secshare-cli 0.1.0__tar.gz → 0.2.0__tar.gz

{secshare_cli-0.1.0 → secshare_cli-0.2.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: secshare-cli
-Version: 0.1.0
+Version: 0.2.0
 Summary: CLI for SecShare — zero-knowledge secret sharing
 Project-URL: Homepage, https://secshare.link
 Project-URL: Source, https://github.com/rdney/secshare

{secshare_cli-0.1.0 → secshare_cli-0.2.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "secshare-cli"
-version = "0.1.0"
+version = "0.2.0"
 description = "CLI for SecShare — zero-knowledge secret sharing"
 readme = "README.md"
 requires-python = ">=3.11"

{secshare_cli-0.1.0 → secshare_cli-0.2.0}/secshare_cli/api.py

@@ -13,12 +13,18 @@ def _headers(auth: bool = False) -> dict:
     return h
 
 
-def login(email: str, password: str) -> dict:
-    r = httpx.post(
-        f"{get_api_base()}/auth/login",
-        json={"email": email, "password": password, "turnstile_token": ""},
-        timeout=TIMEOUT,
-    )
+def cli_init() -> dict:
+    r = httpx.post(f"{get_api_base()}/auth/cli-init", timeout=TIMEOUT)
+    r.raise_for_status()
+    return r.json()
+
+
+def cli_poll(state: str) -> dict | None:
+    r = httpx.get(f"{get_api_base()}/auth/cli-token?state={state}", timeout=TIMEOUT)
+    if r.status_code == 202:
+        return None
+    if r.status_code == 410:
+        raise RuntimeError("Session expired. Run: secshare login")
     r.raise_for_status()
     return r.json()
 

{secshare_cli-0.1.0 → secshare_cli-0.2.0}/secshare_cli/cli.py

@@ -1,11 +1,11 @@
 import json
-import sys
+import time
+import webbrowser
 from urllib.parse import urlparse
 
 import click
 
-from .api import create_secret, fetch_secret
-from .api import login as api_login
+from .api import cli_init, cli_poll, create_secret, fetch_secret
 from .api import whoami as api_whoami
 from .config import get_token, get_api_base, load as load_config, save as save_config
 from .crypto import decrypt, encrypt
@@ -62,18 +62,45 @@ def cli():
 
 @cli.command()
 def login():
-    """Authenticate with SecShare."""
-    email = click.prompt("Email")
-    password = click.prompt("Password", hide_input=True)
+    """Authenticate via browser."""
     try:
-        data = api_login(email, password)
+        session = cli_init()
     except Exception as e:
-        raise click.ClickException(f"Login failed: {e}")
-    cfg = load_config()
-    cfg["token"] = data["access_token"]
-    cfg["email"] = email
-    save_config(cfg)
-    click.echo(f"Logged in as {email}")
+        raise click.ClickException(f"Could not start login: {e}")
+
+    state = session["state"]
+    api_host = get_api_base().replace("/api/v1", "").replace("api.", "")
+    url = f"{api_host}/cli-auth?state={state}"
+
+    click.echo(f"Opening browser to authorize...\n  {url}")
+    webbrowser.open(url)
+    click.echo("Waiting for authorization (Ctrl+C to cancel)...")
+
+    deadline = time.time() + 300
+    while time.time() < deadline:
+        time.sleep(2)
+        try:
+            result = cli_poll(state)
+        except RuntimeError as e:
+            raise click.ClickException(str(e))
+        except Exception:
+            continue
+        if result is None:
+            continue
+        cfg = load_config()
+        cfg["token"] = result["access_token"]
+        try:
+            import httpx as _httpx
+            from .config import get_api_base as _base
+            me = _httpx.get(f"{_base()}/auth/me", headers={"Authorization": f"Bearer {result['access_token']}"}, timeout=10)
+            cfg["email"] = me.json().get("email", "")
+        except Exception:
+            pass
+        save_config(cfg)
+        click.echo(f"Logged in as {cfg.get('email', 'unknown')}")
+        return
+
+    raise click.ClickException("Timed out waiting for browser authorization.")
 
 
 @cli.command()