trentuna/candle-annotator
8
0
Fork 0
Code Issues Pull requests Releases Packages Activity Actions
candle-annotator/openspec/changes/user-accounts/specs/login-page/spec.md
Marko Djordjevic c36ab7c146 Implement task 6.1: Create PUT /api/auth/profile endpoint for updating user display name 
- Create src/app/api/auth/profile/route.ts with PUT handler
- Validates user is authenticated (returns 401 if not)
- Validates request body has a non-empty name field
- Updates user's name in the database
- Returns 200 with updated user data

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-20 10:20:20 +01:00

58 lines
2.9 KiB
Markdown
Raw Blame History

## ADDED Requirements
### Requirement: Login page at /login
The system SHALL serve a login page at `/login` (route `src/app/(public)/login/page.tsx`). The page SHALL match the Lovable design mockup from `lovable_design_html/candles_lovable_design_login_page.html`.
#### Scenario: Login page renders
- **WHEN** an unauthenticated user navigates to `/login`
- **THEN** the login page renders with a centered card containing the login form
#### Scenario: Authenticated user redirected
- **WHEN** an authenticated user navigates to `/login`
- **THEN** they are redirected to `/app`
### Requirement: Login page navigation
The login page navbar SHALL display a back arrow and the CandleAnnotator logo/name, linking to `/` (landing page).
#### Scenario: Back to landing
- **WHEN** a user clicks the CandleAnnotator logo in the login page navbar
- **THEN** they are navigated to `/`
### Requirement: Email/password login form
The login card SHALL display a "Welcome back" heading, "Sign in to your workspace" subtitle, and a form with email input, password input, and "Sign In" submit button. The form SHALL use Auth.js `signIn("credentials", ...)` on submit.
#### Scenario: Successful email login
- **WHEN** a user enters valid email and password and clicks "Sign In"
- **THEN** `signIn("credentials", { email, password, redirect: true, callbackUrl: "/app" })` is called
- **AND** on success, the user is redirected to `/app`
#### Scenario: Failed email login
- **WHEN** a user enters invalid credentials and clicks "Sign In"
- **THEN** an error message is displayed: "Invalid email or password"
- **AND** the user remains on the login page
#### Scenario: Form validation
- **WHEN** a user clicks "Sign In" with empty email or password fields
- **THEN** browser-native validation prevents submission (fields are `required`)
### Requirement: Google OAuth login button
The login form SHALL include a "Continue with Google" button below the email/password form. Clicking it SHALL call `signIn("google", { callbackUrl: "/app" })`.
#### Scenario: Google login initiated
- **WHEN** a user clicks "Continue with Google"
- **THEN** they are redirected to Google's OAuth consent screen
- **AND** on successful auth, they are redirected back to `/app`
### Requirement: Forgot password link
The login form SHALL display a "Forgot password?" link next to the password label. Since password reset is deferred, clicking it SHALL show a toast: "Password reset is not yet available. Contact support."
#### Scenario: Forgot password clicked
- **WHEN** a user clicks "Forgot password?"
- **THEN** a toast notification appears with the message about contacting support
### Requirement: Register link
The login page SHALL display "Don't have an account? Sign up" below the form. "Sign up" SHALL link to `/register`.
#### Scenario: Navigate to register
- **WHEN** a user clicks "Sign up"
- **THEN** they are navigated to `/register`
Reference in a new issue View git blame Copy permalink