feat: add auth password-login, pull, and push commands#422
feat: add auth password-login, pull, and push commands#422moranshe-max merged 8 commits intomainfrom
Conversation
🚀 Package Preview Available!Install this PR's preview build with npm: npm i @base44-preview/cli@0.0.47-pr.422.8b60a4aPrefer not to change any import paths? Install using npm alias so your code still imports npm i "base44@npm:@base44-preview/cli@0.0.47-pr.422.8b60a4a"Or add it to your {
"dependencies": {
"base44": "npm:@base44-preview/cli@0.0.47-pr.422.8b60a4a"
}
}
Preview published to npm registry — try new features instantly! |
moranshe-max
force-pushed
the
feature/add-password-login-command
branch
from
53d8672 to
60fd351
Compare
moranshe-max
changed the title
moranshe-max
force-pushed
the
feature/add-password-login-command
branch
from
837aaa9 to
3cd3e7a
Compare
| /** | ||
| * Returns true if at least one login method is enabled in the given config. | ||
| */ | ||
| export function hasAnyLoginMethod(config: AuthConfig): boolean { |
There was a problem hiding this comment.
I think this should be in config / schema or somewhere else because it's not really API.ts file
|
|
||
| let response: KyResponse; | ||
| try { | ||
| response = await base44Client.get(`api/apps/${id}`); |
There was a problem hiding this comment.
I wonder if this should really big in project/api.ts file since it's the entire project data.. but maybe it's a future refactor
| * Reads the auth config file from the given directory. | ||
| * Returns [config] if the file exists, or [] if the directory or file doesn't exist. | ||
| */ | ||
| export async function readAuthConfig(authDir: string): Promise<AuthConfig[]> { |
There was a problem hiding this comment.
why are we returning an array of AuthConfig instead just the AuthConfig? is it possible to have multiple AuthConfigs? 🤔
| export async function updateAuthConfigFile( | ||
| authDir: string, | ||
| updates: Partial<AuthConfig>, | ||
| ): Promise<AuthConfig> { |
There was a problem hiding this comment.
I wonder if we need a read / write / update functions, maybe just read and write? write will also do updates or updates will happen before calling the config.ts?
| return; | ||
| } | ||
|
|
||
| await pushAuthConfigToApi(configs[0]); |
There was a problem hiding this comment.
I commented it in the config.ts file, can AuthConfig be just singular and not an array? then we don't need to keep putting into an array and out of an array 💪
| .option("--enable", "Enable password authentication") | ||
| .option("--disable", "Disable password authentication") |
There was a problem hiding this comment.
what do you think about using commander's .choices instead of 2 different flags? and then the command will look like base44 auth password-login enable
// something like
.argument('<state>').choices(['enable', 'disable'])
There was a problem hiding this comment.
Great tip! Claude claims it's easier for it to consume the cli that way.
| const authDir = join(configDir, project.authDir); | ||
|
|
||
| const updated = await runTask( | ||
| `${shouldEnable ? "Enabling" : "Disabling"} username & password authentication`, |
There was a problem hiding this comment.
maybe the message should be something like "Updating authenticaiton configuration" or something? so make sure it's only locally
There was a problem hiding this comment.
i just saw the outro message, so maybe it's fine
| return await updateAuthConfigFile(authDir, { | ||
| enableUsernamePassword: shouldEnable, | ||
| }); |
There was a problem hiding this comment.
I also commented baout this inside the updateAuthConfigFile function, i just feel writeAuthConfigFile can do everything?
|
|
||
| export function getAuthPullCommand(): Command { | ||
| return new Base44Command("pull") | ||
| .description("Pull auth config from Base44 to local file") |
There was a problem hiding this comment.
Might worth adding some text about overwriting existing file
kfirstri
left a comment
kfirstri
left a comment
There was a problem hiding this comment.
Good work 💪, Added some comments
moranshe-max
force-pushed
the
feature/add-password-login-command
branch
from
fdced31 to
2916115
Compare
| onResult: options?.onFunctionResult, | ||
| }); | ||
| await agentResource.push(agents); | ||
| if (authConfig) { |
There was a problem hiding this comment.
- You should have a resource.ts file inside resources/auth-config/resource.ts with the "readAll" and "push" command configured, this is basically our interface for resourced, i don't want deploy.ts to be too familiar with resources implementation
- move the if(authConfig) check to be inside the resource push function, like all other resourced do
kfirstri
left a comment
kfirstri
left a comment
There was a problem hiding this comment.
one small change about adding a resource.ts to the auth-config, and then call the push method from deploy.ts.
Add `base44 auth password-login` command for enabling/disabling username & password authentication. Introduces the `auth` command group and the core `auth-config` module with Zod schemas, API client, and camelCase transforms. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove interactive prompts in favor of explicit --enable and --disable flags. Add comprehensive input validation with agent-friendly error hints. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Migrate auth-config from standalone core module to the unified resources pattern. Add `auth pull` and `auth push` CLI commands for syncing auth configuration. Extend project config and deploy to support auth-config as a deployable resource. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace removed runCommand/RunCommandResult imports with Base44Command and import RunCommandResult from @/cli/types.js to match the new command pattern introduced on main. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Move hasAnyLoginMethod from api.ts to schema.ts (not an API concern) - Use singular AuthConfig | null instead of AuthConfig[] everywhere - Remove Resource<T> adapter (resource.ts) — call readAuthConfig/pushAuthConfig directly - Remove updateAuthConfigFile — inline read-merge-write in password-login command - Switch password-login from --enable/--disable flags to positional argument (enable|disable) - Update task spinner message to "Updating local auth config" - Add overwrite warning to auth pull outro message - Add confirmation prompt and lockout warning to auth push (with --yes flag) - Update tests for new signatures and positional arg syntax Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ace in deploy Move auth-config back to the standard Resource<T> pattern so deploy.ts doesn't need to know about the resource's internal null-vs-array semantics. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Update password-login, pull, and push commands to receive CLIContext as the first argument, matching the refactored Base44Command pattern. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
moranshe-max
force-pushed
the
feature/add-password-login-command
branch
from
05e3522 to
6d96b8e
Compare
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
3 participants
Note
Description
Adds a new
base44 authcommand group for managing app authentication configuration. The feature introduces three subcommands (password-login,pull,push) backed by a newauth-configcore resource module that handles reading/writing local auth config files and syncing them with the Base44 API. Auth config is also integrated into the existingbase44 deploypipeline so it is pushed automatically alongside entities, functions, agents, and connectors.Related Issue
None
Type of Change
Changes Made
authcommand group (packages/cli/src/cli/commands/auth/):auth password-login <enable|disable>— toggle username/password authentication in the local auth config file; warns if disabling would leave no login methods enabledauth pull— fetch auth config from the Base44 API and write it to the localauth/directoryauth push— push the local auth config file to the Base44 API, with an interactive confirmation prompt (skippable via--yes)program.tsauth-configcore resource (packages/cli/src/core/resources/auth-config/):hasAnyLoginMethod()utility andtoAuthConfigPayload()serializerResource<T>-compatible module for unified read/push lifecycleauthDiradded to project config schema (default"auth"),authConfigincluded inProjectData, read in parallel duringreadProjectConfig(), pushed duringdeployAll(), and shown in the deploy summaryauth password-loginand core unit tests covering API pull/push, local file I/O, and schema validationTesting
npm test)Checklist
docs/(AGENTS.md) if I made architectural changesAdditional Notes
The
authcommand group is currently hidden from top-level help (registered with{ hidden: true }) while the feature is in early rollout. TheauthDirproject config field defaults to"auth"so existing projects don't require any config changes to pick it up.🤖 Generated by Claude | 2026-03-25 10:48 UTC