Context
With the introduction of #17 all endpoints are protected now and data can't be fetched without a valid JWT.
Therefor we need to introduce a sign in screen which allows users to sign in with a preregistered username and password.
Functional Requirements
- When accessing the client, when the user has not signed in before show a sign in screen which asks for a username and password.
- The password input should be obfuscated
- None of the existing routes of the client should be accessible unless the user is signed in
- When you refresh the page in the browser, the user should stay signed in until logged out or until 24 hours since last authorised use of the client.
Technical Requirements
- The stored JWT should be stored in either a secure cookie, local storage or session storage and not accessible by other domains
Context
With the introduction of #17 all endpoints are protected now and data can't be fetched without a valid JWT.
Therefor we need to introduce a sign in screen which allows users to sign in with a preregistered username and password.
Functional Requirements
Technical Requirements