feat(cua-cli): add grouped auth commands and update docs to prefer verbose style

Add support for grouped auth command structure (cua auth login/env/logout) while maintaining backwards compatibility with flat commands (cua login/env/logout). Update all documentation to prefer the more explicit grouped style. Changes: - Refactor auth.ts to support both flat and grouped command structures - Extract auth command handlers for reuse (loginHandler, envHandler, logoutHandler) - Add "cua auth" command group with login/env/logout subcommands - Update quickstart to use "cua auth login" instead of "cua login" - Update CLI index.mdx and installation.mdx to use grouped style - Update commands.mdx to show grouped style as primary with flat as alternative - Update README.md to document both command styles - Update error messages and examples to use grouped style Both command styles work identically - users can choose based on preference. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-14 20:39:03 -05:00 · 2025-11-18 13:35:10 +01:00
parent 53d7f19390
commit 0ea452e481
6 changed files with 114 additions and 56 deletions
@@ -45,7 +45,7 @@ You can run your Cua computer in the cloud (recommended for easiest setup), loca

    2. Login and create a sandbox:
    ```bash
-    cua login
+    cua auth login
    cua sb create --os linux --size small --region north-america
    ```

@@ -415,10 +415,10 @@ Login to your CUA account:

 ```bash
 # Interactive browser login (recommended)
-cua login
+cua auth login

 # Or provide your API key directly
-cua login --api-key sk-your-api-key-here
+cua auth login --api-key sk-your-api-key-here
 ```

 If you don't have a CUA account yet, sign up at [cua.ai/signin](https://cua.ai/signin).
@@ -32,20 +32,24 @@ Both styles work identically - use whichever you prefer!

 ### Available Commands

- **Authentication** - `cua login`, `cua env`, `cua logout`
+- **Authentication** - `cua auth login`, `cua auth env`, `cua auth logout` (also available as flat commands: `cua login`, `cua env`, `cua logout`)
 - **Sandbox Management** - `cua list`, `cua create`, `cua start`, `cua stop`, `cua restart`, `cua delete`, `cua vnc`

 ## Authentication Commands

-### `cua login`
+### `cua auth login`

 Authenticate with your CUA account using browser-based OAuth flow.

 ```bash
 # Interactive browser login
-cua login
+cua auth login

 # Direct API key login
+cua auth login --api-key sk-your-api-key-here
+
+# Alternative flat style
+cua login
 cua login --api-key sk-your-api-key-here
 ```

@@ -54,22 +58,25 @@ cua login --api-key sk-your-api-key-here

 **Example:**
 ```bash
-$ cua login
+$ cua auth login
 Opening browser for CLI auth...
 API key saved
 ```

-### `cua env`
+### `cua auth env`

 Create or update a `.env` file in the current directory with your CUA API key.

 ```bash
+cua auth env
+
+# Alternative flat style
 cua env
 ```

 **Example:**
 ```bash
-$ cua env
+$ cua auth env
 Wrote /path/to/your/project/.env
 ```

@@ -78,17 +85,20 @@ The generated `.env` file will contain:
 CUA_API_KEY=sk-your-api-key-here
 ```

-### `cua logout`
+### `cua auth logout`

 Remove the stored API key from your system.

 ```bash
+cua auth logout
+
+# Alternative flat style
 cua logout
 ```

 **Example:**
 ```bash
-$ cua logout
+$ cua auth logout
 Logged out
 ```

@@ -253,7 +263,7 @@ Get help for any command:

 ```bash
 cua --help
-cua login --help
+cua auth login --help
 cua create --help
 cua list --help
 ```
@@ -265,7 +275,7 @@ The CLI provides clear error messages for common issues:
 ### Authentication Errors
 ```bash
 $ cua list
-Unauthorized. Try 'cua login' again.
+Unauthorized. Try 'cua auth login' again.
 ```

 ### Sandbox Not Found
@@ -297,7 +307,7 @@ cua list  # Check the generated name
 ```bash
 # Set up your project with API key
 cd my-project
-cua env
+cua auth env
 # Now your project has CUA_API_KEY in .env
 ```

@@ -22,7 +22,7 @@ The Cua CLI is a command-line tool that provides an intuitive interface for mana
 curl -LsSf https://cua.ai/cli/install.sh | sh

 # Login to your CUA account
-cua login
+cua auth login

 # Create a new Linux sandbox
 cua sb create --os linux --size small --region north-america
@@ -64,10 +64,10 @@ After installation, you'll need to authenticate with your CUA account:

 ```bash
 # Login with browser-based OAuth flow
-cua login
+cua auth login

 # Or provide your API key directly
-cua login --api-key sk-your-api-key-here
+cua auth login --api-key sk-your-api-key-here
 ```

 ## Updating
@@ -17,10 +17,26 @@ bun run ./index.ts -- --help
 ## Commands

 - **Auth**
-  - `cua login` – opens browser to authorize; stores API key locally
-  - `cua login --api-key sk-...` – stores provided key directly
-  - `cua env` – writes/updates `.env` with `CUA_API_KEY`
-  - `cua logout` – clears stored API key
+
+  The CLI supports both **flat** and **grouped** command styles:
+
+  ```bash
+  # Grouped style (explicit)
+  cua auth login
+  cua auth env
+  cua auth logout
+
+  # Flat style (quick)
+  cua login
+  cua env
+  cua logout
+  ```
+
+  **Available Commands:**
+  - `login` – opens browser to authorize; stores API key locally
+    - `--api-key sk-...` – stores provided key directly
+  - `env` – writes/updates `.env` with `CUA_API_KEY`
+  - `logout` – clears stored API key

 - **Sandboxes**

@@ -3,45 +3,77 @@ import { ensureApiKeyInteractive, loginViaBrowser } from '../auth';
 import { writeEnvFile } from '../util';
 import type { Argv } from 'yargs';

+// Command handlers
+const loginHandler = async (argv: Record<string, unknown>) => {
+  if (argv['api-key']) {
+    setApiKey(String(argv['api-key']));
+    console.log('API key saved');
+    return;
+  }
+  console.log('Opening browser for CLI auth...');
+  const token = await loginViaBrowser();
+  setApiKey(token);
+  console.log('API key saved');
+};
+
+const envHandler = async (_argv: Record<string, unknown>) => {
+  const token = await ensureApiKeyInteractive();
+  const out = await writeEnvFile(process.cwd(), token);
+  console.log(`Wrote ${out}`);
+};
+
+const logoutHandler = async (_argv: Record<string, unknown>) => {
+  clearApiKey();
+  console.log('Logged out');
+};
+
 export function registerAuthCommands(y: Argv) {
-  return y
-    .command(
-      'login',
-      'Open browser to authorize and store API key',
-      (y) =>
-        y.option('api-key', {
-          type: 'string',
-          describe: 'API key to store directly',
-        }),
-      async (argv: Record<string, unknown>) => {
-        if (argv['api-key']) {
-          setApiKey(String(argv['api-key']));
-          console.log('API key saved');
-          return;
-        }
-        console.log('Opening browser for CLI auth...');
-        const token = await loginViaBrowser();
-        setApiKey(token);
-        console.log('API key saved');
-      }
-    )
+  // Flat structure (backwards compatible)
+  y.command(
+    'login',
+    'Open browser to authorize and store API key',
+    (y) =>
+      y.option('api-key', {
+        type: 'string',
+        describe: 'API key to store directly',
+      }),
+    loginHandler
+  )
    .command(
      'env',
      'Create or update .env with CUA_API_KEY (login if needed)',
      () => {},
-      async (_argv: Record<string, unknown>) => {
-        const token = await ensureApiKeyInteractive();
-        const out = await writeEnvFile(process.cwd(), token);
-        console.log(`Wrote ${out}`);
-      }
+      envHandler
    )
-    .command(
-      'logout',
-      'Remove stored API key',
-      () => {},
-      async (_argv: Record<string, unknown>) => {
-        clearApiKey();
-        console.log('Logged out');
-      }
-    );
+    .command('logout', 'Remove stored API key', () => {}, logoutHandler);
+
+  // Grouped structure: cua auth <command>
+  y.command(
+    'auth',
+    'Manage authentication',
+    (y) => {
+      return y
+        .command(
+          'login',
+          'Open browser to authorize and store API key',
+          (y) =>
+            y.option('api-key', {
+              type: 'string',
+              describe: 'API key to store directly',
+            }),
+          loginHandler
+        )
+        .command(
+          'env',
+          'Create or update .env with CUA_API_KEY (login if needed)',
+          () => {},
+          envHandler
+        )
+        .command('logout', 'Remove stored API key', () => {}, logoutHandler)
+        .demandCommand(1, 'You must provide an auth command');
+    },
+    () => {}
+  );
+
+  return y;
 }