Use Case Specification: Login
- Description
- Flow of Events
- Special Requirement
- Pre-Conditions
- Post-Conditions
- Nodes
- Any registered user can login
- After clearing the verification he/she can initiate subsequent actions
- A registered user can login and upon verification, can initiate subsequent actions
Basic flow
- The 'login' action is initiated when a registered user chooses to 'login'
- The system prompts for username and password
- The registered user first enters the username and password and then submits them
- The user is given three consecutive chances to login with a username/password combination. If he/she makes three unsuccessful tries consecutively, the account gets locked
- The minimum length of password allowed is 8 characters. The password must include a combination of characters and at least one non-alphabetic character
- User must have an account with the library system i.e., he/she must be a registered user.
Primary success post-condition
- It is considered that the user is authenticated and is viewing the main page from which initiation of the additional actions can be done.
- If the login fails owing to certain reasons described in the alternatives, an appropriate message will be displayed. Eventually, the user is not considered authenticated.
- Until now, we have not done much with roles
- The "appropriate message" above is vague; we need to come up with how we report this to the user
- We must talk to security people as regards 'how reasonable it is to lock the user account after the user made some number of failed attempts. If it is made a rule, we'll need an unlock account use case