feat: npmx connector allow web auth #1355
Conversation
…catch urls with possible auto opening
…odal and operations component
|
The latest updates on your projects. Learn more about Vercel for GitHub.
2 Skipped Deployments
|
Lunaria Status Overview🌕 This pull request will trigger status changes. Learn moreBy default, every PR changing files present in the Lunaria configuration's You can change this by adding one of the keywords present in the Tracked Files
Warnings reference
|
|
this is beautiful |
|
Will pull and test on MacOS in a bit. Thanks a ton! Auth issues have been a pain |
📝 WalkthroughWalkthroughAdds browser-based connector authentication and related UI flows: ConnectorModal and OperationsQueue now surface connector.webAuth and connector.autoOpenURL, open auth URLs and poll for completion; settings schema and defaults extended. The connector composable and server/comms propagate interactive/openUrls flags and authUrl; CLI gains PTY-driven interactive npm execution, URL extraction, onAuthUrl callbacks and options-based exec APIs; types updated to carry authUrl and collected urls. i18n keys and TypeScript typings for node-pty were added. Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 1✅ Passed checks (1 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 6
🧹 Nitpick comments (1)
app/components/Org/OperationsQueue.vue (1)
68-78: Consider extracting a shared retry helper.
handleRetryWithOtpandhandleRetryWithWebAuthduplicate the OTP-failed retry loop; a small helper would keep the flow DRY.
|
🤦 as always tests need fixing, looking into them |
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
app/components/Org/OperationsQueue.vue (1)
68-78: Optional: dedupe retry logic.
handleRetryWithWebAuthandhandleRetryWithOtpshare the same retry loop; a small helper would reduce drift.♻️ Possible refactor
+async function retryOtpFailedOps(): Promise<void> { + const otpFailedOps = activeOperations.value.filter( + (op: PendingOperation) => op.status === 'failed' && op.result?.requiresOtp, + ) + for (const op of otpFailedOps) { + await retryOperation(op.id) + } +} + async function handleRetryWithOtp() { if (!otpInput.value.trim()) return const otp = otpInput.value.trim() otpInput.value = '' - const otpFailedOps = activeOperations.value.filter( - (op: PendingOperation) => op.status === 'failed' && op.result?.requiresOtp, - ) - for (const op of otpFailedOps) { - await retryOperation(op.id) - } + await retryOtpFailedOps() await handleExecute(otp) } async function handleRetryWithWebAuth() { - const otpFailedOps = activeOperations.value.filter( - (op: PendingOperation) => op.status === 'failed' && op.result?.requiresOtp, - ) - for (const op of otpFailedOps) { - await retryOperation(op.id) - } + await retryOtpFailedOps() await handleExecute() }cli/src/npm-client.ts (1)
168-301: Consider splittingexecNpmInteractiveinto helpers.
This function is well structured but quite long; extracting pieces (spawn setup, onData handling, finalise result) would improve maintainability.As per coding guidelines, "Keep functions focused and manageable (generally under 50 lines)".
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
cli/src/npm-client.ts (1)
217-258: Consider disposing event subscriptions to prevent potential memory leaks.The
onDataandonExitmethods returnIDisposableobjects that should be disposed when no longer needed. While the PTY process exits anyway, explicitly disposing these subscriptions is a best practice, especially if this code is later adapted for long-running scenarios.Proposed refactor
+ const dataDisposable = child.onData((data: string) => { - child.onData((data: string) => { output += data // ... rest of handler }) + const exitDisposable = child.onExit(({ exitCode }) => { - child.onExit(({ exitCode }) => { if (resolved) return resolved = true clearTimeout(timeout) if (authUrlTimeout) clearTimeout(authUrlTimeout) + dataDisposable.dispose() + exitDisposable.dispose() // ... rest of handler })
|
@danielroe fixed all tests etc |
|
tested this and seemed to work well on MacOS - in fact I think it could be the default (maybe even non-configurable?) and only if it fails should we fall back to OTP... |
|
Just checked it out. The UX is very clean and the connector isn't giving issues straight away. Your org management UI is also way better than what I was planning so i think this addresses #34 as well |
Yeah, I'm onboard with this |
|
I don't think this PR touched the org management UI - I think that's back from some time ago. |
I can make it work this way, we just need a clean way of handling it, currently there is a 90s timeout if the link is not clicked. Other than that only happy cases work pretty well, other failures still need to be covered.
Yeah, nothing was changed there, you must be seeing the UI from before you did anything. |
|
What about the auto opening setting? I'd leave it so people can choose, some might not like tabs appearing suddenly. |
3 participants
This feature extends the npmx connector functionality for handling authorization with 2fa keys configured in npm account settings.
This works by allowing running the npm commands within an interactive shell which does not prompt for OTP but rather asks to verify auth on a web page.
I have added some settings to the connector modal:
Currently tested only on linux
Needs testing on Windows and Mac
Preview before connecting (in Advanced options):
Preview after connecting:
Some previews of it in action:
web_auth_auto_url.mp4
web_auth_no_auto_url.mp4
web_auth_otp_with_web_after.mp4
FYI @neutrino2211 I was supposed to tag you here ;)