fix(login): remove cookie fast-path from login subcommand

Problem: `:CP <platform> login` short-circuited on cached cookies/tokens. If an old session was still valid, the new credentials were never tested, so the user got "login successful" even with garbage input. Solution: Always validate credentials against the platform in the login path. Remove cookie/token loading from `_login_headless` (AtCoder), `_login_headless_cf` (CF), `_login_headless_codechef` (CodeChef), and `login` (CSES). For USACO submit, replace the `_check_usaco_login` roundtrip with cookie trust + retry-on-auth-failure (the Kattis pattern). Submit paths are unchanged — cookie fast-paths remain for contest speed. Closes #331
2026-03-06 17:52:05 -05:00 · 2026-03-06 17:52:05 -05:00 · 84343d2045
commit 84343d2045
parent 8465e70772
5 changed files with 110 additions and 141 deletions
--- a/scrapers/codechef.py
+++ b/scrapers/codechef.py
@ -65,12 +65,6 @@ def _login_headless_codechef(credentials: dict[str, str]) -> LoginResult:
    _ensure_browser()

    _COOKIE_PATH.parent.mkdir(parents=True, exist_ok=True)
-    saved_cookies: list[dict[str, Any]] = []
-    if _COOKIE_PATH.exists():
-        try:
-            saved_cookies = json.loads(_COOKIE_PATH.read_text())
-        except Exception:
-            pass

    logged_in = False
    login_error: str | None = None
@ -100,29 +94,21 @@ def _login_headless_codechef(credentials: dict[str, str]) -> LoginResult:
            headless=True,
            timeout=BROWSER_SESSION_TIMEOUT,
            google_search=False,
-            cookies=saved_cookies if saved_cookies else [],
        ) as session:
-            if saved_cookies:
-                print(json.dumps({"status": "checking_login"}), flush=True)
-                session.fetch(
-                    f"{BASE_URL}/", page_action=check_login, network_idle=True
+            print(json.dumps({"status": "logging_in"}), flush=True)
+            session.fetch(f"{BASE_URL}/login", page_action=login_action)
+            if login_error:
+                return LoginResult(
+                    success=False, error=f"Login failed: {login_error}"
                )

+            session.fetch(
+                f"{BASE_URL}/", page_action=check_login, network_idle=True
+            )
            if not logged_in:
-                print(json.dumps({"status": "logging_in"}), flush=True)
-                session.fetch(f"{BASE_URL}/login", page_action=login_action)
-                if login_error:
-                    return LoginResult(
-                        success=False, error=f"Login failed: {login_error}"
-                    )
-
-                session.fetch(
-                    f"{BASE_URL}/", page_action=check_login, network_idle=True
+                return LoginResult(
+                    success=False, error="Login failed (bad credentials?)"
                )
-                if not logged_in:
-                    return LoginResult(
-                        success=False, error="Login failed (bad credentials?)"
-                    )

            try:
                browser_cookies = session.context.cookies()