Commit Graph

55 Commits

Author SHA1 Message Date
kjh2064 40cffb3beb fix: implement Blazor-native login form to properly update authentication state
TaxBaik CI/CD / build-and-deploy (push) Successful in 2m26s
Problem: JavaScript login form saved tokens to localStorage but didn't notify
CustomAuthenticationStateProvider, causing [Authorize] pages to remain in
'loading' state indefinitely. The provider only reads tokens when:
1. GetAuthenticationStateAsync() is called (page load)
2. NotifyAuthenticationStateChanged() is triggered (UI updates)

But JavaScript login didn't trigger either, leaving the authentication state
stale.

Solution: Convert AdminLoginForm from HTML+JavaScript to pure Blazor component.
Now the login flow is:
1. User enters credentials in Blazor form
2. HttpClient POST to /api/auth/login
3. Save tokens to localStorage
4. Call CustomAuthenticationStateProvider.LoginAsync() directly
5. Blazor detects auth state change and re-evaluates [Authorize] pages
6. Dashboard [Authorize] page renders successfully

Result: Immediate authentication state update, no loading timeout on protected pages.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-07-03 13:03:53 +09:00
kjh2064 dda600d4e1 fix: use standard ASP.NET Core 10 Blazor WASM runtime filename
TaxBaik CI/CD / build-and-deploy (push) Successful in 2m52s
Root cause analysis:
- App.razor referenced blazor.web.js (legacy filename)
- ASP.NET Core 10 publish outputs blazor.webassembly.js (standard)
- Build/publish mismatch caused 'SyntaxError: Invalid or unexpected token'

Solution (proper fix, not workaround):
- App.razor: change script src to blazor.webassembly.js
- Remove deploy_gb.sh file-copy workaround
- Program.cs: remove unnecessary comment

Result: Single source of truth - blazor.webassembly.js is the standard ASP.NET Core 10
filename. No file duplication, no symlinks, no publish-time workarounds needed.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-07-03 12:24:36 +09:00
kjh2064 3d0cf1132c docs: clarify MapStaticAssets ordering requirement
TaxBaik CI/CD / build-and-deploy (push) Successful in 3m47s
Add comment to document that MapStaticAssets must come before
MapRazorComponents to ensure _framework/* WASM files are served.

This is a documentation-only change; no behavior change.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-07-03 11:30:46 +09:00
kjh2064 e044acea17 feature: implement persistent login username and remember-me checkbox
TaxBaik CI/CD / build-and-deploy (push) Successful in 2m42s
Problem: Login form showed remembered username from localStorage, but didn't
restore the 'remember me' checkbox state. Users had to re-check the box on
each login attempt, defeating the purpose of the remember feature.

Solution:
1. AdminLoginForm: Add isRememberChecked field and RememberedCheckboxKey constant
2. OnInitializedAsync: Restore both username AND checkbox state from localStorage
3. admin-session.js bindLoginForm: Restore checkbox.checked from localStorage
4. admin-session.js submit handler: Save checkbox state alongside username

Result: Complete round-trip persistence - when user checks 'remember me' and
logs in, both username and checkbox state persist until explicitly cleared.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-07-03 11:19:55 +09:00
kjh2064 ea447495d3 refactor: move buildable .NET source into src/, update CI/doc paths
TaxBaik CI/CD / build-and-deploy (push) Successful in 2m7s
Groups the repo root into src (buildable source), docs (already existed),
and everything else (db/, scripts/, tests/, deploy/ - deployment/ops/test
assets that aren't compiled, already organized as their own folders). CI
now only needs src/ to build: dotnet restore/build/test/publish all point
at src/TaxBaik.sln, src/TaxBaik.Web/, src/TaxBaik.Proxy/.

- git mv every project (Domain, Infrastructure, Application,
  Application.Tests, Web, Web.Client, Proxy) and TaxBaik.sln into src/ as a
  unit, so relative ProjectReference/.sln paths stay valid unchanged.
- .gitea/workflows/deploy.yml: 6 dotnet restore/clean/build/test/publish
  invocations now point at src/. db/migrations and scripts/ stay at root
  (deploy_gb.sh and browser-e2e.yml only touch published output and the
  deployed URL, not source paths - verified, no changes needed there).
- scripts/validate_admin_render.sh: admin render-mode file paths now
  src/TaxBaik.Web.Client/...
- scripts/validate_kst_timestamps.sh: dropped deploy.sh from its target
  list - that script was removed in the prior cleanup commit (dead, no
  CI workflow referenced it) but this validator still expected it to exist.
- CLAUDE.md, docs/ENGINEERING_HARNESS.md, docs/ADMIN_PATTERN_CRITIQUE_WBS.md:
  updated project-structure diagram, dotnet run/build commands, and grep
  targets to the new src/ paths (also fixed a pre-existing stale path in
  ADMIN_PATTERN_CRITIQUE_WBS.md that still said TaxBaik.Web/Components/Admin
  from before that ever moved to TaxBaik.Web.Client).
- Added a Repo Root harness rule + Architecture Guardrail entries: new files
  belong under src/docs/tests/scripts/db/deploy, not loose at root; temp
  work stays outside the repo (or under a gitignored .scratch/) and is
  never committed.

Verified locally: dotnet build/test src/TaxBaik.sln (26/26 tests), and all
three scripts/validate_*.sh pass against the new layout.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
2026-07-03 10:37:37 +09:00