Secure credential management for all PKU IAAA-based CLI tools. Allows AI Agents to trigger login flows without ever seeing passwords.
AI Agents (like OpenClaw/Claude Code) cannot and should not handle user passwords directly. This tool lets users store credentials once in the OS keyring, then all CLI tools auto-authenticate from the keyring.
crates/info-auth/keyring crateinfo-pku| Command | Alias | Function |
|---|---|---|
| --------- | ------- | ---------- |
store | save | Interactively input and store credentials to OS keyring |
status | Show credential storage status (never shows password) | |
check | Show session status for ALL services (treehole/course/campuscard/elective) | |
clear | Remove credentials from OS keyring |
When any CLI tool runs login -p, credentials are resolved in this order:
info-auth store (recommended)PKU_USERNAME + PKU_PASSWORD (for CI/automation)SMS verification codes follow a similar pattern:
PKU_SMS_CODE (Agent can set this after asking user)info-auth store
# User enters username + password interactively
# Credentials stored in OS keyring, encrypted
# 1. Check which services have valid sessions
info-auth check
# 2. Login to any service (auto-reads credentials from keyring)
treehole login -p
course login -p
campuscard login -p
elective login -p # may need: --dual major / --dual minor
# 3. If SMS verification is needed (treehole first login):
# Ask user for the code, then set env var:
PKU_SMS_CODE=123456 treehole login -p
# 4. Use the service
treehole list
course courses --all
campuscard info
elective show
info-auth status to checkinfo-auth check shows "未登录" or "会话已过期", run login -p info-auth storeanyhow::Result with .context("中文描述")store command requires password confirmation (enter twice)keyring_has_credential() returns diagnostic info on failure for debugging共 1 个版本