modde-cli 0.1.0

CLI interface for modde
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

use std::io::Write;

use anyhow::{Context, Result};
use tracing::info;

use modde_core::paths;
use modde_sources::nexus::auth;

use crate::NexusAction;

pub async fn handle(action: NexusAction) -> Result<()> {
    match action {
        NexusAction::Auth => handle_auth().await,
        NexusAction::Status => handle_status().await,
    }
}

/// Build a reqwest client with Nexus-appropriate timeouts.
fn nexus_client() -> Result<reqwest::Client> {
    reqwest::Client::builder()
        .timeout(std::time::Duration::from_secs(300))
        .connect_timeout(std::time::Duration::from_secs(30))
        .build()
        .context("failed to build HTTP client")
}

/// Map Nexus API errors to user-friendly messages with actionable advice.
fn map_nexus_error(e: anyhow::Error, rejected_advice: &str) -> anyhow::Error {
    let msg = e.to_string();
    if msg.contains("401") || msg.contains("403") {
        anyhow::anyhow!(
            "API key rejected by Nexus (HTTP 401/403). {rejected_advice}\n\
             Cause: {e}"
        )
    } else if msg.contains("429") {
        anyhow::anyhow!(
            "Nexus API rate limit exceeded (HTTP 429). Wait a few minutes and try again.\n\
             Cause: {e}"
        )
    } else {
        anyhow::anyhow!("API key validation failed: {e}")
    }
}

async fn handle_auth() -> Result<()> {
    // Prompt user for API key
    print!("Enter your Nexus API key: ");
    std::io::stdout().flush()?;

    let mut api_key = String::new();
    std::io::stdin()
        .read_line(&mut api_key)
        .context("failed to read API key from stdin")?;
    let api_key = api_key.trim().to_string();

    if api_key.is_empty() {
        anyhow::bail!("API key cannot be empty");
    }

    let client = nexus_client()?;
    let is_premium = auth::check_premium(&client, &api_key).await
        .map_err(|e| map_nexus_error(e,
            "Verify your key at https://www.nexusmods.com/users/myaccount?tab=api+access"
        ))?;

    // Store the key at XDG config path
    let key_path = config_key_path();
    if let Some(parent) = key_path.parent() {
        tokio::fs::create_dir_all(parent).await?;
    }
    tokio::fs::write(&key_path, &api_key).await
        .context("failed to write API key to config")?;

    // Restrict file permissions to owner-only
    #[cfg(unix)]
    {
        use std::os::unix::fs::PermissionsExt;
        std::fs::set_permissions(&key_path, std::fs::Permissions::from_mode(0o600))?;
    }

    info!(key_path = %key_path.display(), "API key stored");

    println!("API key validated and saved to {}", key_path.display());
    if is_premium {
        println!("Account type: Premium (automated downloads enabled)");
    } else {
        println!("Account type: Free (manual download links only)");
    }

    Ok(())
}

async fn handle_status() -> Result<()> {
    let api_key = auth::load_api_key()
        .context("no API key configured; run `modde nexus auth` first")?;

    let client = nexus_client()?;
    let is_premium = auth::check_premium(&client, &api_key).await
        .map_err(|e| map_nexus_error(e,
            "Your stored key may have been revoked. Re-run `modde nexus auth` to set a new key."
        ))?;

    println!("Nexus API key: valid");
    if is_premium {
        println!("Account type: Premium");
    } else {
        println!("Account type: Free");
    }

    Ok(())
}

/// Path to store the API key: `~/.config/modde/nexus_api_key`.
fn config_key_path() -> std::path::PathBuf {
    paths::modde_config_dir().join("nexus_api_key")
}