A) As a user I want to log into the system so that I can get access to restricted functionality
•There should be a login form on the home page
•User enters email and password and clicks "Login"
•If the details are correct, they are logged in and the home page is redisplayed without the login form
•Their email address should then be shown at the top of every page "Logged in as ..."
•If either of email/password are missing or incorrect, and error message should be shown "Invalid email or password." (the same error message is used to avoid revealing information about which users exist in the database).
•If a login fails, the password field should be cleared but the email field left.
•Once logged in, the session should timeout after 30 minutes of inactivity
•Users who are either deactivated, rejected, or pending approval should not be able to log in (covered in other stories below also).
•If an account is deactivated or locked, logging in with an invalid password should display "Invalid email or password" (NOT "your account is not active")
•Attempting to access any page that requires login (while not logged in) should redirect the user to the login page. After successfully logging in they should be redirected to the page they originally requested.
(B) As a user I want to apply for access so that I can login into the system
Users who do not yet have access need to be able to request access. Allowing them to request access themselves has the benefit that they get to choose their own password so administrators do not have to deal with secure password distribution.
•There should be a "Sign Up" link shown on the home page when a user is not logged in
•It should take the user to a Sign Up form where they must enter:
•Email (must a valid email address, which will be used as their login id)
•Password (at least 6 characters, max 20, must include at least one of each of upper/lower/number/symbol)
•Password confirmation - must match password exactly
•First name
•Last name
•All are mandatory fields. Email/first/last should be limited to 255 characters, both in the form and on the server side. Password should be limited to 20.
•After correctly entering all fields and clicking "Submit Request", they should be taken back to the home page with a message "Thanks for requesting an account. You will receive an email when your request has been approved."
•At this point they should not yet be able to log in. If they try to log in they should see "Your account is not active."
•If there's any validation errors on the form, it is redisplayed with informative error messages and the account is not created. The two password fields should be cleared out each time this happens.
•There should be a login form on the home page
•User enters email and password and clicks "Login"
•If the details are correct, they are logged in and the home page is redisplayed without the login form
•Their email address should then be shown at the top of every page "Logged in as ..."
•If either of email/password are missing or incorrect, and error message should be shown "Invalid email or password." (the same error message is used to avoid revealing information about which users exist in the database).
•If a login fails, the password field should be cleared but the email field left.
•Once logged in, the session should timeout after 30 minutes of inactivity
•Users who are either deactivated, rejected, or pending approval should not be able to log in (covered in other stories below also).
•If an account is deactivated or locked, logging in with an invalid password should display "Invalid email or password" (NOT "your account is not active")
•Attempting to access any page that requires login (while not logged in) should redirect the user to the login page. After successfully logging in they should be redirected to the page they originally requested.
(B) As a user I want to apply for access so that I can login into the system
Users who do not yet have access need to be able to request access. Allowing them to request access themselves has the benefit that they get to choose their own password so administrators do not have to deal with secure password distribution.
•There should be a "Sign Up" link shown on the home page when a user is not logged in
•It should take the user to a Sign Up form where they must enter:
•Email (must a valid email address, which will be used as their login id)
•Password (at least 6 characters, max 20, must include at least one of each of upper/lower/number/symbol)
•Password confirmation - must match password exactly
•First name
•Last name
•All are mandatory fields. Email/first/last should be limited to 255 characters, both in the form and on the server side. Password should be limited to 20.
•After correctly entering all fields and clicking "Submit Request", they should be taken back to the home page with a message "Thanks for requesting an account. You will receive an email when your request has been approved."
•At this point they should not yet be able to log in. If they try to log in they should see "Your account is not active."
•If there's any validation errors on the form, it is redisplayed with informative error messages and the account is not created. The two password fields should be cleared out each time this happens.
mmorpg
instagram takipçi satın al
Tiktok jeton hilesi
tiktok jeton hilesi
Antalya Sac Ekimi
referans kimliği nedir
instagram takipçi satın al
Metin pvp
INSTAGRAM TAKİPÇİ SATIN AL
ümraniye mitsubishi klima servisi
beykoz vestel klima servisi
beykoz bosch klima servisi
üsküdar bosch klima servisi
ataşehir daikin klima servisi
maltepe toshiba klima servisi
kadıköy beko klima servisi
ümraniye lg klima servisi
tuzla samsung klima servisi
Good content. You write beautiful things.
sportsbet
hacklink
mrbahis
sportsbet
vbet
hacklink
mrbahis
korsan taksi
taksi
Good text Write good content success. Thank you
betmatik
tipobet
bonus veren siteler
betpark
poker siteleri
slot siteleri
kralbet
kibris bahis siteleri
betmatik
kralbet
betpark
mobil ödeme bahis
tipobet
slot siteleri
kibris bahis siteleri
poker siteleri
bonus veren siteler
JYXHC
iznik
kadıköy
kağıthane
kapadokya
karşıyaka
AW22SM
salt likit
salt likit
0SDK