Create sign-up flow for PendulumPay web app

[prayagd]

As a user, i should be able to sign-up the web app

Acceptance criteria

• on visiting the PendulumPay web app
• Now clicking "Sign-up" button on the top right corner of the screen
• on /signup show two fields
  • "Email" - only emails should be accepted here and no other text
  • "Create Password" - only passwords should be accepted in this field
  • Show a "Sign-up" button below these two fields, the button should be enabled only after the two fields are filled
  • on clicking the "Signup" button
    • if the email already exists in our system, then send an email to the user clarifying that the user account already exists and that they should log in instead
  • if the email does not exist, clicking the "Signup" button
  • Next show on /confirm with text "Email sent to xxx@xx.com (provided email address), please verify your email address"
  • Send an email to the provided email for confirmation. The email should contain a unique link that, when clicked, verifies the email and activates the account.
  • the user is not yet logged in after signing up
  • email validation
    • the user SQL table has a boolean field emailValidated (or better: a timestamp field emailValidatedAt)
    • contains a link with a unique id (as a query parameter)
    • the link goes to a GET endpoint that returns a 303 to the login page
      • the GET endpoint sets the emailValidated (or emailValidatedAt) field in the user table
    • the user will not be logged in yet at that point
  • If email verification done from email, redirect to login page

Note

• Email text

Subject: Activate Your PendulumPay Account
Click the link to verify your PendulumPay registration. If not initiated by you, ignore this message.

Standard secure Login/Signup flow

Due to GDPR we need to use secure practices that do not expose whether an email address is in our system.

General principles

• all passwords are allowed, only requirement is minimum length, e.g., 8 or 10
  • no other requirements (particularly no password rules like uppercase, lowercase, etc)
  • (for a low priority feature we will implement later, we will check in the backend whether the password is common or has been pwned)
• passwords and emails are always normalized in backend (both for login and signup)
  • password: trim whitespace at beginning and end
  • email: trim whitespace at beginning and end, make everything lowercase
• passwords use a password hashing algorithm, the hashed passwords is a field of the user table in the database
  • e.g., bcrypt

Lo-fi wireframes

[prayagd]

Hey team! Please add your planning poker estimate with Zenhub @b-yap @bogdanS98 @ebma @gianfra-t @TorstenStueber

[prayagd]

@pendulum-chain/devs also please raise any questions/ comments if anything unclear

[ebma]

Similar to what I mentioned here, we should not check for existing emails/passwords in the form validation and only do this after submitting the request to the backend.

Also, can we remove the email address verification for now? I don't think it's immediately needed but it makes the whole sign-up way more complex.

[prayagd]

Similar to what I mentioned #4 (comment), we should not check for existing emails/passwords in the form validation and only do this after submitting the request to the backend.

Agree to this suggestion and made changes to the main description

Also, can we remove the email address verification for now? I don't think it's immediately needed but it makes the whole sign-up way more complex.

I think this is a good safety mechanism otherwise i can use any email address and spam the web app by creating multiple accounts which dont belong to me

[ebma]

I think this is a good safety mechanism otherwise i can use any email address and spam the web app by creating multiple accounts which dont belong to me

Hmm okay. You are totally right that it's a good safety mechanism, I was just concerned because it increases the effort of this signup by 2-3x. But we can try.

[TorstenStueber]

See my remarks in the login ticket: #4 (comment)

I see particularly that the following things should be changed:

• don't require password composition rules
• don't expose that an email address exists

[prayagd]

@TorstenStueber update done to the main description, will create new tickets for the for a feature we will implement later

[TorstenStueber]

@prayagd thanks, please also link to the new ticket(s) here.

[TorstenStueber]

@prayagd we should move this to icebox.

[TorstenStueber]

This ticket is meant for an obsolete prototype. Closed.