As a staff member, I need to be able to log in to my account
Description
As a staff member, I need to be able to log in to my account so that I can do my daily work.
Requirements
- Credentials given by the company
Acceptance Criteria
- There's page displaying the fields that a staff member can fill by using the credentials given to them by the company
- The page displayed is easy to use and responsive.
- Upon entering the right credentials, it doesn't take to long before the staff member is redirected to their dashboard
- Upon entering the wrong credentials, an error is shown to the staff member.
- After many incorrect attempts, the account with the username they're trying to log into is blocked, if it exists, and an email is sent to the email address contained within the staff member's recorded information to unlock the account.
Technical Criteria
-
API
-
Create a route to process requests to login is made. -
The credentials sent through the request will be verified by looking into staff members with the supplied username and their password will be compared to the password saved in the database, after it is applied the same hashing formula used on password saved in the database. -
Upon encountering an error while verifying the credentails sent through the request, an error status needs to returned. -
If the information is correctly validated, return a successful status. -
Create a route to process requests to block a staff member's account whenever to many incorrect log in attempts are made.
-
-
Backend
-
Create a page containg the login form that will need to be filled in. -
Upon receiving an error status from the rest API's response, display an error message to the staff member. -
Redirect the staff member to their dashboard after received a successfull status in the response from the rest API. -
Upon to many unsuccesful login attempts, send a request to the rest API to block the account related to the provided username, if it exists in the database.
-
Edited by João Antunes