fix(login): remove cookie fast-path from login subcommand

Problem: `:CP <platform> login` short-circuited on cached cookies/tokens. If an old session was still valid, the new credentials were never tested, so the user got "login successful" even with garbage input. Solution: Always validate credentials against the platform in the login path. Remove cookie/token loading from `_login_headless` (AtCoder), `_login_headless_cf` (CF), `_login_headless_codechef` (CodeChef), and `login` (CSES). For USACO submit, replace the `_check_usaco_login` roundtrip with cookie trust + retry-on-auth-failure (the Kattis pattern). Submit paths are unchanged — cookie fast-paths remain for contest speed. Closes #331
2026-03-06 17:52:05 -05:00 · 2026-03-06 17:52:05 -05:00 · 84343d2045
commit 84343d2045
parent 8465e70772
5 changed files with 110 additions and 141 deletions
--- a/scrapers/codeforces.py
+++ b/scrapers/codeforces.py
@ -348,12 +348,6 @@ def _login_headless_cf(credentials: dict[str, str]) -> LoginResult:

    cookie_cache = Path.home() / ".cache" / "cp-nvim" / "codeforces-cookies.json"
    cookie_cache.parent.mkdir(parents=True, exist_ok=True)
-    saved_cookies: list[dict[str, Any]] = []
-    if cookie_cache.exists():
-        try:
-            saved_cookies = json.loads(cookie_cache.read_text())
-        except Exception:
-            pass

    logged_in = False
    login_error: str | None = None
@ -388,37 +382,27 @@ def _login_headless_cf(credentials: dict[str, str]) -> LoginResult:
            headless=True,
            timeout=BROWSER_SESSION_TIMEOUT,
            google_search=False,
-            cookies=saved_cookies if saved_cookies else [],
        ) as session:
-            if saved_cookies:
-                print(json.dumps({"status": "checking_login"}), flush=True)
-                session.fetch(
-                    f"{BASE_URL}/",
-                    page_action=check_login,
-                    network_idle=True,
+            print(json.dumps({"status": "logging_in"}), flush=True)
+            session.fetch(
+                f"{BASE_URL}/enter",
+                page_action=login_action,
+                solve_cloudflare=True,
+            )
+            if login_error:
+                return LoginResult(
+                    success=False, error=f"Login failed: {login_error}"
                )

+            session.fetch(
+                f"{BASE_URL}/",
+                page_action=check_login,
+                network_idle=True,
+            )
            if not logged_in:
-                print(json.dumps({"status": "logging_in"}), flush=True)
-                session.fetch(
-                    f"{BASE_URL}/enter",
-                    page_action=login_action,
-                    solve_cloudflare=True,
+                return LoginResult(
+                    success=False, error="Login failed (bad credentials?)"
                )
-                if login_error:
-                    return LoginResult(
-                        success=False, error=f"Login failed: {login_error}"
-                    )
-
-                session.fetch(
-                    f"{BASE_URL}/",
-                    page_action=check_login,
-                    network_idle=True,
-                )
-                if not logged_in:
-                    return LoginResult(
-                        success=False, error="Login failed (bad credentials?)"
-                    )

            try:
                browser_cookies = session.context.cookies()