:LovelaceAuth
Authenticate with Lovelace using the OAuth 2.0 device authorization flow.
Command Signature
:LovelaceAuth
Alias: :LAuth
Description
The :LovelaceAuth command manages authentication with the Lovelace platform. It displays your current authentication status or initiates the device authorization flow if you're not authenticated.
What it does:
- Checks current authentication status
- Initiates device authorization flow if needed
- Displays user account information
- Manages authentication tokens
When to use:
- First-time setup after installation
- When authentication has expired
- To verify current authentication status
- After daemon restart
Usage
Check Authentication Status
:LovelaceAuth
If already authenticated, displays your account information in a split window.
Initiate Device Flow
:LovelaceAuth
If not authenticated, opens the device authorization interface with user code and verification URL.
From Lua
require("lovelace.commands").auth()
Output Format
When Already Authenticated
# Authentication Status
**User**: user@example.com
**User ID**: usr_abc123def456
**Device**: Paired
**Session**: Active
Press 'q' to close
Keybinding: Press q to close the window
Device Authorization Flow
# Device Authorization Required
To authorize this device, visit:
https://uselovelace.com/device
And enter code: ABCD-EFGH
Keybindings:
c - Copy code to clipboard
o - Open browser to verification URL
q - Cancel authentication
Waiting for authorization...
Device Flow Keybindings
While the device authorization window is open:
| Key | Action | Description |
|---|---|---|
c | Copy code | Copy user code to clipboard |
o | Open browser | Open verification URL in default browser |
q | Cancel | Cancel authentication and close window |
Workflow:
- Press
cto copy the code - Press
oto open browser (or manually visit URL) - Paste code in browser and authorize
- Window closes automatically when successful
Device Code Expiration
Device codes expire after 10 minutes. If the code expires before you complete authorization:
✗ Device code expired. Please try again.
Solution: Run :LovelaceAuth again to generate a new code.
Authentication Flow Walkthrough
Step 1: Check Current Status
:LovelaceAuth
If authenticated: Shows account info, done!
If not authenticated: Proceeds to device flow
Step 2: Copy User Code
Device flow window appears:
And enter code: ABCD-EFGH
Keybindings:
c - Copy code to clipboard
Press c to copy the code to clipboard.
Step 3: Open Verification URL
Keybindings:
o - Open browser to verification URL
Press o to open https://uselovelace.com/device in your default browser.
Alternative: Manually visit the URL if o doesn't work.
Step 4: Authorize in Browser
- Browser opens to verification page
- Paste the code (
Cmd+VorCtrl+V) - Click "Authorize"
- Confirm the device authorization
Step 5: Wait for Completion
Back in Neovim:
Waiting for authorization...
The extension polls for authorization every 5 seconds.
Automatic completion:
- Window closes when authorization succeeds
- Notification: "Authentication successful! Welcome to Lovelace."
Step 6: Verify Authentication
:LovelaceAuth
Should now show your account information.
Troubleshooting
Authorization Not Completing
Symptom: Device flow window stays open, "Waiting for authorization..." doesn't change
Solutions:
-
Verify browser authorization:
- Check you clicked "Authorize" in the browser
- Look for error messages in the browser
- Ensure the code matches exactly
-
Check internet connection:
- Device flow requires internet access
- Firewall may be blocking OAuth endpoints
- Try disabling VPN temporarily
-
Try manual authorization:
bash# Visit URL manually open https://uselovelace.com/device # Enter code manually from device flow window -
Enable debug logging:
luarequire("lovelace").setup({ log_level = "debug" })Then check
:messagesfor authorization polling logs.
"Authentication failed" Error
Symptom: Error notification after device flow completes
Solutions:
-
Verify account status:
- Ensure your Lovelace account is active
- Check email for account verification
- Visit https://uselovelace.com/settings
-
Check daemon logs:
bashlocalhost-ctl logs | grep auth -
Restart authentication:
vim:LovelaceAuth
Browser Doesn't Open
Symptom: Pressing o doesn't open browser
Solutions:
-
Manually visit URL:
- URL is shown in the device code window
- Copy and paste into browser
-
Check default browser configuration:
bash# macOS open https://uselovelace.com/device # Linux xdg-open https://uselovelace.com/device -
Verify browser is installed:
- Check default browser setting in OS
- Try setting
BROWSERenvironment variable
Code Copy Doesn't Work
Symptom: Pressing c doesn't copy to clipboard
Solutions:
-
Check clipboard support:
vim:echo has('clipboard') " Should return 1 -
Install clipboard provider:
bash# macOS (already has pbcopy) # Linux sudo apt install xclip # or xsel -
Manual copy:
- Select code with mouse and copy
- Retype the code in browser
Authentication State Management
Session Persistence
Once authenticated:
- Session persists across Neovim restarts
- No re-authentication needed every time
- Token auto-refreshed in background
- Stored securely by daemon
Re-authentication Required
You'll need to re-authenticate if:
- Token expires (typically after 90 days)
- Device access revoked in account settings
- Daemon reset or reinstalled
Check Current Auth Status
:LovelaceHealth
The authentication section shows your current status.
Security Considerations
Device Authorization Benefits
- No passwords in editor: Credentials never touch Neovim
- Revocable access: Devices can be revoked in account settings
- Limited scope: Only grants access needed for task submission
- Secure token storage: Tokens stored by daemon, not Neovim
Token Security
Where tokens are stored:
- macOS: Keychain
- Linux: libsecret or encrypted file
- Windows: Windows Credential Manager
Token rotation: Tokens are automatically refreshed before expiration.
Revoking Device Access
To revoke this device's access:
- Visit https://uselovelace.com/settings/devices
- Find this device in the list
- Click "Revoke Access"
- Re-authenticate when needed with
:LovelaceAuth
Integration with Workflows
First-Time Setup
" 1. Run health check
:LovelaceHealth
" Shows "Not authenticated"
" 2. Authenticate
:LovelaceAuth
" Complete device flow
" 3. Verify authentication
:LovelaceHealth
" Shows user account info
Regular Usage
Authentication is automatic after initial setup. You only interact with :LovelaceAuth if:
- Checking current authentication status
- Troubleshooting auth issues
- Re-authenticating after token expiration
Troubleshooting Workflow
" Task submission fails
:LovelaceTask
" Error: Authentication required
" Check auth status
:LovelaceAuth
" Shows "Session expired"
" Re-authenticate
:LovelaceAuth
" Complete device flow again
" Retry task
:LovelaceTask
" Now succeeds
Related Commands
| Command | Purpose |
|---|---|
| :LovelaceHealth | Verify authentication status |
| :LovelaceSession | View session information |
| :LovelaceTask | Submit task (requires auth) |
Next Steps
- :LovelaceTask Command - Submit tasks after authenticating
- Authentication Guide - Complete authentication workflows
- Troubleshooting - Common authentication issues
- :LovelaceHealth Command - Verify connection and auth
Related Documentation
- Authentication Guide - Device flow setup walkthrough
- Installation Guide - Complete setup instructions
- Quick Start Tutorial - First task walkthrough