caching email

Author: patelspratik

pkg/cmd/cmd.go

@@ -58,6 +58,7 @@ import (
 	"github.com/brevdev/brev-cli/pkg/cmd/workspacegroups"
 	"github.com/brevdev/brev-cli/pkg/cmd/writeconnectionevent"
 	"github.com/brevdev/brev-cli/pkg/config"
+	"github.com/brevdev/brev-cli/pkg/entity"
 	"github.com/brevdev/brev-cli/pkg/featureflag"
 	"github.com/brevdev/brev-cli/pkg/files"
 	"github.com/brevdev/brev-cli/pkg/remoteversion"
@@ -257,8 +258,20 @@ func NewBrevCommand() *cobra.Command { //nolint:funlen,gocognit,gocyclo // defin
 	cmds.SetUsageTemplate(usageTemplate)
 
 	// In-memory auth for external node commands — never touches credentials.json.
-	memAuthStore := store.NewMemoryAuthStore()
-	memAuthenticator := auth.StandardLogin("", "", nil)
+	// Pre-fill the cached email so the user sees a confirmation prompt instead of
+	// having to type it from scratch every time.
+	cachedEmail, _ := fsStore.GetCachedEmail()
+	memAuthenticator := auth.StandardLogin("", cachedEmail, nil)
+	if cachedEmail != "" {
+		if kas, ok := memAuthenticator.(auth.KasAuthenticator); ok {
+			kas.ShouldPromptEmail = true
+			memAuthenticator = kas
+		}
+	}
+	memAuthStore := &emailCachingAuthStore{
+		MemoryAuthStore: store.NewMemoryAuthStore(),
+		fileStore:       fsStore,
+	}
 	memLoginAuth := auth.NewLoginAuth(memAuthStore, memAuthenticator)
 	memLoginAuth.WithShouldLogin(func() (bool, error) { return true, nil })
 
@@ -555,4 +568,22 @@ var (
 	_ store.Auth     = auth.NoLoginAuth{}
 	_ auth.AuthStore = store.FileStore{}
 	_ auth.AuthStore = &store.MemoryAuthStore{}
+	_ auth.AuthStore = &emailCachingAuthStore{}
 )
+
+// emailCachingAuthStore wraps MemoryAuthStore and persists the login email
+// to ~/.brev/cached-email after each successful authentication.
+type emailCachingAuthStore struct {
+	*store.MemoryAuthStore
+	fileStore *store.FileStore
+}
+
+func (e *emailCachingAuthStore) SaveAuthTokens(tokens entity.AuthTokens) error {
+	if err := e.MemoryAuthStore.SaveAuthTokens(tokens); err != nil {
+		return breverrors.WrapAndTrace(err)
+	}
+	if email := auth.GetEmailFromToken(tokens.AccessToken); email != "" {
+		_ = e.fileStore.SaveCachedEmail(email)
+	}
+	return nil
+}

pkg/cmd/cmd_test.go

@@ -0,0 +1,75 @@
+package cmd
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"testing"
+
+	"github.com/brevdev/brev-cli/pkg/entity"
+	"github.com/brevdev/brev-cli/pkg/store"
+	"github.com/spf13/afero"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+// fakeJWT builds an unsigned JWT with the given claims (header.payload.signature).
+func fakeJWT(t *testing.T, claims map[string]interface{}) string {
+	t.Helper()
+	header := base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"none","typ":"JWT"}`))
+	payload, err := json.Marshal(claims)
+	require.NoError(t, err)
+	return header + "." + base64.RawURLEncoding.EncodeToString(payload) + "."
+}
+
+func newTestFileStore(t *testing.T) *store.FileStore {
+	t.Helper()
+	fs := afero.NewMemMapFs()
+	err := fs.MkdirAll("/home/testuser/.brev", 0o755)
+	require.NoError(t, err)
+	return store.NewBasicStore().WithFileSystem(fs).WithUserHomeDirGetter(
+		func() (string, error) { return "/home/testuser", nil },
+	)
+}
+
+func TestEmailCachingAuthStore_SaveCachesEmail(t *testing.T) {
+	fs := newTestFileStore(t)
+	s := &emailCachingAuthStore{
+		MemoryAuthStore: store.NewMemoryAuthStore(),
+		fileStore:       fs,
+	}
+
+	token := fakeJWT(t, map[string]interface{}{"email": "user@example.com"})
+	err := s.SaveAuthTokens(entity.AuthTokens{AccessToken: token})
+	require.NoError(t, err)
+
+	cached, err := fs.GetCachedEmail()
+	require.NoError(t, err)
+	assert.Equal(t, "user@example.com", cached)
+}
+
+func TestEmailCachingAuthStore_NoEmailInToken(t *testing.T) {
+	fs := newTestFileStore(t)
+	s := &emailCachingAuthStore{
+		MemoryAuthStore: store.NewMemoryAuthStore(),
+		fileStore:       fs,
+	}
+
+	token := fakeJWT(t, map[string]interface{}{"sub": "12345"})
+	err := s.SaveAuthTokens(entity.AuthTokens{AccessToken: token})
+	require.NoError(t, err)
+
+	cached, err := fs.GetCachedEmail()
+	require.NoError(t, err)
+	assert.Equal(t, "", cached)
+}
+
+func TestEmailCachingAuthStore_EmptyAccessToken(t *testing.T) {
+	fs := newTestFileStore(t)
+	s := &emailCachingAuthStore{
+		MemoryAuthStore: store.NewMemoryAuthStore(),
+		fileStore:       fs,
+	}
+
+	err := s.SaveAuthTokens(entity.AuthTokens{AccessToken: ""})
+	require.Error(t, err)
+}

pkg/cmd/register/device_registration_store.go

@@ -86,7 +86,7 @@ func (s *FileRegistrationStore) Load() (*DeviceRegistration, error) {
 		return nil, breverrors.WrapAndTrace(err)
 	}
 	if reg.ExternalNodeID == "" || reg.OrgID == "" {
-		return nil, breverrors.New("corrupt registration file: missing external_node_id or org_id")
+		return nil, breverrors.New("malformed registration")
 	}
 	return &reg, nil
 }

pkg/cmd/register/register.go

@@ -27,6 +27,7 @@ import (
 type RegisterStore interface {
 	GetCurrentUser() (*entity.User, error)
 	GetActiveOrganizationOrDefault() (*entity.Organization, error)
+	GetOrganizationsByName(name string) ([]entity.Organization, error)
 	GetAccessToken() (string, error)
 }
 
@@ -91,6 +92,8 @@ This command sets up network connectivity and registers this machine with Brev.`
 )
 
 func NewCmdRegister(t *terminal.Terminal, store RegisterStore) *cobra.Command {
+	var orgFlag string
+
 	cmd := &cobra.Command{
 		Annotations:           map[string]string{"configuration": ""},
 		Use:                   "register [name]",
@@ -104,14 +107,16 @@ func NewCmdRegister(t *terminal.Terminal, store RegisterStore) *cobra.Command {
 			if len(args) > 0 {
 				name = args[0]
 			}
-			return runRegister(cmd.Context(), t, store, name, defaultRegisterDeps())
+			return runRegister(cmd.Context(), t, store, name, orgFlag, defaultRegisterDeps())
 		},
 	}
 
+	cmd.Flags().StringVarP(&orgFlag, "org", "o", "", "organization name (overrides active org)")
+
 	return cmd
 }
 
-func runRegister(ctx context.Context, t *terminal.Terminal, s RegisterStore, name string, deps registerDeps) error { //nolint:funlen // registration flow
+func runRegister(ctx context.Context, t *terminal.Terminal, s RegisterStore, name string, orgName string, deps registerDeps) error { //nolint:funlen // registration flow
 	if !deps.platform.IsCompatible() {
 		return breverrors.New("brev register is only supported on Linux")
 	}
@@ -132,7 +137,7 @@ func runRegister(ctx context.Context, t *terminal.Terminal, s RegisterStore, nam
 	if err != nil {
 		return breverrors.WrapAndTrace(err)
 	}
-	org, err := getOrgToRegisterFor(s)
+	org, err := getOrgToRegisterFor(s, orgName)
 	if err != nil {
 		return breverrors.WrapAndTrace(err)
 	}
@@ -219,15 +224,28 @@ func runRegister(ctx context.Context, t *terminal.Terminal, s RegisterStore, nam
 	return nil
 }
 
-func getOrgToRegisterFor(s RegisterStore) (*entity.Organization, error) {
+func getOrgToRegisterFor(s RegisterStore, orgName string) (*entity.Organization, error) {
+	if orgName != "" {
+		orgs, err := s.GetOrganizationsByName(orgName)
+		if err != nil {
+			return nil, breverrors.WrapAndTrace(err)
+		}
+		if len(orgs) == 0 {
+			return nil, fmt.Errorf("no organization found with name %q", orgName)
+		}
+		if len(orgs) > 1 {
+			return nil, fmt.Errorf("multiple organizations found with name %q", orgName)
+		}
+		return &orgs[0], nil
+	}
+
 	org, err := s.GetActiveOrganizationOrDefault()
 	if err != nil {
 		return nil, breverrors.WrapAndTrace(err)
 	}
 	if org == nil {
 		return nil, fmt.Errorf("no organization found; please create or join an organization first")
 	}
-
 	return org, nil
 }