fix(security): harden credential storage and transmission (#369)

## Problem Credential and cookie files were world-readable (0644), passwords transited via `CP_CREDENTIALS` env var (visible in `/proc/PID/environ`), and Kattis/USACO echoed passwords back through stdout unnecessarily. ## Solution Set 0600 permissions on `cp-nvim.json` and `cookies.json` after every write, pass credentials via stdin pipe instead of env var, and stop emitting passwords in ndjson from Kattis/USACO `LoginResult` (CSES token emission unchanged).
2026-03-07 18:14:34 -05:00 · 2026-03-07 18:14:34 -05:00 · b53c8ca44e
commit b53c8ca44e
parent 771dbc7753
10 changed files with 131 additions and 82 deletions
--- a/lua/cp/commands/init.lua
+++ b/lua/cp/commands/init.lua
@ -326,6 +326,10 @@ local function parse_command(args)
    end
  end

+  if (first == 'login' or first == 'logout' or first == 'signup') and #args == 1 then
+    return { type = 'action', action = first, requires_context = true, platform = nil }
+  end
+
  if #args == 1 then
    return {
      type = 'problem_jump',
@ -378,6 +382,7 @@ function M.handle_command(opts)
      if not restore.restore_from_current_file() then
        return
      end
+      vim.cmd.redraw()
    end

    local setup = require('cp.setup')
@ -421,24 +426,45 @@ function M.handle_command(opts)
      end
      vim.ui.open(url)
    elseif cmd.action == 'login' then
-      if not check_platform_enabled(cmd.platform) then
-        return
-      end
-      require('cp.credentials').login(cmd.platform)
-    elseif cmd.action == 'logout' then
-      if not check_platform_enabled(cmd.platform) then
-        return
-      end
-      require('cp.credentials').logout(cmd.platform)
-    elseif cmd.action == 'signup' then
-      local url = constants.SIGNUP_URLS[cmd.platform]
-      if not url then
+      local p = cmd.platform or state.get_platform()
+      if not p then
        logger.log(
-          ("No signup URL available for '%s'"):format(cmd.platform),
-          { level = vim.log.levels.WARN }
+          'No platform active. Usage: :CP <platform> login',
+          { level = vim.log.levels.ERROR }
        )
        return
      end
+      if not check_platform_enabled(p) then
+        return
+      end
+      require('cp.credentials').login(p)
+    elseif cmd.action == 'logout' then
+      local p = cmd.platform or state.get_platform()
+      if not p then
+        logger.log(
+          'No platform active. Usage: :CP <platform> logout',
+          { level = vim.log.levels.ERROR }
+        )
+        return
+      end
+      if not check_platform_enabled(p) then
+        return
+      end
+      require('cp.credentials').logout(p)
+    elseif cmd.action == 'signup' then
+      local p = cmd.platform or state.get_platform()
+      if not p then
+        logger.log(
+          'No platform active. Usage: :CP <platform> signup',
+          { level = vim.log.levels.ERROR }
+        )
+        return
+      end
+      local url = constants.SIGNUP_URLS[p]
+      if not url then
+        logger.log(("No signup URL available for '%s'"):format(p), { level = vim.log.levels.WARN })
+        return
+      end
      vim.ui.open(url)
    end
  elseif cmd.type == 'problem_jump' then