Lokesh N [Login , Authentication and authorization module SRS ]

Login Authentication and Authorization

Customer Registration /Sign up / Login /Reset Password/ Log out

User Stories:
a. As a Customer, I want to Register /Signup to the Web portal / Mobile App with
the First Name, Last name Mobile number, OTP, Email.

b. As a Customer, I want to Login to the Webportal / Mobile App using User name -
EmailID / mobile number, Password.

c. As a Customer, I want to Logout from the Web portal / Mobile App.

User Registration / Sign Up

Lokesh Page 1
 Lokesh N [Login , Authentication and authorization module SRS ]

Business Rules:
1. Enter the First Name and Last Name .
2. Enter Mobile No. An authentication Verification code should be sent to the mobile
number.
3. Provide a button Resend Code to provide an option to the customer to resend the
Verification code
4. Authentication:
a. Registration through Mobile: The Enter Verification Code should be
automatically read from the SMS received and authenticated.
b. Registration on Webportal: Customer need to enter the Verification code
manually and authenticate
c. Display a message that “Authentication is Successful”

5. Enter and Validate Email ID

a. Enter the email ID
b. Confirm the email ID
c. Validate the existence of the email id through back end or User confirmation
d. Display a message that the email validation is Successful / Not Successful

6. Set Up Password:
a. Create a new password by entering in the Password field
b. Confirm the same in the Confirm Password field
c. Verify the password and display a message that “Password Matches” / “Password
doesn’t match, Please Re-enter”
Password Guidelines:
 Must contain atleast 8 characters and not more than 20 characters
 Must contain atleast one upper/Lower case character (A-Z)
 Must contain atleast one number (0-9)
 Must contain atleast one special character out of these ( ! @ # $ ^ & * ~ )
 DO NOT have any other special characters

7. Click on Sign Up.

a. Validate all the fields requirement
b. If failure, display a message that “Please enter the fields ”.
c. If Successful - Display a Message “ Registration / Sign Up Successful”
d. Navigate to the Customer screen.

8. Sing up through facebook / Google.

a. User enter social login credentials(userName and password) to register.

Field Validation:

1.FirstName:characters.

Lokesh Page 2
 Lokesh N [Login , Authentication and authorization module SRS ]

2.Last Name: characters.

3.EmailId: characters and digits(both combination).
4.confirm EmailId: characters and digits(both combination).
5.password: characters or digits(both combination).
6.confirmPassword: characters or digits(both combination).
7.mobileNumer: MobileNumber(2 Digits(country code) + 10 Digits (Mobile num).
8.OTP:Digits.
9.Address: characters.
10.PinCode:Digits.

Validation Process:

Case1: if we `click` on submit button,with out filling any one field in the registration
page ,then we need to get a notification and you need to fill that particular field to
complete the process.

Case2:To validate the customer/user ,we send otp for the particular Mobile number
given by the customer while registration.

Case3:OTP Validation process:

Lokesh Page 3
 Lokesh N [Login , Authentication and authorization module SRS ]

1.1 Sign In

Business Rules:
1. User should enter the User Name with EmailID/Mobile Number
and ld
2. Enter the Password
3. Click on “Login” button for successful login
a. Validate the login details and Login if validation is successful
b. Display “Login Failed” message and redirect customer to Re-
enter the correct login details.
c.
4. User need to have options “Forgot Password”, “Reset/Change Password”
a).Forgot Password:
i. Click on the Forgot Password option
ii. Enter the User Name - EmailID/Mobile Number

Lokesh Page 4
 Lokesh N [Login , Authentication and authorization module SRS ]

iii. Authenticate the User Name, send an Email or

SMS/Message(mobile) to be sent to both email and mobile
with Password details
b) Reset/Change Password:
i. Click on the Reset/Change Password
ii. Validate User Name field, Authenticate with OTP on Mobile
iii. Allow User to create a New Password, and Confirm Password
iv. Display a message “Password reset/change Successful” or
“Password reset /change Failed”.

Field Validation:

1.EmailId:characters and digits(both combination).

2.Mobile Number:(10 Digits(number).
3.password:characters or digits(both combination) of specified length.

Validation Process:
Case1:if Entered emailId is not registered or incorrect / field is blank, then
notification/error message should be sent to the customer/ user while login.

Case2:if password is incorrect or password field is empty then error

message/notification should be displayed to the customer.

Case3:if not registered customer try to login to the account then ,error message should
display “user not found” and registration page link should be displayed.

Lokesh Page 5
 Lokesh N [Login , Authentication and authorization module SRS ]

1.2 Reset Password

Business Rules:

a) Reset/Change Password:
i. Click on the Reset/Change Password
ii. Authenticate with OTP on Mobile
iii. Allow User to create a New Password, and Confirm Password
iv. Display a message “Password reset/change Successful” or
“Password reset /change Failed”.
Field Validation:
1. Email ID: characters and digits (both combination).
2. Mobile Number: 10 Digits (number).
3. OTP: Digits.
4. Password: characters or digits (both combination).
5. Confirm Password: character or digits (both combination).

Validation Process:
Case1:if all the fields are empty then error message should be display
“Enter all the fields”.

Case2:if Entered email ID or mobile number is not registered then, error message should
be display “Email ID or Mobile Number not found”.

Case3:if OTP is wrong then error message should display “enter the correct otp”.

Lokesh Page 6
 Lokesh N [Login , Authentication and authorization module SRS ]

Case4:if customer / user had not get any opt then ,option for resending the otp should be
there.

Case5: if both password and confirm password should be same or error message should
display ”Enter the Matching character”.

1.3 Forgot Password

Business Rule:
i. Click on the Forgot password.
ii. Authenticate with OTP on Mobile or through emailId.
iii. Send temporary password to Mobile or emailId.

Field Validation:

1.EmailId:characters and digits(both combination).

2.MobileNumber:10 Digits(number).
3.OTP:Digits.

Validation Process:

Case1:if all the fields are empty then error message should be display
“Enter all the fields”.

Lokesh Page 7
 Lokesh N [Login , Authentication and authorization module SRS ]

Case2:if Entred emailId or mobile number is not registerd then,error

message should be display “EmailId or Mobile Number not found”.

Case3:if OTP is worng then error message should display “enter the correct
otp”.

Case4:if customer / user had not get any opt then ,option for resending the
otp should be there.

Case4:if temporary password is not recived through mobile or through

emailId then option for resend password should be there.

Lokesh Page 8