From 06f5e24ebc2325465dfa173847be6e5a3699c182 Mon Sep 17 00:00:00 2001 From: Barrett Ruth Date: Thu, 5 Mar 2026 15:00:38 -0500 Subject: [PATCH] feat(credentials): validate login via scraper before caching Problem: `credentials.lua` cached username/password immediately on input without any server-side validation. `scraper.lua` only used the browser/FHS path for the `submit` subcommand. Solution: rewrite `M.login()` to call `scraper.login()` with ndjson status callbacks and only cache credentials on success. Generalize the four submit-only guards in `run_scraper` to a `needs_browser` flag covering both `submit` and `login` subcommands. --- lua/cp/credentials.lua | 44 ++++++++++++++++++++++++++++++++++++++---- lua/cp/scraper.lua | 43 ++++++++++++++++++++++++++++++++++++----- 2 files changed, 78 insertions(+), 9 deletions(-) diff --git a/lua/cp/credentials.lua b/lua/cp/credentials.lua index 76945b6..5877a90 100644 --- a/lua/cp/credentials.lua +++ b/lua/cp/credentials.lua @@ -1,19 +1,28 @@ local M = {} local cache = require('cp.cache') +local constants = require('cp.constants') local logger = require('cp.log') local state = require('cp.state') +local STATUS_MESSAGES = { + checking_login = 'Checking existing session...', + logging_in = 'Logging in...', + installing_browser = 'Installing browser...', +} + function M.login(platform) platform = platform or state.get_platform() if not platform then logger.log( - 'No platform specified. Usage: :CP login ', + 'No platform specified. Usage: :CP login', { level = vim.log.levels.ERROR } ) return end + local display = constants.PLATFORM_DISPLAY_NAMES[platform] or platform + vim.ui.input({ prompt = platform .. ' username: ' }, function(username) if not username or username == '' then logger.log('Cancelled', { level = vim.log.levels.WARN }) @@ -26,9 +35,36 @@ function M.login(platform) logger.log('Cancelled', { level = vim.log.levels.WARN }) return end + cache.load() - cache.set_credentials(platform, { username = username, password = password }) - logger.log(platform .. ' credentials saved', { level = vim.log.levels.INFO, override = true }) + local existing = cache.get_credentials(platform) or {} + local credentials = { + username = username, + password = password, + } + if existing.token then + credentials.token = existing.token + end + + local scraper = require('cp.scraper') + scraper.login(platform, credentials, function(ev) + vim.schedule(function() + local msg = STATUS_MESSAGES[ev.status] or ev.status + logger.log(display .. ': ' .. msg, { level = vim.log.levels.INFO, override = true }) + end) + end, function(result) + vim.schedule(function() + if result.success then + logger.log( + display .. ' login successful', + { level = vim.log.levels.INFO, override = true } + ) + else + local err = result.error or 'unknown error' + logger.log(display .. ' login failed: ' .. err, { level = vim.log.levels.ERROR }) + end + end) + end) end) end @@ -36,7 +72,7 @@ function M.logout(platform) platform = platform or state.get_platform() if not platform then logger.log( - 'No platform specified. Usage: :CP logout ', + 'No platform specified. Usage: :CP logout', { level = vim.log.levels.ERROR } ) return diff --git a/lua/cp/scraper.lua b/lua/cp/scraper.lua index af170d3..8f9759d 100644 --- a/lua/cp/scraper.lua +++ b/lua/cp/scraper.lua @@ -44,13 +44,15 @@ local function run_scraper(platform, subcommand, args, opts) return { success = false, error = msg } end - if subcommand == 'submit' then + local needs_browser = subcommand == 'submit' or subcommand == 'login' + + if needs_browser then utils.setup_nix_submit_env() end local plugin_path = utils.get_plugin_path() local cmd - if subcommand == 'submit' then + if needs_browser then cmd = utils.get_python_submit_cmd(platform, plugin_path) else cmd = utils.get_python_cmd(platform, plugin_path) @@ -71,7 +73,7 @@ local function run_scraper(platform, subcommand, args, opts) end end - if subcommand == 'submit' and utils.is_nix_build() then + if needs_browser and utils.is_nix_build() then env.UV_PROJECT_ENVIRONMENT = vim.fn.stdpath('cache') .. '/cp-nvim/submit-env' end @@ -129,7 +131,7 @@ local function run_scraper(platform, subcommand, args, opts) return { success = false, error = 'spawn failed' } end - if subcommand == 'submit' then + if needs_browser then timer = uv.new_timer() timer:start(120000, 0, function() timer:stop() @@ -193,7 +195,7 @@ local function run_scraper(platform, subcommand, args, opts) local sysopts = { text = true, - timeout = (subcommand == 'submit') and 120000 or 30000, + timeout = needs_browser and 120000 or 30000, env = env, cwd = plugin_path, } @@ -317,6 +319,37 @@ function M.scrape_all_tests(platform, contest_id, callback, on_done) }) end +function M.login(platform, credentials, on_status, callback) + local done = false + run_scraper(platform, 'login', {}, { + ndjson = true, + env_extra = { CP_CREDENTIALS = vim.json.encode(credentials) }, + on_event = function(ev) + if ev.credentials ~= nil and next(ev.credentials) ~= nil then + require('cp.cache').set_credentials(platform, ev.credentials) + end + if ev.status ~= nil then + if type(on_status) == 'function' then + on_status(ev) + end + elseif ev.success ~= nil then + done = true + if type(callback) == 'function' then + callback(ev) + end + end + end, + on_exit = function(proc) + if not done and type(callback) == 'function' then + callback({ + success = false, + error = 'login process exited (code=' .. tostring(proc.code) .. ')', + }) + end + end, + }) +end + function M.submit( platform, contest_id,