feat: git credential backend for credential storage (#371)
## Problem
Credentials were stored as plaintext JSON in
`stdpath('data')/cp-nvim.json`, with no integration with system
credential managers.
## Solution
Replace file-based credential storage with `git credential
fill/approve/reject`, delegating to whatever credential helper the user
has configured (`cache`, `store`, `libsecret`, macOS Keychain, etc.).
- New `lua/cp/git_credential.lua` module wrapping the git credential
protocol
- All credential consumers (`credentials.lua`, `submit.lua`,
`scraper.lua`) use `git_credential` directly — `cache.lua` no longer
handles credentials
- CSES API token packed into the password field (`password<TAB>token`)
so it works with helpers that ignore the `path` field
- `has_helper()` guard on `:CP login`, `:CP logout`, and `:CP submit`
with an error message if no helper is configured
- Healthcheck split into `[required]`/`[optional]` sections; git version
and credential helper status shown
- `git` checked at startup in `check_required_runtime()`
- Cache version system (`CACHE_VERSION`, v1→v2 migration) removed — the
cache file is now a plain JSON blob
- `:CP` command gets `bar = true`
This commit is contained in:
Barrett Ruth
GitHub
parent
27d7a4e6b5
commit
da4e2ebeba
12 changed files with 283 additions and 150 deletions
|
|
@ -8,7 +8,7 @@ from typing import Any
|
|||
|
||||
import httpx
|
||||
|
||||
from .base import BaseScraper, extract_precision
|
||||
from .base import BaseScraper, extract_precision, load_platform_cookies, save_platform_cookies
|
||||
from .timeouts import HTTP_TIMEOUT
|
||||
from .models import (
|
||||
ContestListResult,
|
||||
|
|
@ -248,35 +248,20 @@ class CSESScraper(BaseScraper):
|
|||
if not username or not password:
|
||||
return self._login_error("Missing username or password")
|
||||
|
||||
token = credentials.get("token")
|
||||
token = load_platform_cookies("cses")
|
||||
async with httpx.AsyncClient(follow_redirects=True) as client:
|
||||
if token:
|
||||
print(json.dumps({"status": "checking_login"}), flush=True)
|
||||
if await self._check_token(client, token):
|
||||
return LoginResult(
|
||||
success=True,
|
||||
error="",
|
||||
credentials={
|
||||
"username": username,
|
||||
"password": password,
|
||||
"token": token,
|
||||
},
|
||||
)
|
||||
return LoginResult(success=True, error="")
|
||||
|
||||
print(json.dumps({"status": "logging_in"}), flush=True)
|
||||
token = await self._web_login(client, username, password)
|
||||
if not token:
|
||||
return self._login_error("bad_credentials")
|
||||
|
||||
return LoginResult(
|
||||
success=True,
|
||||
error="",
|
||||
credentials={
|
||||
"username": username,
|
||||
"password": password,
|
||||
"token": token,
|
||||
},
|
||||
)
|
||||
save_platform_cookies("cses", token)
|
||||
return LoginResult(success=True, error="")
|
||||
|
||||
async def stream_tests_for_category_async(self, category_id: str) -> None:
|
||||
async with httpx.AsyncClient(
|
||||
|
|
@ -423,7 +408,7 @@ class CSESScraper(BaseScraper):
|
|||
return self._submit_error("Missing credentials. Use :CP login cses")
|
||||
|
||||
async with httpx.AsyncClient(follow_redirects=True) as client:
|
||||
token = credentials.get("token")
|
||||
token = load_platform_cookies("cses")
|
||||
|
||||
if token:
|
||||
print(json.dumps({"status": "checking_login"}), flush=True)
|
||||
|
|
@ -435,18 +420,7 @@ class CSESScraper(BaseScraper):
|
|||
token = await self._web_login(client, username, password)
|
||||
if not token:
|
||||
return self._submit_error("bad_credentials")
|
||||
print(
|
||||
json.dumps(
|
||||
{
|
||||
"credentials": {
|
||||
"username": username,
|
||||
"password": password,
|
||||
"token": token,
|
||||
}
|
||||
}
|
||||
),
|
||||
flush=True,
|
||||
)
|
||||
save_platform_cookies("cses", token)
|
||||
|
||||
print(json.dumps({"status": "submitting"}), flush=True)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue