Implement Password Grant Flow for Authentication and Enhance User Experience

- Introduced Password Grant Flow for user authentication, allowing direct login with email and password.
- Updated `useAuth` composable to manage login and logout processes, including Single Sign-Out from Cidaas.
- Enhanced user interface with a new `UserMenu` component displaying user information and logout functionality.
- Updated homepage to show personalized greetings for logged-in users and a login prompt for guests.
- Added logout confirmation page with a countdown redirect to the homepage.
- Documented the implementation details and future enhancements for OAuth2 flows in CLAUDE.md and other relevant documentation.
- Added test credentials and guidelines for automated testing in the new TESTING.md file.

server/utils/test-helpers.ts

@@ -0,0 +1,103 @@
+/**
+ * Test Helper Utilities
+ *
+ * Provides utilities for automated testing (Playwright, Vitest E2E)
+ *
+ * ⚠️ IMPORTANT: These utilities should ONLY be used in test environments.
+ * Never use test credentials in production!
+ */
+
+/**
+ * Get test user credentials from environment variables
+ *
+ * @throws Error if test credentials are not configured
+ * @returns Test user email and password
+ *
+ * @example
+ * ```typescript
+ * // In a Playwright test
+ * import { getTestCredentials } from '~/server/utils/test-helpers'
+ *
+ * const { email, password } = getTestCredentials()
+ * await page.fill('[name="email"]', email)
+ * await page.fill('[name="password"]', password)
+ * ```
+ */
+export function getTestCredentials() {
+  const config = useRuntimeConfig()
+
+  const email = config.testUser.email
+  const password = config.testUser.password
+
+  if (!email || !password) {
+    throw new Error(
+      'Test credentials not configured. Please set TEST_USER_EMAIL and TEST_USER_PASSWORD in .env'
+    )
+  }
+
+  // Security check: Warn if used in production
+  if (process.env.NODE_ENV === 'production') {
+    console.warn(
+      '⚠️  WARNING: Test credentials are being used in production environment! This is a security risk.'
+    )
+  }
+
+  return {
+    email,
+    password,
+  }
+}
+
+/**
+ * Check if test credentials are configured
+ *
+ * @returns true if test credentials are available
+ *
+ * @example
+ * ```typescript
+ * if (hasTestCredentials()) {
+ *   // Run authenticated tests
+ *   const { email, password } = getTestCredentials()
+ *   // ... test login flow
+ * } else {
+ *   console.log('Skipping authenticated tests - no test credentials configured')
+ * }
+ * ```
+ */
+export function hasTestCredentials(): boolean {
+  const config = useRuntimeConfig()
+  return !!(config.testUser.email && config.testUser.password)
+}
+
+/**
+ * API endpoint to get test credentials
+ * ⚠️ ONLY available in development mode
+ *
+ * This endpoint allows tests to fetch credentials dynamically.
+ * It's automatically disabled in production.
+ *
+ * GET /api/test/credentials
+ * Returns: { email: string, password: string }
+ */
+export function createTestCredentialsEndpoint() {
+  return defineEventHandler((event) => {
+    // SECURITY: Only allow in development
+    if (process.env.NODE_ENV === 'production') {
+      throw createError({
+        statusCode: 404,
+        statusMessage: 'Not Found',
+      })
+    }
+
+    try {
+      const credentials = getTestCredentials()
+      return credentials
+    } catch (error) {
+      throw createError({
+        statusCode: 500,
+        statusMessage:
+          error instanceof Error ? error.message : 'Test credentials not configured',
+      })
+    }
+  })
+}