Login authentication via login API route

Question

Login authentication via login API route

Closed this issue 3 years ago · 2 comments

It should be possible for the user to make the following POST request:

POST ./api/login username password

and to determine whether:

The user username exists (is registered)
The password provided for username matches the decrypted password stored on the database.

If the username does not exist, return a 400 status error. If the passwords do not match, return a 500 status error. Otherwise, if the username exists and the passwords match, let the user know that authentication has been successful.

Answer 1 · 2021-06-15T13:25:35.000Z

@vprusso The intent of the user story process is to encapsulate this in the context of some end-to-end user story, not make a one-off issue for every route, though I understand the natural inclination. I might have missed this, but we should frame it in the form of a user story, so that we understand the end-to-end user interface steps that app users will go through involving this route. Let me try to frame this as a user story for you, if you give me a few minutes.

Answer 2 · 2021-06-15T13:55:44.000Z

@vprusso Please refer to unitaryfund/metriq-app#18.