Move LoginAccount from Query to Mutation in backend and frontend

Backend changes:
- Moved LoginAccount method from AccountQueries to AccountMutations
- Added proper validation and error handling for login credentials

Frontend changes:
- Updated login-account GraphQL file to use mutation instead of query
- Renamed file to login-account.mutation.graphql
- Updated schema.graphql to reflect loginAccount as a mutation
- Regenerated TypeScript types with codegen
- Updated AccountService to use .mutate() instead of .fetch() for login
- Updated documentation to reflect login as a mutation

Co-authored-by: PhantomDave <34485699+PhantomDave@users.noreply.github.com>

Author: Copilot

PhantomDave.BankTracking.Api/Types/Mutations/AccountMutations.cs

@@ -53,5 +53,50 @@ public async Task<AccountType> CreateAccount(
 
         return AccountType.FromAccount(account);
     }
+
+    /// <summary>
+    /// Login to an account
+    /// </summary>
+    public async Task<AccountType?> LoginAccount(
+        string email,
+        string password,
+        [Service] AccountService accountService)
+    {
+        if (string.IsNullOrWhiteSpace(email))
+        {
+            throw new GraphQLException(
+                ErrorBuilder.New()
+                    .SetMessage("Email is required.")
+                    .SetCode("BAD_USER_INPUT")
+                    .SetExtension("field", "email")
+                    .SetExtension("reason", "required")
+                    .Build());
+        }
+
+        if (string.IsNullOrWhiteSpace(password))
+        {
+            throw new GraphQLException(
+                ErrorBuilder.New()
+                    .SetMessage("Password is required.")
+                    .SetCode("BAD_USER_INPUT")
+                    .SetExtension("field", "password")
+                    .SetExtension("reason", "required")
+                    .Build());
+        }
+
+        var account = await accountService.LoginAccountAsync(email, password);
+        if (account is null)
+        {
+            throw new GraphQLException(
+                ErrorBuilder.New()
+                    .SetMessage("Invalid email or password.")
+                    .SetCode("AUTHENTICATION_FAILED")
+                    .SetExtension("field", "email")
+                    .SetExtension("reason", "invalid_credentials")
+                    .Build());
+        }
+
+        return AccountType.FromAccount(account);
+    }
 }
 

PhantomDave.BankTracking.Api/Types/Queries/AccountQueries.cs

@@ -29,14 +29,5 @@ public async Task<IEnumerable<AccountType>> GetAccounts(
         var account = await accountService.GetAccountByEmail(email);
         return account != null ? AccountType.FromAccount(account) : null;
     }
-    
-    public async Task<AccountType?> LoginAccount(
-        string email,
-        string password,
-        [Service] AccountService accountService)
-    {
-        var account = await accountService.LoginAccountAsync(email, password);
-        return account != null ? AccountType.FromAccount(account) : null;
-    }
 }
 

frontend/GRAPHQL_REFACTORING.md

@@ -25,8 +25,9 @@ this.apollo.mutate({
 ### After
 ```typescript
 // Generated typed GQL services
-this.getAccountByEmailGQL.watch({ variables: { email } }).valueChanges
+this.getAccountByEmailGQL.fetch({ variables: { email } })
 this.createAccountGQL.mutate({ variables: { email, password } })
+this.loginAccountGQL.mutate({ variables: { email, password } })
 ```
 
 ## Generated GQL Classes
@@ -36,10 +37,10 @@ The following injectable GQL classes are now available in `src/generated/graphql
 ### Queries
 - **GetAccountByEmailGQL** - Fetch account by email
 - **GetAccountsGQL** - Fetch all accounts
-- **LoginAccountGQL** - Login with email and password
 
 ### Mutations
 - **CreateAccountGQL** - Create a new account
+- **LoginAccountGQL** - Login with email and password (changed from Query to Mutation for proper authentication semantics)
 
 ## Usage
 

frontend/schema.graphql

@@ -25,10 +25,10 @@ scalar DateTime
 
 type Mutation {
   createAccount(email: String!, password: String!): AccountType!
+  loginAccount(email: String!, password: String!): AccountType
 }
 
 type Query {
   accountByEmail(email: String!): AccountType
   accounts: [AccountType!]!
-  loginAccount(email: String!, password: String!): AccountType
 }

…/src/graphql/login-account.query.graphql …c/graphql/login-account.mutation.graphqlfrontend/src/graphql/login-account.query.graphql renamed to frontend/src/graphql/login-account.mutation.graphql frontend/src/graphql/login-account.query.graphql renamed to frontend/src/graphql/login-account.mutation.graphql

@@ -1,4 +1,4 @@
-query LoginAccount($email: String!, $password: String!) {
+mutation LoginAccount($email: String!, $password: String!) {
   loginAccount(email: $email, password: $password) {
     id
     email

frontend/src/models/account/account-service.ts

@@ -99,7 +99,7 @@ export class AccountService {
 
     try {
       const result = await firstValueFrom(
-        this.loginAccountGQL.fetch({ variables: { email, password } })
+        this.loginAccountGQL.mutate({ variables: { email, password } })
       );
 
       if (result?.data?.loginAccount) {