fix: Prevent login form double submission causing blank page redirect

Added submission guard to prevent multiple rapid clicks on login button:
- Added isSubmitting flag to track login operation state
- Early return if already submitting (prevents concurrent logins)
- Disabled submit button during login process
- Visual feedback: spinner and 'Logging in...' text while submitting
- Error message cleared on new submission attempt
- finally block ensures flag reset even on exceptions

Fixes issue where clicking login button multiple times redirected user
to blank page due to concurrent authentication attempts.

Author: CIS Guru

4-Aquiis.SimpleStart/Shared/Components/Account/Pages/Login.razor

@@ -39,7 +39,17 @@
                     </label>
                 </div>
                 <div>
-                    <button type="submit" class="w-100 btn btn-lg btn-primary">Log in</button>
+                    <button type="submit" class="w-100 btn btn-lg btn-primary" disabled="@isSubmitting">
+                        @if (isSubmitting)
+                        {
+                            <span class="spinner-border spinner-border-sm me-2" role="status" aria-hidden="true"></span>
+                            <span>Logging in...</span>
+                        }
+                        else
+                        {
+                            <span>Log in</span>
+                        }
+                    </button>
                 </div>
                 <div>
                     <p>
@@ -66,6 +76,7 @@
 
 @code {
     private string? errorMessage;
+    private bool isSubmitting = false;
 
     [CascadingParameter]
     private HttpContext HttpContext { get; set; } = default!;
@@ -103,28 +114,42 @@
 
     public async Task LoginUser()
     {
-        // This doesn't count login failures towards account lockout
-        // To enable password failures to trigger account lockout, set lockoutOnFailure: true
-        var result = await SignInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
-        if (result.Succeeded)
-        {
-            Logger.LogInformation("User logged in.");
-            RedirectManager.RedirectTo(ReturnUrl);
-        }
-        else if (result.RequiresTwoFactor)
-        {
-            RedirectManager.RedirectTo(
-                "Account/LoginWith2fa",
-                new() { ["returnUrl"] = ReturnUrl, ["rememberMe"] = Input.RememberMe });
-        }
-        else if (result.IsLockedOut)
+        // Prevent double submission
+        if (isSubmitting)
+            return;
+
+        try
         {
-            Logger.LogWarning("User account locked out.");
-            RedirectManager.RedirectTo("Account/Lockout");
+            isSubmitting = true;
+            errorMessage = null;
+            
+            // This doesn't count login failures towards account lockout
+            // To enable password failures to trigger account lockout, set lockoutOnFailure: true
+            var result = await SignInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
+            if (result.Succeeded)
+            {
+                Logger.LogInformation("User logged in.");
+                RedirectManager.RedirectTo(ReturnUrl);
+            }
+            else if (result.RequiresTwoFactor)
+            {
+                RedirectManager.RedirectTo(
+                    "Account/LoginWith2fa",
+                    new() { ["returnUrl"] = ReturnUrl, ["rememberMe"] = Input.RememberMe });
+            }
+            else if (result.IsLockedOut)
+            {
+                Logger.LogWarning("User account locked out.");
+                RedirectManager.RedirectTo("Account/Lockout");
+            }
+            else
+            {
+                errorMessage = "Error: Invalid login attempt.";
+            }
         }
-        else
+        finally
         {
-            errorMessage = "Error: Invalid login attempt.";
+            isSubmitting = false;
         }
     }