fix(login): remove cookie fast-path from login subcommand

Problem: `:CP <platform> login` short-circuited on cached cookies/tokens. If an old session was still valid, the new credentials were never tested, so the user got "login successful" even with garbage input. Solution: Always validate credentials against the platform in the login path. Remove cookie/token loading from `_login_headless` (AtCoder), `_login_headless_cf` (CF), `_login_headless_codechef` (CodeChef), and `login` (CSES). For USACO submit, replace the `_check_usaco_login` roundtrip with cookie trust + retry-on-auth-failure (the Kattis pattern). Submit paths are unchanged — cookie fast-paths remain for contest speed. Closes #331
2026-03-06 17:52:05 -05:00 · 2026-03-06 17:52:05 -05:00 · 84343d2045
commit 84343d2045
parent 8465e70772
5 changed files with 110 additions and 141 deletions
--- a/scrapers/cses.py
+++ b/scrapers/cses.py
@ -239,21 +239,6 @@ class CSESScraper(BaseScraper):
            return self._login_error("Missing username or password")

        async with httpx.AsyncClient(follow_redirects=True) as client:
-            token = credentials.get("token")
-
-            if token:
-                print(json.dumps({"status": "checking_login"}), flush=True)
-                if await self._check_token(client, token):
-                    return LoginResult(
-                        success=True,
-                        error="",
-                        credentials={
-                            "username": username,
-                            "password": password,
-                            "token": token,
-                        },
-                    )
-
            print(json.dumps({"status": "logging_in"}), flush=True)
            token = await self._web_login(client, username, password)
            if not token: