登录界面

.trellis/spec/frontend/type-safety.md

@@ -33,7 +33,12 @@ rendering.
 ### 2. Signatures
 
 - Login form: `POST /login`.
-- Request fields: `username`, `password`, and optional `redirect`.
+- Request fields consumed by `LoginServlet`: `username`, `password`, and
+  optional `redirect`.
+- Presentation-only login controls may submit auxiliary fields such as
+  `loginRole` and `rememberUsername`; these must not participate in
+  authentication or authorization unless the Servlet/service contract is
+  deliberately changed.
 - Login JSP request attributes: `errorMessage`, `username`, and `redirect`.
 - Dashboard/role JSP session attributes: `authenticatedUser`, `userRole`, and
   `userPermissions`.
@@ -47,6 +52,12 @@ rendering.
   attribute or session attribute.
 - `redirect` must be a same-application path beginning with one `/`; invalid
   values are ignored.
+- `loginRole` is only a login-intent hint in the JSP. The authenticated role is
+  determined by the `users.role_code` row returned through `AuthService`, not by
+  a client-side radio selection.
+- Remember-me behavior may persist only the username in browser storage. It must
+  never persist passwords, password hashes, redirects, permission state, or
+  extend the server session.
 - JSPs render data with JSP EL/JSTL, not scriptlet Java.
 - JSPs may read safe session snapshots, but they must not call DAOs or inspect
   password hashes.
@@ -67,10 +78,12 @@ rendering.
 
 - Good: failed login keeps the escaped username and never redisplays the
   password.
+- Good: selecting a role radio option or checking remember-me does not change
+  the server-side authentication decision.
 - Base: dashboard reads `sessionScope.authenticatedUser.displayName` and
   `sessionScope.userRole` only for display/navigation.
-- Bad: JSP uses scriptlets, JDBC, or raw request parameters to decide
-  authentication.
+- Bad: JSP, JavaScript, or Servlet code trusts `loginRole` to grant a role or
+  stores the password in browser storage.
 
 ### 6. Tests Required
 
@@ -79,6 +92,8 @@ rendering.
   files.
 - Run service-level auth checks for required fields, invalid credentials,
   success, DAO fallback, and permission checks.
+- When login page scripts change, scan them to confirm only usernames can be
+  stored client-side and `password` is never persisted.
 - When Maven/Tomcat is available, run a Servlet/JSP compile or package check.
 
 ### 7. Wrong vs Correct
@@ -87,6 +102,7 @@ rendering.
 
 ```jsp
 <%-- JSP checks request.getParameter("password") or runs SQL directly. --%>
+<%-- JavaScript stores the password or LoginServlet trusts loginRole. --%>
 ```
 
 #### Correct

.trellis/tasks/04-28-remove-redundant-actions-add-cn-data/check.jsonl

@@ -4,3 +4,4 @@
 {"file": ".trellis/spec/frontend/quality-guidelines.md", "reason": "Run UI-oriented quality review for removed redundant actions."}
 {"file": ".trellis/spec/backend/database-guidelines.md", "reason": "Review Chinese demo data against schema and seed-data conventions."}
 {"file": ".trellis/spec/backend/quality-guidelines.md", "reason": "Verify backend layer boundaries and checks for schema-only data changes."}
+{"file": ".trellis/spec/frontend/type-safety.md", "reason": "Verify the login JSP keeps the POST /login contract, request fields, and safe rendering behavior."}

.trellis/tasks/04-28-remove-redundant-actions-add-cn-data/prd.md

@@ -2,7 +2,7 @@
 
 ## Goal
 
-精简已登录页面中与侧边栏重复的右侧跨模块跳转按钮，并补充更贴近中文图书馆场景的演示图书与读者数据。
+精简已登录页面中与侧边栏重复的右侧跨模块跳转按钮，补充更贴近中文图书馆场景的演示图书与读者数据，并按参考截图重构真实可用的登录界面。
 
 ## What I already know
 
@@ -11,6 +11,8 @@
 * “新增图书”“新增分类”“新增读者档案”“新增账户”等当前页面内的主要操作仍应保留。
 * 演示数据位于 `src/main/resources/db/schema.sql`，当前包含英文读者名、英文分类和英文图书。
 * 项目是 JSP + Servlet + MySQL 架构，前端页面在 `src/main/webapp/WEB-INF/jsp/`，数据库初始化脚本使用 `utf8mb4`。
+* 用户补充要求：仿照参考截图重构登录界面，必须是真实可用的登录表单，而不是静态展示页。
+* 参考截图特征：浅色模糊图书馆背景、居中的白色登录卡片、蓝色书本图标与“图书管理系统”标题、用户名/密码输入框图标、密码显隐按钮、身份单选项、记住我和忘记密码入口、蓝色主登录按钮。
 
 ## Assumptions
 
@@ -28,6 +30,10 @@
 * 用户账户与角色页面不再显示跳转到读者档案的右侧按钮；保留新增账户入口。
 * 数据库初始化脚本加入中文图书分类、中文书名、中文作者和中文读者姓名。
 * 本地演示账号仍能用于登录验证。
+* 登录页按参考截图重构视觉，但保留现有 `POST /login`、`username`、`password`、`redirect`、错误提示和回填用户名等真实登录能力。
+* 登录页新增或保留真实可交互控件：密码显隐切换、登录身份单选项、记住我选项和忘记密码入口。
+* 登录身份选择不应破坏现有服务端认证；当前后端仍以账号密码和账号角色为准，前端角色选项仅作为登录意图提示或表单辅助字段。
+* 登录页需要在桌面和移动端保持可用，输入框、按钮和错误提示不能溢出或遮挡。
 
 ## Acceptance Criteria
 
@@ -36,6 +42,10 @@
 * [x] `schema.sql` 包含多条中文图书数据和多条中文读者数据。
 * [x] 中文演示数据使用 `utf8mb4` 兼容的文本，不引入新表或迁移机制。
 * [x] 相关检查或可用的构建验证通过；若环境缺少 Maven，记录 fallback 验证。
+* [x] 登录页视觉接近参考截图，并使用真实表单提交到现有 `/login`。
+* [x] 密码显隐、记住我、身份单选项在浏览器中可交互且不破坏登录流程。
+* [x] 登录失败时继续显示服务端错误提示并保留用户名/redirect。
+* [x] 登录页在移动端和桌面端布局稳定，无文字或控件重叠。
 
 ## Definition of Done
 
@@ -48,11 +58,13 @@
 * 不重设计侧边栏或整体视觉风格。
 * 不新增页面、权限、路由或服务层能力。
 * 不改变借阅记录、报表、用户账户或读者档案的业务逻辑。
+* 不实现真实找回密码流程；忘记密码入口可展示当前系统暂未开放或指向安全的占位交互。
 
 ## Technical Notes
 
 * Likely JSP files: `src/main/webapp/WEB-INF/jsp/reports/dashboard.jsp`, `src/main/webapp/WEB-INF/jsp/books/catalog.jsp`, `src/main/webapp/WEB-INF/jsp/books/manage.jsp`, `src/main/webapp/WEB-INF/jsp/books/categories.jsp`, `src/main/webapp/WEB-INF/jsp/readers/manage.jsp`, `src/main/webapp/WEB-INF/jsp/admin/users/manage.jsp`.
+* Login files: `src/main/webapp/WEB-INF/jsp/auth/login.jsp`, `src/main/webapp/static/css/app.css`, and possibly small inline or static JavaScript for password visibility/remember-me interactions.
 * Data file: `src/main/resources/db/schema.sql`.
 * Relevant specs: frontend JSP/component/state/quality guidelines and backend database/quality guidelines.
-* Final verification: `git diff --check`, JSP scriptlet/SQL/JDBC scan, removed-link scan, and `/home/sjy/.sdkman/candidates/maven/current/bin/mvn clean package` passed.
-* Spec update decision: no `.trellis/spec/` update needed because this task did not introduce new routes, APIs, tables, cross-layer contracts, or reusable implementation conventions.
+* Final verification: `git diff --check`, `node --check src/main/webapp/static/js/login.js`, JSP scriptlet/SQL/JDBC scans, removed-link scan, password persistence scan, and `/home/sjy/.sdkman/candidates/maven/current/bin/mvn clean package` passed.
+* Spec update decision: `.trellis/spec/frontend/type-safety.md` documents the new presentation-only login controls (`loginRole`, `rememberUsername`) and the username-only remember-me constraint.