CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-21 21:09:49 +08:00
Code Issues Actions 29 Packages Projects Releases Wiki Activity
c7ef9e9461
stack/docs-mintlify/guides/apps/authentication/cli-authentication.mdx
Aman Ganapathy 21c5198255
chore(cli-auth): publishable key no longer required for cli auth (#1590) 
<!-- This is an auto-generated description by cubic. -->
## Summary by cubic
CLI authentication no longer requires a publishable client key. Login
works with only a project ID; pass `publishable_client_key` only if the
project has `requirePublishableClientKey` enabled.

- **New Features**
- In `stack-auth-cli-template.py`, `publishable_client_key` is optional;
requests send `x-hexclave-project-id` and `x-hexclave-access-type:
client`, and include `x-hexclave-publishable-client-key` only when
provided.
- Updated docs and generated prompts to remove the key from examples and
explain when it’s needed.

- **Migration**
- No changes required; existing calls that pass `publishable_client_key`
still work.
- You can remove the argument from `prompt_cli_login(...)` unless your
project requires it.

<sup>Written for commit 1f0e66ee74.
Summary will update on new commits.</sup>

<a
href="https://cubic.dev/pr/hexclave/hexclave/pull/1590?utm_source=github"
target="_blank" rel="noopener noreferrer"
data-no-image-dialog="true"><picture><source
media="(prefers-color-scheme: dark)"
srcset="https://www.cubic.dev/buttons/review-in-cubic-dark.svg"><source
media="(prefers-color-scheme: light)"
srcset="https://www.cubic.dev/buttons/review-in-cubic-light.svg"><img
alt="Review in cubic"
src="https://www.cubic.dev/buttons/review-in-cubic-dark.svg"></picture></a>

<!-- End of auto-generated description by cubic. -->
2026-06-12 10:12:27 -07:00

66 lines
2.2 KiB
Plaintext
Raw Blame History

---
title: CLI App Authentication
description: How to authenticate users in your own command-line application using Hexclave
sidebarTitle: CLI App Authentication
---
If you're building your own command-line application, you can use Hexclave to let users log in from a terminal.
<Info>
This page is about adding authentication to your own CLI app. For the official `stack` command, see the [Stack CLI guide](/guides/going-further/cli).
</Info>
To do so, we provide a Python template that you can use as a starting point. [Download it here](https://github.com/hexclave/hexclave/tree/main/docs/public/stack-auth-cli-template.py) and copy it into your project, for example:
```
└─ my-python-app
├─ main.py
└─ stack_auth_cli_template.py # <- the file you just downloaded (rename to use underscores for Python import)
```
Then, you can import the `prompt_cli_login` function. The project ID is enough for most projects; only pass `publishable_client_key` if the project has `requirePublishableClientKey` enabled.
```py
from stack_auth_cli_template import prompt_cli_login
# prompt the user to log in
refresh_token = prompt_cli_login(
app_url="https://your-app-url.example.com",
project_id="your-project-id-here",
)
if refresh_token is None:
print("User cancelled the login process. Exiting")
exit(1)
# you can also store the refresh token in a file, and only prompt the user to log in if the file doesn't exist
# you can now use the REST API with the refresh token
def stack_auth_request(method, endpoint, **kwargs):
# ... see the REST API overview for required Hexclave headers
# https://docs.hexclave.com/api/overview
def get_access_token(refresh_token):
access_token_response = stack_auth_request(
'post',
'/api/v1/auth/sessions/current/refresh',
headers={
'x-hexclave-refresh-token': refresh_token,
}
)
return access_token_response['access_token']
def get_user_object(access_token):
return stack_auth_request(
'get',
'/api/v1/users/me',
headers={
'x-hexclave-access-token': access_token,
}
)
user = get_user_object(get_access_token(refresh_token))
print("The user is logged in as", user['display_name'] or user['primary_email'])
```
Reference in New Issue View Git Blame Copy Permalink