Skip to content

feat(auth): require explicit login subcommand #182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
eddietejeda merged 8 commits into from
Jun 28, 2026
Merged

feat(auth): require explicit login subcommand #182

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
fcc28fb
feat(auth): require explicit `login` subcommand instead of bare-`auth…
eddietejeda Jun 24, 2026
e51a604
docs(changelog): note auth login subcommand requirement (#182)
eddietejeda Jun 24, 2026
5e13502
feat(auth): add `profiles` subcommand to scaffold profiles.yml
eddietejeda Jun 24, 2026
82ed0a6
Revert "feat(auth): add `profiles` subcommand to scaffold profiles.yml"
eddietejeda Jun 24, 2026
cebb194
Merge branch 'main' into auth-no-login-shortcut
eddietejeda Jun 28, 2026
7315db8
docs(auth): drop stale bare-`auth` login references after subcommand …
eddietejeda Jun 28, 2026
6467212
test(auth): cover bare `auth` printing help instead of logging in
eddietejeda Jun 28, 2026
5dce860
style: rustfmt the auth-hint and test changes
eddietejeda Jun 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
## [Unreleased]

### 🚀 Features

- *(auth)* [**breaking**] Require explicit `login` subcommand; bare `hotdata auth` now prints help (#182)
## [0.8.0] - 2026-06-24

### 🚀 Features
Expand Down
2 changes: 1 addition & 1 deletion src/command.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,7 @@ pub enum QueryCommands {

#[derive(Subcommand)]
pub enum AuthCommands {
/// Log in via browser (same as `hotdata auth` with no subcommand)
/// Log in via browser
Login,

/// Create a new account via browser (defaults to GitHub OAuth)
Expand Down
15 changes: 13 additions & 2 deletions src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,9 @@ fn main() {
// never blocked (see `update::should_check`).
let gate_update = !matches!(
&cli.command,
None | Some(Commands::Upgrade) | Some(Commands::Completions { .. })
None | Some(Commands::Upgrade)
| Some(Commands::Completions { .. })
| Some(Commands::Auth { command: None })
);
if gate_update {
update::enforce_latest_or_exit();
Expand All @@ -170,10 +172,19 @@ fn main() {
}
Some(cmd) => match cmd {
Commands::Auth { command } => match command {
None | Some(AuthCommands::Login) => auth::login(),
Some(AuthCommands::Login) => auth::login(),
Some(AuthCommands::Register { email }) => auth::register(email),
Some(AuthCommands::Status) => auth::status("default"),
Some(AuthCommands::Logout) => auth::logout("default"),
None => {
use clap::CommandFactory;
let mut cmd = Cli::command();
cmd.build();
cmd.find_subcommand_mut("auth")
.unwrap()
.print_help()
.unwrap();
}
Comment on lines +200 to +208

@claude claude Bot Jun 24, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This behavior change leaves several user-facing hints that still tell users bare hotdata auth will log them in — they're now incorrect and should be updated in this PR:

  • src/sdk.rs:460-463 (blocking): "Run {} to log in, or pass --api-key." with "hotdata auth". This is the clearest break — it only references bare hotdata auth, which now just prints help. A user hitting an expired session who follows this hint will not be logged in. It should point at hotdata auth login.
  • src/sdk.rs:818: "... Run 'hotdata auth login' (or 'hotdata auth') to re-authenticate." — the (or 'hotdata auth') parenthetical is now wrong.
  • src/config.rs:267: "... Run 'hotdata auth login' (or 'hotdata auth') or specify --workspace-id." — same stale parenthetical.
  • src/config.rs:287: "Run 'hotdata auth login' (or 'hotdata auth') to generate a new config file." — same.
  • src/jwt.rs:15 (doc comment): "user must hotdata auth again" — minor, but worth updating for accuracy.

The PR's goal is consistency, so leaving these pointing at the removed shortcut is contradictory.

@claude claude Bot Jun 24, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking (re-raised from cycle 1, still unaddressed): This PR changes bare hotdata auth to print help instead of logging in, but the user-facing hints that still tell users hotdata auth will log them in were not updated. They are now incorrect:

  • src/sdk.rs:460-463 (most severe): "Run {} to log in, or pass --api-key." with "hotdata auth".cyan(). This references only bare hotdata auth, which now just prints help — a user hitting an expired session who follows this hint will not be logged in. Should point at hotdata auth login.
  • src/sdk.rs:818: "... Run 'hotdata auth login' (or 'hotdata auth') to re-authenticate." — the (or 'hotdata auth') parenthetical is now wrong.
  • src/config.rs:288: "... Run 'hotdata auth login' (or 'hotdata auth') or specify --workspace-id." — same stale parenthetical.
  • src/config.rs:308: "Run 'hotdata auth login' (or 'hotdata auth') to generate a new config file." — same.
  • src/jwt.rs:15 (doc comment): "user must hotdata auth again" — minor, but worth updating for accuracy.

The PR's stated goal is consistency; leaving these pointing at the removed shortcut is contradictory. The sdk.rs:460-463 case is a real correctness break (the hint sends users down a dead end), so this remains blocking.

@claude claude Bot Jun 24, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking (re-raised from cycles 1 & 2, still unaddressed): This PR changes bare hotdata auth to print help instead of logging in, but the user-facing hints that still tell users hotdata auth will log them in were not updated. None of src/sdk.rs, src/config.rs, or src/jwt.rs were touched in this PR, so they remain stale and now incorrect:

  • src/sdk.rs:460-463 (real correctness break): "Run {} to log in, or pass --api-key." with "hotdata auth".cyan(). This references only bare hotdata auth, which now just prints help — a user hitting an expired session who follows this hint will not be logged in. It must point at hotdata auth login.
  • src/sdk.rs:818: "... Run 'hotdata auth login' (or 'hotdata auth') to re-authenticate." — the (or 'hotdata auth') parenthetical is now wrong.
  • src/config.rs:267: "... Run 'hotdata auth login' (or 'hotdata auth') or specify --workspace-id." — same stale parenthetical.
  • src/config.rs:287: "Run 'hotdata auth login' (or 'hotdata auth') to generate a new config file." — same.
  • src/jwt.rs:15 (doc comment): "user must hotdata auth again" — minor, but worth updating for accuracy.

The PR's stated goal is consistency; leaving these pointing at the removed shortcut is contradictory. The sdk.rs:460-463 case sends users down a dead end, so this remains blocking.

@claude claude Bot Jun 28, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking (re-raised from cycles 1, 2 & 3 — still unaddressed): This PR changes bare hotdata auth to print help instead of logging in, but the user-facing hints that still tell users hotdata auth will log them in were not updated. sdk.rs, config.rs, and jwt.rs are untouched in this PR, so they remain stale and are now incorrect:

  • src/sdk.rs:485-486 (real correctness break): "Run {} to log in, or pass --api-key." with "hotdata auth".cyan(). This references only bare hotdata auth, which now just prints help — a user hitting an expired session who follows this hint will not be logged in. It must point at hotdata auth login.
  • src/sdk.rs:843: "... Run 'hotdata auth login' (or 'hotdata auth') to re-authenticate." — the (or 'hotdata auth') parenthetical is now wrong.
  • src/config.rs:267: "... Run 'hotdata auth login' (or 'hotdata auth') or specify --workspace-id." — same stale parenthetical.
  • src/config.rs:287: "Run 'hotdata auth login' (or 'hotdata auth') to generate a new config file." — same.
  • src/jwt.rs:15 (doc comment): "user must hotdata auth again" — minor, but worth updating for accuracy.

The PR's stated goal is consistency; leaving these pointing at the removed shortcut is contradictory. The sdk.rs:485-486 case sends users down a dead end, so this remains blocking.

},
Commands::Query {
sql,
Expand Down
Loading