"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
Object.defineProperty(exports, "__esModule", { value: true });
exports.getCredentialsPath = getCredentialsPath;
exports.loadCredentials = loadCredentials;
exports.saveCredentials = saveCredentials;
exports.deleteCredentials = deleteCredentials;
exports.hasCredentials = hasCredentials;
exports.isTokenExpired = isTokenExpired;
exports.getApiUrl = getApiUrl;
exports.refreshAccessToken = refreshAccessToken;
exports.getValidCredentials = getValidCredentials;
exports.getAuthToken = getAuthToken;
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const os = __importStar(require("os"));
/**
* Get the path to the credentials file
*/
function getCredentialsPath() {
const configDir = path.join(os.homedir(), '.fastmode');
return path.join(configDir, 'credentials.json');
}
/**
* Ensure the config directory exists
*/
function ensureConfigDir() {
const configDir = path.dirname(getCredentialsPath());
if (!fs.existsSync(configDir)) {
fs.mkdirSync(configDir, { recursive: true, mode: 0o700 });
}
}
/**
* Load stored credentials from disk
*/
function loadCredentials() {
const credentialsPath = getCredentialsPath();
try {
if (!fs.existsSync(credentialsPath)) {
return null;
}
const content = fs.readFileSync(credentialsPath, 'utf-8');
const credentials = JSON.parse(content);
// Validate required fields
if (!credentials.accessToken || !credentials.refreshToken || !credentials.expiresAt || !credentials.email) {
return null;
}
return credentials;
}
catch {
return null;
}
}
/**
* Save credentials to disk
*/
function saveCredentials(credentials) {
ensureConfigDir();
const credentialsPath = getCredentialsPath();
// Write with restricted permissions (owner read/write only)
fs.writeFileSync(credentialsPath, JSON.stringify(credentials, null, 2), { mode: 0o600 });
}
/**
* Delete stored credentials
*/
function deleteCredentials() {
const credentialsPath = getCredentialsPath();
try {
if (fs.existsSync(credentialsPath)) {
fs.unlinkSync(credentialsPath);
}
}
catch {
// Ignore errors
}
}
/**
* Check if credentials exist
*/
function hasCredentials() {
return loadCredentials() !== null;
}
/**
* Check if the access token is expired or about to expire
*/
function isTokenExpired(credentials, bufferMinutes = 5) {
const expiresAt = new Date(credentials.expiresAt);
const bufferMs = bufferMinutes * 60 * 1000;
return Date.now() >= expiresAt.getTime() - bufferMs;
}
/**
* Get the API URL from environment or default
*/
function getApiUrl() {
return process.env.FASTMODE_API_URL || 'https://api.fastmode.ai';
}
/**
* Refresh the access token using the refresh token
*/
async function refreshAccessToken(credentials) {
const apiUrl = getApiUrl();
try {
const response = await fetch(`${apiUrl}/api/auth/device/refresh`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
refresh_token: credentials.refreshToken,
grant_type: 'refresh_token',
}),
});
if (!response.ok) {
// Refresh token is invalid or expired - need to re-authenticate
return null;
}
const data = await response.json();
if (!data.success || !data.data) {
return null;
}
const newCredentials = {
accessToken: data.data.access_token,
refreshToken: data.data.refresh_token,
expiresAt: new Date(Date.now() + data.data.expires_in * 1000).toISOString(),
email: data.data.email,
name: data.data.name,
};
// Save the new credentials
saveCredentials(newCredentials);
return newCredentials;
}
catch {
return null;
}
}
/**
* Get valid credentials, refreshing if needed
* Returns null if no credentials or refresh fails
*/
async function getValidCredentials() {
const credentials = loadCredentials();
if (!credentials) {
return null;
}
// Check if token is expired or about to expire
if (isTokenExpired(credentials)) {
// Try to refresh
const newCredentials = await refreshAccessToken(credentials);
if (!newCredentials) {
// Refresh failed - credentials are invalid
deleteCredentials();
return null;
}
return newCredentials;
}
return credentials;
}
/**
* Get the current auth token (access token) if available and valid
*/
async function getAuthToken() {
const credentials = await getValidCredentials();
return credentials?.accessToken || null;
}
