| Version 1 (modified by , 5 days ago) ( diff ) |
|---|
UC0008 Prototype Implementation - Log In to the System
Initiating actor: Student / Teaching Staff / Faculty Administrator
Other actors: None
The user authenticates by entering their institutional email and password. The system looks up the user by email and verifies the password using bcrypt. On success, the user is presented with a role-based main menu. On failure, a generic error message is shown to prevent user enumeration.
Scenario
- The user launches the application and is presented with the login prompt. The user enters their email address and password.
=== FRRUAS - Login === Email: elena.stojanova@finki.ukim.mk Password: ********
- The system queries the database for the user account by email.
SELECT u.user_id, u.first_name, u.last_name, u.password, ut.type_name FROM users u JOIN user_types ut ON u.type_id = ut.type_id WHERE u.email = 'elena.stojanova@finki.ukim.mk';
- The system verifies the entered password against the stored bcrypt hash using
bcrypt.checkpw(). The credentials are valid.
- The system displays a welcome message and the role-based main menu.
Welcome, Elena Stojanova (Teaching Staff)! === Main Menu (Elena Stojanova - Teaching Staff) === 1. Browse Available Resources 2. Make a Resource Reservation 3. Logout 0. Cancel / Go back
Alternative: Invalid Credentials
3a. If the email is not found or the password does not match, the system displays a generic error message.
Invalid email or password. Please try again.
Note:
See TracWiki
for help on using the wiki.
