refactor(accounts): split account-service.ts into 12 focused modules (N2) (#30)

* refactor(accounts): split account-service.ts into 12 focused modules (N2)

Reduce the 1,675-LOC god-file at src/lib/accounts/account-service.ts to a
164-LOC orchestrator that delegates every public method to a focused
free-function module. No public API change: every signature on
`AccountService` is preserved and the `accountService` singleton in
`src/lib/accounts/index.ts` continues to work for `BaseCommand` and the
existing direct importers (`commands/check.ts`, `commands/forecast.ts`,
`commands/auto-switch.ts`, two test files).

Target modules (per `docs/future/01-ARCHITECTURE.md` §2.1):

- sync/external-sync.ts         (216 LOC) — syncExternalAuthSnapshot...
- read/listing.ts               (211 LOC) — list/find + getCurrentAccountName
- write/save.ts                 (159 LOC) — saveAccount + safety guard
- write/use.ts                  (128 LOC) — useAccount + activateSnapshot
- write/remove.ts               (105 LOC) — remove one / by query / all
- config/auto-switch-config.ts  ( 82 LOC) — status + threshold setters
- auto-switch/policy.ts         (141 LOC) — runAutoSwitchOnce + daemon
- usage/adapter.ts              (192 LOC) — usage refresh + proxy shim
- safety/snapshot-vault.ts      (125 LOC) — backup + clobber recovery
- session/pin.ts                (243 LOC) — sessions.json + Linux PPID
- identity/equality.ts          ( 86 LOC) — snapshot identity comparisons
- naming.ts                     ( 40 LOC) — normalizeAccountName + path

Shared internal helpers under `_internal/`:

- _internal/fs-helpers.ts       — pathExists / filesMatch / auth-state read
- _internal/auth-state.ts       — symlink materialize, current-name file I/O
- _internal/registry-ops.ts     — persistRegistry + metadata hydration
- _internal/name-resolution.ts  — login/inferred name resolution

Behavior is byte-identical: every existing test in the pre-N2 suite
still passes. Wave-1 contracts honored — atomic writes via N1's
`persistRegistryAtomic`/`secureWriteFile`, errors thrown via N3's
`AuthmuxError` subclasses, paths resolved per-call via N4's `resolve*`
getters.

New tests (31 cases across 3 files):

- src/tests/identity-equality.test.ts
- src/tests/naming.test.ts
- src/tests/accounts-modules.test.ts (covers listing, session/pin,
  snapshot-vault, auto-switch-config, auto-switch-policy, usage-adapter,
  write/use, write/remove, external-sync)

Verification:

- npm run build: clean
- npm test: 129 passing, 0 failing (was 98 pre-extraction)
- wc -l src/lib/accounts/account-service.ts → 164 (< 400 ceiling, ~150 goal)
- singleton: all 21 public methods still resolve as functions
- node dist/index.js --help: CLI boots and lists every command

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(test): make naming.test.ts portable on Windows

The accountFilePath test hardcoded "/tmp/authmux-test-accounts" and
asserted equality against a forward-slash POSIX path. On Windows the
resolved path comes back as "D:\tmp\authmux-test-accounts\..." which
fails the strict-equal check across all 3 Node versions in CI.

Build the expected path through os.tmpdir() + path.join() so both
sides go through the same platform-aware joining and the test passes
on Ubuntu, macOS, and Windows.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: 3 people

src/lib/accounts/_internal/auth-state.ts

@@ -0,0 +1,70 @@
+// Internal: auth.json read/state helpers — symlink materialization,
+// ensure-exists guard, current-name file I/O. Extracted from the
+// monolithic AccountService (Theme N2).
+
+import path from "node:path";
+import fsp from "node:fs/promises";
+import {
+  resolveAuthPath,
+  resolveCurrentNamePath,
+} from "../../config/paths";
+import {
+  ensureSecureDir,
+  secureWriteFile,
+} from "../../io/secure-fs";
+import { AuthFileMissingError } from "../errors";
+import {
+  setSessionAccountName,
+} from "../session/pin";
+import { pathExists, removeIfExists } from "./fs-helpers";
+
+export async function ensureAuthFileExists(authPath: string): Promise<void> {
+  if (!(await pathExists(authPath))) {
+    throw new AuthFileMissingError(authPath);
+  }
+}
+
+export async function materializeAuthSymlink(authPath: string): Promise<void> {
+  const stat = await fsp.lstat(authPath);
+  if (!stat.isSymbolicLink()) {
+    return;
+  }
+
+  const snapshotData = await fsp.readFile(authPath);
+  await removeIfExists(authPath);
+  await secureWriteFile(authPath, snapshotData);
+}
+
+export async function writeCurrentName(
+  name: string,
+  options?: { authFingerprint?: string },
+): Promise<void> {
+  const currentNamePath = resolveCurrentNamePath();
+  await ensureSecureDir(path.dirname(currentNamePath));
+  await secureWriteFile(currentNamePath, `${name}\n`);
+  await setSessionAccountName(name, options?.authFingerprint);
+}
+
+export async function readCurrentNameFile(currentNamePath: string): Promise<string | null> {
+  try {
+    const contents = await fsp.readFile(currentNamePath, "utf8");
+    const trimmed = contents.trim();
+    return trimmed.length ? trimmed : null;
+  } catch (error) {
+    const err = error as NodeJS.ErrnoException;
+    if (err.code === "ENOENT") {
+      return null;
+    }
+    throw error;
+  }
+}
+
+export async function clearActivePointers(
+  clearSessionAccountName: () => Promise<void>,
+): Promise<void> {
+  const currentPath = resolveCurrentNamePath();
+  const authPath = resolveAuthPath();
+  await removeIfExists(currentPath);
+  await removeIfExists(authPath);
+  await clearSessionAccountName();
+}

src/lib/accounts/_internal/fs-helpers.ts

@@ -0,0 +1,64 @@
+// Internal filesystem helpers shared across the extracted clusters.
+// Not part of the public API — only modules under `src/lib/accounts/`
+// should import from here.
+
+import fs from "node:fs";
+import fsp from "node:fs/promises";
+
+export async function pathExists(targetPath: string): Promise<boolean> {
+  try {
+    await fsp.access(targetPath, fs.constants.F_OK);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+export async function filesMatch(firstPath: string, secondPath: string): Promise<boolean> {
+  try {
+    const [first, second] = await Promise.all([
+      fsp.readFile(firstPath),
+      fsp.readFile(secondPath),
+    ]);
+    return first.equals(second);
+  } catch {
+    return false;
+  }
+}
+
+export async function removeIfExists(target: string): Promise<void> {
+  try {
+    await fsp.rm(target, { force: true });
+  } catch (error) {
+    const err = error as NodeJS.ErrnoException;
+    if (err.code !== "ENOENT") {
+      throw error;
+    }
+  }
+}
+
+export interface AuthSyncState {
+  fingerprint: string;
+  isSymbolicLink: boolean;
+}
+
+export async function readAuthSyncState(authPath: string): Promise<AuthSyncState | null> {
+  try {
+    const stat = await fsp.lstat(authPath);
+    return {
+      fingerprint: createAuthSyncFingerprint(stat),
+      isSymbolicLink: stat.isSymbolicLink(),
+    };
+  } catch {
+    return null;
+  }
+}
+
+export function createAuthSyncFingerprint(stat: fs.Stats): string {
+  return [
+    stat.isSymbolicLink() ? "symlink" : "file",
+    typeof stat.ino === "number" ? Math.trunc(stat.ino) : 0,
+    Math.trunc(stat.size),
+    Math.trunc(stat.mtimeMs),
+  ].join(":");
+}

src/lib/accounts/_internal/name-resolution.ts

@@ -0,0 +1,196 @@
+// Internal: resolve the snapshot file name for a given live auth snapshot.
+// Used by save/use/external-sync — kept under _internal/ because the
+// public surface only exposes the orchestrator wrappers.
+
+import {
+  AccountNameInferenceError,
+} from "../errors";
+import { parseAuthSnapshotFile } from "../auth-parser";
+import { loadRegistry } from "../registry";
+import { ParsedAuthSnapshot } from "../types";
+import { listAccountNames } from "../read/listing";
+import { accountFilePath, normalizeAccountName } from "../naming";
+import { pathExists } from "./fs-helpers";
+import {
+  registryEntrySharesEmail,
+  registryEntrySharesIdentity,
+  snapshotsShareEmail,
+  snapshotsShareIdentity,
+} from "../identity/equality";
+
+export type ResolvedAccountNameSource = "active" | "existing" | "inferred";
+
+export interface ResolvedDefaultAccountName {
+  name: string;
+  source: ResolvedAccountNameSource;
+  forceOverwrite?: boolean;
+}
+
+export interface ResolvedLoginAccountName {
+  name: string;
+  source: ResolvedAccountNameSource;
+  forceOverwrite?: boolean;
+}
+
+function orderReloginSnapshotCandidates(
+  accountNames: string[],
+  incomingSnapshot: ParsedAuthSnapshot,
+  activeName: string | null,
+): string[] {
+  const ordered: string[] = [];
+  const add = (name: string | null | undefined): void => {
+    if (!name || !accountNames.includes(name) || ordered.includes(name)) return;
+    ordered.push(name);
+  };
+
+  add(activeName);
+
+  const incomingEmail = incomingSnapshot.email?.trim().toLowerCase();
+  if (incomingEmail) {
+    try {
+      add(normalizeAccountName(incomingEmail));
+    } catch {
+      // Invalid email-shaped snapshot names fall through to identity scan.
+    }
+  }
+
+  for (const name of accountNames) {
+    add(name);
+  }
+
+  return ordered;
+}
+
+async function resolveRegistryAccountNameForIncomingSnapshot(
+  incomingSnapshot: ParsedAuthSnapshot,
+  candidates: string[],
+  activeName: string | null,
+): Promise<ResolvedDefaultAccountName | null> {
+  const registry = await loadRegistry();
+  let activeEmailMatch: ResolvedDefaultAccountName | null = null;
+
+  for (const name of candidates) {
+    const entry = registry.accounts[name];
+    if (!entry || !(await pathExists(accountFilePath(name)))) continue;
+
+    if (registryEntrySharesIdentity(entry, incomingSnapshot)) {
+      return {
+        name,
+        source: activeName === name ? "active" : "existing",
+      };
+    }
+
+    if (!activeEmailMatch && registryEntrySharesEmail(entry, incomingSnapshot)) {
+      activeEmailMatch = {
+        name,
+        source: activeName === name ? "active" : "existing",
+        forceOverwrite: true,
+      };
+    }
+  }
+
+  return activeEmailMatch;
+}
+
+export async function resolveExistingAccountNameForIncomingSnapshot(
+  incomingSnapshot: ParsedAuthSnapshot,
+  activeName: string | null,
+): Promise<ResolvedDefaultAccountName | null> {
+  let emailMatch: ResolvedDefaultAccountName | null = null;
+  const accountNames = await listAccountNames();
+  const candidates = orderReloginSnapshotCandidates(
+    accountNames,
+    incomingSnapshot,
+    activeName,
+  );
+  const registryMatch = await resolveRegistryAccountNameForIncomingSnapshot(
+    incomingSnapshot,
+    candidates,
+    activeName,
+  );
+  if (registryMatch) {
+    return registryMatch;
+  }
+
+  for (const name of candidates) {
+    const snapshotPath = accountFilePath(name);
+    if (!(await pathExists(snapshotPath))) continue;
+
+    const existingSnapshot = await parseAuthSnapshotFile(snapshotPath);
+    if (snapshotsShareIdentity(existingSnapshot, incomingSnapshot)) {
+      return {
+        name,
+        source: activeName === name ? "active" : "existing",
+      };
+    }
+
+    if (!emailMatch && snapshotsShareEmail(existingSnapshot, incomingSnapshot)) {
+      emailMatch = {
+        name,
+        source: activeName === name ? "active" : "existing",
+        forceOverwrite: true,
+      };
+    }
+  }
+
+  return emailMatch;
+}
+
+export async function resolveUniqueInferredName(
+  baseName: string,
+  incomingSnapshot: ParsedAuthSnapshot,
+): Promise<string> {
+  const hasMatchingIdentity = async (name: string): Promise<boolean> => {
+    const parsed = await parseAuthSnapshotFile(accountFilePath(name));
+    return snapshotsShareIdentity(parsed, incomingSnapshot);
+  };
+
+  const basePath = accountFilePath(baseName);
+  if (!(await pathExists(basePath))) {
+    return baseName;
+  }
+  if (await hasMatchingIdentity(baseName)) {
+    return baseName;
+  }
+
+  for (let i = 2; i <= 99; i += 1) {
+    const candidate = normalizeAccountName(`${baseName}--dup-${i}`);
+    const candidatePath = accountFilePath(candidate);
+    if (!(await pathExists(candidatePath))) {
+      return candidate;
+    }
+    if (await hasMatchingIdentity(candidate)) {
+      return candidate;
+    }
+  }
+
+  throw new AccountNameInferenceError();
+}
+
+export async function inferAccountNameFromSnapshot(
+  incomingSnapshot: ParsedAuthSnapshot,
+): Promise<string> {
+  const email = incomingSnapshot.email?.trim().toLowerCase();
+  if (!email || !email.includes("@")) {
+    throw new AccountNameInferenceError();
+  }
+
+  const baseCandidate = normalizeAccountName(email);
+  return resolveUniqueInferredName(baseCandidate, incomingSnapshot);
+}
+
+export async function resolveLoginAccountNameForSnapshot(
+  incomingSnapshot: ParsedAuthSnapshot,
+  activeName: string | null,
+): Promise<ResolvedLoginAccountName> {
+  const existing = await resolveExistingAccountNameForIncomingSnapshot(
+    incomingSnapshot,
+    activeName,
+  );
+  if (existing) return existing;
+
+  return {
+    name: await inferAccountNameFromSnapshot(incomingSnapshot),
+    source: "inferred",
+  };
+}

src/lib/accounts/_internal/registry-ops.ts

@@ -0,0 +1,50 @@
+// Internal registry helpers shared across write clusters.
+// All durable writes funnel through `persistRegistryAtomic` (Theme N1) —
+// this module just adds the reconcile-by-account-name step on top.
+
+import {
+  persistRegistryAtomic,
+  reconcileRegistryWithAccounts,
+} from "../registry";
+import { RegistryData } from "../types";
+import { parseAuthSnapshotFile } from "../auth-parser";
+import { accountFilePath } from "../naming";
+import { listAccountNames } from "../read/listing";
+
+export async function persistRegistry(registry: RegistryData): Promise<void> {
+  const reconciled = reconcileRegistryWithAccounts(
+    registry,
+    await listAccountNames(),
+  );
+  await persistRegistryAtomic(reconciled);
+}
+
+export async function hydrateSnapshotMetadata(
+  registry: RegistryData,
+  accountName: string,
+): Promise<void> {
+  const parsed = await parseAuthSnapshotFile(accountFilePath(accountName));
+  const entry = registry.accounts[accountName] ?? {
+    name: accountName,
+    createdAt: new Date().toISOString(),
+  };
+
+  if (parsed.email) entry.email = parsed.email;
+  if (parsed.accountId) entry.accountId = parsed.accountId;
+  if (parsed.userId) entry.userId = parsed.userId;
+  if (parsed.planType) entry.planType = parsed.planType;
+
+  registry.accounts[accountName] = entry;
+}
+
+export async function hydrateSnapshotMetadataIfMissing(
+  registry: RegistryData,
+  accountName: string,
+): Promise<void> {
+  const entry = registry.accounts[accountName];
+  if (entry?.email && entry.accountId && entry.userId && entry.planType) {
+    return;
+  }
+
+  await hydrateSnapshotMetadata(registry, accountName);
+}