feat(cli): add replexica auth command for easier cli <> api authentication (#42)

* feat: add basic auth cmd structure

* feat(cli): add authentication with ~/.replexicarc as storage

* refactor(cli): move ini mgr into settings service

* feat(cli): add `replexica auth` command implementation

* chore: changeset

Author: maxprilutskiy

.changeset/strange-poems-sin.md

@@ -0,0 +1,5 @@
+---
+"replexica": minor
+---
+
+add `replexica auth` cli command for cli<>api authentication

packages/cli/package.json

@@ -26,8 +26,11 @@
     "@inquirer/prompts": "^4.3.1",
     "@paralleldrive/cuid2": "^2.2.2",
     "commander": "^12.0.0",
+    "cors": "^2.8.5",
     "dotenv": "^16.4.5",
+    "express": "^4.19.2",
     "flat": "^6.0.1",
+    "ini": "^4.1.2",
     "lodash": "^4.17.21",
     "open": "^10.1.0",
     "ora": "^8.0.1",
@@ -37,6 +40,9 @@
     "zod": "^3.22.4"
   },
   "devDependencies": {
+    "@types/cors": "^2.8.17",
+    "@types/express": "^4.17.21",
+    "@types/ini": "^4.1.0",
     "@types/lodash": "^4.17.0",
     "@types/node": "^20"
   }

packages/cli/src/auth.ts

@@ -1,17 +1,74 @@
 import { Command } from "commander";
+import Ora from 'ora';
+import express from 'express';
+import cors from 'cors';
+import open from 'open';
+import readline from 'readline/promises';
+import { loadSettings, saveSettings } from "./services/settings.js";
+import { getEnv } from "./services/env.js";
+import { checkAuth } from "./services/check-auth.js";
+import { saveApiKey } from "./services/api-key.js";
 
 export default new Command()
   .command("auth")
-  .description("Authenticate with Replexica")
+  .description("Authenticate with Replexica API")
   .helpOption("-h, --help", "Show help")
-  .action(async () => {
-    const message = `
-To obtain Replexica API key, please follow the following link:
+  .option("-d, --delete", "Delete existing authentication")
+  .option("-l, --login", "Authenticate with Replexica API")
+  .action(async (options) => {
+    const env = getEnv();
+    let config = await loadSettings();
 
-https://replexica.com/app/settings
+    if (options.delete) {
+      await logout();
+    }
+    if (options.login) {
+      await login(env.REPLEXICA_WEB_URL);
+      config = await loadSettings();
+    }
 
-Once you have your API key, please save it in the .env file in the root of your project.
-          `.trim();
+    await checkAuth();
+  });
+
+async function logout() {
+  const spinner = Ora().start('Logging out');
+  await saveApiKey(null);
+  spinner.succeed('Logged out');
+}
+
+async function login(apiUrl: string) {
+  await readline.createInterface({
+    input: process.stdin,
+    output: process.stdout,
+  }).question('Press Enter to open the browser for authentication\n');
+
+  const spinner = Ora().start('Waiting for the API key');
+  const apiKey = await waitForApiKey(async (port) => {
+    await open(`${apiUrl}/app/cli?port=${port}`, { wait: false });
+  });
+  spinner.succeed('API key received');
+  await saveApiKey(apiKey);
+}
+
+async function waitForApiKey(cb: (port: string) => void): Promise<string> {
+  // start a sever on an ephemeral port and return the port number
+  // from the function
+  const app = express();
+  app.use(express.json());
+  app.use(cors());
+
+  return new Promise((resolve) => {
+    const server = app.listen(0, async () => {
+      const port = (server.address() as any).port;
+      cb(port.toString());
+    });
 
-    console.log(message);
+    app.post("/", (req, res) => {
+      const apiKey = req.body.apiKey;
+      res.end();
+      server.close(() => {
+        resolve(apiKey);
+      });
+    });
   });
+}

packages/cli/src/i18n.ts

@@ -4,6 +4,8 @@ import { getEnv } from './services/env.js';
 import path from 'path';
 import fs from 'fs/promises';
 import { createId } from '@paralleldrive/cuid2';
+import { checkAuth } from './services/check-auth.js';
+import { loadApiKey } from './services/api-key.js';
 
 const buildDataDir = path.resolve(process.cwd(), 'node_modules', '@replexica/translations');
 const buildDataFilePath = path.resolve(buildDataDir, '.replexica.json');
@@ -13,6 +15,11 @@ export default new Command()
   .description('Process i18n with Replexica')
   .helpOption('-h, --help', 'Show help')
   .action(async () => {
+    const authStatus = await checkAuth();
+    if (!authStatus) {
+      return process.exit(1);
+    }
+
     const spinner = Ora();
     spinner.start('Loading Replexica build data...');
     const buildData = await loadBuildData();
@@ -77,12 +84,13 @@ async function processI18n(
   data: any,
 ) {
   const env = getEnv();
+  const apiKey = await loadApiKey();
 
   const res = await fetch(`${env.REPLEXICA_API_URL}/i18n`, {
     method: 'POST',
     headers: {
       'Content-Type': 'application/json',
-      Authorization: `Bearer ${env.REPLEXICA_API_KEY}`,
+      Authorization: `Bearer ${apiKey}`,
     },
     body: JSON.stringify({
       params,

packages/cli/src/services/api-key.ts

@@ -0,0 +1,14 @@
+import { getEnv } from "./env.js";
+import { loadSettings, saveSettings } from "./settings.js";
+
+export async function saveApiKey(apiKey: string | null) {
+  const settings = await loadSettings();
+  settings.auth.apiKey = apiKey;
+  await saveSettings(settings);
+}
+
+export async function loadApiKey() {
+  const env = getEnv();
+  const settings = await loadSettings();
+  return env.REPLEXICA_API_KEY || settings.auth.apiKey;
+}

packages/cli/src/services/check-auth.ts

@@ -0,0 +1,44 @@
+import Ora from "ora";
+
+import { getEnv } from "./env.js";
+import { loadSettings } from "./settings.js";
+
+export async function checkAuth() {
+  const env = getEnv();
+  const settings = await loadSettings();
+
+  const finalApiKey = env.REPLEXICA_API_KEY || settings.auth.apiKey;
+  const isApiKeyFromEnv = !!env.REPLEXICA_API_KEY;
+
+  const spinner = Ora().start('Checking login status');
+
+  const whoami = await fetchWhoami(env.REPLEXICA_API_URL, finalApiKey);
+  if (!whoami) {
+    spinner.warn('Not logged in. Please run `replexica auth --login` to authenticate.');
+    return false;
+  }
+  
+  let msg = `Logged in as ${whoami.email}`;
+  if (isApiKeyFromEnv) {
+    msg += ' (via REPLEXICA_API_KEY from environment)';
+  }
+  spinner.succeed(msg);
+
+  return true;
+}
+
+async function fetchWhoami(apiUrl: string, apiKey: string | null) {
+  const res = await fetch(`${apiUrl}/whoami`, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${apiKey}`,
+      ContentType: "application/json",
+    },
+  });
+
+  if (res.ok) {
+    return res.json();
+  }
+
+  return null;
+}

packages/cli/src/services/env.ts

@@ -1,27 +1,13 @@
 import Z from 'zod';
+import dotenv from 'dotenv';
 
 const EnvSchema = Z.object({
-  REPLEXICA_API_KEY: Z.string(),
-  REPLEXICA_API_URL: Z.string().optional().default('https://engine.replexica.com'),
+  REPLEXICA_API_KEY: Z.string().optional(),
+  REPLEXICA_API_URL: Z.string().default('https://engine.replexica.com'),
+  REPLEXICA_WEB_URL: Z.string().default('https://replexica.com'),
 });
 
 export function getEnv() {
-  try {
-    return EnvSchema.parse(process.env);
-  } catch (error) {
-    if (error instanceof Z.ZodError) {
-      // handle missing api key
-      if (
-        error.errors.some((err) => err.path.find((p) => p === 'REPLEXICA_API_KEY') &&
-          err.message.toLowerCase().includes('required'))
-      ) {
-        console.log(`REPLEXICA_API_KEY is missing in env variables. Did you forget to run 'replexica auth'?`);
-        return process.exit(1);
-      } else {
-        throw error;
-      }
-    } else {
-      throw error;
-    }
-  }
+  dotenv.config();
+  return EnvSchema.parse(process.env);
 }

packages/cli/src/services/settings.ts

@@ -0,0 +1,41 @@
+import Z from 'zod';
+import fs from 'fs';
+import Ini from 'ini';
+import os from 'os';
+import path from 'path';
+
+const settingsFile = ".replexicarc";
+const homedir = os.homedir();
+const settingsFilePath = path.join(homedir, settingsFile);
+
+const SettingsFileSchema = Z.object({
+  auth: Z.object({
+    apiKey: Z.string().nullable(),
+  }),
+});
+
+export async function loadSettings() {
+  const authFileExists = fs.existsSync(settingsFilePath);
+  let rawSettings = createEmptySettings(); 
+
+  if (authFileExists) {
+    const fileContents = fs.readFileSync(settingsFilePath, "utf8");
+    rawSettings = Ini.parse(fileContents) as any;
+  }
+  const settings = SettingsFileSchema.parse(rawSettings);
+
+  return settings;
+}
+
+function createEmptySettings(): Z.infer<typeof SettingsFileSchema> {
+  return {
+    auth: {
+      apiKey: null,
+    },
+  };
+}
+
+export async function saveSettings(config: Z.infer<typeof SettingsFileSchema>) {
+  const serialized = Ini.stringify(config);
+  fs.writeFileSync(settingsFilePath, serialized);
+}