Implement direct login functionality with email and password

- Update login API to support direct authentication via email and password, removing the OAuth2 redirect flow.
- Modify LoginForm component to include password field and validation.
- Refactor useAuth composable to handle login with both email and password.
- Remove unnecessary OAuth2 callback handler and PKCE utilities.
- Update relevant documentation and error handling for the new login method.

app/components/Auth/LoginForm.vue

@@ -11,6 +11,7 @@ const { login } = useAuth()
 const loginSchema = toTypedSchema(
   z.object({
     email: z.string().email('Bitte geben Sie eine gültige E-Mail-Adresse ein'),
+    password: z.string().min(8, 'Passwort muss mindestens 8 Zeichen lang sein'),
   })
 )
 
@@ -27,7 +28,7 @@ const onSubmit = handleSubmit(async (values) => {
   submitError.value = null
 
   try {
-    await login(values.email)
+    await login(values.email, values.password)
     // Redirect happens in login() function
   } catch (error: any) {
     console.error('Login error:', error)
@@ -55,6 +56,17 @@ const onSubmit = handleSubmit(async (values) => {
       </FormItem>
     </FormField>
 
+    <!-- Password Field -->
+    <FormField v-slot="{ componentField }" name="password">
+      <FormItem>
+        <FormLabel class="text-white/90 text-base font-medium">Passwort</FormLabel>
+        <FormControl>
+          <Input type="password" placeholder="••••••••" v-bind="componentField" />
+        </FormControl>
+        <FormMessage />
+      </FormItem>
+    </FormField>
+
     <!-- Submit Button -->
     <Button type="submit" variant="experimenta" size="experimenta" class="w-full" :disabled="isSubmitting">
       <Loader2 v-if="isSubmitting" class="mr-2 h-5 w-5 animate-spin" />
@@ -63,7 +75,7 @@ const onSubmit = handleSubmit(async (values) => {
 
     <!-- Info Text -->
     <p class="text-sm text-white/70 text-center">
-      Sie werden zur sicheren Anmeldeseite weitergeleitet
+      Anmeldung erfolgt verschlüsselt über unseren Partner Cidaas
     </p>
   </form>
 </template>

app/composables/useAuth.ts

@@ -13,19 +13,26 @@ export function useAuth() {
   const { loggedIn, user, clear, fetch } = useUserSession()
 
   /**
-   * Login with email
-   * Initiates OAuth2 flow
+   * Login with email and password
+   * Direct authentication via Cidaas API (no redirect)
    */
-  async function login(email: string) {
+  async function login(email: string, password: string) {
     try {
-      // Call login endpoint to get redirect URL
-      const { redirectUrl } = await $fetch('/api/auth/login', {
+      // Call login endpoint - creates session directly
+      await $fetch('/api/auth/login', {
         method: 'POST',
-        body: { email },
+        body: { email, password },
       })
 
-      // Redirect to Cidaas
-      navigateTo(redirectUrl, { external: true })
+      // Refresh user session
+      await fetch()
+
+      // Redirect to homepage or saved destination
+      const redirectAfterLogin = useCookie('redirect_after_login')
+      const destination = redirectAfterLogin.value || '/'
+      redirectAfterLogin.value = null // Clear cookie
+
+      navigateTo(destination)
     } catch (error) {
       console.error('Login failed:', error)
       throw error

app/pages/auth.vue

@@ -43,6 +43,8 @@ definePageMeta({
 </script>
 
 <template>
+  <CommonHeader />
+
   <div class="container mx-auto max-w-lg px-4 py-12 sm:py-16">
     <div class="mb-10 text-center">
       <h1 class="text-4xl font-light tracking-tight">
@@ -102,4 +104,6 @@ definePageMeta({
       </TabsContent>
     </Tabs>
   </div>
+
+  <CommonFooter />
 </template>