fix(login): remove cookie fast-path from login subcommand (#344)

## Problem `:CP <platform> login` short-circuited on cached cookies/tokens — if an old session was still valid, the new credentials were never tested. The user got "login successful" even with wrong input. USACO submit also wasted a roundtrip on `_check_usaco_login` every time. ## Solution Always validate credentials in the login path. Remove cookie/token loading from `_login_headless` (AtCoder), `_login_headless_cf` (CF), `_login_headless_codechef` (CodeChef), and `login` (CSES). For USACO submit, replace the `_check_usaco_login` roundtrip with cookie trust + retry-on-auth-failure (the Kattis pattern). Submit paths are unchanged — cookie fast-paths remain for contest speed. Closes #331
2026-03-06 17:53:22 -05:00 · 2026-03-06 17:53:22 -05:00 · 592f977296
commit 592f977296
parent 8465e70772
5 changed files with 97 additions and 140 deletions
--- a/scrapers/atcoder.py
+++ b/scrapers/atcoder.py
@ -306,12 +306,6 @@ def _login_headless(credentials: dict[str, str]) -> LoginResult:

    cookie_cache = Path.home() / ".cache" / "cp-nvim" / "atcoder-cookies.json"
    cookie_cache.parent.mkdir(parents=True, exist_ok=True)
-    saved_cookies: list[dict[str, Any]] = []
-    if cookie_cache.exists():
-        try:
-            saved_cookies = json.loads(cookie_cache.read_text())
-        except Exception:
-            pass

    logged_in = False
    login_error: str | None = None
@ -340,33 +334,23 @@ def _login_headless(credentials: dict[str, str]) -> LoginResult:
            headless=True,
            timeout=BROWSER_SESSION_TIMEOUT,
            google_search=False,
-            cookies=saved_cookies if saved_cookies else [],
        ) as session:
-            if saved_cookies:
-                print(json.dumps({"status": "checking_login"}), flush=True)
-                session.fetch(
-                    f"{BASE_URL}/home", page_action=check_login, network_idle=True
-                )
+            print(json.dumps({"status": "logging_in"}), flush=True)
+            session.fetch(
+                f"{BASE_URL}/login",
+                page_action=login_action,
+                solve_cloudflare=True,
+            )
+            if login_error:
+                return LoginResult(success=False, error=f"Login failed: {login_error}")

+            session.fetch(
+                f"{BASE_URL}/home", page_action=check_login, network_idle=True
+            )
            if not logged_in:
-                print(json.dumps({"status": "logging_in"}), flush=True)
-                session.fetch(
-                    f"{BASE_URL}/login",
-                    page_action=login_action,
-                    solve_cloudflare=True,
+                return LoginResult(
+                    success=False, error="Login failed (bad credentials?)"
                )
-                if login_error:
-                    return LoginResult(
-                        success=False, error=f"Login failed: {login_error}"
-                    )
-
-                session.fetch(
-                    f"{BASE_URL}/home", page_action=check_login, network_idle=True
-                )
-                if not logged_in:
-                    return LoginResult(
-                        success=False, error="Login failed (bad credentials?)"
-                    )

            try:
                browser_cookies = session.context.cookies()