coder
feat(cli): prompt user for authentication on subsequent logins (#11004, #9329)
Fixes #11004 (partially)
coder login When Already Authenticated
Currently if a user runs coder login when logged in they will get the default login flow:
$ > coder login http://localhost:8080
Attempting to authenticate with argument URL: 'http://localhost:8080'
Your browser has been opened to visit:
http://localhost:8080/cli-auth
> Paste your token here: DqSDeIXhgx-ABpLuIJ5PnLJjtvdUwmRK5
> Welcome to Coder, admin! You're authenticated.
Instead prompt the user if they want to re-authenticate if they run coder login when already authenticated. Authenticated is defined as having a valid session token stored in the config directory.
$ > coder login http://localhost:8080
Attempting to authenticate with argument URL: 'http://localhost:8080'
> You are already authenticated admin. Are you sure you want to log in again? (yes/no) no
Does not apply if they provided a valid token via flag or ENV variable. A new token should be generated an stored in that situation unless the --use-token-as-session flag was also used.
Invalid Token
~If an invalid token was set as ENV variable a user would be unable to login until the ENV variable was cleared. (The same behavior will occur for invalid flags)~
~User will now be informed that the token is invalid and prompted to login normally. The ENV variable won't be cleared but a valid session token will be created.~
I was incorrect about this part. While we can create a new valid token at login subsequent commands will still prefer the invalid ENV token. A potential solution would be to check if the ENV token if valid and fall back to the config token in that situation, however, that creates the overhead of an additional API call on every authed CLI command invocation.
