alezmad/claudemesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(release): claudemesh-cli@1.6.1
Some checks failed
CI / Lint (push) Has been cancelled
Details
CI / Typecheck (push) Has been cancelled
Details
CI / Broker tests (Postgres) (push) Has been cancelled
Details
CI / Docker build (linux/amd64) (push) Has been cancelled
Details

Browse Source 
Patch release on top of 1.6.0:

- Revoke-by-id-prefix bug fix (broker.revokeApiKey now returns
  structured status; CLI surfaces not_found / not_unique). Pasting
  the 8-char prefix from `apikey list` output now works as users
  expect, instead of silently no-op'ing with a misleading "✔
  revoked" message. Already deployed to broker.
- whoami falls back to local mesh-config view when no web session
  is signed in. Users who joined via invite (and never ran
  `claudemesh login`) now see their member ids and pubkey prefixes
  per mesh, instead of a "Not signed in" dead end.
- README updated: REST surface lives at claudemesh.com/api/v1/*
  (web app), NOT ic.claudemesh.com/api/v1/* (broker). Surfaced
  during CLI-only smoke test against prod when curl on the broker
  host returned 404.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Alejandro Gutiérrez
2026-05-02 18:50:22 +01:00
parent 0f32529370
commit d7cef45640
5 changed files with 65 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
apps/cli/src/services/auth/client.ts
View File

@@ -1,5 +1,7 @@
import { my } from "~/services/api/facade.js";
import { ApiError } from "~/services/api/facade.js";
import { readConfig } from "~/services/config/facade.js";
import { PATHS } from "~/constants/paths.js";
import { getStoredToken, clearToken } from "./token-store.js";
import { NotSignedIn } from "./errors.js";
import type { WhoAmIResult } from "./schemas.js";
@@ -10,9 +12,27 @@ function requireToken(): string {
return auth.session_token;
}
/** Snapshot the local mesh-config view for whoami. Always populated when
* config.json has any mesh entries — independent of web session state. */
function localView(): WhoAmIResult["local"] {
const cfg = readConfig();
if (cfg.meshes.length === 0) return undefined;
return {
config_path: PATHS.CONFIG_FILE,
meshes: cfg.meshes.map((m) => ({
slug: m.slug,
mesh_id: m.meshId,
member_id: m.memberId,
pubkey_prefix: m.pubkey.slice(0, 12),
})),
};
}
export async function whoAmI(): Promise<WhoAmIResult> {
const auth = getStoredToken();
if (!auth) return { signed_in: false };
const local = localView();
if (!auth) return { signed_in: false, local };
try {
const profile = await my.getProfile(auth.session_token);
@@ -23,11 +43,12 @@ export async function whoAmI(): Promise<WhoAmIResult> {
user: profile,
token_source: auth.token_source,
meshes: { owned, guest: meshes.length - owned },
local,
};
} catch (err) {
if (err instanceof ApiError && err.isUnauthorized) {
clearToken();
return { signed_in: false };
return { signed_in: false, local };
}
throw err;
}

11
apps/cli/src/services/auth/schemas.ts
View File

@@ -18,4 +18,15 @@ export interface WhoAmIResult {
};
token_source?: string;
meshes?: { owned: number; guest: number };
/**
* Local mesh memberships from ~/.claudemesh/config.json. Always present
* when the config has any mesh entries, regardless of whether a web
* session is also signed in. Lets `claudemesh whoami` show useful
* identity info for users who joined via invite without ever signing
* in to claudemesh.com.
*/
local?: {
config_path: string;
meshes: Array<{ slug: string; mesh_id: string; member_id: string; pubkey_prefix: string }>;
};
}