Enhance Authentication Security & User Experience

[HarK-github]

Summary

This PR overhauls the authentication system to improve security, user experience, and code maintainability. It replaces blocking alert() calls with inline error display, adds comprehensive client-side validation, and implements proper error handling patterns.

Security Improvements

1. Generic Error Messages

• Replaced specific Firebase error messages with generic responses
• Prevents user enumeration attacks (attackers can't distinguish between invalid email vs incorrect password)
• Example: "Authentication failed. Please check your credentials and try again."

2. Client-Side Validation

• Email format validation using regex
• Password minimum length enforcement (8 characters)
• Real-time validation feedback

1. Inline Error Display

• Errors appear directly below the relevant input field
• Real-time error clearing as user types
• Color-coded error messages (red for errors)

2. Modal Stays Open on Error

• Login/Signup popup no longer closes on authentication failures
• Users can correct errors without reopening the modal

3. Loading States

• Buttons show "Logging in..." / "Creating account..." during async operations
• Prevents multiple rapid submissions

4. Cancel Button

• Added cancel button to close modal without authentication

Checklist

• No blocking alert() calls remain
• All auth functions return consistent object structure
• Client-side validation in place
• Generic error messages for server errors
• Modal stays open on errors
• Loading states prevent double submission
• Errors clear as user types
• TypeScript types properly defined