repr-cli 0.1.0__py3-none-any.whl → 0.2.1__py3-none-any.whl

repr/__init__.py

@@ -5,6 +5,6 @@ Analyzes your local git repositories and generates a compelling
 developer profile without ever sending your source code to the cloud.
 """
 
-__version__ = "0.1.0"
+__version__ = "0.2.0"
 __author__ = "Repr"
 __email__ = "hello@repr.dev"

repr/api.py

@@ -23,6 +23,16 @@ def _get_user_url() -> str:
     return f"{get_api_base()}/user"
 
 
+def _get_stories_url() -> str:
+    return f"{get_api_base()}/stories"
+
+
+def _get_public_settings_url() -> str:
+    """Get URL for public profile settings endpoint."""
+    # This endpoint is under /api/public not /api/cli
+    return f"{get_api_base().replace('/api/cli', '/api/public')}/settings"
+
+
 class APIError(Exception):
     """API request error."""
     pass
@@ -34,7 +44,7 @@ def _get_headers() -> dict[str, str]:
     return {
         "Authorization": f"Bearer {token}",
         "Content-Type": "application/json",
-        "User-Agent": "repr-cli/0.1.0",
+        "User-Agent": "repr-cli/0.1.1",
     }
 
 
@@ -261,3 +271,119 @@ def sync_get_user_info() -> dict[str, Any]:
     """
     import asyncio
     return asyncio.run(get_user_info())
+
+
+async def get_stories(
+    repo_name: str | None = None,
+    since: str | None = None,
+    technologies: str | None = None,
+    limit: int = 50,
+    offset: int = 0,
+) -> dict[str, Any]:
+    """
+    Get commit stories from repr.dev.
+    
+    Args:
+        repo_name: Filter by repository name
+        since: Filter by date (ISO format or human-readable like "1 week ago")
+        technologies: Comma-separated list of technologies to filter by
+        limit: Maximum number of stories to return
+        offset: Pagination offset
+    
+    Returns:
+        Dict with 'stories' list and 'total' count
+    
+    Raises:
+        APIError: If request fails
+        AuthError: If not authenticated
+    """
+    async with httpx.AsyncClient() as client:
+        try:
+            params: dict[str, Any] = {
+                "limit": limit,
+                "offset": offset,
+            }
+            if repo_name:
+                params["repo_name"] = repo_name
+            if since:
+                params["since"] = since
+            if technologies:
+                params["technologies"] = technologies
+            
+            response = await client.get(
+                _get_stories_url(),
+                headers=_get_headers(),
+                params=params,
+                timeout=30,
+            )
+            response.raise_for_status()
+            return response.json()
+            
+        except httpx.HTTPStatusError as e:
+            if e.response.status_code == 401:
+                raise AuthError("Session expired. Please run 'repr login' again.")
+            raise APIError(f"Failed to get stories: {e.response.status_code}")
+        except httpx.RequestError as e:
+            raise APIError(f"Network error: {str(e)}")
+
+
+async def push_story(story_data: dict[str, Any]) -> dict[str, Any]:
+    """
+    Push a commit story to repr.dev.
+    
+    Args:
+        story_data: Story data including summary, technologies, repo info, etc.
+    
+    Returns:
+        Created/updated story data
+    
+    Raises:
+        APIError: If request fails
+        AuthError: If not authenticated
+    """
+    async with httpx.AsyncClient() as client:
+        try:
+            response = await client.post(
+                _get_stories_url(),
+                headers=_get_headers(),
+                json=story_data,
+                timeout=60,
+            )
+            response.raise_for_status()
+            return response.json()
+            
+        except httpx.HTTPStatusError as e:
+            if e.response.status_code == 401:
+                raise AuthError("Session expired. Please run 'repr login' again.")
+            raise APIError(f"Failed to push story: {e.response.status_code}")
+        except httpx.RequestError as e:
+            raise APIError(f"Network error: {str(e)}")
+
+
+async def get_public_profile_settings() -> dict[str, Any]:
+    """
+    Get the current user's public profile settings.
+    
+    Returns:
+        Dict with username, is_profile_public, profile_url, etc.
+    
+    Raises:
+        APIError: If request fails
+        AuthError: If not authenticated
+    """
+    async with httpx.AsyncClient() as client:
+        try:
+            response = await client.get(
+                _get_public_settings_url(),
+                headers=_get_headers(),
+                timeout=30,
+            )
+            response.raise_for_status()
+            return response.json()
+            
+        except httpx.HTTPStatusError as e:
+            if e.response.status_code == 401:
+                raise AuthError("Session expired. Please run 'repr login' again.")
+            raise APIError(f"Failed to get profile settings: {e.response.status_code}")
+        except httpx.RequestError as e:
+            raise APIError(f"Network error: {str(e)}")

repr/auth.py

@@ -1,5 +1,7 @@
 """
 Authentication via device code flow.
+
+Tokens are stored securely in OS keychain (see keychain.py).
 """
 
 import asyncio
@@ -149,7 +151,9 @@ async def poll_for_token(device_code: str, interval: int = POLL_INTERVAL) -> Tok
 
 def save_token(token_response: TokenResponse) -> None:
     """
-    Save authentication token to config.
+    Save authentication token securely.
+    
+    Token is stored in OS keychain, config only stores a reference.
     
     Args:
         token_response: Token response from successful auth
@@ -163,7 +167,10 @@ def save_token(token_response: TokenResponse) -> None:
 
 
 def logout() -> None:
-    """Clear authentication and logout."""
+    """Clear authentication and logout.
+    
+    Removes token from keychain and clears config reference.
+    """
     clear_auth()
 
 
@@ -193,6 +200,63 @@ def require_auth() -> str:
     return auth["access_token"]
 
 
+def migrate_plaintext_auth() -> bool:
+    """
+    Migrate plaintext auth tokens to keychain storage.
+    
+    Called on first run after upgrade to detect and migrate old tokens.
+    
+    Returns:
+        True if migration occurred
+    """
+    from .keychain import store_secret
+    import json
+    from .config import CONFIG_FILE, save_config
+    
+    if not CONFIG_FILE.exists():
+        return False
+    
+    try:
+        with open(CONFIG_FILE, "r") as f:
+            config = json.load(f)
+        
+        auth = config.get("auth")
+        if not auth:
+            return False
+        
+        # Check if already migrated (has keychain ref)
+        if auth.get("token_keychain_ref"):
+            return False
+        
+        # Check for plaintext token
+        plaintext_token = auth.get("access_token")
+        if not plaintext_token:
+            return False
+        
+        # Migrate to keychain
+        user_id = auth.get("user_id", "unknown")[:8]
+        keychain_ref = f"auth_token_{user_id}"
+        store_secret(keychain_ref, plaintext_token)
+        
+        # Update config (remove plaintext, add reference)
+        del config["auth"]["access_token"]
+        config["auth"]["token_keychain_ref"] = keychain_ref
+        
+        # Handle litellm key if present
+        litellm_key = auth.get("litellm_api_key")
+        if litellm_key:
+            litellm_ref = f"litellm_key_{user_id}"
+            store_secret(litellm_ref, litellm_key)
+            del config["auth"]["litellm_api_key"]
+            config["auth"]["litellm_keychain_ref"] = litellm_ref
+        
+        save_config(config)
+        return True
+        
+    except Exception:
+        return False
+
+
 class AuthFlow:
     """
     Manages the device code authentication flow with progress callbacks.