add scoped tokens (#1022)

Add scoped tokens:

Tokens can be scoped to an organization with the --org parameter

Author: glommer

internal/cmd/auth_createapitokens.go

@@ -6,11 +6,13 @@ import (
 
 	"github.com/spf13/cobra"
 	"github.com/tursodatabase/turso-cli/internal"
-	"github.com/tursodatabase/turso-cli/internal/prompt"
 )
 
+var mintOrgFlag string
+
 func init() {
 	apiTokensCmd.AddCommand(createApiTokensCmd)
+	createApiTokensCmd.Flags().StringVar(&mintOrgFlag, "org", "", "Organization to restrict the token to")
 }
 
 var createApiTokensCmd = &cobra.Command{
@@ -29,16 +31,32 @@ var createApiTokensCmd = &cobra.Command{
 		}
 
 		name := strings.TrimSpace(args[0])
-		description := fmt.Sprintf("Creating api token %s", internal.Emph(name))
-		bar := prompt.Spinner(description)
-		defer bar.Stop()
 
-		data, err := client.ApiTokens.Create(name)
+		// Validate organization if provided
+		if mintOrgFlag != "" {
+			orgs, err := client.Organizations.List()
+			if err != nil {
+				return fmt.Errorf("failed to list organizations: %w", err)
+			}
+
+			found := false
+			for _, org := range orgs {
+				if org.Slug == mintOrgFlag {
+					found = true
+					break
+				}
+			}
+
+			if !found {
+				return fmt.Errorf("organization %s not found", internal.Emph(mintOrgFlag))
+			}
+		}
+
+		data, err := client.ApiTokens.CreateWithOrg(name, mintOrgFlag)
 		if err != nil {
 			return err
 		}
 
-		bar.Stop()
 		fmt.Println(data.Value)
 		return nil
 	},

internal/cmd/auth_listapitokens.go

@@ -31,9 +31,13 @@ var listApiTokensCmd = &cobra.Command{
 
 		data := [][]string{}
 		for _, apiToken := range apiTokens {
-			data = append(data, []string{apiToken.Name})
+			org := apiToken.Organization
+			if org == "" {
+				org = "all"
+			}
+			data = append(data, []string{apiToken.Name, org, apiToken.CreatedAt})
 		}
-		printTable([]string{"Name"}, data)
+		printTable([]string{"Name", "Organization", "Created At"}, data)
 
 		return nil
 	},

internal/turso/apiTokens.go

@@ -1,15 +1,19 @@
 package turso
 
 import (
+	"bytes"
+	"encoding/json"
 	"fmt"
 	"net/http"
 )
 
 type ApiToken struct {
-	ID     string `json:"dbId"`
-	Name   string
-	Owner  uint
-	PubKey []byte
+	ID           string `json:"id"`
+	Name         string `json:"name"`
+	Organization string `json:"organization,omitempty"`
+	CreatedAt    string `json:"created_at"`
+	Owner        uint   `json:"-"`
+	PubKey       []byte `json:"-"`
 }
 
 type ApiTokensClient client
@@ -39,9 +43,31 @@ type CreateApiToken struct {
 }
 
 func (a *ApiTokensClient) Create(name string) (CreateApiToken, error) {
+	return a.CreateWithOrg(name, "")
+}
+
+func (a *ApiTokensClient) CreateWithOrg(name string, organization string) (CreateApiToken, error) {
 	url := fmt.Sprintf("/v2/auth/api-tokens/%s", name)
 
-	res, err := a.client.Post(url, nil)
+	var res *http.Response
+	var err error
+
+	if organization != "" {
+		reqBody := struct {
+			Organization string `json:"organization"`
+		}{
+			Organization: organization,
+		}
+		jsonData, marshalErr := json.Marshal(reqBody)
+		if marshalErr != nil {
+			return CreateApiToken{}, fmt.Errorf("failed to marshal request body: %w", marshalErr)
+		}
+		body := bytes.NewReader(jsonData)
+		res, err = a.client.Post(url, body)
+	} else {
+		res, err = a.client.Post(url, nil)
+	}
+
 	if err != nil {
 		return CreateApiToken{}, fmt.Errorf("failed to create token: %s", err)
 	}