feat(auth): adopt cli-core 0.12.0 multi-user TokenStore shape#71
Merged
Conversation
Bump @doist/cli-core to 0.12.0 and reshape OutlineTokenStore to the new uniformly-multi-user TokenStore contract: - `active(ref?)` / `clear(ref?)` honour the optional AccountRef. With a ref, ref-mismatch throws `ACCOUNT_NOT_FOUND` (via a shared `resolveByRef` helper) instead of silently returning null / no-op-ing, so `auth status --user <other>` / `auth logout --user <other>` will surface a real error rather than the misleading "Not authenticated" / silent ✓ Logged out. - New `list()` returns the single stored account flagged as default; empty array when nothing is stored. - New `setDefault(ref)` validates the ref against the stored account. Ref matching: exact id (UUID, case-sensitive) or case-insensitive label. Registers `ACCOUNT_NOT_FOUND` in the local `ErrorCode` union and adds ref-aware coverage in `src/__tests__/auth-provider.test.ts`. Storage backend stays single-slot — this is contract compliance so the upstream `--user <ref>` flag attached by `attachLogoutCommand` / `attachStatusCommand` / `attachTokenViewCommand` (when wired) lands cleanly. Multi-account storage is a future PR. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
doistbot
reviewed
May 15, 2026
Member
doistbot
left a comment
doistbot
left a comment
There was a problem hiding this comment.
This PR smoothly updates the authentication provider to adopt the new multi-user TokenStore contract from @doist/cli-core 0.12.0. The implementation correctly wires up reference resolution and error handling, laying a solid foundation for future multi-account support. A few minor adjustments are suggested to optimize disk reads during token clearing, expand test coverage for empty-store scenarios, and deduplicate test fixtures.
Address PR review: - P2 perf: `clear(ref)` was reading the config file twice (once via `resolveByRef` then again via `clearConfig`). Replace `resolveByRef` with an inline `deriveSnapshot(config)` pure function used by every ref-aware path (`active(ref)` / `clear(ref)` / `list()` / `setDefault(ref)`) and let `clearConfig` accept an optional pre-loaded config so ref-based logout stays at 1 read + 1 write. - P2 test gap: add `clear(ref)` with no stored config — guards against a regression to the old silent no-op when the store is empty, which would let `attachLogoutCommand` emit ✓ Logged out for a ref that never had any backing account. - P3 fixtures: drop the duplicate `STORED_ACCOUNT` / `STORED_CONFIG` fixtures and reuse the existing `sampleAccount` + a derived `sampleConfig` so future account-shape changes live in one place. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
scottlovegrove
requested review from
a team and
engfragui
and removed request for
a team
doist-release-bot Bot
added a commit
that referenced
this pull request
May 15, 2026
## [1.6.0](v1.5.3...v1.6.0) (2026-05-15) ### Features * **auth:** adopt cli-core 0.12.0 multi-user TokenStore shape ([#71](#71)) ([53487b7](53487b7))
Contributor
|
🎉 This PR is included in version 1.6.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
@doist/cli-corefrom 0.9.0 → 0.12.0.OutlineTokenStoreto the new uniformly-multi-userTokenStorecontract:active(ref?)/clear(ref?)honour the optionalAccountRefand route through a sharedresolveByRefhelper that throwsACCOUNT_NOT_FOUNDon mismatch (no more silent null / no-op).list()returns the one stored account flagged as default (or empty),setDefault(ref)validates the ref against the single account.ACCOUNT_NOT_FOUNDin the localErrorCodeunion.src/__tests__/auth-provider.test.ts(10 new tests).Storage backend stays single-slot — this is contract compliance so the upstream
--user <ref>flag attached byattachLogoutCommand/attachStatusCommand/attachTokenViewCommand(when wired) lands cleanly. Multi-account storage is a future PR. Mirrors the equivalent change landing in twist-cli (#225).Test plan
npm run type-checknpm run buildnpm test— 126 / 126 passnpm run lint:checknpm run check:skill-syncol auth login/status/logoutstill work against an existing token--user <ref>plumbed throughactive(ref)/clear(ref)matches an exact id or case-insensitive label; mismatched ref throwsACCOUNT_NOT_FOUND🤖 Generated with Claude Code