feat(cli): prompt user for authentication on subsequent logins (#11004, #9329) #12883
+163
−23
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #11004 (partially)
coder login
When Already AuthenticatedCurrently if a user runs
coder login
when logged in they will get the default login flow:Instead prompt the user if they want to re-authenticate if they run
coder login
when already authenticated. Authenticated is defined as having a valid session token stored in the config directory.Does not apply if they provided a valid token via flag or ENV variable. A new token should be generated an stored in that situation unless the
--use-token-as-session
flag was also used.Invalid Token
If an invalid token was set asENV
variable a user would be unable to login until theENV
variable was cleared. (The same behavior will occur for invalid flags)User will now be informed that the token is invalid and prompted to login normally. The ENV variable won't be cleared but a valid session token will be created.I was incorrect about this part. While we can create a new valid token at login subsequent commands will still prefer the invalid ENV token. A potential solution would be to check if the ENV token if valid and fall back to the config token in that situation, however, that creates the overhead of an additional API call on every authed CLI command invocation.