parents=True, exist_ok=True)
+        SESSION_PATH.write_text(payload, encoding="utf-8")
+        os.chmod(SESSION_PATH, 0o600)
+    except OSError as exc:
+        raise RuntimeError(f"Failed to write session cache: {exc}") from exc
+
+def ensure_session() -> None:
+
+    from .auth import wait_for_auth
+
+    if SESSION_PATH.exists():
+        return
+
+    device_code = str(uuid4())
+    auth_url = f"{FRONTEND_URL}/auth?device_code={device_code}"
+
+    print(colored("No cached session detected.", "red"))
+
+    try:
+        webbrowser.open(auth_url, new=2)
+        print(f"\nTrying to open:")
+        print(colored(f"        {auth_url}", "blue"))
+    except Exception:
+        print(colored("Could not open browser automatically – open \n {auth_url}", "red"))
+
+    print("\nWaiting for the session to be approved...")
+    wait_for_auth(device_code)
+    print(colored("\nDevice approved and session saved locally.", "green"))

envis-0.0.1/tests/__init__.py

@@ -0,0 +1,3 @@
+# SPDX-FileCopyrightText: 2026-present umairx25 <umairarhambd@gmail.com>
+#
+# SPDX-License-Identifier: MIT