UC0008 Prototype Implementation - Log In to the System

Initiating actor: Student / Teaching Staff / Faculty Administrator

Other actors: None

The user authenticates by entering their institutional email and password. The system looks up the user by email and verifies the password using bcrypt. On success, the user is presented with a role-based main menu. On failure, a generic error message is shown to prevent user enumeration.

Scenario

1. The user launches the application and is presented with the login prompt. The user enters their email address and password.

   === FRRUAS - Login ===
   
     Email: elena.stojanova@finki.ukim.mk
     Password: ********
   

2. The system queries the database for the user account by email.

   SELECT u.user_id, u.first_name, u.last_name, u.password, ut.type_name
   FROM users u
   JOIN user_types ut ON u.type_id = ut.type_id
   WHERE u.email = 'elena.stojanova@finki.ukim.mk';
   

3. The system verifies the entered password against the stored bcrypt hash using bcrypt.checkpw(). The credentials are valid.

4. The system displays a welcome message and the role-based main menu.

     Welcome, Elena Stojanova (Teaching Staff)!
   
   === Main Menu (Elena Stojanova - Teaching Staff) ===
   
     1. Browse Available Resources
     2. Make a Resource Reservation
     3. Logout
     0. Cancel / Go back
   

Alternative: Invalid Credentials

3a. If the email is not found or the password does not match, the system displays a generic error message.

  Invalid email or password. Please try again.