ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity

[P1][Auth] Login, logout, and password reset flow #34

New Issue
Open
opened 2026-05-26 01:33:11 +00:00 by ChrisChen · 0 comments
ChrisChen commented 2026-05-26 01:33:11 +00:00
Owner
Copy Link
Copy Source

Overview

Complete authentication UX: login form, secure logout (token revocation), and email-based password reset.

Tasks

  • Login page: email + password, Remember Me (long-lived refresh token)
  • Logout: revoke refresh token server-side, clear client storage
  • Forgot password: send time-limited reset link via SendGrid
  • Password reset page: validate token, set new password
  • Account lockout after 5 failed attempts (ASP.NET Identity built-in)
  • First-time login: force password change prompt

Reference

PLANNING.md Section 7 Phase 1 - Auth tasks

## Overview Complete authentication UX: login form, secure logout (token revocation), and email-based password reset. ## Tasks - [ ] Login page: email + password, Remember Me (long-lived refresh token) - [ ] Logout: revoke refresh token server-side, clear client storage - [ ] Forgot password: send time-limited reset link via SendGrid - [ ] Password reset page: validate token, set new password - [ ] Account lockout after 5 failed attempts (ASP.NET Identity built-in) - [ ] First-time login: force password change prompt ## Reference PLANNING.md Section 7 Phase 1 - Auth tasks
ChrisChen added this to the Phase 1 - MVP milestone 2026-05-26 01:33:11 +00:00
ChrisChen added the module: auth label 2026-05-26 01:33:11 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
module: ai
AI integration (Claude API, Phase 5)
 module: attendance
Sunday attendance tracking
 module: audit-log
Immutable audit log
 module: auth
Authentication, JWT, ASP.NET Identity
 module: cell-groups
Cell groups, meetings, attendance
 module: cms
Public website CMS (rolac.org, bilingual)
 module: devops
Infrastructure, Docker, CI/CD, Jenkins
 module: expense
Expense tracking and reimbursements
 module: giving
Donations, tithing, annual receipts
 module: members
Member CRUD, family units, search
 module: prayer
Prayer requests and visibility scopes
 module: rbac
Roles, permissions, Ministry Scope
 module: reports
Reports and analytics
 module: roster
Service roster and scheduling
No Label module: auth
Milestone
No items
No Milestone Phase 1 - MVP
Projects
Clear projects
No project
Assignees
Clear assignees
ChrisChen
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: ChrisChen/ROLAC#34
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?