derive base urls from tokens' regions

[adriangb]

This goes hand in hand with a backend PR (private) that adds a region prefix to tokens.

[cloudflare-workers-and-pages]

Deploying logfire-docs with    Cloudflare Pages

Latest commit:	d5cedcc
Status:	🚫  Build failed.

View logs

[adriangb]

@alexmojaki I'm not sure what the flow is here... creating a new project?

[Viicos]

I'm having trouble understanding the use case for this code path:

logfire/logfire/_internal/config.py

Lines 874 to 885 in d5cedcc

	if self.token is None:
	credentials = LogfireCredentials.load_creds_file(self.data_dir)
	# if we still don't have a token, try initializing a new project and writing a new creds file
	# note, we only do this if `send_to_logfire` is explicitly `True`, not 'if-token-present'
	if self.send_to_logfire is True and credentials is None:
	credentials = LogfireCredentials.initialize_project(
	# TODO: what happens here? Seems like we need to assume a region to create the new project?
	# Should the SDK have the region from when the user logged in to the SDK?
	logfire_api_url=self.advanced.generate_base_url(None),
	session=requests.Session(),
	)

It runs if:

• No token was explicitly provided with logfire.configure()
• No credentials are available in the data directory (either an explicit one provided with logfire.configure(), or the default ~/.logfire/).

Calling initialize_project() (indirectly) calls _get_user_token():

logfire/logfire/_internal/config.py

Lines 1321 to 1326 in d5cedcc

	def _get_user_token(cls, logfire_api_url: str) -> str:
	if DEFAULT_FILE.is_file(): # pragma: no branch
	data = cast(DefaultFile, read_toml_file(DEFAULT_FILE))
	if is_logged_in(data, logfire_api_url): # pragma: no branch
	return data['tokens'][logfire_api_url]['token']
	raise LogfireConfigError(

which looks for credentials in the default ~/.logfire/ data directory. This is guaranteed to raise here if no custom data directory was specified with configure(), as per the second condition above. If a custom data directory was specified, it feels weird to still look for creds in the default data dir?

It feels to me that we should instead raise an exception here instead of trying to initialize a project, as we don't have any credentials to use?

[alexmojaki]

@Viicos user tokens are higher level than write tokens. User tokens are created in ~/.logfire/ and are not associated with any project. They are used to create write tokens, which are required to write to a specific project. Write tokens are stored in a local .logfire directory, separate from the one in ~. Yes this is confusing. But you can see it in action if you use logfire in a fresh directory.

_get_user_token will need to be changed to not require specifying logfire_api_url when there's only one URL in the file, which is usually the case. But that doesn't necessarily need to be in this PR.

[adriangb]

Maybe we also want the default to be None here?

I guess when a user logs in with the CLI or creates a new account prompted by the CLI they need to tell the CLI which region they want to log into, then the CLI opens the appropriate site.

[alexmojaki]

Yes I think we will need something like that. I'm not sure what the solution is, but if users have already signed up for an account and then get sent to a site where they don't have an account, that's a bad UX.

But I think we should be able to merge something that doesn't need this REGION param and purely helps with the case where a token is specified.

[adriangb]

If the token is specified / we have their credentials we should be able to derive the region from that (platform PR we worked on together).

[alexmojaki]

Yes but this line is about the opposite of deriving the region from the token so I think it can be removed from here.

For user credentials we can store multiple credentials in a single file for different regions, so without additional info we still won't know which region to pick.