As a user, I need to be able to login into my account
As a registered user, using the website, I need to log into my account on the e-commerce platform to access personalized features, make purchases, and view their purchase history.
Requirements
- The user must have a registered account with a valid email address and password.
- Passwords should be securely stored and verified.
Acceptance Criteria
-
A registered user accessing the website can successfully log in using their email address and password. -
After successful login, the user gains access to their account on the website as well as logged-in user-specific features like viewing personal profile and finishing the checkout process. -
In case of an unsuccessful login attempt (e.g., incorrect password or email address), the user receives appropriate error messages. -
Multiple unsuccessful login attempts, should lock in the account with the given username in the filled login form, if it exists, and send an email to the associated email address in the user account for the user to unlock his account. Make sure to also show the option to change password.
Technical Criteria
-
API
-
User passwords need to be compared to the stored hash for validation. -
Successful logins should trigger a session for the user, allowing them access to their account and personalized features. -
A route to process login requests needs to be made -
A route to process requests of multiple unsuccessful login attempts.
-
-
Customer webpage
-
The user needs to see an easy to fill-in form for the login process. -
Multiple unsuccessful login attempts should show the user that his account has been temporarily locked and an email has been sent to their email address to unlock their account.
-
Edited by João Antunes