CLI and stack shared

[similiarity]

---

[!IMPORTANT] Adds CLI authentication support for Node.js applications using Stack Auth, including documentation, examples, and core library updates.

• CLI Authentication:
  • Adds CLI authentication documentation in docs-template.yml and cli-authentication-js.mdx.
  • Introduces CLI demo in examples/cli-demo with .env.development, package.json, and src/index.ts.
  • Implements CLI auth initiation and polling in route.ts files under examples/demo/src/app/api/cli-auth.
  • Adds CLI auth confirmation page in custom-confirm/page.tsx and initiation page in init/page.tsx.
• Core Library:
  • Updates promptCliLogin in client-app-impl.ts to handle CLI auth with options for URL path and polling.
  • Modifies promptCliLogin signature in client-app.ts to include promptLink callback.
• Misc:
  • Adds CLI Auth Demo link in header.tsx.
  • Minor import reordering in passkey-button.tsx.

^{This description was created by for 5f79b3728a999de7deab881ae7a023641df5a9e4. You can customize this summary. It will automatically update as commits are pushed.}

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
stack-backend	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 20, 2025 11:43am
stack-dashboard	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 20, 2025 11:43am
stack-demo	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 20, 2025 11:43am
stack-docs	❌ Failed (Inspect)			Jun 20, 2025 11:43am

[recurseml[bot]]

⚠️ Only 5 files will be analyzed due to processing limits.

[recurseml[bot]]

😱 Found 3 issues. Time to roll up your sleeves! 😱

🗒️ View all ignored comments in this repo

• The constraint 'TokenStoreType extends string' is too restrictive. It should likely be 'TokenStoreType extends string | object' to match the condition check in line 113 where TokenStoreType is checked against {}
• Return type mismatch - the interface declares useUsers() returning ServerUser[] but the Team interface that this extends declares useUsers() returning TeamUser[]
• There is a syntax error in the super constructor call due to the ellipsis operator used incorrectly. Objects aren't being merged correctly. This syntax usage can lead to runtime errors when trying to pass the merged object to 'super()'. Verify that the intended alterations to the object occur before or outside of the super() call if needed.
• Throwing an error when no active span is found is too aggressive. The log function should gracefully fallback to console.log or another logging mechanism when there's no active span, since not all execution contexts will have an active span. This makes the code less resilient and could break functionality in non-traced environments.

📚 Relevant Docs

• Function sets backendContext with a new configuration but doesn't pass 'defaultProjectKeys'. Since defaultProjectKeys is required in the type definition and cannot be updated (throws error if tried to set), this will cause a type error.
• The schema is using array syntax for pick() which is incorrect for Yup schemas. The pick() method in Yup expects individual arguments, not an array. Should be changed to: emailConfigSchema.pick('type', 'host', 'port', 'username', 'sender_name', 'sender_email')

📚 Relevant Docs

• Creating a refresh token with current timestamp as expiration means it expires immediately. Should set a future date for token expiration.
• The 'tools' object is initialized as an empty object, even though 'tools' is presumably expected to contain tool definitions. This could cause the server capabilities to lack necessary tool configurations, thus potentially impacting functionalities that depend on certain tool setups.

📚 Relevant Docs

• 'STACK_SECRET_SERVER_KEY' is potentially being included in every request header without checking its existence again here. Although it's checked during initialization, this could lead to security issues as it's exposed in all communications where the header is logged or captured.

📚 Relevant Docs

• When adding 'use client' directive at the beginning, it doesn't check if file.text already contains the 'use client' directive. This could lead to duplicate 'use client' directives if the file already has one.

📚 Relevant Docs

[patched-codes[bot]]

Documentation Changes Required

1. docs/fern/docs/pages-template/sdk/objects/stack-app.mdx

1. Update the StackClientApp type definition list in the Table of Contents section:

   • Add the signInWithPasskey() method between signInWithOAuth and signInWithCredential:

   signInWithOAuth(provider): void;  //$stack-link-to:#stackclientappsigninwithoauthprovider
   signInWithPasskey(): Promise<...>;  //$stack-link-to:#stackclientappsigninwithpasskey
   signInWithCredential([options]): Promise<...>;  //$stack-link-to:#stackclientappsigninwithcredentialoptions
   

2. Add a new section documenting the signInWithPasskey() method, including parameters, return values, and usage examples.

3. Add documentation for the promptCliLogin method in the StackClientApp section:

   • Document all parameters, including the new promptLink parameter
   • Provide examples demonstrating how to use the method

2. docs/fern/docs/pages-template/others/cli-authentication.mdx

1. Update the Python example to include the new path parameter.
2. Add comments explaining that the path parameter is optional with a default value.
3. Clarify that app_url is the base URL of the application.
4. Create comprehensive documentation for CLI authentication:
   • Include examples of how to use the promptCliLogin method
   • Document the new promptLink parameter and its usage

Please ensure these changes are reflected in the relevant documentation files to keep them up-to-date with the recent code changes.