Improve API token format and enhance auth status command

- Change token format to reviq_<base58> prefix instead of raw hex - Add me.authStatus API endpoint for detailed auth information - Enhance CLI `reviq auth status` to show token details from API - Add comprehensive tests for token generation (18 tests) - Extract bootstrap logic to @reviq/db for reusability and testing - Remove default db export; callers must use createDb() directly Token changes: - New format: reviq_<base58-encoded-32-bytes> - Added parseToken() for validation - Added isValidTokenFormat() helper Auth status endpoint returns: - User profile information - Auth method (api_token or session) - Token/session details (name, expiration, last used) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-09 17:59:02 +08:00
parent df9b8808d0
commit 6b9b04d1d0
20 changed files with 764 additions and 125 deletions
--- a/apps/api-server/src/tests/e2e/webauthn.test.ts
+++ b/apps/api-server/src/tests/e2e/webauthn.test.ts
@@ -61,6 +61,7 @@ function createAuthenticatedContext(
  userId: number,
  email: string,
 ): AuthenticatedContext {
+  const now = new Date();
  return {
    ...createAPIContext(),
    user: {
@@ -73,7 +74,13 @@ function createAuthenticatedContext(
    session: {
      id: "1",
      trustedMode: false,
-      createdAt: new Date(),
+      createdAt: now,
+    },
+    auth: {
+      method: "session",
+      sessionId: "1",
+      expiresAt: new Date(now.getTime() + 24 * 60 * 60 * 1000),
+      createdAt: now,
    },
  };
 }