From cf3f90b8314c2cdfdb6600c591e0c269357a77cc Mon Sep 17 00:00:00 2001
From: jiyuu-jin <zach@valist.io>
Date: Wed, 23 Jul 2025 16:32:52 -0400
Subject: [PATCH] Fix CLI SIWE errors from AppKit upgrade

---
 README.md    |  3 ++-
 package.json |  2 +-
 src/api.ts   | 51 ++++++++++++++++++++++++++++++++++++++-------------
 3 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index abd68e7..8a8ecaf 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ $ npm install -g @hyperplay/cli
 $ hyperplay COMMAND
 running command...
 $ hyperplay (--version)
-@hyperplay/cli/2.14.6 darwin-arm64 node-v22.11.0
+@hyperplay/cli/2.14.9 darwin-arm64 node-v22.11.0
 $ hyperplay --help [COMMAND]
 USAGE
   $ hyperplay COMMAND
@@ -141,6 +141,7 @@ EXAMPLES
   $ hyperplay keygen
 ```
 
+
 ## `hyperplay publish [ACCOUNT] [PROJECT] [RELEASE]`
 
 Publish a release
diff --git a/package.json b/package.json
index b3428b8..9b1951e 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@hyperplay/cli",
-  "version": "2.14.7",
+  "version": "2.14.9",
   "description": "Hyperplay CLI",
   "author": "HyperPlay Labs, Inc.",
   "bin": {
diff --git a/src/api.ts b/src/api.ts
index e6153ae..78687b2 100644
--- a/src/api.ts
+++ b/src/api.ts
@@ -18,34 +18,62 @@ export async function logCookiesAndCheckCsrf(
   return csrfToken;
 }
 
+async function getAuthSession(client: AxiosInstance): Promise<void> {
+  try {
+    await client.get("/api/auth/session");
+  } catch (error) {
+    console.log(`❌ Session request failed:`, error);
+    throw error;
+  }
+}
+
+async function getCsrfToken(client: AxiosInstance): Promise<string> {
+  try {
+    const csrfResponse = await client.get("/api/auth/csrf");
+    return csrfResponse.data.csrfToken;
+  } catch (error) {
+    console.log(`❌ CSRF request failed:`, error);
+    throw error;
+  }
+}
+
+async function submitAuthCallback(client: AxiosInstance, formData: string): Promise<void> {
+  try {
+    await client.post("/api/auth/callback/ethereum?", formData, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded'
+      },
+    });
+  } catch (error) {
+    console.log(`❌ Callback request failed:`, error);
+    throw error;
+  }
+}
+
 export async function login(client: AxiosInstance, cookieJar: CookieJar, signer: ethers.Wallet) {
-  await client.get("/api/auth/session");
+  await getAuthSession(client);
 
   const hasCsrfToken = await logCookiesAndCheckCsrf(cookieJar, client.defaults.baseURL as string);
   if (!hasCsrfToken) {
     throw new Error("CSRF token not found in the cookie jar.");
   }
 
-  const csrfResponse = await client.get("/api/auth/csrf");
-  const csrfToken = csrfResponse.data.csrfToken;
-
-  CliUx.ux.action.start(`Signing into HyperPlay API with ${signer.address}:`);
+  const csrfToken = await getCsrfToken(client);
   const siweMessage = new SiweMessage({
     domain: new URL(client.defaults.baseURL as string).host,
     address: signer.address,
     statement: "Sign in with Ethereum to HyperPlay",
     uri: client.defaults.baseURL as string,
     version: "1",
-    chainId: 137,
+    chainId: 1,
     nonce: csrfToken,
-    issuedAt: new Date().toISOString(),
   });
 
   const message = siweMessage.prepareMessage();
   const signature = await signer.signMessage(message);
 
   const formData = qs.stringify({
-    message: JSON.stringify(siweMessage),
+    message: message,
     redirect: 'false',
     signature: signature,
     csrfToken: csrfToken,
@@ -53,11 +81,8 @@ export async function login(client: AxiosInstance, cookieJar: CookieJar, signer:
     json: 'true',
   });
 
-  await client.post("/api/auth/callback/ethereum?", formData, {
-    headers: {
-      'Content-Type': 'application/x-www-form-urlencoded'
-    },
-  });
+  await submitAuthCallback(client, formData);
+
   CliUx.ux.action.stop();
 }