[Chore] Validate API key in the init flow

[HeshamHM28]

User description

fixes CF-864

---

PR Type

Bug fix, Enhancement

---

Description

• Validate API key during init flow

• Import and call get_user_id for verification

• Preserve existing API key save behavior

---

Diagram Walkthrough

flowchart LR
  init["init flow"] --> prompt["Prompt for API key"]
  prompt --> verify["Call get_user_id(api_key)"]
  verify -- "valid" --> save["Save API key to rc"]
  verify -- "invalid (raises)" --> exit["apologize_and_exit / error"]

Loading

File Walkthrough

	Relevant files
Enhancement	cmd_init.py Add API key validation via get_user_id                                      codeflash/cli_cmds/cmd_init.py Import get_user_id from codeflash.api.cfapi. Call get_user_id(api_key) before saving key to rc. Use call as validation step in init flow. +2/-1

---

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Error Handling Calling get_user_id(api_key=api_key) for validation may raise and terminate the flow without a user-friendly message or cleanup. Ensure exceptions are caught and routed through apologize_and_exit with actionable feedback. get_user_id(api_key=api_key) # Used to verify whether the API key is valid. result = save_api_key_to_rc(api_key) if is_successful(result): UX Messaging If validation fails, consider informing the user before/without saving, and differentiate messages for invalid vs. network errors to avoid confusion. get_user_id(api_key=api_key) # Used to verify whether the API key is valid. result = save_api_key_to_rc(api_key) if is_successful(result): click.echo(result.unwrap()) else:

[github-actions]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Gate saving on validation success Ensure the API key is only saved after successful validation. If validation fails, abort without persisting the invalid key to the user's shell rc file. codeflash/cli_cmds/cmd_init.py [1219-1221] -get_user_id(api_key=api_key) # Used to verify whether the API key is valid. +user_id = None +try: + user_id = get_user_id(api_key=api_key) +except Exception: + pass +if not user_id: + apologize_and_exit("API key validation failed; not saving the key.") + result = save_api_key_to_rc(api_key) Suggestion importance[1-10]: 8 __ Why: Ensuring the key is only saved after successful validation prevents persisting invalid credentials, directly improving correctness of the init flow. This tightly aligns with the new validation call and has meaningful impact.	Medium
	Validate and guard API key call Handle potential exceptions or invalid responses from get_user_id to prevent the init flow from crashing on bad or expired keys. Provide a clear user-facing message and exit early before writing the key. codeflash/cli_cmds/cmd_init.py [1219] -get_user_id(api_key=api_key) # Used to verify whether the API key is valid. +try: + user_id = get_user_id(api_key=api_key) # Used to verify whether the API key is valid. + if not user_id: + apologize_and_exit("The provided API key appears invalid. Please double-check and try again.") +except Exception: + apologize_and_exit("Failed to validate API key. Please check your network connection and try again.") Suggestion importance[1-10]: 7 __ Why: Adding exception handling and checking the result of get_user_id prevents crashes and provides clearer feedback, improving robustness before proceeding. It's contextually accurate, though it's an error-handling enhancement rather than a critical bug fix.	Medium

[aseembits93]

@HeshamHM28 how are you using the result of get_user_id?

[HeshamHM28]

Inside get_user_id, if the API key is invalid, we log ‘Invalid Codeflash API key’ and exit.