fix(auth): force .google.com cookies during login for regional users

[teng-lin]

Summary

• After login, navigate to accounts.google.com then back to notebooklm.google.com to force Google's SSO to issue .google.com-scoped cookies before saving storage state
• Uses wait_until="load" (not "networkidle") to avoid hangs on Google's analytics-heavy pages

Context

UK users have their auth cookies (SID, HSID, etc.) set on .google.co.uk instead of .google.com. Previous PRs (#24, #34) handled cookie extraction from regional domains, but the SID token value from .google.co.uk is region-scoped and rejected by notebooklm.google.com server-side.

This fix operates at the login capture phase — forcing .google.com cookies to exist before context.storage_state() is called. Safe for all other regions (Singapore, Japan, US, etc.) — their cookies are already on .google.com, so the extra navigations are a no-op aside from ~5–10 extra seconds during login.

Fixes #146

Test plan

• Verify existing tests pass (pytest — 1811 passed)
• Verify ruff format, ruff check, mypy all clean
• Manual verification by a UK-based user running notebooklm login and confirming SID lands on .google.com

🤖 Generated with Claude Code

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request resolves an authentication issue for regional users by implementing a mechanism to explicitly obtain .google.com-scoped authentication cookies during the login process. By navigating through Google's account and NotebookLM domains with a specific wait strategy, the system now ensures that the correct global cookies are captured, thereby enabling successful login for all users regardless of their regional domain affiliation.

Highlights

• Cookie Scoping: Introduced forced navigation to accounts.google.com and then notebooklm.google.com immediately after user login to ensure that authentication cookies are scoped to .google.com.
• Navigation Strategy: Changed the wait_until parameter for these navigations to "load" instead of "networkidle" to prevent potential hangs on pages with heavy analytics.
• Regional User Support: This change specifically addresses an issue where regional users (e.g., in the UK) were receiving .google.co.uk cookies, which were rejected by the notebooklm.google.com server, by ensuring .google.com cookies are issued.

Changelog

• src/notebooklm/cli/session.py
  • Added two page.goto() calls after user input to force navigation to accounts.google.com and notebooklm.google.com.
  • Configured these page.goto() calls to use wait_until="load" for improved reliability.

Activity

• The pull request addresses and fixes issue Login fails for UK/regional users: cookies set on .google.co.uk instead of .google.com #146.
• The code changes were generated with Claude Code.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a fix for an authentication issue affecting users in certain regions by forcing the browser to navigate to Google's account and NotebookLM pages after login. This ensures that broadly-scoped .google.com authentication cookies are set. The approach is sound and the implementation is straightforward. My only suggestion is to refactor the hardcoded URLs into module-level constants to improve maintainability and consistency, as these URLs are used in multiple places.

[gemini-code-assist]

To improve maintainability and avoid magic strings, consider defining these URLs as constants at the module level. This would also allow reusing the NOTEBOOKLM_URL constant, as "https://notebooklm.google.com/" is hardcoded elsewhere in this file (e.g., line 215).

For example, you could add at the top of the file:
ACCOUNTS_GOOGLE_URL = "https://accounts.google.com/"
NOTEBOOKLM_URL = "https://notebooklm.google.com/"
And then use page.goto(ACCOUNTS_GOOGLE_URL, ...) and page.goto(NOTEBOOKLM_URL, ...) here.