Sign In | BE functionality #133
Description
User story:
As a registered user, I want to be able to sign in to my account using my credentials, So that I can access personalized features and data within the application.
Acceptance criteria:
-
Model getting user for sign-in checkin
-
Service sign-in user flow
-
Controller sign-in route
-
Validation shared with FE
-
When a request for sign-in is received, the service should perform validation based on registration one
-
When a request for sign-in is received the system should retrieve the user’s data from the database based on the provided email. If the email exists in the database, then the data (without password) is returned to the frontend.
-
The user’s password is verified against the provided password, the service should perform password validation, compare hashes, and determine if the credentials are correct.
-
The controller should delegate the sign-in request to the authentication service and return responses based on the success or failure of the authentication process.
-
If user credentials are valid and password verification is successful then users should be issued an authentication token to represent their session(currently it should be hardcoded like
token from ${JSON.stringify(data)}). The token should include the user’s id. -
The error status code (422) and “Login failed. Invalid Email or Password” error message indicating the authentication failure is displayed, when password verification is failed. The 404 error status code and "User not found" error message indicating the authentication failure is displayed when user credentials is invalid.