Initial monorepo — everything BlackRoad in one place

bin/ 230 CLI tools (ask-*, br-*, agent-*, roadid, carpool) scripts/ 99 automation scripts fleet/ Node configs and deployment workers/ Cloudflare Worker sources (roadpay, road-search, squad webhooks) roadc/ RoadC programming language roadnet/ Mesh network (5 APs, WireGuard) operator/ Memory system scripts config/ System configs dotfiles/ Shell configs docs/ Documentation BlackRoad OS — Pave Tomorrow. RoadChain-SHA2048: d1a24f55318d338b RoadChain-Identity: alexa@sovereign RoadChain-Full: d1a24f55318d338b24b60bad7be39286379c76ae5470817482100cb0ddbbcb97e147d07ac7243da0a9f0363e4e5c833d612b9c0df3a3cd20802465420278ef74875a5b77f55af6fe42a931b8b635b3d0d0b6bde9abf33dc42eea52bc03c951406d8cbe49f1a3d29b26a94dade05e9477f34a7d4d4c6ec4005c3c2ac54e73a68440c512c8e83fd9b1fe234750b898ef8f4032c23db173961fe225e67a0432b5293a9714f76c5c57ed5fdf35b9fb40fd73c03ebf88b7253c6a0575f5afb6a6b49b3bda310602fb1ef676859962dad2aebbb2875814b30eee0a8ba195e482d4cbc91d8819e7f38f6db53e8063401649c77bb994371473cabfb917fb53e8cbe73d60
2026-03-14 17:07:35 -05:00
commit 78fbe80f2a
511 changed files with 102646 additions and 0 deletions
--- a/bin/blackroad-auth
+++ b/bin/blackroad-auth
@@ -0,0 +1,184 @@
+#!/usr/bin/env bash
+# br-auth - Identity & Access Management CLI
+PINK='\033[38;5;205m'
+AMBER='\033[38;5;214m'
+GREEN='\033[38;5;82m'
+BLUE='\033[38;5;69m'
+RED='\033[38;5;196m'
+NC='\033[0m'
+
+AUTH_DIR="$HOME/.blackroad/auth"
+AUTH_URL="http://localhost:9000"
+TOKEN_FILE="$AUTH_DIR/.token"
+
+cmd="${1:-help}"
+shift 2>/dev/null
+
+# Helper to get stored token
+get_token() {
+    [ -f "$TOKEN_FILE" ] && cat "$TOKEN_FILE"
+}
+
+case "$cmd" in
+    start)
+        echo -e "${PINK}Starting Auth Server...${NC}"
+        nohup python3 "$AUTH_DIR/auth_server.py" > "$AUTH_DIR/logs/auth.log" 2>&1 &
+        echo $! > "$AUTH_DIR/auth.pid"
+        sleep 1
+        echo -e "${GREEN}Auth Server started (PID: $(cat "$AUTH_DIR/auth.pid"))${NC}"
+        echo "  API: $AUTH_URL"
+        echo "  Default: admin/blackroad"
+        ;;
+    stop)
+        if [ -f "$AUTH_DIR/auth.pid" ]; then
+            kill $(cat "$AUTH_DIR/auth.pid") 2>/dev/null
+            rm "$AUTH_DIR/auth.pid"
+            echo -e "${AMBER}Auth Server stopped${NC}"
+        fi
+        ;;
+    status)
+        if [ -f "$AUTH_DIR/auth.pid" ] && kill -0 $(cat "$AUTH_DIR/auth.pid") 2>/dev/null; then
+            echo -e "${GREEN}●${NC} Auth Server running"
+            curl -s "$AUTH_URL/stats" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+print(f\"  Users: {data['users']}, API Keys: {data['api_keys']}, Sessions: {data['active_sessions']}\")
+print(f\"  Logins: {data['logins']}, API Calls: {data['api_calls']}, Failed: {data['failed_auth']}\")
+" 2>/dev/null
+        else
+            echo -e "${RED}○${NC} Auth Server not running"
+        fi
+        ;;
+    login)
+        username="${1:-admin}"
+        echo -n "Password: "
+        read -s password
+        echo ""
+
+        result=$(curl -s -X POST "$AUTH_URL/auth/login" \
+            -H "Content-Type: application/json" \
+            -d "{\"username\":\"$username\",\"password\":\"$password\"}")
+
+        if echo "$result" | grep -q "access_token"; then
+            echo "$result" | python3 -c "import sys,json; print(json.load(sys.stdin)['access_token'])" > "$TOKEN_FILE"
+            echo -e "${GREEN}Login successful!${NC}"
+            echo "$result" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+print(f\"  User: {data['user']['username']}\")
+print(f\"  Roles: {', '.join(data['user']['roles'])}\")
+print(f\"  Expires: {data['expires_in']}s\")
+"
+        else
+            echo -e "${RED}Login failed${NC}"
+            echo "$result"
+        fi
+        ;;
+    logout)
+        token=$(get_token)
+        if [ -n "$token" ]; then
+            curl -s -X POST "$AUTH_URL/auth/logout" \
+                -H "Authorization: Bearer $token"
+            rm -f "$TOKEN_FILE"
+            echo -e "${AMBER}Logged out${NC}"
+        else
+            echo "Not logged in"
+        fi
+        ;;
+    whoami)
+        token=$(get_token)
+        if [ -z "$token" ]; then
+            echo "Not logged in. Run: br-auth login"
+            exit 1
+        fi
+
+        curl -s -H "Authorization: Bearer $token" "$AUTH_URL/auth/validate" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+if data.get('valid'):
+    print(f\"User: {data['user']['username']}\")
+    print(f\"ID: {data['user']['id']}\")
+    print(f\"Roles: {', '.join(data['user']['roles'])}\")
+else:
+    print('Session expired. Run: br-auth login')
+"
+        ;;
+    users)
+        token=$(get_token)
+        curl -s -H "Authorization: Bearer $token" "$AUTH_URL/users" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+if isinstance(data, list):
+    print(f'{\"USERNAME\":<20} {\"ROLES\":<30} {\"ENABLED\":<10}')
+    for u in data:
+        roles = ', '.join(u['roles'])
+        enabled = '✓' if u['enabled'] else '✗'
+        print(f'{u[\"username\"]:<20} {roles:<30} {enabled:<10}')
+else:
+    print(data)
+"
+        ;;
+    create-user)
+        username="$1"; password="$2"; roles="${3:-developer}"
+        if [ -z "$username" ] || [ -z "$password" ]; then
+            echo "Usage: br-auth create-user <username> <password> [roles]"
+            exit 1
+        fi
+        token=$(get_token)
+        curl -s -X POST "$AUTH_URL/users" \
+            -H "Authorization: Bearer $token" \
+            -H "Content-Type: application/json" \
+            -d "{\"username\":\"$username\",\"password\":\"$password\",\"roles\":[\"$roles\"]}" | python3 -m json.tool
+        ;;
+    create-key)
+        name="${1:-api-key}"
+        token=$(get_token)
+        result=$(curl -s -X POST "$AUTH_URL/auth/apikey" \
+            -H "Authorization: Bearer $token" \
+            -H "Content-Type: application/json" \
+            -d "{\"name\":\"$name\"}")
+
+        if echo "$result" | grep -q "key"; then
+            echo -e "${GREEN}API Key created:${NC}"
+            echo "$result" | python3 -c "
+import sys, json
+data = json.load(sys.stdin)
+print(f\"  Key: {data['key']}\")
+print(f\"  ID: {data['key_id']}\")
+print(f\"\\n  Save this key - it won't be shown again!\")
+"
+        else
+            echo -e "${RED}Failed to create key${NC}"
+            echo "$result"
+        fi
+        ;;
+    validate-key)
+        key="$1"
+        if [ -z "$key" ]; then
+            echo "Usage: br-auth validate-key <api-key>"
+            exit 1
+        fi
+        curl -s -H "X-API-Key: $key" "$AUTH_URL/auth/apikey/validate" | python3 -m json.tool
+        ;;
+    help|*)
+        echo -e "${PINK}br-auth - Identity & Access Management${NC}"
+        echo ""
+        echo "Server:"
+        echo "  start                      Start auth server"
+        echo "  stop                       Stop auth server"
+        echo "  status                     Show status"
+        echo ""
+        echo "Authentication:"
+        echo "  login [username]           Login (prompts for password)"
+        echo "  logout                     Logout current session"
+        echo "  whoami                     Show current user"
+        echo ""
+        echo "User Management:"
+        echo "  users                      List all users"
+        echo "  create-user <u> <p> [r]    Create user"
+        echo ""
+        echo "API Keys:"
+        echo "  create-key [name]          Create API key"
+        echo "  validate-key <key>         Validate API key"
+        ;;
+esac