Login Credentials

1. Authentication Method:

   - Firebase Authentication

2. User Data:

• will be in the profile within the application

3. Authentication Flow:

   - User opens the app and is presented with a login screen.

   - The user enters their email and password.

   - Upon submission, the app sends the login request to Firebase Authentication API.

   - Firebase checks the credentials:

     - If the credentials are correct, the user is authenticated and granted access.

     - If the credentials are incorrect, an error message is shown to the user (e.g., "Invalid email or password").

   

4. Security Measures:

   - Passwords are securely stored using Firebase's built-in hashing and salting methods.

   - The app uses HTTPS (SSL/TLS) to securely transmit user credentials during authentication.

   - Two-factor authentication (optional) for added security, enabling users to verify identity through another method (e.g., SMS).

5. Token Management:

   - Once authenticated, Firebase provides an ID Token.

   - The ID Token is used to maintain the session and authenticate further requests to the backend API.

   - The token should be stored securely in the device (preferably using SharedPreferences with encryption or Keystore).

6. Logout Procedure:

   - The user can log out by calling the Firebase signOut() method.

   - Upon logout, the app should clear the stored token and navigate the user back to the login screen.

7. Error Handling:

   - Invalid email/password: "Please check your email and password."

   - User not found: "No account found with this email."

   - Network issues: "Unable to connect. Please try again later."

   

8. User Registration:

   - If the user is new, they can create an account using the createUserWithEmailAndPassword() method in Firebase.

   - The system will store the new user's details (email, password) and generate a new user profile in Firebase.