1. Account Management
1.1 Create an account
Description
These operations must be made within the client for maximum user experience, but also directly on a website.
For now, creating an account with a basic username / password using a third-party federated identity provider will be suffisant. We do not want to handle all the password management, security concerns, etc.
Later, a user could login with a social identity provider.
Flow
- The application presents a You're not logged page with username / password fields
- The application requests token to third party identity provider.
- The application show usual dashboard page
Prerequisites
- Use is not logged in.
1.2 Logout
Description
As far as the token is still valid, a user would not need to logout by himself. Being basically a local application, this token can be valid for a long period of time. A user could setup a shorter time-living token for his security, but not required.
Most user have a dedicated PC for simulation, therefore having to constantly logout is not a concern.
Flow
- The user open the main menu and select the Logout option.
- The system invalidates login data (token, etc)
- The application shows a You're not logged page.
Prerequisites
- The user is logged in.