79 lines
2.5 KiB
Markdown
79 lines
2.5 KiB
Markdown
# Authentication APIs TODO
|
|
|
|
## Status: Pending Implementation
|
|
|
|
## Overview
|
|
The authentication UI components are complete, but the backend API endpoints need to be implemented for full functionality.
|
|
|
|
## Missing API Endpoints
|
|
|
|
### 1. Login API Enhancement
|
|
- **File**: `app/api/auth/login/route.ts`
|
|
- **Current Status**: Exists but needs to support emailOrId and rememberMe
|
|
- **Requirements**:
|
|
- Support dual login (email OR Silicon ID)
|
|
- Handle rememberMe functionality with persistent tokens
|
|
- Proper error handling and validation
|
|
|
|
### 2. Registration API Enhancement
|
|
- **File**: `app/api/auth/register/route.ts`
|
|
- **Current Status**: Exists but needs phone field and enhanced validation
|
|
- **Requirements**:
|
|
- Add optional phone field support
|
|
- Enhanced password validation (8 chars, uppercase, number/special)
|
|
- Terms agreement validation
|
|
- Proper error handling
|
|
|
|
### 3. Forgot Password API
|
|
- **File**: `app/api/auth/forgot-password/route.ts`
|
|
- **Current Status**: Dummy implementation (returns errors)
|
|
- **Requirements**:
|
|
- Implement actual password reset email sending
|
|
- Generate secure reset tokens
|
|
- Token expiry handling
|
|
- Email template integration
|
|
|
|
### 4. Password Reset API
|
|
- **File**: `app/api/auth/reset-password/route.ts`
|
|
- **Current Status**: Not implemented
|
|
- **Requirements**:
|
|
- Validate reset tokens
|
|
- Update user passwords
|
|
- Invalidate used tokens
|
|
- Proper security measures
|
|
|
|
### 5. GitHub OAuth API
|
|
- **File**: `app/api/auth/github/route.ts`
|
|
- **Current Status**: Not implemented
|
|
- **Requirements**:
|
|
- GitHub OAuth flow implementation
|
|
- User creation/linking
|
|
- Session management
|
|
- Error handling
|
|
|
|
## UI Components Status
|
|
- ✅ LoginForm - Complete with all sp_25 features
|
|
- ✅ RegisterForm - Complete with all sp_25 features
|
|
- ✅ Forgot Password Page - Complete UI implementation
|
|
- ✅ GitHubSignInButton - Component created, needs API backend
|
|
|
|
## Next Steps
|
|
1. Implement login API with emailOrId and rememberMe support
|
|
2. Enhance registration API with phone field and stronger validation
|
|
3. Create functional forgot password flow
|
|
4. Implement password reset functionality
|
|
5. Add GitHub OAuth integration
|
|
6. Test all authentication flows end-to-end
|
|
|
|
## Priority
|
|
Medium - UI is functional for migration demo, but APIs needed for production use
|
|
|
|
## Notes
|
|
- Current dummy APIs allow for UI testing and demonstration
|
|
- All form validations work on frontend
|
|
- Error handling is implemented in UI components
|
|
- Ready for backend implementation when needed
|
|
|
|
---
|
|
*Created: 2025-08-06*
|
|
*Status: Documented for future implementation* |