Lines 1-18javascript
1import{existsSync as Q,readFileSync as oo}from"fs";import{join as E}from"path";import U from"chalk";import{confirm as eo}from"@inquirer/prompts";import t from"chalk";import w from"ora";import{spawn as G}from"child_process";var f={local:{name:"Local Development",apiUrl:"http://localhost:3001",accountApiUrl:"http://localhost:3001",frontendUrl:"http://localhost:3000",description:"Local backend running on port 3001"},prod:{name:"Production",apiUrl:process.env.ZIBBY_PROD_API_URL||"https://api-prod.zibby.app",accountApiUrl:process.env.ZIBBY_PROD_ACCOUNT_API_URL||"https://api-prod.zibby.app",frontend ...
2\u{1F510} Initiating login...
HighChild Process
Package source references child process execution.
dist/auth/ensure-auth.jsView on unpkg · L1 HighSame File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/auth/ensure-auth.jsView on unpkg · L1 3`));let o=W();if(o.loggedIn){console.log(t.green("\u2705 Already logged in!")),console.log(t.gray(`User: ${o.user.email}`)),console.log(t.gray(`Name: ${o.user.name}
4`));let{createInterface:e}=await import("readline"),n=e({input:process.stdin,output:process.stdout});return new Promise((r,a)=>{let i=()=>{n.close(),process.stdin.isTTY&&process.stdin.setRawMode(!1)},u=()=>{console.log(t.yellow(`
6\u26A0\uFE0F Login cancelled
7`)),i(),process.exit(0)};process.on("SIGINT",u),n.question(t.yellow("Continue with this session? (Y/n): "),async p=>{process.removeListener("SIGINT",u),i();try{if(p.toLowerCase()==="n"||p.toLowerCase()==="no"){console.log(t.gray(`Starting new login...
8`));let y=await O();r(y)}else console.log(t.green(`Using existing session.
9`)),r({success:!0,...o})}catch(y){a(y)}})})}return await O()}catch(o){return console.error(t.red(`
10\u274C Login failed:`,o.message)),{success:!1,error:o.message}}}async function q(o){let e=v();try{let n=await fetch(`${e}/projects`,{headers:{Authorization:`Bearer ${o}`}});if(n.ok){let a=((await n.json()).projects||[]).map(i=>({name:i.name,projectId:i.projectId,apiToken:i.apiToken}));return z(a),a}}catch(n){console.log(t.gray(`\u26A0\uFE0F Could not fetch projects: ${n.message}`))}return[]}async function O(){let o=v(),e=w("Requesting login code...").start(),n=await fetch(`${o}/cli/login/initiate`,{method:"POST",headers:{"Content-Type":"application/json"}});if(!n.ok){e.fail("Failed to request ...
12\u26A0\uFE0F Login cancelled
13`)),process.exit(0)};process.on("SIGINT",S);try{for(;b<F&&!k;){await X(D),b++;let c=await fetch(`${o}/cli/login/poll`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({deviceCode:r})});if(c.status===202
14`)),{success:!0,loggedIn:!0,user:s.user,token:s.token}}if(s.status==="denied")throw g.fail("Authorization denied"),new Error("User denied authorization")}throw g.fail("Login timeout"),new Error("Login timed out - please try again")}finally{process.removeListener("SIGINT",S)}}function X(o){return new Promise(e=>setTimeout(e,o))}function Y(){try{let o=process.env.ZIBBY_CONFIG_DIR;if(!o){let r=process.env.HOME||process.env.USERPROFILE;if(!r)return null;o=E(r,".zibby")}let e=E(o,"config.json");return Q(e)&&JSON.parse(oo(e,"utf-8")).sessionToken||null}catch{return null}}function I(){console.log(`
HighCommand Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/auth/ensure-auth.jsView on unpkg · L1 15 Not authenticated.`),console.log(` Run ${U.cyan("zibby login")} or set ${U.cyan("ZIBBY_API_KEY")} in your environment.
16`)}async function Co(o={}){let e=o.apiKey||process.env.ZIBBY_API_KEY||null;if(e)return{sessionToken:null,apiKey:e};let n=Y();if(n)return{sessionToken:n,apiKey:null};if(!process.stdin.isTTY){if(o.optional)return{sessionToken:null,apiKey:null};I(),process.exit(1)}console.log(U.yellow(`
17 Not logged in.`));let r;try{r=await eo({message:"Open browser to log in now?",default:!0})}catch{r=!1}if(!r){if(o.optional)return{sessionToken:null,apiKey:null};I(),process.exit(1)}if(await $(),n=Y(),!n){if(o.optional)return{sessionToken:null,apiKey:null};I(),process.exit(1)}return{sessionToken:n,apiKey:null}}export{Co as ensureAuthenticated};
Long lines were clipped for display.