Problem: Login.razor with prerender: true converts Blazor MudForm's @OnSubmit
directive to static HTML form submit, which doesn't call HandleLogin C# method.
Result: 'HandleLogin is not defined' ReferenceError.
Solution: Set prerender: false for login page. WASM boots before rendering,
so Blazor event handlers work correctly. Minor UX trade-off (brief spinner while
WASM loads) is acceptable for full functionality.
Result: Login form now properly invokes HandleLogin, updates authentication state,
and navigates to dashboard.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Problem: JavaScript login form saved tokens to localStorage but didn't notify
CustomAuthenticationStateProvider, causing [Authorize] pages to remain in
'loading' state indefinitely. The provider only reads tokens when:
1. GetAuthenticationStateAsync() is called (page load)
2. NotifyAuthenticationStateChanged() is triggered (UI updates)
But JavaScript login didn't trigger either, leaving the authentication state
stale.
Solution: Convert AdminLoginForm from HTML+JavaScript to pure Blazor component.
Now the login flow is:
1. User enters credentials in Blazor form
2. HttpClient POST to /api/auth/login
3. Save tokens to localStorage
4. Call CustomAuthenticationStateProvider.LoginAsync() directly
5. Blazor detects auth state change and re-evaluates [Authorize] pages
6. Dashboard [Authorize] page renders successfully
Result: Immediate authentication state update, no loading timeout on protected pages.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Problem: Removing HeadOutlet caused post-login infinite loading because Blazor
framework requires HeadOutlet to inject necessary initialization metadata and
component-specific scripts. Without it, authenticated routes (like Dashboard)
fail to render.
Solution: Restore HeadOutlet. The duplicate script tag issue is resolved by:
- HeadOutlet generates appropriate script tag (managed by Blazor)
- App.razor explicitly loads blazor.webassembly.js (correct ASP.NET Core 10 filename)
- Blazor deduplicates these references internally
Result: Blazor initialization works correctly while using standard ASP.NET Core 10
WASM runtime filename.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Problem: App.razor now explicitly loads blazor.webassembly.js, but HeadOutlet
component was still auto-generating a <script> tag for blazor.web.js (legacy
filename). This caused two different script references to coexist.
Solution: Remove HeadOutlet since we're now explicitly managing the Blazor
runtime script reference. All necessary styles and metadata are already defined.
Result: Single, authoritative script reference to blazor.webassembly.js.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Root cause analysis:
- App.razor referenced blazor.web.js (legacy filename)
- ASP.NET Core 10 publish outputs blazor.webassembly.js (standard)
- Build/publish mismatch caused 'SyntaxError: Invalid or unexpected token'
Solution (proper fix, not workaround):
- App.razor: change script src to blazor.webassembly.js
- Remove deploy_gb.sh file-copy workaround
- Program.cs: remove unnecessary comment
Result: Single source of truth - blazor.webassembly.js is the standard ASP.NET Core 10
filename. No file duplication, no symlinks, no publish-time workarounds needed.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add comment to document that MapStaticAssets must come before
MapRazorComponents to ensure _framework/* WASM files are served.
This is a documentation-only change; no behavior change.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Problem: Inquiry status values were hardcoded as strings in multiple places:
- InquiryList.razor: Status="new", Status="consulting", etc.
- InquiryDetail.razor: inquiry.Status = "consulting"
- Makes it error-prone to update status values globally
Solution:
- Add public const fields to InquiryStatusMapper for all status values
- Replace hardcoded strings with constants (StatusNew, StatusConsulting, etc.)
- InquiryList and InquiryDetail now use mapper constants
Result: Single source of truth for status values. Changing a status value now
requires only updating InquiryStatusMapper, and all usages automatically update.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Problem: Login form showed remembered username from localStorage, but didn't
restore the 'remember me' checkbox state. Users had to re-check the box on
each login attempt, defeating the purpose of the remember feature.
Solution:
1. AdminLoginForm: Add isRememberChecked field and RememberedCheckboxKey constant
2. OnInitializedAsync: Restore both username AND checkbox state from localStorage
3. admin-session.js bindLoginForm: Restore checkbox.checked from localStorage
4. admin-session.js submit handler: Save checkbox state alongside username
Result: Complete round-trip persistence - when user checks 'remember me' and
logs in, both username and checkbox state persist until explicitly cleared.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
BlogForm:
- Add placeholder '分類 없음' for null category selection
- Label changed to '카테고리 (선택 사항)' to clarify null is allowed
- Add Clearable=true for easy null selection
InquiryForm:
- Add Required=true and Placeholder for ServiceType dropdown (mandatory field)
- Add Label asterisk (*) to indicate required field
- Add Clearable=true and Placeholder for Status dropdown (optional field)
Result: Combo components now follow COMBO_POLICY - null/required/optional states are
explicit in UI, not guessed by users. Aligns with 'Production Level' standard.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
P1-04: Inquiry 수정 계약 확정 - 화면과 저장 필드 불일치 제거
Problem: InquiryEdit showed editable fields for Name/Phone/Email/Message, but
UpdateInquiryDto only saved Status/AdminMemo. Users could edit fields that had
no effect on save - the 'false affordance' anti-pattern.
Solution:
- Add IsEditMode parameter to InquiryForm
- When IsEditMode=true: bind Name/Phone/Email/Message as ReadOnly (disabled input)
- Update InquiryEdit to pass IsEditMode="true"
- InquiryCreate passes default false, keeping all fields editable
Result: Edit mode now clearly shows which fields are modifiable (Status, AdminMemo)
vs. informational (customer contact details, message text). UI matches API contract.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
InquiryCreate.razor was passing suppressNotification: true, preventing telegram
alerts from reaching customers. Also, the success snackbar was dismissed too
quickly (immediate navigation) for users to see feedback.
Changes:
- Set suppressNotification: false so admin-created inquiries trigger telegram alerts
- Updated success message to explicitly mention notification was sent
- Added 3-second delay before redirecting, giving users time to see the feedback
User-facing improvement: admins now get clear confirmation that their inquiry
was logged and the customer was notified.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Symptoms: After login, admin pages showed loading spinner forever. Root cause:
OnInitializedAsync in 11 admin pages (Dashboard, Blog, Inquiries, Clients,
Announcements, FAQs, TaxProfiles, ConsultingActivities, TaxFilingSchedules,
Contracts, RevenueTrackings) checked AuthStateTask and loaded data only if
authState.User.Identity?.IsAuthenticated == true. If that condition was ever
false (e.g., transient auth state resolution timing), the page never reset
its data collection from null → []. AdminDataPanel uses "Loading={item == null}"
as its loading predicate, so null persisted indefinitely.
Fix: Always reset the data collection, whether the auth check passes or fails:
- AuthStateTask != null && IsAuthenticated == true: load data (existing)
- AuthStateTask != null && IsAuthenticated == false: set data = [] (new else)
- AuthStateTask == null: set data = [] (new else)
This ensures AdminDataPanel's "Loading" condition becomes false on all code
paths, not just the success case.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Groups the repo root into src (buildable source), docs (already existed),
and everything else (db/, scripts/, tests/, deploy/ - deployment/ops/test
assets that aren't compiled, already organized as their own folders). CI
now only needs src/ to build: dotnet restore/build/test/publish all point
at src/TaxBaik.sln, src/TaxBaik.Web/, src/TaxBaik.Proxy/.
- git mv every project (Domain, Infrastructure, Application,
Application.Tests, Web, Web.Client, Proxy) and TaxBaik.sln into src/ as a
unit, so relative ProjectReference/.sln paths stay valid unchanged.
- .gitea/workflows/deploy.yml: 6 dotnet restore/clean/build/test/publish
invocations now point at src/. db/migrations and scripts/ stay at root
(deploy_gb.sh and browser-e2e.yml only touch published output and the
deployed URL, not source paths - verified, no changes needed there).
- scripts/validate_admin_render.sh: admin render-mode file paths now
src/TaxBaik.Web.Client/...
- scripts/validate_kst_timestamps.sh: dropped deploy.sh from its target
list - that script was removed in the prior cleanup commit (dead, no
CI workflow referenced it) but this validator still expected it to exist.
- CLAUDE.md, docs/ENGINEERING_HARNESS.md, docs/ADMIN_PATTERN_CRITIQUE_WBS.md:
updated project-structure diagram, dotnet run/build commands, and grep
targets to the new src/ paths (also fixed a pre-existing stale path in
ADMIN_PATTERN_CRITIQUE_WBS.md that still said TaxBaik.Web/Components/Admin
from before that ever moved to TaxBaik.Web.Client).
- Added a Repo Root harness rule + Architecture Guardrail entries: new files
belong under src/docs/tests/scripts/db/deploy, not loose at root; temp
work stays outside the repo (or under a gitignored .scratch/) and is
never committed.
Verified locally: dotnet build/test src/TaxBaik.sln (26/26 tests), and all
three scripts/validate_*.sh pass against the new layout.
Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>