# Capability: Password Manager

## Purpose
Define password-manager behavior across the extension and web UI.

## Requirements

### Requirement: Extension save prompt
The extension SHALL prompt the user to save credentials when a login form is detected and submitted.

#### Scenario: Save confirmed
- **WHEN** the user confirms “保存/记住密码” in the prompt
- **THEN** the extension sends the credential to the server for storage

#### Scenario: Save canceled
- **WHEN** the user cancels or dismisses the prompt
- **THEN** the extension MUST NOT store the credential

#### Scenario: Save prompt suppressed for matching credential
- **GIVEN** a previously saved credential for the same `siteOrigin` and `username`
- **WHEN** the user submits the same password
- **THEN** the save prompt is not shown

#### Scenario: Save prompt update for password change
- **GIVEN** a previously saved credential for the same `siteOrigin` and `username`
- **WHEN** the user submits a different password
- **THEN** the prompt message indicates a password update

#### Scenario: Save prompt for new username
- **GIVEN** a site with saved credentials
- **WHEN** the user submits a username that does not exist
- **THEN** the prompt message indicates a new account

### Requirement: Extension autofill selector
The extension SHALL show a credential selector near login fields for sites with saved accounts.

#### Scenario: Select credential
- **GIVEN** a site with multiple saved credentials
- **WHEN** the user opens the selector and chooses one
- **THEN** the username and password fields are filled with that credential

### Requirement: Web password manager (desktop only)
The web app SHALL provide a desktop-only password manager view.

#### Scenario: Desktop view
- **WHEN** the user visits the password manager page on desktop
- **THEN** the page is visible and provides list/edit/delete

#### Scenario: Mobile view hidden
- **WHEN** the user visits the password manager page on mobile
- **THEN** the page is hidden or redirects to a notice page

### Requirement: Plaintext visibility control
The system SHALL allow a user to reveal plaintext passwords for their own credentials during the current browser session.

#### Scenario: User reveals plaintext
- **GIVEN** a non-admin user
- **WHEN** the user chooses to reveal plaintext
- **THEN** the UI shows plaintext passwords during the current browser session

#### Scenario: Admin view
- **GIVEN** an admin user
- **WHEN** the admin views credentials
- **THEN** plaintext is visible