refactor(auth): deduplicate canRetry/validateKey between login.ts and login-console.ts

Export validateAndPersistApiKey from login-console.ts and reuse in
login.ts. Remove duplicated canRetry, RETRY_DELAY_BASE_MS, and
validateKeyAndPersist from login.ts. Unify validation model to
qwen3.7-max. Reorder base_url write before apiKey validation in
the --api-key path to avoid double read-modify-write.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: lishengzxc

packages/cli/src/commands/auth/login-console.ts

@@ -388,7 +388,7 @@ function canRetry(err: unknown): boolean {
   return false;
 }
 
-async function validateAndPersistApiKey(
+export async function validateAndPersistApiKey(
   config: Config,
   key: string,
   baseUrl: string,
@@ -400,7 +400,7 @@ async function validateAndPersistApiKey(
     method: "POST",
     timeout: Math.min(config.timeout, 30),
     body: {
-      model: "qwen-max",
+      model: "qwen3.7-max",
       messages: [{ role: "user", content: "hi" }],
       max_tokens: 1,
     },

packages/cli/src/commands/auth/login.ts

@@ -1,13 +1,8 @@
 import {
-  BailianError,
-  ExitCode,
-  chatEndpoint,
   defineCommand,
-  getConfigPath,
   isInteractive,
   maskToken,
   readConfigFile,
-  requestJson,
   writeConfigFile,
   type Config,
   type GlobalFlags,
@@ -16,68 +11,11 @@ import { printQuickStart } from "../../output/banner.ts";
 import { emitBare } from "../../output/output.ts";
 import { promptConfirm } from "../../output/prompt.ts";
 import { printCurrentCommandHelp } from "../../utils/command-help.ts";
-import { resolveConsoleOrigin, runConsoleLogin } from "./login-console.ts";
-
-const RETRY_DELAY_BASE_MS = 500;
-
-function canRetry(err: unknown): boolean {
-  if (err instanceof BailianError) {
-    if (err.exitCode === ExitCode.NETWORK || err.exitCode === ExitCode.TIMEOUT) {
-      return true;
-    }
-    const status = err.api?.httpStatus;
-    return status === 401 || (status !== undefined && status >= 500);
-  }
-  if (err instanceof Error) {
-    return (
-      err.name === "AbortError" ||
-      err.name === "TimeoutError" ||
-      err.message.includes("timed out") ||
-      err.message === "fetch failed"
-    );
-  }
-  return false;
-}
-
-async function validateKeyAndPersist(config: Config, key: string): Promise<void> {
-  process.stderr.write("Testing key... ");
-
-  const testConfig = { ...config, apiKey: key };
-  const requestOpts = {
-    url: chatEndpoint(testConfig.baseUrl),
-    method: "POST",
-    timeout: Math.min(config.timeout, 30),
-    body: {
-      model: "qwen3.7-max",
-      messages: [{ role: "user", content: "hi" }],
-      max_tokens: 1,
-    },
-  };
-
-  for (let attempt = 1; attempt <= 3; attempt++) {
-    try {
-      await requestJson<unknown>(testConfig, requestOpts);
-      break;
-    } catch (err) {
-      if (attempt >= 3 || !canRetry(err)) {
-        process.stderr.write("\n");
-        throw new BailianError("API key validation failed", ExitCode.AUTH, "Invalid API key.", {
-          cause: err,
-        });
-      }
-      // retry delay: 500ms, 1000ms, 2000ms
-      const delayMs = RETRY_DELAY_BASE_MS * 2 ** (attempt - 1);
-      await new Promise((resolve) => setTimeout(resolve, delayMs));
-    }
-  }
-
-  process.stderr.write("Valid\n");
-
-  const existing = readConfigFile() as Record<string, unknown>;
-  existing.api_key = key;
-  await writeConfigFile(existing);
-  process.stderr.write(`Saved to ${getConfigPath()}\n`);
-}
+import {
+  resolveConsoleOrigin,
+  runConsoleLogin,
+  validateAndPersistApiKey,
+} from "./login-console.ts";
 
 export default defineCommand({
   name: "auth login",
@@ -138,12 +76,12 @@ export default defineCommand({
     const effectiveConfig = baseUrl ? { ...config, baseUrl } : config;
 
     if (!config.dryRun) {
-      await validateKeyAndPersist(effectiveConfig, key);
       if (baseUrl) {
         const existing = readConfigFile() as Record<string, unknown>;
         existing.base_url = baseUrl;
         await writeConfigFile(existing);
       }
+      await validateAndPersistApiKey(effectiveConfig, key, effectiveConfig.baseUrl);
       printQuickStart();
     } else {
       emitBare("Would validate and save API key.");