Given a user is not logged in, when the api is called with the user's login information, then the api should check the database against the user's name and password (hashed) and if this is a valid login, return the user's infoormation, or return an error if the login is not valid.
Given a user is not logged in, when the api is called for the user to log out, then the api should return an error.
Given a user is logged in, when the api is called for the user to log out, then the api should do nothing, as logging out is a front end action. The api will not store user sessions.
Scenarios / Acceptance Criteria:
Given a user is not logged in, when the api is called with the user's login information, then the api should check the database against the user's name and password (hashed) and if this is a valid login, return the user's infoormation, or return an error if the login is not valid.
Given a user is not logged in, when the api is called for the user to log out, then the api should return an error.
Given a user is logged in, when the api is called for the user to log out, then the api should do nothing, as logging out is a front end action. The api will not store user sessions.