🐛 [Bug] Login auto-redirect never fires — localStorage boolean type mismatch

[KGFCH2]

Problem

The login redirect check in log/login.js has a critical type comparison bug:

// BUG: localStorage always returns strings, never booleans
if (localStorage.getItem("isLoggedIn") === true) { // ← always false!

Current Behavior

When a user who is already logged in visits login.html, they are NOT automatically redirected to home.html. They see the login form again and must log in a second time.

The condition localStorage.getItem("isLoggedIn") === true is always false because localStorage.getItem() returns the string "true", never the boolean true. In strict equality (===), "true" !== true.

Why This Improvement Is Needed

This is a fundamental authentication UX bug. Already-logged-in users are forced to re-authenticate on every page visit. It also represents a logic error that could confuse contributors about auth state.

Proposed Solution

Change === true to === "true" (compare to string)
Add return after the redirect to prevent further form processing
Replace all alert() calls with accessible inline error/success messages
Add minimum password length validation (6 chars) on registration
Add .trim() on inputs to prevent whitespace-only submissions

Expected Outcome

Already-logged-in users are immediately redirected away from the login page. Error messages appear inline without blocking popups.