Improve API token format and enhance auth status command

- Change token format to reviq_<base58> prefix instead of raw hex - Add me.authStatus API endpoint for detailed auth information - Enhance CLI `reviq auth status` to show token details from API - Add comprehensive tests for token generation (18 tests) - Extract bootstrap logic to @reviq/db for reusability and testing - Remove default db export; callers must use createDb() directly Token changes: - New format: reviq_<base58-encoded-32-bytes> - Added parseToken() for validation - Added isValidTokenFormat() helper Auth status endpoint returns: - User profile information - Auth method (api_token or session) - Token/session details (name, expiration, last used) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-09 17:59:02 +08:00
parent df9b8808d0
commit 6b9b04d1d0
20 changed files with 764 additions and 125 deletions
--- a/packages/api-contract/src/contract.ts
+++ b/packages/api-contract/src/contract.ts
@@ -33,6 +33,7 @@ import {
  updateMemberRoleInputSchema,
 } from "./schemas/org.js";
 import {
+  authStatusOutputSchema,
  deviceOutputSchema,
  passkeyOutputSchema,
  sessionOutputSchema,
@@ -113,6 +114,9 @@ export const contract = oc.router({
    updateProfile: oc.input(updateProfileInputSchema).output(z.void()),
    delete: oc.input(z.object({ password: z.string() })).output(z.void()),

+    // Auth status (for CLI and debugging)
+    authStatus: oc.output(authStatusOutputSchema),
+
    // Authentication settings
    setPassword: oc.input(setPasswordInputSchema).output(z.void()),

--- a/packages/api-contract/src/schemas/user.ts
+++ b/packages/api-contract/src/schemas/user.ts
@@ -97,3 +97,37 @@ export const deviceOutputSchema = z.object({
 export const trustDeviceInputSchema = z.object({
  name: nonEmptyString(100),
 });
+
+/**
+ * Auth status output schema for API token authentication
+ */
+export const apiTokenAuthStatusSchema = z.object({
+  method: z.literal("api_token"),
+  tokenId: z.string(),
+  tokenName: z.string(),
+  expiresAt: z.date(),
+  lastUsedAt: z.date().nullable(),
+  createdAt: z.date(),
+});
+
+/**
+ * Auth status output schema for session authentication
+ */
+export const sessionAuthStatusSchema = z.object({
+  method: z.literal("session"),
+  sessionId: z.string(),
+  expiresAt: z.date(),
+  createdAt: z.date(),
+});
+
+/**
+ * Auth status output schema
+ * Returns information about the current authentication method
+ */
+export const authStatusOutputSchema = z.object({
+  user: userProfileSchema,
+  auth: z.discriminatedUnion("method", [
+    apiTokenAuthStatusSchema,
+    sessionAuthStatusSchema,
+  ]),
+});