2c119774df
## Problem `:CP <platform> login` blindly caches username/password without server-side validation. Bad credentials are only discovered at submit time, which is confusing and wastes a browser session. ## Solution Wire `:CP <platform> login` through the scraper pipeline so each platform actually authenticates before persisting credentials. On failure, the user sees an error and nothing is cached. - CSES: reuses `_check_token` (fast path) and `_web_login`; returns API token in `LoginResult.credentials` so subsequent submits skip re-auth. - AtCoder/Codeforces: new `_login_headless` functions open a StealthySession, solve Turnstile/Cloudflare, fill the login form, and validate success by checking for the logout link. Cookies only persist on confirmed login. - CodeChef/Kattis/USACO: return "not yet implemented" errors. - `scraper.lua`: generalizes submit-only guards (`needs_browser` flag) to cover both `submit` and `login` subcommands. - `credentials.lua`: prompts for username/password, passes cached token for CSES fast path, shows ndjson status notifications, only caches on success. |
||
|---|---|---|
| .. | ||
| commands | ||
| pickers | ||
| runner | ||
| ui | ||
| cache.lua | ||
| config.lua | ||
| constants.lua | ||
| credentials.lua | ||
| health.lua | ||
| helpers.lua | ||
| init.lua | ||
| log.lua | ||
| race.lua | ||
| restore.lua | ||
| scraper.lua | ||
| setup.lua | ||
| state.lua | ||
| stress.lua | ||
| submit.lua | ||
| utils.lua | ||
| version.lua | ||