[idea] Login via webview, then use cid session cookie as a token

[linuxct]

I recently discovered this project over at Mishaal Rahman's Telegram group. I noticed that the project currently lacks authenticated logins due to Monstercat adding reCaptcha to their website.

I was thinking that perhaps something we could do to allow us to login was to open https://monstercat.com/sign-in and ask to Sign in there using some WebView implementation, then retrieve from the WebView and safely store at rest (such as via Jetpack's EncryptedSharedPreferences) the cid session cookie, and use that to authenticate against Monstercat in order to retrieve our playlists. What do you think?

I have noticed this cid cookie lasts for ~1mo., and it doesn't get automatically refreshed when calling the API, which means there must be some endpoint which allows to refresh it when its close to expiration or after expiration. I am currently checking their website trying to understand if this is the case, but even in the worst case, we can handle that and ask the user to login again upon token expiration.