Objective:
The login page allows users to authenticate and access the application by providing valid credentials.
@AbhishekJadhav1996 please review this document
Functional Requirements:
[x] #5
The login page should include two input fields:
Username (or Email)
Password
The page should include a “Login” button for form submission.
A “Forgot Password?” link should be provided for users who cannot remember their password.
A “Create Account” or “Register” link should be available for new users.
[x] #7
Username/Email field:
Must not be empty.
Should support validation for email format if applicable.
Password field:
Must not be empty.
Password must meet the minimum length and complexity requirements (configurable).
[ ] Authentication:
Upon clicking the “Login” button, the system should validate the username and password against the database.
If the login is successful, the user will be redirected to the homepage or dashboard.
If login fails (invalid username/password), an error message should be displayed: “Invalid username or password.”
Account lockout after n (configurable) failed attempts (optional feature).
[ ] #8
Use HTTPS for the login form submission to ensure credentials are encrypted.
Password should never be stored in plain text and should be hashed with a secure algorithm (e.g., bcrypt, Argon2).
The login session should have a timeout (configurable) to log users out after inactivity.
AbhishekJadhav1996
commented
1 month ago
Login Page Requirements
Objective: The login page allows users to authenticate and access the application by providing valid credentials.
@AbhishekJadhav1996 please review this document
Functional Requirements:
[x] #5 The login page should include two input fields: Username (or Email) Password The page should include a “Login” button for form submission. A “Forgot Password?” link should be provided for users who cannot remember their password. A “Create Account” or “Register” link should be available for new users.
[x] #7 Username/Email field: Must not be empty. Should support validation for email format if applicable. Password field: Must not be empty. Password must meet the minimum length and complexity requirements (configurable).
[ ] Authentication: Upon clicking the “Login” button, the system should validate the username and password against the database. If the login is successful, the user will be redirected to the homepage or dashboard. If login fails (invalid username/password), an error message should be displayed: “Invalid username or password.” Account lockout after n (configurable) failed attempts (optional feature).
[ ] #8 Use HTTPS for the login form submission to ensure credentials are encrypted. Password should never be stored in plain text and should be hashed with a secure algorithm (e.g., bcrypt, Argon2). The login session should have a timeout (configurable) to log users out after inactivity.