powerbase-cli 0.1.2__tar.gz → 0.1.4__tar.gz

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: powerbase-cli
-Version: 0.1.2
+Version: 0.1.4
 Summary: CLI for operating Powerbase console workflows
 Author: Powerbase
 Requires-Python: >=3.11
@@ -91,6 +91,7 @@ The preferred flow is:
 
 ```bash
 powerbase auth login
+powerbase auth wait --login-id LOGIN_ID
 ```
 
 The CLI now includes a built-in `base_url` and `anon_key` default for this deployment. The test package also bundles this environment's self-signed CA certificate, so most users can start with browser login directly and only use flags or environment variables when overriding that default.
@@ -100,16 +101,14 @@ The bundled CA is a test-only convenience for the current self-signed deployment
 This will:
 
 1. request a CLI login session from Powerbase
-2. print a browser URL
-3. poll until browser approval or until `--timeout` elapses (default **600** seconds, ten minutes)
-4. save the resulting session to `~/.config/powerbase/auth.json`
+2. return a `login_id` and browser URL
+3. wait for the user to approve the request in their own browser
+4. poll with `powerbase auth wait --login-id ...` until approval or until `--timeout` elapses (default **600** seconds, ten minutes)
+5. save the resulting session to `~/.config/powerbase/auth.json`
 
-Use `--timeout 0` to wait without a time limit. Use a larger value if users need more than ten minutes to complete login.
-For agent-guided workflows, prefer `powerbase auth login --no-wait --json` so the CLI returns the `login_url` and exits immediately instead of blocking on polling.
-If the browser link expires or the user is not currently signed in to the console, rerun `powerbase auth login --no-wait --json` to generate a fresh login URL before retrying.
-If an agent or wrapper script is coordinating the workflow, it is still helpful
-to tell the user: after browser approval, return to the current session so the
-remaining steps can continue.
+Use `--timeout 0` on `auth wait` to wait without a time limit. Use a larger value if users need more than ten minutes to complete login.
+For agent-guided workflows, run `powerbase auth login --json`, return the `login_url` to the user, stop, and wait for the user to confirm browser approval before running `powerbase auth wait --login-id ... --json`.
+If the browser link expires or the user is not currently signed in to the console, rerun `powerbase auth login --json` to generate a fresh login URL before retrying.
 
 ### Manual Token Import
 
@@ -280,22 +279,24 @@ When Openclaw or another LLM agent uses `powerbase`:
 - run discovery commands before write operations
 - set context for long multi-step tasks
 - use `auth status` before workflows that assume login
-- prefer `auth login --no-wait --json` for browser login so the agent can hand `login_url` back to the user
-- if a protected command says authentication is missing or expired, rerun `auth login --no-wait --json` to generate a fresh login URL
+- use `auth login --json` to generate a login URL, then stop and hand `login_url` to the user
 - do not have the agent open the browser login URL itself; the user must complete that approval step
+- after the user confirms approval, run `auth wait --login-id ... --json` to complete login
+- if a protected command says authentication is missing or expired, rerun `auth login --json` to generate a fresh login URL
 - remember that `--json` overrides a saved `config output text` setting for that command
 
 Recommended agent sequence:
 
 1. `powerbase auth status --json`
-2. If unauthenticated, or if a protected command reports an auth error, run `powerbase auth login --no-wait --json`, return the `login_url` to the user, and wait for them to approve in the browser
-3. `powerbase context show --json`
-4. If no instance is selected, run `powerbase instance list --json`
-5. If no suitable instance exists, prefer `powerbase instance create --name ... --org-id ... --json`
-6. Use `powerbase database ...` only for the advanced bring-your-own-database path
-7. Set context with `powerbase context use-instance ...`
-8. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
-9. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
+2. If unauthenticated, or if a protected command reports an auth error, run `powerbase auth login --json` and return the `login_url` plus `login_id` to the user
+3. After the user confirms browser approval, run `powerbase auth wait --login-id LOGIN_ID --json`
+4. `powerbase context show --json`
+5. If no instance is selected, run `powerbase instance list --json`
+6. If no suitable instance exists, prefer `powerbase instance create --name ... --org-id ... --json`
+7. Use `powerbase database ...` only for the advanced bring-your-own-database path
+8. Set context with `powerbase context use-instance ...`
+9. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
+10. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
 
 ## Testing
 

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/README.md

@@ -83,6 +83,7 @@ The preferred flow is:
 
 ```bash
 powerbase auth login
+powerbase auth wait --login-id LOGIN_ID
 ```
 
 The CLI now includes a built-in `base_url` and `anon_key` default for this deployment. The test package also bundles this environment's self-signed CA certificate, so most users can start with browser login directly and only use flags or environment variables when overriding that default.
@@ -92,16 +93,14 @@ The bundled CA is a test-only convenience for the current self-signed deployment
 This will:
 
 1. request a CLI login session from Powerbase
-2. print a browser URL
-3. poll until browser approval or until `--timeout` elapses (default **600** seconds, ten minutes)
-4. save the resulting session to `~/.config/powerbase/auth.json`
+2. return a `login_id` and browser URL
+3. wait for the user to approve the request in their own browser
+4. poll with `powerbase auth wait --login-id ...` until approval or until `--timeout` elapses (default **600** seconds, ten minutes)
+5. save the resulting session to `~/.config/powerbase/auth.json`
 
-Use `--timeout 0` to wait without a time limit. Use a larger value if users need more than ten minutes to complete login.
-For agent-guided workflows, prefer `powerbase auth login --no-wait --json` so the CLI returns the `login_url` and exits immediately instead of blocking on polling.
-If the browser link expires or the user is not currently signed in to the console, rerun `powerbase auth login --no-wait --json` to generate a fresh login URL before retrying.
-If an agent or wrapper script is coordinating the workflow, it is still helpful
-to tell the user: after browser approval, return to the current session so the
-remaining steps can continue.
+Use `--timeout 0` on `auth wait` to wait without a time limit. Use a larger value if users need more than ten minutes to complete login.
+For agent-guided workflows, run `powerbase auth login --json`, return the `login_url` to the user, stop, and wait for the user to confirm browser approval before running `powerbase auth wait --login-id ... --json`.
+If the browser link expires or the user is not currently signed in to the console, rerun `powerbase auth login --json` to generate a fresh login URL before retrying.
 
 ### Manual Token Import
 
@@ -272,22 +271,24 @@ When Openclaw or another LLM agent uses `powerbase`:
 - run discovery commands before write operations
 - set context for long multi-step tasks
 - use `auth status` before workflows that assume login
-- prefer `auth login --no-wait --json` for browser login so the agent can hand `login_url` back to the user
-- if a protected command says authentication is missing or expired, rerun `auth login --no-wait --json` to generate a fresh login URL
+- use `auth login --json` to generate a login URL, then stop and hand `login_url` to the user
 - do not have the agent open the browser login URL itself; the user must complete that approval step
+- after the user confirms approval, run `auth wait --login-id ... --json` to complete login
+- if a protected command says authentication is missing or expired, rerun `auth login --json` to generate a fresh login URL
 - remember that `--json` overrides a saved `config output text` setting for that command
 
 Recommended agent sequence:
 
 1. `powerbase auth status --json`
-2. If unauthenticated, or if a protected command reports an auth error, run `powerbase auth login --no-wait --json`, return the `login_url` to the user, and wait for them to approve in the browser
-3. `powerbase context show --json`
-4. If no instance is selected, run `powerbase instance list --json`
-5. If no suitable instance exists, prefer `powerbase instance create --name ... --org-id ... --json`
-6. Use `powerbase database ...` only for the advanced bring-your-own-database path
-7. Set context with `powerbase context use-instance ...`
-8. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
-9. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
+2. If unauthenticated, or if a protected command reports an auth error, run `powerbase auth login --json` and return the `login_url` plus `login_id` to the user
+3. After the user confirms browser approval, run `powerbase auth wait --login-id LOGIN_ID --json`
+4. `powerbase context show --json`
+5. If no instance is selected, run `powerbase instance list --json`
+6. If no suitable instance exists, prefer `powerbase instance create --name ... --org-id ... --json`
+7. Use `powerbase database ...` only for the advanced bring-your-own-database path
+8. Set context with `powerbase context use-instance ...`
+9. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
+10. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
 
 ## Testing
 

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "powerbase-cli"
-version = "0.1.2"
+version = "0.1.4"
 description = "CLI for operating Powerbase console workflows"
 readme = "README.md"
 requires-python = ">=3.11"

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/src/powerbase_cli/commands/auth.py

@@ -6,40 +6,18 @@ import time
 from .shared import AuthSession, AuthState, build_api, now_iso, render_output
 
 
-def handle_auth_login(args: argparse.Namespace) -> int:
+def _poll_login_until_approved(args: argparse.Namespace, *, login_id: str) -> int:
     store, config, _, _, api = build_api(args)
-    data = api.start_cli_login()
-    login_id = data["login_id"]
-    if getattr(args, "no_wait_login", False):
-        render_output(
-            args,
-            {
-                "status": "pending",
-                "login_id": login_id,
-                "login_url": data["login_url"],
-                "poll_interval": data.get("poll_interval", 2),
-                "next_action": "ask_user_to_open_url",
-                "message": (
-                    "Ask the user to open login_url in a browser and approve the request. "
-                    "If the user is not already signed in to the console or this link expires, "
-                    "rerun `powerbase auth login --no-wait --json` to generate a fresh login URL. "
-                    "After approval, rerun `powerbase auth status --json` or invoke "
-                    "`powerbase auth login` without `--no-wait` to finish in this session."
-                ),
-            },
-        )
-        return 0
     timeout_sec = int(args.login_timeout)
     if timeout_sec < 0:
         raise RuntimeError("--timeout must be >= 0 (0 means wait indefinitely).")
     deadline: float | None = None
     if timeout_sec > 0:
         deadline = time.monotonic() + timeout_sec
-    print(f"Open this URL in your browser:\n{data['login_url']}\n")
     if deadline is not None:
-        print(f"Waiting for authorization (timeout {timeout_sec}s)...")
+        print(f"Waiting for authorization for login_id {login_id} (timeout {timeout_sec}s)...")
     else:
-        print("Waiting for authorization (no timeout)...")
+        print(f"Waiting for authorization for login_id {login_id} (no timeout)...")
     while True:
         polled = api.poll_cli_login(login_id)
         status = polled.get("status")
@@ -49,8 +27,9 @@ def handle_auth_login(args: argparse.Namespace) -> int:
                 if remaining <= 0:
                     raise RuntimeError(
                         f"Login timed out after {timeout_sec} seconds without browser approval. "
-                        "Complete login sooner, rerun `powerbase auth login --no-wait --json` to "
-                        "generate a fresh login URL, or pass a larger `--timeout` "
+                        "Generate a fresh login URL with `powerbase auth login`, ask the user to "
+                        "approve it in their own browser, then rerun `powerbase auth wait --login-id ...`. "
+                        "Or pass a larger `--timeout` "
                         "(use `--timeout 0` to wait indefinitely)."
                     )
             else:
@@ -83,6 +62,32 @@ def handle_auth_login(args: argparse.Namespace) -> int:
         raise RuntimeError(f"Login failed with status: {status}")
 
 
+def handle_auth_login(args: argparse.Namespace) -> int:
+    _, _, _, _, api = build_api(args)
+    data = api.start_cli_login()
+    login_id = data["login_id"]
+    render_output(
+        args,
+        {
+            "status": "pending",
+            "login_id": login_id,
+            "login_url": data["login_url"],
+            "poll_interval": data.get("poll_interval", 2),
+            "next_action": "ask_user_to_open_url",
+            "message": (
+                "Return login_url to the user and stop. "
+                "Do not open the URL or poll yet. After the user confirms approval, run "
+                f"`powerbase auth wait --login-id {login_id} --json`."
+            ),
+        },
+    )
+    return 0
+
+
+def handle_auth_wait(args: argparse.Namespace) -> int:
+    return _poll_login_until_approved(args, login_id=args.login_id)
+
+
 def handle_auth_status(args: argparse.Namespace) -> int:
     store, _, _, session_manager, _ = build_api(args)
     auth = session_manager.get_auth_state()
@@ -138,27 +143,27 @@ def register_auth_commands(subparsers: argparse._SubParsersAction[argparse.Argum
     )
     auth_sub = auth.add_subparsers(
         dest="auth_command",
-        metavar="{login,status,refresh,logout}",
+        metavar="{login,wait,status,refresh,logout}",
     )
     p = auth_sub.add_parser(
         "login",
-        help="Start browser login.",
+        help="Generate browser login URL.",
         description=(
-            "Start browser-based login. This prints a login URL, polls until approval in the browser "
-            "or until --timeout seconds elapse (default 600), then saves the session to "
-            "~/.config/powerbase/auth.json. Use --timeout 0 to wait without a time limit. "
-            "Use --no-wait to print the login URL and exit immediately without polling."
+            "Start browser login and return login_url plus login_id. "
+            "Give the URL to the user. Do not open it or poll yet. "
+            "After the user confirms approval, run `powerbase auth wait --login-id ...`."
         ),
     )
-    p.add_argument(
-        "--no-wait",
-        dest="no_wait_login",
-        action="store_true",
-        help=(
-            "Return the login URL and exit immediately without polling for approval. "
-            "Useful for agent-guided flows where the user must open the URL manually."
+    p.set_defaults(handler=handle_auth_login)
+    p = auth_sub.add_parser(
+        "wait",
+        help="Poll for browser approval.",
+        description=(
+            "Poll a previously started browser login by login_id. Run this only after the user "
+            "confirms they approved the login request in their own browser."
         ),
     )
+    p.add_argument("--login-id", required=True, help="Login ID returned by `powerbase auth login`.")
     p.add_argument(
         "--timeout",
         dest="login_timeout",
@@ -170,7 +175,7 @@ def register_auth_commands(subparsers: argparse._SubParsersAction[argparse.Argum
             "Pass 0 to wait indefinitely."
         ),
     )
-    p.set_defaults(handler=handle_auth_login)
+    p.set_defaults(handler=handle_auth_wait)
     p = auth_sub.add_parser(
         "status",
         help="Show current auth status.",

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/src/powerbase_cli/session.py

@@ -41,8 +41,9 @@ class SessionManager:
 
     def _login_guidance(self) -> str:
         return (
-            "Run `powerbase auth login --no-wait --json` to generate a fresh login URL, "
-            "ask the user to open it in their own browser, and retry after approval."
+            "Run `powerbase auth login --json` to generate a fresh login URL, "
+            "ask the user to open it in their own browser, and after they confirm approval "
+            "run `powerbase auth wait --login-id ... --json`."
         )
 
     def _urlopen(self, req: request.Request):

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/src/powerbase_cli/transport.py

@@ -29,8 +29,9 @@ class PowerbaseTransport:
 
     def _login_guidance(self) -> str:
         return (
-            "Run `powerbase auth login --no-wait --json` to generate a fresh login URL, "
-            "ask the user to open it in their own browser, and retry after approval."
+            "Run `powerbase auth login --json` to generate a fresh login URL, "
+            "ask the user to open it in their own browser, and after they confirm approval "
+            "run `powerbase auth wait --login-id ... --json`."
         )
 
     def _urlopen(self, req: request.Request):

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/src/powerbase_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: powerbase-cli
-Version: 0.1.2
+Version: 0.1.4
 Summary: CLI for operating Powerbase console workflows
 Author: Powerbase
 Requires-Python: >=3.11
@@ -91,6 +91,7 @@ The preferred flow is:
 
 ```bash
 powerbase auth login
+powerbase auth wait --login-id LOGIN_ID
 ```
 
 The CLI now includes a built-in `base_url` and `anon_key` default for this deployment. The test package also bundles this environment's self-signed CA certificate, so most users can start with browser login directly and only use flags or environment variables when overriding that default.
@@ -100,16 +101,14 @@ The bundled CA is a test-only convenience for the current self-signed deployment
 This will:
 
 1. request a CLI login session from Powerbase
-2. print a browser URL
-3. poll until browser approval or until `--timeout` elapses (default **600** seconds, ten minutes)
-4. save the resulting session to `~/.config/powerbase/auth.json`
+2. return a `login_id` and browser URL
+3. wait for the user to approve the request in their own browser
+4. poll with `powerbase auth wait --login-id ...` until approval or until `--timeout` elapses (default **600** seconds, ten minutes)
+5. save the resulting session to `~/.config/powerbase/auth.json`
 
-Use `--timeout 0` to wait without a time limit. Use a larger value if users need more than ten minutes to complete login.
-For agent-guided workflows, prefer `powerbase auth login --no-wait --json` so the CLI returns the `login_url` and exits immediately instead of blocking on polling.
-If the browser link expires or the user is not currently signed in to the console, rerun `powerbase auth login --no-wait --json` to generate a fresh login URL before retrying.
-If an agent or wrapper script is coordinating the workflow, it is still helpful
-to tell the user: after browser approval, return to the current session so the
-remaining steps can continue.
+Use `--timeout 0` on `auth wait` to wait without a time limit. Use a larger value if users need more than ten minutes to complete login.
+For agent-guided workflows, run `powerbase auth login --json`, return the `login_url` to the user, stop, and wait for the user to confirm browser approval before running `powerbase auth wait --login-id ... --json`.
+If the browser link expires or the user is not currently signed in to the console, rerun `powerbase auth login --json` to generate a fresh login URL before retrying.
 
 ### Manual Token Import
 
@@ -280,22 +279,24 @@ When Openclaw or another LLM agent uses `powerbase`:
 - run discovery commands before write operations
 - set context for long multi-step tasks
 - use `auth status` before workflows that assume login
-- prefer `auth login --no-wait --json` for browser login so the agent can hand `login_url` back to the user
-- if a protected command says authentication is missing or expired, rerun `auth login --no-wait --json` to generate a fresh login URL
+- use `auth login --json` to generate a login URL, then stop and hand `login_url` to the user
 - do not have the agent open the browser login URL itself; the user must complete that approval step
+- after the user confirms approval, run `auth wait --login-id ... --json` to complete login
+- if a protected command says authentication is missing or expired, rerun `auth login --json` to generate a fresh login URL
 - remember that `--json` overrides a saved `config output text` setting for that command
 
 Recommended agent sequence:
 
 1. `powerbase auth status --json`
-2. If unauthenticated, or if a protected command reports an auth error, run `powerbase auth login --no-wait --json`, return the `login_url` to the user, and wait for them to approve in the browser
-3. `powerbase context show --json`
-4. If no instance is selected, run `powerbase instance list --json`
-5. If no suitable instance exists, prefer `powerbase instance create --name ... --org-id ... --json`
-6. Use `powerbase database ...` only for the advanced bring-your-own-database path
-7. Set context with `powerbase context use-instance ...`
-8. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
-9. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
+2. If unauthenticated, or if a protected command reports an auth error, run `powerbase auth login --json` and return the `login_url` plus `login_id` to the user
+3. After the user confirms browser approval, run `powerbase auth wait --login-id LOGIN_ID --json`
+4. `powerbase context show --json`
+5. If no instance is selected, run `powerbase instance list --json`
+6. If no suitable instance exists, prefer `powerbase instance create --name ... --org-id ... --json`
+7. Use `powerbase database ...` only for the advanced bring-your-own-database path
+8. Set context with `powerbase context use-instance ...`
+9. If you want the sandbox agent preview on a non-main branch, run `powerbase branch switch ...`
+10. Continue with `branch`, `sql`, `publish`, `sandbox files`, or `agent` commands
 
 ## Testing
 

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/tests/test_cli_commands.py

@@ -12,6 +12,7 @@ from unittest import mock
 sys.path.insert(0, str(Path(__file__).resolve().parents[1] / "src"))
 
 from powerbase_cli.commands.auth import handle_auth_login as auth_handle_auth_login
+from powerbase_cli.commands.auth import handle_auth_wait as auth_handle_auth_wait
 from powerbase_cli.commands.agent import handle_agent_chat as agent_handle_agent_chat
 from powerbase_cli.commands.shared import resolve_config as shared_resolve_config
 from powerbase_cli.config import (
@@ -37,16 +38,16 @@ class FakeApiPending:
         return {"status": "pending", "poll_interval": 2}
 
 
-class FakeApiNoWait:
+class FakeApiStartOnly:
     def start_cli_login(self):
         return {
-            "login_id": "login-nowait",
-            "login_url": "https://console.example.com/cli-auth/login-nowait",
+            "login_id": "login-start",
+            "login_url": "https://console.example.com/cli-auth/login-start",
             "poll_interval": 2,
         }
 
     def poll_cli_login(self, login_id: str):
-        raise AssertionError("poll_cli_login should not be called when --no-wait is set")
+        raise AssertionError("poll_cli_login should not be called by auth login")
 
 
 class FakeApi:
@@ -120,14 +121,14 @@ class CliCommandTests(unittest.TestCase):
                 anon_key=None,
                 json=True,
                 login_timeout=300,
-                no_wait_login=False,
+                login_id="login-1",
                 insecure=False,
             )
 
             with mock.patch("powerbase_cli.commands.auth.build_api", return_value=(store, config, None, None, FakeApi())):
                 with mock.patch("powerbase_cli.commands.auth.time.sleep", return_value=None):
                     with mock.patch("sys.stdout", new=StringIO()):
-                        exit_code = auth_handle_auth_login(args)
+                        exit_code = auth_handle_auth_wait(args)
 
             self.assertEqual(exit_code, 0)
             saved = store.load_auth()
@@ -135,7 +136,7 @@ class CliCommandTests(unittest.TestCase):
             self.assertEqual(saved.session.access_token, "new-access")
             self.assertEqual(saved.user["id"], "user-1")
 
-    def test_auth_login_no_wait_returns_login_url_without_polling(self) -> None:
+    def test_auth_login_returns_login_url_without_polling(self) -> None:
         with tempfile.TemporaryDirectory() as temp_dir:
             store = ConfigStore(Path(temp_dir))
             config = AppConfig(base_url="https://console.example.com", anon_key="anon")
@@ -144,24 +145,23 @@ class CliCommandTests(unittest.TestCase):
                 base_url=None,
                 anon_key=None,
                 json=True,
-                login_timeout=300,
-                no_wait_login=True,
                 insecure=False,
             )
 
-            with mock.patch("powerbase_cli.commands.auth.build_api", return_value=(store, config, None, None, FakeApiNoWait())):
+            with mock.patch("powerbase_cli.commands.auth.build_api", return_value=(store, config, None, None, FakeApiStartOnly())):
                 with mock.patch("sys.stdout", new=StringIO()) as stdout:
                     exit_code = auth_handle_auth_login(args)
 
             self.assertEqual(exit_code, 0)
             payload = json.loads(stdout.getvalue())
             self.assertEqual(payload["status"], "pending")
-            self.assertEqual(payload["login_id"], "login-nowait")
+            self.assertEqual(payload["login_id"], "login-start")
             self.assertEqual(payload["next_action"], "ask_user_to_open_url")
             self.assertIn("login_url", payload)
+            self.assertIn("powerbase auth wait --login-id login-start --json", payload["message"])
             self.assertIsNone(store.load_auth())
 
-    def test_auth_login_times_out(self) -> None:
+    def test_auth_wait_times_out(self) -> None:
         clock = {"t": 0.0}
 
         def fake_monotonic() -> float:
@@ -179,7 +179,7 @@ class CliCommandTests(unittest.TestCase):
                 anon_key=None,
                 json=False,
                 login_timeout=5,
-                no_wait_login=False,
+                login_id="login-pending",
                 insecure=False,
             )
 
@@ -188,7 +188,7 @@ class CliCommandTests(unittest.TestCase):
                     with mock.patch("powerbase_cli.commands.auth.time.sleep", fake_sleep):
                         with mock.patch("sys.stdout", new=StringIO()):
                             with self.assertRaises(RuntimeError) as ctx:
-                                auth_handle_auth_login(args)
+                                auth_handle_auth_wait(args)
 
             self.assertIn("timed out", str(ctx.exception).lower())
             self.assertIn("5", str(ctx.exception))

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/tests/test_cli_help.py

@@ -22,13 +22,22 @@ class CliHelpTests(unittest.TestCase):
         self.assertIn("--insecure", help_text)
         self.assertIn("--ca-cert", help_text)
 
-    def test_auth_login_help_mentions_timeout(self) -> None:
+    def test_auth_login_help_mentions_wait_follow_up(self) -> None:
         parser = build_parser()
         auth_parser = parser._subparsers._group_actions[0].choices["auth"]
         login_parser = auth_parser._subparsers._group_actions[0].choices["login"]
         help_text = login_parser.format_help()
+        self.assertIn("login_id", help_text)
+        self.assertIn("Do not open", help_text)
+        self.assertIn("powerbase auth wait", help_text)
+
+    def test_auth_wait_help_mentions_timeout(self) -> None:
+        parser = build_parser()
+        auth_parser = parser._subparsers._group_actions[0].choices["auth"]
+        wait_parser = auth_parser._subparsers._group_actions[0].choices["wait"]
+        help_text = wait_parser.format_help()
+        self.assertIn("--login-id", help_text)
         self.assertIn("--timeout", help_text)
-        self.assertIn("--no-wait", help_text)
         self.assertIn("600", help_text)
 
     def test_auth_help_does_not_list_token_set_subcommand(self) -> None:

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/tests/test_session.py

@@ -38,7 +38,8 @@ class SessionManagerTests(unittest.TestCase):
                 manager.refresh()
 
         self.assertIn("No authentication session available", str(ctx.exception))
-        self.assertIn("powerbase auth login --no-wait --json", str(ctx.exception))
+        self.assertIn("powerbase auth login --json", str(ctx.exception))
+        self.assertIn("powerbase auth wait --login-id ... --json", str(ctx.exception))
 
     def test_refresh_updates_saved_auth_file(self) -> None:
         with tempfile.TemporaryDirectory() as temp_dir:

{powerbase_cli-0.1.2 → powerbase_cli-0.1.4}/tests/test_transport.py

@@ -47,7 +47,8 @@ class PowerbaseTransportTests(unittest.TestCase):
 
         self.assertEqual(ctx.exception.status, 401)
         self.assertIn("No authentication session available", str(ctx.exception))
-        self.assertIn("powerbase auth login --no-wait --json", str(ctx.exception))
+        self.assertIn("powerbase auth login --json", str(ctx.exception))
+        self.assertIn("powerbase auth wait --login-id ... --json", str(ctx.exception))
         self.assertEqual(urlopen_mock.call_count, 0)
 
     def test_invoke_uses_unverified_tls_context_when_insecure(self) -> None:
@@ -182,7 +183,8 @@ class PowerbaseTransportTests(unittest.TestCase):
                         transport.invoke("instances", method="GET")
 
             self.assertEqual(ctx.exception.status, 401)
-            self.assertIn("powerbase auth login --no-wait --json", str(ctx.exception))
+            self.assertIn("powerbase auth login --json", str(ctx.exception))
+            self.assertIn("powerbase auth wait --login-id ... --json", str(ctx.exception))
             self.assertEqual(refresh_mock.call_count, 0)
             self.assertEqual(urlopen_mock.call_count, 1)