Add ensureLoggedIn to session.mjs for searcher

Searcher creates browser first then verifies login, unlike applier
which checks auth before browser creation. Both paths now work.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

lib/session.mjs

@@ -101,3 +101,37 @@ export async function ensureAuth(platform, apiKey) {
 
   return { ok: false, reason: `re-auth timed out after ${SESSION_REFRESH_POLL_TIMEOUT / 1000}s` };
 }
+
+/**
+ * Verify login on an already-opened page. If not logged in, attempt re-auth.
+ * Used by the searcher which creates the browser first, then checks login.
+ *
+ * @param {Page} page — Playwright page
+ * @param {function} verifyFn — platform-specific login check (e.g. liLogin)
+ * @param {string} platform — 'linkedin' or 'wellfound'
+ * @param {string} apiKey — Kernel API key
+ * @returns {boolean} — true if logged in
+ */
+export async function ensureLoggedIn(page, verifyFn, platform, apiKey) {
+  // First check if already logged in on the page
+  try {
+    const isLoggedIn = await verifyFn(page);
+    if (isLoggedIn) return true;
+  } catch {}
+
+  // Not logged in — try re-auth via Kernel
+  const result = await ensureAuth(platform, apiKey);
+  if (!result.ok) {
+    console.warn(`  ⚠️  ${platform} auth failed: ${result.reason}`);
+    return false;
+  }
+
+  // Re-auth succeeded, but we need to reload the page to pick up new cookies
+  try {
+    await page.reload({ waitUntil: 'domcontentloaded' });
+    const isLoggedIn = await verifyFn(page);
+    return isLoggedIn;
+  } catch {
+    return false;
+  }
+}